A program that list statistics related to usage of unsafe Rust code in a Rust crate and all its dependencies.
cargo install cargo-geiger
- Navigate to the same directory as the Cargo.toml you want to analyze.
Default output format:
Why even care about unsafe Rust usage?
When and why to use unsafe Rust is out of scope for this project, it is simply a tool that provides information to aid auditing and hopefully to guide dependency selection. It is however the opinion of the author of this project that libraries choosing to abstain from unsafe Rust usage when possible should be promoted.
This project is an attempt to create pressure against unnecessary usage of unsafe Rust in public Rust libraries.
Why the name?
Unsafe Rust and ionizing radiation have something in common, they are both inevitable in some situations and both should preferably be safely contained!
- Unsafe code inside macros are not detected. Needs macro expansion(?).
- Unsafe code generated by
build.rsare probably not detected.
- Error handling is missing for the most part and there are plenty of panics lurking.
- Proper logging should be sorted out.
- Command line flags needs some more review and refactoring for this project.
- Will continue on syn parse errors. Needs a new command line flag and should default to exit on errors(?).
- Could probably benefit from parallelization. One
.rsfile per core should be parsed at all times.
- More on the github issue tracker.
- Refactoring and general cleanup.
- Proper error handling using Result.
- An optional whitelist file at the root crate level to specify crates that are trusted to use unsafe (should only have an effect if placed in the root project).
- Additional output formats
- Some bugfixes related to cargo workspace path handling.
- Slightly better error messages in some cases.
rustccalls and reads the
.dfiles generated by
rustcto identify which
.rsfiles are used by the build. This allows a crate that contains
.rsfiles with unsafe code usage to pass as "green" if the unsafe code isn't used by the build.
- Each metric is now printed as
xis the unsafe code used by the build and
yis the total unsafe usage found in the crate.
- Removed the
--compactoutput format to avoid some code complexity. A new and better compact mode can be added later if requested.
- (alexmaco) Table based default output format. Old format still available by
- Initial experimental versions.
- Mostly README.md updates.