This looks like a really nice feature to see what goes into Rust binaries.
This post says that it is experimental, but does not say where it is used.
On my Ubuntu VM, it works with bat like the example shows, but does not work with the new Rust "ls":
ubuntu@resolute:~$ cargo audit bin /usr/bin/ls
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 1107 security advisories (from /home/ubuntu/.cargo/advisory-db)
Updating crates.io index
error: No dependency information found in /usr/bin/ls! Is it a Rust program built with cargo?
error: parse error: No dependency information found! Is this a Rust executable built with cargo?
ubuntu@resolute:~$ ls -lah /usr/bin/ls
lrwxrwxrwx 1 root root 29 Mar 30 16:50 /usr/bin/ls -> ../lib/cargo/bin/coreutils/ls
ubuntu@resolute:~$
Still, this is a nice feature to have.
petrakat•39m ago
(Disclosure: I work at Canonical and wrote the cargo-auditable support.)
The cargo-auditable support is specifically to make it easy to turn on cargo-auditable for Rust packages built using dh-cargo. Most packages use dh-cargo, but not rust-coreutils, so we would have to manually wire it up.
thesuperbigfrog•58m ago
This post says that it is experimental, but does not say where it is used.
On my Ubuntu VM, it works with bat like the example shows, but does not work with the new Rust "ls":
Still, this is a nice feature to have.petrakat•39m ago
Good catch. The list of binaries is on the 26.04 release notes if you are curious: https://documentation.ubuntu.com/release-notes/26.04/changes...
The cargo-auditable support is specifically to make it easy to turn on cargo-auditable for Rust packages built using dh-cargo. Most packages use dh-cargo, but not rust-coreutils, so we would have to manually wire it up.