This sounds like it’s fulfilling the same use case as cargo-crev. Are there fundamental architectural differences between the two tools? Will “reviews” from one cross-pollinate to the other?
The linked page proposes some good ideas for how to make the audit process simpler. Especially “deferred audits”. I just wonder why these ideas are implemented in a new crate instead of being upstreamed to cargo-crev.
AFAIU, the focus is on having your own source of trusted audits in tree and not rely on a public database like cargo-crev. But I need to admit that my understanding of both approaches is quite limited.
This sounds like it’s fulfilling the same use case as cargo-crev. Are there fundamental architectural differences between the two tools? Will “reviews” from one cross-pollinate to the other?
The linked page proposes some good ideas for how to make the audit process simpler. Especially “deferred audits”. I just wonder why these ideas are implemented in a new crate instead of being upstreamed to cargo-crev.
AFAIU, the focus is on having your own source of trusted audits in tree and not rely on a public database like cargo-crev. But I need to admit that my understanding of both approaches is quite limited.