unsafe-budget
keeps the unsafety demons out
an unsafe code budget gate for ci pipelines. tracks unsafe code usage in rust and go projects and fails ci when the budget is exceeded.
quick start
# install
# scan current project (auto-detects language)
# establish baseline
# check against baseline (fails if budget exceeded)
github actions can also run via the pre-built binary action:
- uses: cyberwitchery/unsafe-budget@v1
with:
mode: check
features
- multi-language: rust (rustc lint, cargo-geiger) and go (go-geiger)
- sarif support: emit SARIF 2.1.0 for github code scanning, or ingest SARIF from any tool
- auto-detection: detects project type from
Cargo.tomlorgo.mod - two modes: ratchet (baseline comparison) or caps (explicit limits)
- plugin system: extend with custom analyzers via
unsafe-budget-plugin-*executables - ci-friendly: deterministic output, json/sarif format, meaningful exit codes
usage
works both standalone and as a cargo subcommand:
# standalone
# cargo plugin
commands
| command | description |
|---|---|
scan |
run analyzers and print results |
check |
compare to baseline, exit 2 on violation |
update |
write/update baseline from current scan |
plugins |
list available analyzers |
flags
exit codes
| code | meaning |
|---|---|
| 0 | success (or check passed) |
| 1 | runtime error |
| 2 | budget violation |
configuration
create unsafe-budget.toml:
= "ratchet" # or "caps"
= true
= ["test_crate"]
[]
= 100
[]
= 10
[]
= 0.8
built-in analyzers
| id | language | backend |
|---|---|---|
rustc_unsafe_lint |
rust | cargo check -Wunsafe_code |
cargo_geiger |
rust | cargo-geiger |
go_geiger |
go | go-geiger |
sarif |
any | reads .sarif files |
library usage
use ;
use ScanOpts;
use budget;
let opts = default;
let analyzer = detect_analyzer;
let result = analyzer.run?;
println!;
documentation
license
MIT