go>> cargo-supply-chain>> 返回
项目作者: rust-secure-code

项目描述 :
Gather author, contributor and publisher data on crates in your dependency graph.
高级语言: Rust
项目地址: git://github.com/rust-secure-code/cargo-supply-chain.git
创建时间: 2020-10-02T17:43:29Z
项目社区:https://github.com/rust-secure-code/cargo-supply-chain
开源协议:Other
下载


cargo-supply-chain

Gather author, contributor and publisher data on crates in your dependency graph.

Use cases include:

  • Find people and groups worth supporting.
  • Identify risks in your dependency graph.
  • An analysis of all the contributors you implicitly trust by building their software. This might have both a sobering and humbling effect.

Sample output when run on itself: publishers, crates, json.

Usage

To install this tool, please run the following command:

  1. cargo install cargo-supply-chain

Then run it with:

  1. cargo supply-chain publishers

By default the supply chain is listed for all targets and default features only.

You can alter this behavior by passing --target=… to list dependencies for a specific target.
You can use --all-features, --no-default-features, and --features=… to control feature selection.

Here’s a list of subcommands:

  1. Gather author, contributor and publisher data on crates in your dependency graph
  3. Usage: COMMAND [ARG]…
  5. Available options:
  6.     -h, --help      Prints help information
  7.     -v, --version   Prints version information
  9. Available commands:
  10.     publishers  List all crates.io publishers in the depedency graph
  11.     crates      List all crates in dependency graph and crates.io publishers for each
  12.     json        Like 'crates', but in JSON and with more fields for each publisher
  13.     update      Download the latest daily dump from crates.io to speed up other commands
  15. Most commands also accept flags controlling the features, targets, etc.
  16. See 'cargo supply-chain <command> --help' for more information on a specific command.

License

Triple licensed under any of Apache-2.0, MIT, or zlib terms.