cargo deny Fearlessly update your dependencies

Security

Update your Rust dependencies fearlessly with CargoDeny, a tool that evaluates lock files, detects yanked versions, and provides license analysis and visualization capabilities.

Key takeaways
  • CargoDeny is a tool that helps you update your dependencies fearlessly. It evaluates the lock file and allows you to specify which versions of a dependency you want to use.
  • CargoDeny uses the Cargo metadata and license files to determine the licenses used in a crate.
  • It can detect yanked versions and duplicates, and provides a way to specify which licenses you allow or deny.
  • CargoDeny is designed to work with the Rust ecosystem and can be used with other tools like Cargo Audit and RustSec.
  • It allows you to create a graph of your dependencies and visualize how they interact with each other.
  • CargoDeny can be used to detect and fix security vulnerabilities, and provides a way to specify which advisories you want to use.
  • It can also be used to detect and remove unused dependencies, and provides a way to specify which versions of a dependency you want to use.
  • CargoDeny is designed to be easy to use and provides a simple command-line interface.
  • It can be used with other tools like GitHub and GitLab to manage your dependencies and create a consistent naming convention.
  • CargoDeny is free and open-source, and is available on GitHub.
  • The tool is designed to work with the Cargo ecosystem and provides a way to specify which versions of a dependency you want to use.
  • The tool is designed to be fast and efficient, and can handle large dependency graphs.
  • The tool provides a way to specify which advisories you want to use and can detect and fix security vulnerabilities.
  • The tool can be used to detect and remove unused dependencies and is designed to be easy to use.
  • The tool provides a way to visualize your dependency graph and is designed to work with the Rust ecosystem.
  • The tool is designed to be customizable and provides a way to specify which licenses you allow or deny.

More talks

KEYNOTE: GitHub -- The Interconnected Developer Community and the Evolution of Software Productivity

DPC2019: Performant APIs with GraphQL and PHP - Andrew Rota

Keynote: Black Hat at 25: Where Do We Go from Here?

mephisto: Smart Factory: Wie Timeseries-Daten klassische Industrien verändern und zukunftsfähig mach

You Shall Not Password: Modern Authentication for Web Apps - Eli Holderness - NDC Sydney 2022

Restful Web API Patterns & Practices Cookbook • Mike Amundsen & Alianna Inzana

Cybersecurity for Crypto Startups and Companies

Exploring Spring Boot Clients: A Comprehensive Overview by Patrick Baumgartner