FICHA · MANJARO

cargo-supply-chain

Gather author, contributor and publisher data on crates in your dependency graph

  • tool
  • CLI
  • SECURITY
  • SUPPLY-CHAIN
  • Launchable
  • Runs in terminal
official+codex · reviewed · May 27, 2026 description in en

Description

Gathers author, contributor, and publisher data for crates in a Rust dependency graph. It helps teams understand supply-chain relationships and identify unusual ownership or publishing patterns.

Use it during dependency trust review or risk assessment. Identity metadata is only one signal, so combine it with code review, advisories, and maintenance history.

How to run

cargo supply-chain

Commands: cargo supply-chain

Permissions

Permissions not analysed for this source yet.