Rust code quality and vulnerability scan tool

• rustsec

  33 1,521 9.5 Rust

  RustSec API & Tooling

  

cargo audit will check all your dependencies against the rustsec database and is closer to being a first-party tool than the fancier stuff that also performs the same function.

• advisory-db

  37 856 9.2

  Security advisory database for Rust crates published through crates.io

  

If that were true then https://github.com/RustSec/advisory-db/ would not exist.

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• miri

  120 3,955 10.0 Rust

  An interpreter for Rust's mid-level intermediate representation

  

cargo miri is sort of a blend of ideas from Valgrind and LLVM's sanitizers which you can use to cargo test your unsafe code for undefined behaviour, data races, etc. that can't be caught at compile time. (See also loom which does permutation testing to explore the implications of the C11 memory model for your unsafe code.)

• siderophile

  1 189 5.8 Rust

  Find the ideal fuzz targets in a Rust codebase

  

I'll go ahead and plug siderophile -- you can use it to find all the uses of unsafe in your codebase, and prioritize them for fuzzing, human review, etc.

• dylint

  7 337 9.7 Rust

  Run Rust lints from dynamic libraries

  

If you're looking for something like clippy but with custom lints, there's also dylint -- it is clippy, but with support for running dynamically loaded lints across multiple versions of Rust.

• Cargo

  263 11,958 10.0 Rust

  The Rust package manager

  

Suggest a related project