wick
cargo-geiger
wick | cargo-geiger | |
---|---|---|
4 | 30 | |
462 | 1,319 | |
1.1% | 1.7% | |
9.4 | 5.2 | |
6 months ago | 11 days ago | |
Rust | Rust | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
wick
-
Was Rust Worth It?
> In Wick, we use a script to automatically update inline lint configurations for a few dozen crates.
> https://github.com/candlecorp/wick/blob/28465f8c1492e6588bd2...
Good lord, that is an INCREDIBLE number of lints to disable, and for... what? If you have to disable lints telling you about things like unused/dead code, intentional validation of the language's conventional style, unused/unnecessary allocations, useless/trivial type casts, ... then I really wonder what kind of code is actually being written.
- Wick: Functional, reactive, WebAssembly on both client and server
-
Deploying SQLite-Backed REST Application on Candle Cloud (For Free)
Disclaimer: I work at this company
Candle just released the Candle Cloud (https://cloud.candle.dev) with a generous free tier. This allows for anyone who knows basic SQL to create a backend api application and host the application on the Internet. This is made possible by our framework Wick (https://github.com/candlecorp/wick)
If anyone has any questions or wants any help getting your own idea deployed, I will be watching here or you can join our Discord (https://discord.gg/candle) and we can help you there.
I can't wait to see what you can build!
-
Building a request enrichment proxy with Wick and Pangea
Hi Everyone
We've been deep-diving into our project, Wick (https://github.com/candlecorp/wick).
The idea? Use Wick to build a low-code request enrichment HTTP proxy, and then harness that same functionality for a CLI app.
For those wary of low-code, we've got you covered. There's a dedicated section showcasing how to employ Rust to craft a WebAssembly component. This ensures you can seamlessly embed any intricate logic into the same workflow.
Keen to hear your thoughts.
cargo-geiger
-
Was Rust Worth It?
Instead of looking at the crates themselves, you might want to check your (or others') Rust application with https://github.com/rust-secure-code/cargo-geiger to get a sense of effective prevalence. I also dispute that the presence of unsafe somewhere in the dependency tree is an issue in itself, but that's a different discussion that many more had in other sub-threads.
-
Found a language in development called Vale which claims to be the safest AOT compiled language in the World (Claims to beSafer than Rust)
There's still plenty. Run cargo geiger on any of your projects and see for yourself.
-
Question Omnibus: Dependency Fingerprinting, Unsafe Rust, and Memory Safety
On point 2, the answer is cargo geiger, and judging how much memory safety you need for a given project.
- pliron: An extensible compiler IR framework, inspired by MLIR and written in safe Rust.
-
[Discussion] What crates would you like to see?
You can use cargo-geiger or cargo-crev to check for whether people you trusted (e.g. u/jonhoo ) trust this crate.
-
How do you choose what crate you will use?
The amount of unsafe code is also a factor. cargo geiger is a handy tool for measuring it.
-
Seems legit
We have cargo-geiger that does just that.
-
Rosenpass – formally verified post-quantum WireGuard
For that, I believe you need to use cargo-geiger[0] and audit the results.
[0] - https://github.com/rust-secure-code/cargo-geiger
-
Hey Rustaceans! Got a question? Ask here (6/2023)!
cargo-geiger is a subcommand you can install which will check all the crates in your dependency graph for unsafe blocks and print out a report (which also shows if a crate has #![forbid(unsafe_code)] or not). You can then inspect those crates' sources to judge their use of unsafe for yourself. I don't think it has a "check" mode that simply errors if your dependency graph contains unsafe though, it's more about just collecting that information.
-
[CCS Proposal] Preliminary research on rewriting Monero node in Rust
wrt to memory safety, keep in mind that many rust crates use "unsafe" internally. There are tools available that can find these such as cargo-geiger. So I would suggest to avoid unsafe deps as much as possible. Since they cannot be avoided entirely, it is a good idea to keep a list of unsafe deps.
What are some alternatives?
materialize - The data warehouse for operational workloads.
bacon - background rust code check
iggy - Iggy is the persistent message streaming platform written in Rust, supporting QUIC, TCP and HTTP transport protocols, capable of processing millions of messages per second.
ziglings - Learn the Zig programming language by fixing tiny broken programs.
datafuse - An elastic and reliable Cloud Warehouse, offers Blazing Fast Query and combines Elasticity, Simplicity, Low cost of the Cloud, built to make the Data Cloud easy [Moved to: https://github.com/datafuselabs/databend]
nomicon - The Dark Arts of Advanced and Unsafe Rust Programming
dozer - Dozer is a real-time data movement tool that leverages CDC from various sources and moves data into various sinks.
mold - Mold: A Modern Linker 🦠
pushpin - A proxy server for adding push to your API, used at the core of Fastly's Fanout service
miri - An interpreter for Rust's mid-level intermediate representation
lol-html - Low output latency streaming HTML parser/rewriter with CSS selector-based API
orz - a high performance, general purpose data compressor written in the crab-lang