15 releases (8 breaking)
| 0.9.0 | Jul 4, 2025 |
|---|---|
| 0.8.0 | Nov 11, 2024 |
| 0.7.0 | Jul 30, 2024 |
| 0.6.1 | Feb 19, 2024 |
| 0.1.0 | Sep 7, 2020 |
#101 in Encoding
449,204 downloads per month
Used in 15 crates
(7 directly)
16KB
230 lines
Parses and serializes the JSON dependency tree embedded in executables by the
cargo auditable.
This crate defines the data structures that a serialized to/from JSON
and implements the serialization/deserialization routines via serde.
The VersionInfo struct is where all the magic happens, see the docs on it for more info.
Basic usage
Note: this is a low-level crate that only implements JSON parsing. It rarely should be used directly.
You probably want the higher-level auditable-info crate instead.
The following snippet demonstrates full extraction pipeline using this crate,
including platform-specific executable handling via
auditable-extract and decompression
using the safe-Rust miniz_oxide:
use std::io::{Read, BufReader};
use std::{error::Error, fs::File, str::FromStr};
fn main() -> Result<(), Box<dyn Error>> {
// Read the input
let f = File::open("target/release/hello-world")?;
let mut f = BufReader::new(f);
let mut input_binary = Vec::new();
f.read_to_end(&mut input_binary)?;
// Extract the compressed audit data
let compressed_audit_data = auditable_extract::raw_auditable_data(&input_binary)?;
// Decompress it with your Zlib implementation of choice. We recommend miniz_oxide
use miniz_oxide::inflate::decompress_to_vec_zlib;
let decompressed_data = decompress_to_vec_zlib(&compressed_audit_data)
.map_err(|_| "Failed to decompress audit data")?;
let decompressed_data = String::from_utf8(decompressed_data)?;
println!("{}", decompressed_data);
// Parse the audit data to Rust data structures
let dependency_tree = auditable_serde::VersionInfo::from_str(&decompressed_data);
Ok(())
}
Dependencies
~0.6–1.6MB
~33K SLoC