#json #extract #input #tree #binaries #auditable #cargo

auditable-info

High-level crate to extract the dependency trees embedded in binaries by cargo auditable

10 releases

0.7.2 May 8, 2024
0.7.1 May 3, 2024
0.7.0 Apr 27, 2023
0.6.3-alpha.1 Oct 24, 2022
0.5.0-alpha.4 Sep 18, 2022

#576 in Encoding

Download history 8897/week @ 2024-02-27 9481/week @ 2024-03-05 9319/week @ 2024-03-12 9018/week @ 2024-03-19 7190/week @ 2024-03-26 8373/week @ 2024-04-02 7825/week @ 2024-04-09 7487/week @ 2024-04-16 8285/week @ 2024-04-23 8492/week @ 2024-04-30 8673/week @ 2024-05-07 8685/week @ 2024-05-14 8210/week @ 2024-05-21 7934/week @ 2024-05-28 8701/week @ 2024-06-04 7563/week @ 2024-06-11

33,534 downloads per month
Used in 3 crates

MIT/Apache

32KB
410 lines

High-level crate to extract the dependency trees embedded in binaries by cargo auditable.

Deserializes them to a JSON string or Rust data structures, at your option.

Features

  • Binary parsing designed from the ground up for resilience to malicious inputs.
  • 100% memory-safe Rust, including all dependencies. (There is some unsafe in serde_json and its dependencies, but only in serialization, which isn't used here).
  • Cross-platform, portable, easy to cross-compile. Runs on any Rust target with std.
  • Parses binaries from any supported platform, not just the platform it's running on.
  • Supports setting size limits for both input and output, to protect against OOMs and zip bombs.

Usage

// Uses the default limits: 1GiB input file size, 8MiB audit data size
let info = audit_info_from_file(&PathBuf::from("path/to/file"), Default::default())?;

Functions to load the data from a Read instance or from &[u8] are also provided, see the documentation.

Alternatives

rust-audit-info is a command-line interface to this crate.

If you need a lower-level interface than the one provided by this crate, use the auditable-extract and auditable-serde crates.

Dependencies

~325–770KB
~16K SLoC