-
The dependency list[0] looks pretty reasonable, AFAICT the overwhelming majority of that line-of-code count comes from autogenerated Windows API methods.
[0]: https://github.com/memorysafety/sudo-rs/blob/60985b2f5f7ffa8...
-
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
If you want to move away from Sudo, but don't want to try this rust implementation just yet, I have had great success with OpenBSD's doas. It has been ported to every Linux distro I know of as well:
https://github.com/Duncaen/OpenDoas
-
There's also a straight port of doas:
https://github.com/slicer69/doas/
However unlike sudo and opendoas this does not implement the persist feature on not-OpenBSD.
-
You're probably running into this: https://github.com/rust-lang/cargo/issues/7058
`cargo vendor` will download dependencies for all platforms, which leads to a lot of unused code being pulled in. In this case, the Windows API and Microsoft compiler wrappers.
In this instance, during the build process "tempfile" is used as a dev-dependency, which has a runtime dependency on windows-sys when compiling Windows binaries. I'm not entirely sure why (commenting it out in Cargo.toml doesn't seem to break the build).
After commenting it out and manually removing the spurious Windows API files as well as the unrelated packages (ctor diff output_vt100 pretty_assertions proc-macro2 quote syn unicode-ident yansi), I get the following results:
0.0358 secs
-
└───────────────────────────────────────────────────────────────────────────────────────┘
As a comparison, this is the output for https://github.com/sudo-project/sudo:
0.0439 secs
-
The sudo-rs Cargo.toml [1] file seems very reasonable. This is the curse of being cross platform. The inclusion of https://github.com/Stebalien/tempfile as a dependency is responsible for the overwhelming majority of lines due to including *-sys crates for multiple OSs.
~/Code/tempfile !! tokei vendor
-
I'm not sure, I only see static analysis and fuzzing workflows in the CI on GitHub [1].
[1] https://github.com/millert/sudo/actions
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives