|4 months ago||5 days ago|
|GNU General Public License v3.0 or later||GNU General Public License v3.0 or later|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ANN: Similar, a modern diff library for Rust for all your diffing needs
9 projects | reddit.com/r/rust | 31 Jan 2021
Does this support higher level structures a la treediff? Would be great to use this for json patch and friends.
Unsoundness in owning_ref
10 projects | reddit.com/r/rust | 26 Jan 2022
This looks like it should be reported to https://github.com/rustsec/advisory-db
QCell 0.5.0 release, with no_std support
2 projects | reddit.com/r/rust | 23 Jan 2022
You might want to open a security advisory for that unsoundness issue. The database has a dedicated advisory type for unsoundness issues, see e.g. RUSTSEC-2019-0036
6 projects | reddit.com/r/rust | 21 Jan 2022
Perhaps submit unbounded to the rustsec advisory-db?
Top Rust Cargo Commands
2 projects | dev.to | 15 Nov 2021
cargo audit can be installed through cargo install cargo-audit and is used to audit Cargo.lock files for crates with security vulnerabilities reported to the RustSec Advisory Database.
Is the chrono crate unmaintained?
5 projects | reddit.com/r/rust | 18 Oct 2021
Advisory PR for chrono itself open here. Would appreciate any review.5 projects | reddit.com/r/rust | 18 Oct 2021
https://github.com/RustSec/advisory-db/blob/main/crates/time/RUSTSEC-2020-0071.md says that ^0.1 is also affected.
Security advisory database for Rust crates published through crates.io
1 project | reddit.com/r/rust | 13 Oct 2021
GitHub Advisory Database now supports Rust
3 projects | reddit.com/r/rust | 23 Sep 2021
I understand their database is mostly a mirror of the RustSec database right now. I'm happy to see that info reach more people!
Rudra: Rust Memory Safety & Undefined Behavior Detection
5 projects | reddit.com/r/rust | 20 Aug 2021
To clarify, this can analyze unsafe code. It has found 70+ real-world issues to date. I've reviewed many of them for inclusion in https://github.com/rustsec/advisory-db, I'm glad to see the tool used to find them released at last!
Google's unified vulnerability schema for open source supports Rust on launch
7 projects | reddit.com/r/rust | 24 Jun 2021
As usual, if you have discovered a security issue in your code and would like to notify your dependents so they could upgrade to a fixed version, be sure to report it. (If you've just found a memory safety issue and are not sure if it qualifies, get in touch and we'll help you assess the impact).
What are some alternatives?
vulndb - [mirror] The Go Vulnerability Database
Rudra - Rust Memory Safety & Undefined Behavior Detection
cargo-deny - ❌ Cargo plugin for linting your dependencies 🦀
project-safe-transmute - Project group working on the "safe transmute" feature
webpki - WebPKI X.509 Certificate Validation in Rust
rustsec - Audit Cargo.lock files for dependencies with security vulnerabilities
chrono - Date and time library for Rust
Rudra-PoC - Trophy case for Rudra bugs.
similar - A high level diffing library for rust based on diffs
crates.io - Source code for crates.io
rust - Empowering everyone to build reliable and efficient software.