cargo-outdated
A cargo subcommand for displaying when Rust dependencies are out of date (by kbknapp)
cargo-supply-chain
Gather author, contributor and publisher data on crates in your dependency graph. (by rust-secure-code)
| cargo-outdated | cargo-supply-chain | |
|---|---|---|
| 7 | 20 | |
| 1,141 | 311 | |
| - | 1.3% | |
| 6.7 | 4.9 | |
| about 1 month ago | about 1 month ago | |
| Rust | Rust | |
| MIT License | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cargo-outdated
Posts with mentions or reviews of cargo-outdated.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-05-03.
-
What are some useful tools for Rust?
cargo-outdated
-
How to list upgradable crates programmatically
I've tried to use cargo-outdated like so:
-
My Rust development workflow (after 3+ years)
Thanks to cargo and the community, project maintenance is straightforward in rust. You'll need to install cargo-outdated and cargo-audit:
-
Mental models for learning Rust
Use the automated tools to assist you in the maintenance of your projects: rustfmt, clippy, cargo update, cargo outdated and cargo-audit.
-
5 useful Cargo Plugins
I'd add cargo-outdated for checking for outdated dependencies. cargo-tree is also useful, but that's built into cargo itself for some time already.
-
Announcing `cargo supply-chain`: Know whom you trust
Some combination of cargo-outdated and cargo-msrv could probably do this in a slightly more manual fashion.
-
[Utility] Announcing version-checker - It Does What It Says on the Tin and More, Trust Me
So it merges functionality of cargo-outdated and cargo-audit?
cargo-supply-chain
Posts with mentions or reviews of cargo-supply-chain.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-01-04.
-
Release of Structsy 0.5
Great news! Sounds like a good way to add caching to cargo supply-chain. There's a lot of small chunks of data we want to persist.
-
greater supply chain attack risk due to large dependency trees?
Shameless plug: https://github.com/rust-secure-code/cargo-supply-chain shows the supply chain attack surface for your Rust project.
-
Announcement: xflags 3.0.0
bpaf: https://github.com/rust-secure-code/cargo-supply-chain/blob/29bfcb256001cdef46830544b554d33c56602030/src/cli.rs
-
Yet another command line argument parser: bpaf 0.5.2
I'm very happy with it for cargo supply-chain. I appreciate that it has no unsafe code, no sprawling dependency tree, and supports OsStr in addition to just &str.
-
Best way to protect a project from supply chain attacks?
cargo supply-chain to see your attack surface for supply chain attacks
- Cargo-supply-chain: Rust author, contributor and publisher data for dep. crates
-
Comparing Rust supply chain safety tools
See also: cargo supply-chain
-
Yet another command line argument parser: bpaf 0.4.0
I've used bpaf for cargo supply-chain and I'm very happy with it.
-
Fundamental - finding out who you can fund in dependency tree
https://github.com/rust-secure-code/cargo-supply-chain can also help here.
-
Announcing `cargo supply-chain` v0.3: revamped CLI, separate JSON schema
cargo supply-chain list the publishers of all crates in your dependency graph. With it you can:
What are some alternatives?
When comparing cargo-outdated and cargo-supply-chain you can also consider the following projects:
cargo-check
cap-std - Capability-oriented version of the Rust standard library
Cargo - The Rust package manager
paru - Feature packed AUR helper
cargo-edit - A utility for managing cargo dependencies from the command line.
cargo-crev - A cryptographically verifiable code review system for the cargo (Rust) package manager.
cargo-script - Cargo script subcommand
cargo-auditable - Make production Rust binaries auditable
cargo-watch - Watches over your Cargo project's source.
eve-rs - A simple, intuitive, express-like HTTP library
overflower - A Rust compiler plugin and support library to annotate overflow behavior
cargo-msrv - 🦀 Find the minimum supported Rust version (MSRV) for your project
cargo-outdated vs cargo-check
cargo-supply-chain vs cap-std
cargo-outdated vs Cargo
cargo-supply-chain vs paru
cargo-outdated vs cargo-edit
cargo-supply-chain vs cargo-crev
cargo-outdated vs cargo-script
cargo-supply-chain vs cargo-auditable
cargo-outdated vs cargo-watch
cargo-supply-chain vs eve-rs
cargo-outdated vs overflower
cargo-supply-chain vs cargo-msrv