Lib.rs

Encodingcargo-auditable
#json #extract #input #tree #binaries #auditable #cargo

auditable-info

High-level crate to extract the dependency trees embedded in binaries by cargo auditable

by Sergey "Shnatsel" Davidoff, Tony Arcieri and 5 contributors

8 releases

0.7.0 Apr 27, 2023
0.6.3-alpha.1 Oct 24, 2022
0.5.0 Oct 2, 2022
0.5.0-alpha.4 Sep 18, 2022

#1175 in Encoding

Download history 8247/week @ 2023-12-05 8269/week @ 2023-12-12 6399/week @ 2023-12-19 4701/week @ 2023-12-26 7121/week @ 2024-01-02 7752/week @ 2024-01-09 7978/week @ 2024-01-16 7413/week @ 2024-01-23 8667/week @ 2024-01-30 9232/week @ 2024-02-06 10474/week @ 2024-02-13 9659/week @ 2024-02-20 8897/week @ 2024-02-27 9481/week @ 2024-03-05 9319/week @ 2024-03-12 7635/week @ 2024-03-19

36,834 downloads per month
Used in 3 crates

MIT/Apache

29KB
363 lines

High-level crate to extract the dependency trees embedded in binaries by cargo auditable.

Deserializes them to a JSON string or Rust data structures, at your option.

Features

  • Binary parsing designed from the ground up for resilience to malicious inputs.
  • 100% memory-safe Rust, including all dependencies. (There is some unsafe in serde_json and its dependencies, but only in serialization, which isn't used here).
  • Cross-platform, portable, easy to cross-compile. Runs on any Rust target with std.
  • Parses binaries from any supported platform, not just the platform it's running on.
  • Supports setting size limits for both input and output, to protect against OOMs and zip bombs.

Usage

// Uses the default limits: 1GiB input file size, 8MiB audit data size
let info = audit_info_from_file(&PathBuf::from("path/to/file"), Default::default())?;

Functions to load the data from a Read instance or from &[u8] are also provided, see the documentation.

Alternatives

rust-audit-info is a command-line interface to this crate.

If you need an even lower-level interface than the one provided by this crate, use the auditable-extract and auditable-serde crates.

Dependencies

~325–590KB
~13K SLoC