Parses and serializes the JSON dependency tree embedded in executables by the
auditable
crate.
This crate defines the data structures that a serialized to/from JSON
and implements the serialization/deserialization routines via serde
.
It also provides optional conversions from cargo metadata
and to Cargo.lock
formats.
The VersionInfo
struct is where all the magic happens, see the docs on it for more info.
Basic usage
The following snippet demonstrates full extraction pipeline, including
platform-specific executable handling via
auditable-extract
and decompression
using the safe-Rust miniz_oxide
:
use std::io::{Read, BufReader};
use std::{error::Error, fs::File, str::FromStr};
fn main() -> Result<(), Box<dyn Error>> {
let f = File::open("target/release/hello-auditable")?;
let mut f = BufReader::new(f);
let mut input_binary = Vec::new();
f.read_to_end(&mut input_binary)?;
let compressed_audit_data = auditable_extract::raw_auditable_data(&input_binary)?;
use miniz_oxide::inflate::decompress_to_vec_zlib;
let decompressed_data = decompress_to_vec_zlib(&compressed_audit_data)
.map_err(|_| "Failed to decompress audit data")?;
let decompressed_data = String::from_utf8(decompressed_data)?;
println!("{}", decompressed_data);
let dependency_tree = auditable_serde::VersionInfo::from_str(&decompressed_data);
Ok(())
}