My thoughts about Securing Crates

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/rust

Our great sponsors
  • SonarQube - Static code analysis for 29 languages.
  • Scout APM - Less time debugging, more time building
  • SaaSHub - Software Alternatives and Reviews
  • rust

    Empowering everyone to build reliable and efficient software.

    Even without #[forbid(unsafe_code)], the Rust compiler and LLVM aren't meant to be hardened security boundaries and they aren't. (Sorry. I don't know how to look up and link to the equivalent tag on LLVM's bug tracker.)

  • wasmer

    🚀 The leading WebAssembly Runtime supporting WASI and Emscripten

    In short, if you want a security boundary, use a sandbox designed for it, such as embedding a WebAssembly runtime like Wasmer to run your sensitive code or running your binary in a sandbox like Firejail or those provided by systemd, Flatpak, etc.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts