# Install cargo-audit

Audit Cargo.lock files for crates with security vulnerabilities. Version 0.22.2 via Homebrew; verified 2026-06-05.

## Install

```sh
sudo av install brew:cargo-audit
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install cargo-audit
```

  Evidence: local Homebrew formula metadata

### Linux

- apk (92%):

```sh
sudo apk add cargo-audit
```

  Evidence: Alpine Linux edge package indexes: cargo-audit from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

- Nix (92%):

```sh
nix profile install nixpkgs#cargo-audit
```

  Evidence: nixpkgs package indexes: pkgs/by-name/ca/cargo-audit/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

- pacman (92%):

```sh
sudo pacman -S cargo-audit
```

  Evidence: Arch Linux sync databases: cargo-audit from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz

- zypper (92%):

```sh
sudo zypper install cargo-audit
```

  Evidence: openSUSE Tumbleweed package metadata: cargo-audit from https://download.opensuse.org/tumbleweed/repo/oss/repodata/155b97171d05e27afd950b6fe0d55513ff38f4597110664535bceedc680bbe6fd459f0733718dcc21dcf0efc7c8250fd1390c73d4790b42e62fb2c16a87242e5-primary.xml.zst

## Package Facts

- **Package key:** brew:cargo-audit
- **Package manager:** Homebrew
- **Package manager URL:** <https://formulae.brew.sh/formula/cargo-audit>
- **Version:** 0.22.2
- **Source summary:** Audit Cargo.lock files for crates with security vulnerabilities
- **Homepage:** <https://rustsec.org/>
- **Repository:** <https://github.com/rustsec/rustsec>
- **Upstream docs:** <https://github.com/rustsec/rustsec/tree/main/cargo-audit#readme>
- **License:** Apache-2.0 OR MIT
- **Source archive:** <https://github.com/rustsec/rustsec/archive/refs/tags/cargo-audit/v0.22.2.tar.gz>
- **Last updated:** 2026-06-05T15:11:00Z
- **Generated:** 2026-06-10T07:18:26+00:00

## Executables

- cargo-audit (cli)
- cargo-audit (alias)

## Build Dependencies

- rust

## Install Behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-06-10
- Package-manager version: 0.22.2
- Package-manager updated: 2026-06-05
- Local data status: ok
- Upstream repository: https://github.com/rustsec/rustsec
- Upstream latest detected: cargo-audit/v0.22.2 (current)

## Sicherheitshinweise

narrow executable package without higher-risk signals.

- **Geiger risk:** green / low
- narrow executable package without higher-risk signals

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** cargo-audit
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Nix - cargo-audit: normalized package name match | nixpkgs package indexes: pkgs/by-name/ca/cargo-audit/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- apk - cargo-audit - 0.22.1-r0: normalized package name match | Alpine Linux edge package indexes: cargo-audit from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | Audit Cargo.lock for crates with security vulnerabilities | https://github.com/RustSec/rustsec
- apk - cargo-audit-doc - 0.22.1-r0: normalized package name match | Alpine Linux edge package indexes: cargo-audit-doc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | Audit Cargo.lock for crates with security vulnerabilities (documentation) | https://github.com/RustSec/rustsec
- pacman - cargo-audit - 0.22.1-3: normalized package name match | Arch Linux sync databases: cargo-audit from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz | Audit Cargo.lock for crates with security vulnerabilities | https://github.com/RustSec/cargo-audit
- zypper - cargo-audit - 0.22.1~git0.efcde93-2.4: normalized package name match | openSUSE Tumbleweed package metadata: cargo-audit from https://download.opensuse.org/tumbleweed/repo/oss/repodata/155b97171d05e27afd950b6fe0d55513ff38f4597110664535bceedc680bbe6fd459f0733718dcc21dcf0efc7c8250fd1390c73d4790b42e62fb2c16a87242e5-primary.xml.zst | Audit rust sources for known security vulnerabilities | https://github.com/RustSec/cargo-audit


## Related Links

- [Package publisher tools](https://www.automicvault.com/de/pkg/package-publishers/) - Belongs to a package publishing or registry command family.
- [Terminal utility packages](https://www.automicvault.com/de/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Language runtime packages](https://www.automicvault.com/de/pkg/language-runtime-packages/) - Matched language runtime, compiler, or interpreter metadata.
- [Networking and protocol packages](https://www.automicvault.com/de/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [rust](https://www.automicvault.com/de/pkg/brew/rust/) - Build dependency declared by Homebrew.
- [syft](https://www.automicvault.com/de/pkg/brew/syft/) - Shares av.db curated category or tags: cli, security, software-supply-chain.
- [phylum-cli](https://www.automicvault.com/de/pkg/brew/phylum-cli/) - Shares av.db curated category or tags: cli, security, software-supply-chain.
- [cdxgen](https://www.automicvault.com/de/pkg/brew/cdxgen/) - Shares av.db curated category or tags: cli, security, software-supply-chain.
- [chainloop-cli](https://www.automicvault.com/de/pkg/brew/chainloop-cli/) - Shares av.db curated category or tags: cli, security, software-supply-chain.
- [scorecard](https://www.automicvault.com/de/pkg/brew/scorecard/) - Shares av.db curated category or tags: cli, security, software-supply-chain.
- [cargo-deny](https://www.automicvault.com/de/pkg/brew/cargo-deny/) - Shares av.db curated category or tags: cargo, cli, rust, security.
- [sbom-tool](https://www.automicvault.com/de/pkg/brew/sbom-tool/) - Shares av.db curated category or tags: cli, security, software-supply-chain.
- [cyclonedx-python](https://www.automicvault.com/de/pkg/brew/cyclonedx-python/) - Shares av.db curated category or tags: cli, security, software-supply-chain.
- [cargo-cyclonedx](https://www.automicvault.com/de/pkg/brew/cargo-cyclonedx/) - Both packages touch the same language runtime or ecosystem. Shared terms: cargo, chain, cli, rust, security.
- [cargo-geiger](https://www.automicvault.com/de/pkg/brew/cargo-geiger/) - Both packages touch the same language runtime or ecosystem. Shared terms: cargo, cli, rust, security.

## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph