Tag
crates-io
Safeguard articles tagged "crates-io" — guides, analysis, and best practices for software supply chain and application security.
16 articles
Software Supply Chain Security
Crates.io Security Audit Results: The State of Rust Package Security
Security audits of the Rust crate ecosystem reveal patterns of unsafe code, build script risks, and supply chain vulnerabilities. Here is what the data shows.
Mar 5, 20246 min read
Dependency Security
Rust Cargo Dependency Security Guide
How to secure your Rust supply chain with Cargo.lock, crate auditing, and build script controls.
Nov 10, 20235 min read
Open Source Security
Rust Supply Chain Security: How crates.io Stacks Up Against npm and PyPI
Rust's crates.io registry has design advantages for supply chain security, but it's not immune. Here's an honest assessment of the Rust ecosystem.
Sep 8, 20226 min read
Open Source Security
Rust Crate Supply Chain Security: Lessons from a Growing Ecosystem
As Rust adoption accelerates, its crate ecosystem faces the same supply chain threats that plague npm and PyPI. Here's what the Rust community is doing right — and where gaps remain.
Jan 20, 20225 min read