#supply-chain-security #security #supply-chain #audit #cargo-vet

mini-vet

A client for the cargo-vet registry. Fetches security reviews for Rust/Cargo crates.

4 releases (stable)

1.2.0 Mar 20, 2024
1.1.0 Dec 10, 2023
1.0.0 Dec 5, 2023
0.9.0 Dec 4, 2023

#10 in #supply-chain

MIT/Apache

30KB
575 lines

Minimal cargo-vet client

This is a library that downloads and parses Rust crate reviews in the cargo-vet format. It can be used to build custom tools for auditing supply-chain security, reusing reviews from the cargo-vet registry, or indirectly from cargo-crev or Debian or Guix.

Dependencies

~5–16MB
~213K SLoC