Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/freedomofpress/securedrop-supply-chain

Aggregated audits for Rust crates by SecureDrop
https://github.com/freedomofpress/securedrop-supply-chain

Last synced: 7 days ago
JSON representation

Aggregated audits for Rust crates by SecureDrop

Host: GitHub
URL: https://github.com/freedomofpress/securedrop-supply-chain
Owner: freedomofpress
License: agpl-3.0
Created: 2023-12-11T19:28:00.000Z (11 months ago)
Default Branch: main
Last Pushed: 2024-08-07T15:02:54.000Z (3 months ago)
Last Synced: 2024-08-07T18:06:46.697Z (3 months ago)
Size: 37.1 KB
Stars: 0
Watchers: 5
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
- Audit: audits.toml

Awesome Lists containing this project

README

        # SecureDrop's Rust crate audits

SecureDrop uses [cargo-vet](https://mozilla.github.io/cargo-vet/index.html)

to ensure third-party Rust dependencies have been audited  by us or another trusted entity (e.g. [Mozilla](https://github.com/mozilla/supply-chain));

see [our documentation](https://developers.securedrop.org/en/latest/dependency_updates.html#auditing-rust-dependencies)

for more details.

This repository automatically [aggregates](https://mozilla.github.io/cargo-vet/multiple-repositories.html)

our audits from various repositories to make them easily reusable by others.

To import our audits into another cargo-vet instance, add the following

lines to your config.toml:

```toml

[imports.securedrop]

url = "https://raw.githubusercontent.com/freedomofpress/securedrop-supply-chain/main/audits.toml"

```