logo

Rust open source code reviews

Cryptographically verifiable, distributed dependency reviews

CREV is a scalable, social, distributed Code REView and recommendation system that we desperately need for establishing trust in Open Source code.

Cargo-crev is a cryptographically verifiable code review system for the cargo (Rust) package manager.

Summary of public crev reviews:

Full column names in tooltip hints: unique crates count, unique reviewers count, reviews count, rating Strong, rating Positive, rating Neutral, rating Negative, rating None, alternatives, issues, advisories.

cra
rer
rev
Str
Pos
Neu
Neg
Non
alt
iss
adv
714
69
1270
116
787
134
151
82
115
48
81

Crev Vision

Crev is a scalable, social, distributed Code REView and recommendation system that we desperately need for establishing trust in Open Source code.
At its core Crev defines a simple, human-readable data format to communicate trust in code (results of code review) and people (reputation).

cargo-crev

Cargo-crev is a cryptographically verifiable code review system for the cargo (Rust) package manager.

It is open source on GitHub: https://github.com/crev-dev/cargo-crev

It is a CLI program that is installed and runs locally on the developer computer.

Read the Getting Started Guide

It is recommended to always verify the trustworthiness of each of the dependencies in your Rust project.

There can be hundreds of transient dependencies. Do you trust them all?

Simply run $ cargo crev verify in your Rust project folder.

Find out what other developers have to say about a crate. And especially a specific version of a crate.

There can be advisories or issues or better alternatives. Or maybe it is the best crate version so far.

Write your review of a crate you trust and help other developers to trust that crate.

rust-reviews

This web page Rust code reviews is built to enable all developers to view crev reviews fast and effortlessly.
There is no installation, initialization, authentication or learning needed. It is just a simple web page.
The main goal is to simply show the list of reviews for a crate.
Other functionality is secondary and will be gradually upgraded.
Use the links to lib.rs, crates.io and other websites for additional information.
And use the locally installed cargo-crev for your work, verify your dependency and write code reviews.
Try it!

badges badge

Include a badge to your crate readme.md to show the count of crev reviews.
The more reviews the crate has, more trusted it should be.
It is also a link to your crate reviews here on Rust code reviews.
Markdown code (Click to Copy):

[![crev reviews](https://web.crev.dev/rust-reviews/badge/crev_count/reader_for_microxml.svg)](https://web.crev.dev/rust-reviews/crate/reader_for_microxml/)

See example here: https://github.com/LucianoBestia/reader_for_microxml/

web of trust

This webpage shows all reviews from all developers.
But do you personally trust all developers?
New crev reviews can be written by anybody and published publicly on GitHub.
From there they are available to all.
We need a system to trust this persons to trust their reviews.
cargo-crev has a list of trusted persons.
But we personally only know a limited number of trusted persons.
To make this circle bigger we need more people to trust.
When we trust somebody for reviews, we usually also trust their choices to trust other people.
So we can transiently trust also them. A little less, but still trust them.
This is an important part of the web of trust.
It is common in every day life that the friends of our friends are probably also our friends.
This can be configured in your local personal cargo-crev CLI program.

CREV - Rust code reviews - Raise awareness

Add this text to your project's readme.md (Click-to-Copy):

other links and references

Rust Zürisee, April: cargo crev and cargo audit 1,219 views•May 1, 2020

See https://github.com/crev-dev/cargo-crev/wiki/Howto:-Create-Review-Proofs wiki page for more information

and Frequently Asked Questions, or join https://gitter.im/dpc/crev discussion channel.

VSCode extension "crates" will open the Rust review page: https://github.com/serayuzgur/crates

colors

You can easily change colors of this webpage with Chrome extension User Css:

https://chrome.google.com/webstore/detail/user-css/okpjlejfhacmgjkmknjhadmkdbcldfcb

While you change the css, it automatically refreshes the webpage with new colors. Cool.

And then you can save it per website. Great.

Copy and paste this css variables and then change their values (Click-to-Copy):

© Luciano Bestia 2021, MIT Licence, Version: 2020.913.1245

Open source repository for this web app: https://github.com/LucianoBestia/cargo_crev_web/