cargo-deny
rust
cargo-deny | rust | |
---|---|---|
15 | 2,684 | |
1,554 | 93,266 | |
1.7% | 1.2% | |
8.8 | 10.0 | |
5 days ago | 1 day ago | |
Rust | Rust | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cargo-deny
-
Please add licenses to your projects, rust DS emulator Dust now dead.
Tip: You can check the licenses of all your dependencies (recursively) using cargo-deny: https://github.com/EmbarkStudios/cargo-deny
- Cargo-deny: a cargo plugin for linting Rust project dependencies
-
What are some useful tools for Rust?
cargo-deny
-
Can versions of a crate be blocked / be made unusable / be made not downloadable?
cargo-deny can help block specified versions of a crate and even has some advisory features that can probably used to block crate with reported vulnerabilities
-
Best way to protect a project from supply chain attacks?
cargo deny for fetching crates only from trusted sources, blacklisting crates, etc.
-
NPM malware and what it could imply for Cargo
Use cargo audit or cargo deny to check the crates in your Cargo.lock to ensure they don't contain any vulnerabilities.
-
This Year in Embedded Rust: 2021 edition
> Explain the crate scanner thing?
I assume a reference to tools that help manage potential issues around dependencies, e.g.:
* https://github.com/rustsec/rustsec/tree/main/cargo-audit
* https://github.com/EmbarkStudios/cargo-deny
"[cargo-audit] Audit Cargo.lock files for crates with security vulnerabilities reported to the RustSec Advisory Database."
"cargo-deny is a cargo plugin that lets you lint your project's dependency graph to ensure all your dependencies conform to your expectations and requirements." e.g. license, security advisories, source.
-
Score card for dependencies in a project
cargo-deny does license and security advisory checking, and cargo-geiger does unsafe checking.
-
How can we make sure this doesn't happen with Crates.io?
cargo-deny
-
Blog post: Cross compiling Rust Windows binaries from Linux
OpenSSL has been banned in our project for a variety of reasons via cargo-deny for around a year and half, it was actually one of the reasons we created it in the first place.
rust
-
Rust to .NET compiler – Progress update
> There are online Rust compilers and interpreters already if you just want to rapid prototype and develop ideas in Rust
You are responding to one of the key developers of Rust early on[1], who's been working with the language for 14 years at that point.
[1] https://github.com/rust-lang/rust/graphs/contributors?from=2... and he's still #16 in commits overall today, despite almost no activity on the rust compiler since 2014.
-
Create a Custom GitHub Action in Rust
If you haven't dipped your touch-typing fingers into Rust yet, you really owe it to yourself. Rust is a modern programming language with features that make it suitable not only for systems programming -- its original purpose, but just about any other environment, too; there are frameworks that let your build web services, web applications including user interfaces, software for embedded devices, machine learning solutions, and of course, command-line tools. Since a custom GitHub Action is essentially a command-line tool that interacts with the system through files and environment variables, Rust is perfectly suited for that as well.
-
Why Does Windows Use Backslash as Path Separator?
Here's an example of someone citing a disagreement between CRT and shell32:
https://github.com/rust-lang/rust/issues/44650
This in addition to the Rust CVE mentioned elsewhere in the thread which was rooted in this issue:
https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html
Here are some quick programs to test contrasting approaches. I don't have examples of inputs where they parse differently on hand right now, but I know they exist. This was also a problem that was frequently discussed internally when I worked at MSFT.
#include
-
I hate Rust (programming language)
> instead of choosing a certain numbered version of the random library (if I remember correctly) I let cargo download the latest version which had a completely different API.
Yeah, they didn't follow the instructions and got burned. I still think that multiple things went wrong simultaneously for that experience. I wonder if more prevalent uses of `#[doc(alias = "name")]` being leveraged by https://github.com/rust-lang/rust/pull/120730 (which now that I check only accounts for methods and not functions, I should get on that!) so that when changing APIs around people at least get a slightly better experience.
- Rust Weird Exprs
- Critical safety flaw found in Rust on Windows (CVE-2024-24576)
-
Unformat Rust code into perfect rectangles
Almost fixed the compiler: https://github.com/rust-lang/rust/pull/123325
-
Implement React v18 from Scratch Using WASM and Rust - [1] Build the Project
Rust: A secure, efficient, and modern programming language (omitting ten thousand words). You can simply follow the installation instructions provided on the official website.
-
Show HN: Fancy-ANSI – Small JavaScript library for converting ANSI to HTML
Recently did something similar in Rust but for generating SVGs. We've adopted it for snapshot testing of cargo and rustc's output. Don't have a good PR handy for showing Github's rendering of changes in the SVG (text, side-by-side, swiping) but https://github.com/rust-lang/rust/pull/121877/files has newly added SVGs.
To see what is supported, see the screenshot in the docs: https://docs.rs/anstyle-svg/latest/anstyle_svg/
-
Upgrading Hundreds of Kubernetes Clusters
We strongly believe in Rust as a powerful language for building production-grade software, especially for systems like ours that run alongside Kubernetes.
What are some alternatives?
cargo-about - 📜 Cargo plugin to generate list of all licenses for a crate 🦀
carbon-lang - Carbon Language's main repository: documents, design, implementation, and related tools. (NOTE: Carbon Language is experimental; see README)
advisory-db - Security advisory database for Rust crates published through crates.io
zig - General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.
xwin - A utility for downloading and packaging the Microsoft CRT headers and libraries, and Windows SDK headers and libraries needed for compiling and linking programs targeting Windows.
Nim - Nim is a statically typed compiled systems programming language. It combines successful concepts from mature languages like Python, Ada and Modula. Its design focuses on efficiency, expressiveness, and elegance (in that order of priority).
crates.io-index - Registry index for crates.io
Odin - Odin Programming Language
static_init
Elixir - Elixir is a dynamic, functional language for building scalable and maintainable applications
nextest - A next-generation test runner for Rust.
Rustup - The Rust toolchain installer