Introducing Cackle, a tool designed to help prevent supply-chain attacks in the Rust ecosystem. The tool works by checking the APIs used by crates in your dependency tree and ensuring they are restricted to only the necessary permissions. Cackle can be configured through a cackle.toml file and includes a built-in terminal UI for easy configuration. It also offers suggestions for fixing problems and allows you to view details about packages and their API usage. While Cackle cannot eliminate all attacks, it aims to make it significantly more difficult for attackers to introduce malicious code into your dependencies without detection.
https://davidlattimore.github.io/making-supply-chain-attacks-harder.html