10 releases (4 breaking)

0.5.2 Oct 24, 2022
0.5.1 Oct 2, 2022
0.5.0 Aug 8, 2022
0.4.0 Aug 6, 2022
0.1.0 Sep 7, 2020

#174 in Encoding

Download history 9128/week @ 2022-11-28 8713/week @ 2022-12-05 9513/week @ 2022-12-12 8359/week @ 2022-12-19 5121/week @ 2022-12-26 7883/week @ 2023-01-02 10296/week @ 2023-01-09 10114/week @ 2023-01-16 10405/week @ 2023-01-23 9602/week @ 2023-01-30 8668/week @ 2023-02-06 7124/week @ 2023-02-13 6979/week @ 2023-02-20 7274/week @ 2023-02-27 9067/week @ 2023-03-06 7814/week @ 2023-03-13

31,696 downloads per month
Used in 4 crates

MIT/Apache

28KB
481 lines

Parses and serializes the JSON dependency tree embedded in executables by the cargo auditable.

This crate defines the data structures that a serialized to/from JSON and implements the serialization/deserialization routines via serde. It also provides optional conversions from cargo metadata and to Cargo.lock formats.

The [VersionInfo] struct is where all the magic happens, see the docs on it for more info.

Basic usage

Note: this is a low-level crate that only implements JSON parsing. It rarely should be used directly. You probably want the higher-level auditable-info crate instead.

The following snippet demonstrates full extraction pipeline, including platform-specific executable handling via auditable-extract and decompression using the safe-Rust miniz_oxide:

use std::io::{Read, BufReader};
use std::{error::Error, fs::File, str::FromStr};

fn main() -> Result<(), Box<dyn Error>> {
    // Read the input
    let f = File::open("target/release/hello-world")?;
    let mut f = BufReader::new(f);
    let mut input_binary = Vec::new();
    f.read_to_end(&mut input_binary)?;
    // Extract the compressed audit data
    let compressed_audit_data = auditable_extract::raw_auditable_data(&input_binary)?;
    // Decompress it with your Zlib implementation of choice. We recommend miniz_oxide
    use miniz_oxide::inflate::decompress_to_vec_zlib;
    let decompressed_data = decompress_to_vec_zlib(&compressed_audit_data)
        .map_err(|_| "Failed to decompress audit data")?;
    let decompressed_data = String::from_utf8(decompressed_data)?;
    println!("{}", decompressed_data);
    // Parse the audit data to Rust data structures
    let dependency_tree = auditable_serde::VersionInfo::from_str(&decompressed_data);
    Ok(())
}

Dependencies

~1.1–2.2MB
~53K SLoC