[Pkg-rust-maintainers] What if a software written in Rust is not in crates.io?
Emanuel Loos
mail at mailing-lists.emanuel-loos.eu
Thu Feb 24 16:43:03 GMT 2022
Hello,
I am worried about decentralization, but it could be that I just
misunderstand something.
I believe Debian has its own infrastructure (like salsa.debian.org
instead of relying on eg. GitHub) for good reasons. This makes Debian
more independent and more secure, since it minimizes the need to trust
third-parties.
To me crates.io seems like a central repository at which Rust software
is indexed and it seems not to be hosted by the Debian project. To log
in one has to use GitHub. It is not clear to me if the server-side
source code is free software but it does not seem to be.
To me this seems quite problematic. I could not find documentation on
how to package software written in Rust without using crates.io which
worries me.
I hope this is the right place for this topic.
Best regards
Emanuel Loos
More information about the Pkg-rust-maintainers
mailing list