Download
A cryptographically verifiable code review system for the cargo (Rust) package manager. cargo-crev is an implementation of Crev as a command-line tool integrated with cargo. This tool helps Rust users evaluate the quality and trustworthiness of their package dependencies. Crev is a language and ecosystem agnostic, distributed code review system. Use reviews produced by other users. Increase the trustworthiness of your own code. Build a web of trust of other reputable users to help verify the code you use. Static binaries are available from the releases page. Crev is a system for verifying the security and reliability of dependencies based on collaborative code reviews. Crev users review the source code of packages/libraries/crates and share their findings with others. Crev then uses Web of Trust to select trusted reviews and judge the reputation of projects' dependencies.
Features
- Crev is a language and ecosystem agnostic
- Distributed code review system
- Warn you about untrustworthy crates and security vulnerabilities
- Display useful metrics about your dependencies
- Help you identify dependency-bloat
- Allow you to review most suspicious dependencies and publish your findings
- Use reviews produced by other users
Project Samples
