cargo-auditable with Sergey Davidoff
Nov 11, 2022•1 hr 5 min
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more
Episode description
Allen Wyma talks with Sergey Davidoff, creator of cargo-auditable, a cargo plugin for auditing your Rust dependencies for security vulnerabilities.
Contributing to Rustacean StationRustacean Station is a community project; get in touch with us if you’d like to suggest an idea for an episode or offer your services as a host or audio editor!
- Twitter: @rustaceanfm
- Discord: Rustacean Station
- Github: @rustacean-station
- Email: hello@rustacean-station.org
- [@00:10] - Introduction to cargo-auditable
- [@07:51] - Guarantees that cargo-auditable provides
- [@17:33] - Trivy and other crates that are in cargo-auditable
- [@19:47] - cargo-auditable vs cargo audit
- [@21:09] - Sergey’s programming background
- [@34:49] - Vulnerabilities Sergey was able to encounter and reported to RustSec
- [@39:47] - Feedbacks and reactions from library owners that were found to have issues
- [@48:52] - How does Sergey handle problems and issues he encounters?
- [@56:48] - Sergey’s tips and advice to those who want to improve security on their projects
- [@59:36] - Parting thoughts and shoutouts
Intro Theme: Aerocity
Audio Editing: Plangora
Hosting Infrastructure: Jon Gjengset
Show Notes: Plangora
Hosts: Allen Wyma
For the best experience, listen in Metacast app for iOS or Android