{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreibgmgoenzhov7zi523gsgt3y3t37etggyl7g5gtnguydj2uoe7fxy",
    "uri": "at://did:plc:ivbknywyskln22er3nkssdhl/app.bsky.feed.post/3mkdadflswtj2"
  },
  "path": "/t/easily-inspect-dependencies/24200#post_5",
  "publishedAt": "2026-04-25T13:59:23.000Z",
  "site": "https://internals.rust-lang.org",
  "tags": [
    "https://docs.rs"
  ],
  "textContent": "Unfortunately, crates can run arbitrary code at build time, and IDEs can easily trigger a `cargo check` or LSP that builds and runs procedural macros.\n\nThis creates a risk of running the potentially-malicious code before you finish reviewing it.\n\nCurrently the easiest safe official method is to view code at https://docs.rs - there's a link in the dropdown to a source code view that shows files from the tarball.",
  "title": "Easily inspect dependencies"
}