Decision Workspace
hipcheck vs uv-sbom vs cargo-auditable
Side-by-side comparison of Rust crates
46
hipcheck
growingv3.7.0
Automatically assess and score software packages for supply chain risk.
58
uv-sbom
experimentalv2.4.0
SBOM generation tool for uv projects - Generate CycloneDX SBOMs from uv.lock files
52
cargo-auditable
growingv0.7.4
Make production Rust binaries auditable
Core Metrics
| hipcheck | uv-sbom | cargo-auditable | |
|---|---|---|---|
| Health Score | 46 | 58 | 52 |
| Total Downloads | 12.8K | 174 | 705.7K |
| 30d Downloads | 0 | 0 | 46.8K |
| Dependents | 0 | 0 | 0 |
| Releases | 12 | 12 | 24 |
| Last Updated | 592d ago | 4d ago | 82d ago |
| Age | 2y | 4m | 3y 9m |
Health Breakdown
hipcheck
Maintenance
7
Quality
17
Community
7
Popularity
5
Documentation
10
uv-sbom
Maintenance
23
Quality
13
Community
6
Popularity
3
Documentation
13
cargo-auditable
Maintenance
14
Quality
13
Community
8
Popularity
7
Documentation
10
Technical Details
| hipcheck | uv-sbom | cargo-auditable | |
|---|---|---|---|
| Version | 3.7.0 | 2.4.0 | 0.7.4 |
| Stable (≥1.0) | ✓ Yes | ✓ Yes | ✗ No |
| License | Apache-2.0 | MIT | MIT OR Apache-2.0 |
| Dependencies | 80 | 20 | 11 |
| Crate Size | 199KB | 286KB | 35KB |
| Features | 2 | 0 | 0 |
| Yanked % | 0.0% | 0.0% | 0.0% |
| Edition | 2021 | 2021 | 2021 |
| MSRV | — | — | — |
| Owners | 2 | 1 | 2 |
Links
Quick Verdict
- •uv-sbom leads with a health score of 58/100, but none of the options score above 80.
- •cargo-auditable has the most downloads (705.7K), suggesting wider adoption.
- •⚠ hipcheck has not been updated in over a year.
- •cargo-auditable is pre-1.0 — API may change.