Open source code needs a community effort to express trustworthiness.
Crev is a scalable, social, Code REView and recommendation system that we desperately need for establishing trust in Open Source code.
cargo-crev is a cryptographically verifiable code review system for the cargo (Rust) package manager.
Start with reading the reviews of the many crates you use.
900+ reviews for 500+ crates.
Example: web.crev.dev/rust-reviews/crate/num-traits/
Help us Raise awareness about "Rust code reviews".
I'm curious, how are the proof repositories discovered? I mean, were all the people listed on this site (and probably on lib.rs too) added there manually, or there is some kind of automation?
Basically, it should probably work the same way regular crev proof discovery works.
If someone you know of lists a proof repo as known, then you know of it. (Web of trust!) And there's the additional channel of who's forked the template proof repo on GitHub.
The local cargo-crev CLI has only the authors you trust. Use it for your projects.
On the global webpage for Rust-reviews I show all the reviews I can get. Also of people you don't trust. So be careful.
I will remove authors if I receive complaints that they are abusing the system.
Some older repositories are not compatible with the new format and cannot use them. I think the authors could update cargo-crev and migrate their reviews to the new format.
I added some background to the Ratings, to separate them from other data in the grid. And I had to add also "None" for reviews without Ratings. SO the acronym now is S-P-E-N-0 for Strong-Positive-Neutral-Negative-None.