cargo-auditable with Sergey Davidoff
Rustacean Station
English - November 11, 2022 16:55 - 1 hour - 59.1 MB - ★★★★★ - 56 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Allen Wyma talks with Sergey Davidoff, creator of cargo-auditable, a cargo plugin for auditing your Rust dependencies for security vulnerabilities.
Contributing to Rustacean Station
Rustacean Station is a community project; get in touch with us if you’d like to suggest an idea for an episode or offer your services as a host or audio editor!
Twitter: @rustaceanfm
Discord: Rustacean Station
Github: @rustacean-station
Email: [email protected]
Timestamps
[@00:10] - Introduction to cargo-auditable
[@07:51] - Guarantees that cargo-auditable provides
[@17:33] - Trivy and other crates that are in cargo-auditable
[@19:47] - cargo-auditable vs cargo audit
[@21:09] - Sergey’s programming background
[@34:49] - Vulnerabilities Sergey was able to encounter and reported to RustSec
[@39:47] - Feedbacks and reactions from library owners that were found to have issues
[@48:52] - How does Sergey handle problems and issues he encounters?
[@56:48] - Sergey’s tips and advice to those who want to improve security on their projects
[@59:36] - Parting thoughts and shoutouts
Credits
Intro Theme: Aerocity
Audio Editing: Plangora
Hosting Infrastructure: Jon Gjengset
Show Notes: Plangora
Hosts: Allen Wyma