Tag
build-scripts
Safeguard articles tagged "build-scripts" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Engineering
Rust Crate Security: cargo audit, cargo vet and Beyond
cargo audit catches known-bad versions, cargo vet forces someone to actually read the code. What each tool covers, what neither covers, and how to run both without hating your CI.
Sep 20, 20246 min read
Open Source Security
Rust Build Scripts: A Supply Chain Risk Profile
Why build.rs is the highest-leverage attack surface in the Rust ecosystem, with concrete examples from 2023 and 2024 incidents.
Mar 20, 20246 min read
Software Supply Chain Security
Cargo Build Script Security: What build.rs Can Do to Your Machine
Rust build scripts run arbitrary code during compilation. Here is what they can access and how to evaluate the risk in your dependency tree.
Dec 8, 20224 min read