cargo-auditable with Sergey Davidoff

Allen Wyma talks with Sergey Davidoff, creator of cargo-auditable, a cargo plugin for auditing your Rust dependencies for security vulnerabilities. Contributing to Rustacean Station Rustacean Station is a community project; get in touch with us if you’d like to suggest an idea for an episode or offer your services as a host or audio editor! Twitter: @rustaceanfm Discord: Rustacean Station Github: @rustacean-station Email: [email protected] Timestamps [@00:10] - Introduction to cargo-auditable [@07:51] - Guarantees that cargo-auditable provides [@17:33] - Trivy and other crates that are in cargo-auditable [@19:47] - cargo-auditable vs cargo audit [@21:09] - Sergey’s programming background [@34:49] - Vulnerabilities Sergey was able to encounter and reported to RustSec [@39:47] - Feedbacks and reactions from library owners that were found to have issues [@48:52] - How does Sergey handle problems and issues he encounters? [@56:48] - Sergey’s tips and advice to those who want to improve security on their projects [@59:36] - Parting thoughts and shoutouts Credits Intro Theme: Aerocity Audio Editing: Plangora Hosting Infrastructure: Jon Gjengset Show Notes: Plangora Hosts: Allen Wyma