From Silence to Security: 102 Days of Building SigilDERG
For a little over three months, this blog has been quiet. Too quiet, some might say, but that doesn't mean the work has stopped. Quite the contrary; it means I decided to put up or shut up. SigilDERG doesn't reward half-measures, and quite frankly, neither do I. Since June I’ve been neck-deep in a side-arm of the project: the rust-crate-pipeline (as it's named on PyPI). This is the dataset builder, the tool that will help me analyze over 550 Rust crates from the live Rust ecosystem, run them through extensive cargo checks looking for unsafe code patterns, security issues, reading documentation, and so on. The idea is to gather as much information as humanly possible. I fed it over three hundred in Google Cloud credits, a hundred in Azure, and every local cycle I could squeeze from my poor HP Omen. By July, the resources were gone and the project was close to stalling. That was when the Lambda AI grant came through. One thousand dollars that turned near failure i...