cap-std
crates.io
cap-std | crates.io | |
---|---|---|
12 | 662 | |
621 | 2,802 | |
0.6% | 1.0% | |
6.6 | 10.0 | |
about 1 month ago | about 16 hours ago | |
Rust | Rust | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cap-std
-
Rust Library Team Aspirations | Inside Rust Blog
I believe you mean capability based, like cap-std.
-
A Performance Evaluation on Rust Asynchronous Frameworks
There might be another reason to prefer async-std right now: the Bytecode Alliance is working on a version of std with support for capability-based security (called cap-std: https://github.com/bytecodealliance/cap-std ), and their async version is based on async-std (called cap-async-std: https://github.com/bytecodealliance/cap-std/tree/main/cap-async-std ). Given the clout that the Bytecode Alliance has, async-std might end up carving a niche out in the Wasm domain.
-
Backdooring Rust crates for fun and profit
Would love to see something like this implemented around creating a Process in cap-std ( https://github.com/bytecodealliance/cap-std/issues/190 )
-
Scripting Languages of the Future
I think it's not discussed enough how things like language features shape how library APIs are formed. People usually seem to only consider the question "how would I use this feature?" and not "how would the standard library look like with this feature?", which is surprising given how much builtin libraries affect the pleasantness of a language.
One of the things I'm excited to see is the cap-std project for Rust [0] given what Pony [1] has demonstrated is possible with capabilities. I'm also hoping that languages like Koka [2] and OCaml [3] will demonstrate interesting use cases for algebraic effects.
[0] https://github.com/bytecodealliance/cap-std
[1] https://www.ponylang.io/discover
[2] https://koka-lang.github.io
[3] https://github.com/ocaml-multicore/effects-examples
- Is using crates more safe than using npm?
-
Why WebAssembly is innovative even outside the browser
I'm not sure you could hack the control flow when running bytecode on the JVM, but I strongly doubt that. (The JVM is "high-level" as pointed out previously and doesn't execute ASM like code. So there is no of the attack surface you have to care on the ASM level).
And capabilities are anyway something that belongs into the OS — and than programs need to be written accordingly. The whole point of the capability-security model is that you can't add it after the fact. That's why UNIX isn't, and never will be, a capability secure OS.
But "sanboxing" some process running on a VM is completely independent of that!
WASM won't get you anything beyond a "simple sanbox" ootb. Exactly the same as you have in the other major VM runtimes.
If you want capability-secure Rust, there is much more to that. You have to change a lot of code, and use an alternative std. lib¹. Of course you can't than use any code (or OS functionality) when it isn't also capability-secure. Otherwise the model breaks.
To be capability-secure you have actually to rewrite the world…
¹ https://github.com/bytecodealliance/cap-std
-
Security review of "please", a sudo replacement written in Rust
The type system could definitely help. There's all sorts of things we can do. One really cool project is https://github.com/bytecodealliance/cap-std
- Preparing rustls for wider adoption
- cap-std: Capability-oriented version of the Rust standard library
-
First class I/O
On the topic of unsafe being used to describe raw file descriptors, on one hand, there is a sense in which file descriptors are pointers, into another memory. They can leak, dangle, alias, or be forged, in exactly the same way. On the other, there is an open issue about this.
crates.io
-
Create a Custom GitHub Action in Rust
Rust has a rich ecosystem of frameworks and libraries that let you read, parse, and manipulate text files, interact with cloud services and databases, and perform any other job that your project's development workflow may require. And because of its strong typing and tight memory management, you are much less likely to write programs that behave unexpectedly in production.
-
Rust Keyword Extraction: Creating the YAKE! algorithm from scratch
All the code discussed in this article can be accessed through this repository. For integration with existing projects consider using keyword_extraction crate available on crates.io.
-
Migrating a JavaScript frontend to Leptos, a Rust framework
So, be sure to double-check your critical libraries and be sure their alternatives exist in the Rust ecosystem. There’s a good chance the crates you need are available in Rust's crates.io repository.
-
Learning Rust: A clean start
The previous section was very simple, this section is also very simple but introduces us to cargo which is Rust's package manager, as a JS dev my mind goes straight to NPM.
-
#2 Rust - Cargo Package Manager
Now, there has to be a place where all these packages come from. Similar to npmjs registry, where all node packages are registered, stored and retrieved, Rust also has something called crates.io where many helpful packages and dependencies are registered.
-
Rust 🦀 Installation + Hello World
Before proceeding, let's check https://crates.io/, the official Rust package registry.
-
Underestimating rust for my Project.
The most thrilling aspect has been the joy of writing the backend. It's like every struct, enum, and method in Rust forms this interconnected Multiverse of code , which you can see in crates.io which is best Documentation experience I Ever Had.
-
Top 10 Rusty Repositories for you to start your Open Source Journey
5. Crates.io
-
Project Structure Clarification Coming From Python - With Example
When using crates from eg. crates.io, and also things like std and core
-
Cargo has never frustrated me like npm or pip has. Does Cargo ever get frustrating? Does anyone ever find themselves in dependency hell?
Vendoring your packages was very tedious to even remotely get to work with Cargo. I spent a very long time getting Cargo to work together with cargo-local-registry. We vendor crates from crates.io and a custom internal registry.
What are some alternatives?
godot-wasm-engine
docs.rs - crates.io documentation generator
watt - Runtime for executing procedural macros as WebAssembly
plotters - A rust drawing library for high quality data plotting for both WASM and native, statically and realtimely 🦀 📈🚀
cargo2nix - Granular builds of Rust projects for Nix
Cargo - The Rust package manager
rusty-wacc-viewer
trunk - Build, bundle & ship your Rust WASM application to the web.
cargo-supply-chain - Gather author, contributor and publisher data on crates in your dependency graph.
gtk4-rs - Rust bindings of GTK 4
effects-examples - Examples to illustrate the use of algebraic effects in Multicore OCaml
Rocket - A web framework for Rust.