{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreia5j4vts3wpanlmitfco2lsvquymrdekjwisfofybsj6wfdiya5yi",
    "uri": "at://did:plc:ivbknywyskln22er3nkssdhl/app.bsky.feed.post/3mj7o4vsf5bg2"
  },
  "path": "/t/build-security/24166#post_8",
  "publishedAt": "2026-04-11T01:11:19.000Z",
  "site": "https://internals.rust-lang.org",
  "textContent": "Note that needling to list crate names in `build-rs-allowed` means that adding a `build.rs` is a SemVer hazard (i.e., major version bump). One should also use the exposed name of the crate so that you can grant, say, `serde1` `build.rs` access, but not `serde2`.",
  "title": "Build Security"
}