[zapps-wg] Version of Rust
Peter Todd
pete at petertodd.org
Thu Nov 16 19:45:14 EST 2017
On Thu, Nov 16, 2017 at 01:59:53PM -0700, Sean Bowe via zapps-wg wrote:
> I think it is the current version (1.21). I imagine it would be
> possible to modify the code (and many of the dependencies) so that it
> could compile on a really old version too.
Also, if someone does manage to do this, I have a OpenTimestamps Git timestamp(1)
on Rust crates.io crate registry:
https://github.com/petertodd/crates.io-index/commit/763a730f2275d69eb13ee8b212fc9aa0d6fe92b5
Secondly the Internet Archive contains quite a bit of uploaded software, such
as Debian install images, and via my Internet Archive timestamp project we have
timestamps from May this year for most of that:
https://petertodd.org/2017/carbon-dating-the-internet-archive-with-opentimestamps
While these timestamps would be only one part of an argument as to why a given
compile wasn't backdoored, I think it's worth using cryptographically
timestamped dependencies over non-timestamped ones when possible.
1) https://petertodd.org/2016/opentimestamps-git-integration
--
https://petertodd.org 'peter'[:-1]@petertodd.org
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: </pipermail/zapps-wg/attachments/20171116/35455d1e/attachment.sig>
More information about the zapps-wg
mailing list