'cargo auditable' can now be used as a drop-in replacement for Cargo

This page summarizes the projects mentioned and recommended in the original post on /r/rust

Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
  • cargo-auditable

    Make production Rust binaries auditable

    I have investigated a bunch of standardized formats - SPDX, CycloneDX, etc. All of them are unsuitable for a variety of reasons, chief of which are being way too verbose and including timestamps, which would break reproducible builds.

  • syft

    CLI tool and library for generating a Software Bill of Materials from container images and filesystems

    The data format is supported by cargo audit, Syft and Trivy. Reading it from your own tools is also very easy.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    The data format is supported by cargo audit, Syft and Trivy. Reading it from your own tools is also very easy.

  • rust

    Empowering everyone to build reliable and efficient software.

    The moment you stray from the well-trodden path, you run into behavioral difference between linkers or compiler bugs or straight up mysterious issues.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts