Come journey with us into the weird, wonderful, and wily world of Rust.

cargo-auditable with Sergey Davidoff

November 11, 2022 1:04:33 61.97 MB Downloads: 0

Allen Wyma talks with Sergey Davidoff, creator of cargo-auditable, a cargo plugin for auditing your Rust dependencies for security vulnerabilities.

Contributing to Rustacean Station

Rustacean Station is a community project; get in touch with us if you’d like to suggest an idea for an episode or offer your services as a host or audio editor!

Timestamps

  • [@00:10] - Introduction to cargo-auditable
  • [@07:51] - Guarantees that cargo-auditable provides
  • [@17:33] - Trivy and other crates that are in cargo-auditable
  • [@19:47] - cargo-auditable vs cargo audit
  • [@21:09] - Sergey’s programming background
  • [@34:49] - Vulnerabilities Sergey was able to encounter and reported to RustSec
  • [@39:47] - Feedbacks and reactions from library owners that were found to have issues
  • [@48:52] - How does Sergey handle problems and issues he encounters?
  • [@56:48] - Sergey’s tips and advice to those who want to improve security on their projects
  • [@59:36] - Parting thoughts and shoutouts

Credits

Intro Theme: Aerocity

Audio Editing: Plangora

Hosting Infrastructure: Jon Gjengset

Show Notes: Plangora

Hosts: Allen Wyma