rust-secure-code / projects Goto Github PK
View Code? Open in Web Editor NEWContains a list of security related Rust projects.
License: GNU General Public License v3.0
projects's People
Contributors
Stargazers
Watchers
Forkers
phayes anderejd disconnect3d romac jakubadamw jnaulty ralpha ralfjung age-rs pangpangpeng sajibekanti chaosstudygroup dorianbdev 0x6b7966 w0wpolaris tnballo 8573 snoopysecurity u32luke nicceboy yevh 0xrh0d4m1nprojects's Issues
List GHSA and OSV under vulnerability disclosure
RustSec is no longer the only way to get Rust vulnerability disclosures.
https://github.com/advisories?query=type%3Areviewed+ecosystem%3Arust
the link to ctgrind is no longer valid
Hi, the list is fantastic. I found that the link(https://github.com/RustCrypto/utils/tree/master/ctgrind) to ctgrind is no longer valid. What is the current status of this project? Or are there any other options?
Repo title
"rustsec" is the name of the vulnerability database. I think it's a bit confusing to have projects related to the WG also branded as "rustsec".
Perhaps just rename this repo to "projects" so it's rust-secure-code/projects?
Crate adoption or suggest migration
I no longer wish to maintain 4 crates which have accumulated dependents. Instead of transferring ownership over the name to the first person who shows interest in a project, should I publish a breaking version change which erases all functionality and announces the crate is archived, then suggest migrating to or creating a new fork. Listing known alternatives if they exist.
What do you think?
Alternatively I would be happy to transfer the crates to any member of this organization with implicit trust.
The crates in question have 11, 1, 18, 1, dependents respectively. The nature of alloc_counter and criterion-cycles-per-byte tend towards security contexts, notably cryptography.
https://crates.io/crates/alloc_counter/reverse_dependencies
https://crates.io/crates/alloc_counter_macro/reverse_dependencies
https://crates.io/crates/criterion-cycles-per-byte/reverse_dependencies
https://crates.io/crates/wrapped_enum/reverse_dependencies
Cargo Vet
Mozilla's Cargo Vet probably belongs in your list somewhere.
https://github.com/mozilla/cargo-vet
https://mozilla.github.io/cargo-vet/
Their FAQ draws a comparison to cargo crev, so maybe place it next to that.
Mention cargo-deny
Since cargo-deny also provides vulnerability checking (I think it uses the same underlying code as cargo-audit) it would be nice to mention it here. (Of course it does some more things which might also be mentioned somehow.) It seems like a nice unified solution.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.