chore: release v20.1.8

[unleash-bot]

🤖 New release

• unleash-edge-types: 20.1.7 -> 20.1.8
• unleash-edge-cli: 20.1.1 -> 20.1.8
• unleash-edge-delta: 20.1.7 -> 20.1.8
• unleash-edge-feature-cache: 20.1.7 -> 20.1.8
• unleash-edge-feature-filters: 20.1.7 -> 20.1.8
• unleash-edge-http-client: 20.1.7 -> 20.1.8
• unleash-edge-persistence: 20.1.7 -> 20.1.8
• unleash-edge-feature-refresh: 20.1.7 -> 20.1.8
• unleash-edge-auth: 20.1.7 -> 20.1.8
• unleash-edge-streaming: 20.1.7 -> 20.1.8
• unleash-edge-appstate: 20.1.7 -> 20.1.8
• unleash-edge-backstage: 20.1.7 -> 20.1.8
• unleash-edge-metrics: 20.1.0 -> 20.1.8
• unleash-edge-client-api: 20.1.7 -> 20.1.8
• unleash-edge-edge-api: 20.1.7 -> 20.1.8
• unleash-edge-enterprise: 20.1.7 -> 20.1.8
• unleash-edge-frontend-api: 20.1.7 -> 20.1.8
• unleash-edge-offline: 20.1.7 -> 20.1.8
• unleash-edge-request-logger: 20.1.7 -> 20.1.8
• unleash-edge-tracing: 20.1.7 -> 20.1.8
• unleash-edge: 20.1.0 -> 20.1.8

Changelog

unleash-edge-types

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-cli

20.1.8 - 2026-02-04

💼 Other

• added client_id to prometheus exporting (#1397) (by @chriswk) - task: added client_id to prometheus exporting #1397

Contributors

• @chriswk

unleash-edge-delta

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-feature-cache

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-feature-filters

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-http-client

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-persistence

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-feature-refresh

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-auth

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-streaming

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-appstate

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-backstage

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-metrics

20.1.8 - 2026-02-04

💼 Other

• added client_id to prometheus exporting (#1397) (by @chriswk) - task: added client_id to prometheus exporting #1397

Contributors

• @chriswk

unleash-edge-client-api

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-edge-api

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-enterprise

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• release v20.1.7 (#1315) (by @unleash-bot[bot]) - chore: release v20.1.7 #1315
• release v20.1.6 (#1302) (by @unleash-bot[bot]) - chore: release v20.1.6 #1302
• add enterprise license (#1307) (by @nunogois) - chore: add enterprise license #1307
• release v20.1.5 (#1291) (by @unleash-bot[bot]) - chore: release v20.1.5 #1291
• release v20.1.4 (#1283) (by @unleash-bot[bot]) - chore: release v20.1.4 #1283
• release v20.1.3 (#1278) (by @unleash-bot[bot]) - chore: release v20.1.3 #1278
• release v20.1.2 (#1265) (by @unleash-bot[bot]) - chore: release v20.1.2 #1265
• release v20.1.1 (#1214) (by @unleash-bot[bot]) - chore: release v20.1.1 #1214
• move enterprise features to their own folder (#1254) (by @sighphyre) - chore: move enterprise features to their own folder #1254

Contributors

• @unleash-bot[bot]
• @nunogois
• @sighphyre

unleash-edge-frontend-api

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-offline

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-request-logger

20.1.8 - 2026-02-04

⚙️ Miscellaneous Tasks

• update Cargo.toml dependencies

unleash-edge-tracing

20.1.8 - 2026-02-04

🚀 Features

• add revisionId to things updated by refreshers (#1378) (by @chriswk) - feat: add revisionId to things updated by refreshers #1378
• add Opentelemetry tracing support to enterprise (#1372) (by @chriswk) - feat: add Opentelemetry tracing support to enterprise #1372

🐛 Bug Fixes

• correctly gate tracing test behind enterprise (#1399) (by @sighphyre) - fix: correctly gate tracing test behind enterprise #1399

💼 Other

• added client_id to prometheus exporting (#1397) (by @chriswk) - task: added client_id to prometheus exporting #1397

⚙️ Miscellaneous Tasks

• release v20.1.7 (#1315) (by @unleash-bot[bot]) - chore: release v20.1.7 #1315

Contributors

• @sighphyre
• @chriswk
• @unleash-bot[bot]

unleash-edge

20.1.8 - 2026-02-04

💼 Other

• added client_id to prometheus exporting (#1397) (by @chriswk) - task: added client_id to prometheus exporting #1397

Contributors

• @chriswk

---

This PR was generated with release-plz.

[github-actions]

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

Cargo.lock

Package	Version	License	Issue Type
iana-time-zone	0.1.65	Null	Unknown License

Denied Licenses:

GPL-1.0, GPL-2.0, GPL-3.0, LGPL-2.1, LGPL-3.0, AGPL-3.0

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
cargo/arc-swap	1.8.1	🟢 4.8	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 5 Found 4/8 approved changesets -- score normalized to 5 Maintained 🟢 10 15 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/cc	1.2.55	🟢 6	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 9/17 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/find-msvc-tools	0.1.9	🟢 6	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 9/17 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/flate2	1.1.9	🟢 7.2	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/git2	0.20.4	🟢 6.3	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 9 Found 9/10 approved changesets -- score normalized to 9 Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 9 1 existing vulnerabilities detected Security-Policy 🟢 10 security policy file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/iana-time-zone	0.1.65	🟢 7.2	Details Check Score Reason Maintained 🟢 10 19 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 7/11 approved changesets -- score normalized to 6 Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 9 license file detected Packaging 🟢 10 packaging workflow detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9
cargo/portable-atomic	1.13.1	🟢 6.6	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/regex-automata	0.4.14	🟢 6.1	Details Check Score Reason Maintained 🟢 5 0 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 5 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 0 Found 0/21 approved changesets -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/regex-lite	0.1.9	🟢 6.1	Details Check Score Reason Maintained 🟢 5 0 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 5 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 0 Found 0/21 approved changesets -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/regex-syntax	0.8.9	🟢 6.1	Details Check Score Reason Maintained 🟢 5 0 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 5 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 0 Found 0/21 approved changesets -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/schemars	1.2.1	🟢 5.4	Details Check Score Reason Code-Review ⚠️ 1 Found 5/29 approved changesets -- score normalized to 1 Maintained 🟢 10 15 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/slab	0.4.12	🟢 5.2	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained ⚠️ 1 2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1 Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 9 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 9 Found 27/28 approved changesets -- score normalized to 9 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/tonic	0.14.3	🟢 6.8	Details Check Score Reason Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 22 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 9 Found 28/30 approved changesets -- score normalized to 9 Binary-Artifacts 🟢 4 binaries present in source code CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/tonic-prost	0.14.3	🟢 6.8	Details Check Score Reason Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 22 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 9 Found 28/30 approved changesets -- score normalized to 9 Binary-Artifacts 🟢 4 binaries present in source code CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/tz-rs	0.7.3	Unknown	Unknown
cargo/webpki-root-certs	1.0.6	Unknown	Unknown
cargo/webpki-roots	1.0.6	Unknown	Unknown
cargo/zerocopy	0.8.38	🟢 8.1	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Contributors 🟢 10 project has 10 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected
cargo/zerocopy-derive	0.8.38	🟢 8.1	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Contributors 🟢 10 project has 10 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected
cargo/zmij	1.0.19	Unknown	Unknown
cargo/unleash-edge	>= 20.1.8, < 21.0.0	Unknown	Unknown

Scanned Files

• Cargo.lock
• crates/enterprise/unleash-edge-enterprise-integration-tests/Cargo.toml