cargo-auditable ☆

« Back to VersTracker

Description:
Make production Rust binaries auditable

Type: Formula | Latest Version: 0.7.2@0 | Tracked Since: Dec 17, 2025

Links: Homepage | formulae.brew.sh

Category: Security

Tags: rust security auditing devops supply-chain

Install: brew install cargo-auditable

About:
cargo-auditable injects build-time metadata into Rust binaries, enabling comprehensive vulnerability auditing of production software. It allows tools like cargo-audit to verify dependencies against known security advisories, even on stripped binaries where standard lockfiles are unavailable. This ensures your compiled applications remain verifiable and secure throughout their lifecycle.

Key Features:

Embeds complete dependency trees directly into compiled Rust binaries
Works with stripped binaries and release builds without bloat
Seamless integration with cargo-audit for vulnerability scanning
Zero runtime performance overhead
Supports all standard Rust build targets

Use Cases:

Auditing production deployments where source lockfiles are unavailable
Compliance verification for supply chain security requirements
Continuous security monitoring of deployed Rust applications
Incident response forensics for vulnerability impact assessment

Alternatives:

cargo-audit – cargo-audit checks vulnerabilities but requires lockfiles; cargo-auditable makes binaries self-auditable
cve-bin-tool – Multi-language scanner; cargo-auditable is Rust-specific and more accurate for Rust binaries

License: Apache-2.0 OR MIT

Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, sonoma, arm64_linux, x86_64_linux

Version History

Detected	Change	Commit
Oct 19, 2025 1:52pm	VERSION_BUMP	f2ab7584
Sep 12, 2025 5:52pm	VERSION_BUMP	98a18f1b
Nov 24, 2024 4:51am	VERSION_BUMP	1771d76c
Nov 11, 2024 6:50pm	VERSION_BUMP	4e096c19
Nov 11, 2024 6:27pm	VERSION_BUMP	25c61c5e
Oct 27, 2024 11:42pm	VERSION_BUMP	cf52b044