Rust Foundation’s 2025 Technology Report Showcases Year of Rust Security Advancements, Ecosystem Resilience, & Strategic Partnerships

DOVER, DELAWARE, JULY 31, 2025 — The Rust Foundation has published its latest Technology Report, detailing an important year for the organization’s technical efforts supporting the Rust programming language and ecosystem. Spanning activity from Q3 2024 to Q3 2025, this latest report underscores the Foundation’s focused work on securing the Rust supply chain, improving critical infrastructure, advancing Rust’s readiness for safety-critical use, driving interoperability with C++, and more.

The 2025 edition is the Foundation’s second comprehensive annual technology report and comes on the heels of the 10th anniversary of Rust’s first stable release.

“While we’re only partially through it, 2025 has been a pivotal year for the Rust Foundation,” said Dr. Rebecca Rumbul, Executive Director & CEO of the Rust Foundation. “The rise of Artificial Intelligence, increasing costs and complexity of cloud compute, and global regulatory changes alone have posed novel challenges […] yet, I am filled with pride for how we have continued to deepen our support for the Rust Project, prioritizing security, scalable stewardship, resilience, industry networking opportunities, and community trust.”

Highlights from this year’s Technology Report include:

• Trusted Publishing fully launched on crates.io, enhancing supply chain security and streamlining workflows for maintainers.
• Major progress on crate signing infrastructure using The Update Framework (TUF), including three full repository implementations and stakeholder consensus.
• Integration of the Ferrocene Language Specification (FLS) into the Rust Project, marking a critical step toward a formal Rust language specification.
• 75% reduction in CI infrastructure costs while maintaining contributor workflow stability.
• Expansion of the Safety-Critical Rust Consortium, with multiple international meetings and advances on coding guidelines aligned with safety standards like MISRA.
• Direct engagement with ISO C++ standards bodies and collaborative Rust-C++ exploration.

“The Rust Foundation’s Technology Team is committed to ensuring Rust remains secure, reliable, and ready for the challenges and inevitable shifts over the coming years,” said Joel Marcey, the Foundation’s Director of Technology. “This report reflects the steady, collaborative efforts required to keep Rust robust, secure, and ready for the demands of modern software development.”

The Rust Foundation’s Technology Team includes technical specialists in areas like infrastructure, security, interoperability, and ecosystem safety. Their work over the past year spanned direct development on crates.io, maintenance of critical infrastructure, publication of security analysis tools, and extensive collaboration with members of the Rust Project and the broader community.

Security and Sustainability

Thanks to continued funding from OpenSSF’s Alpha-Omega Project and generous infrastructure donations from organizations like AWS, GitHub, and Mullvad VPN, the Foundation’s Security Initiative made key advances in 2025:

• Trusted Publishing now includes GitHub Secret Scanning, automated incident response, and an improved publishing pipeline.
• The team completed multiple test implementations of TUF-based crate signing and is preparing for full ecosystem rollout.
• A Rust-specific version of Capslock capability analysis tooling entered active planning.
• Vulnerability surfacing capabilities began integration into crates.io.

This work helps ensure Rust can remain resilient in the face of increasing global security threats and maintain its reputation as a dependable, memory-safe foundation for critical systems.

Preparing Rust for Safety-Critical Environments

The Safety-Critical Rust Consortium grew substantially in 2025, with in-person meetings held in Montreal, London, and Utrecht. The consortium is developing practical coding guidelines, aligned tooling, and reference materials to support regulated industries—including automotive, aerospace, and medical devices—adopting Rust.

Enhancing Interoperability and Infrastructure

Through its Rust-C++ Interoperability Initiative, the Foundation finalized its strategic roadmap, participated in ISO WG21 meetings, and initiated cross-language tooling and documentation planning. These efforts aim to unlock Rust adoption across legacy C++ environments without sacrificing safety.

On the infrastructure front, the Foundation achieved a 75% reduction in CI operational costs by optimizing workflows and shifting to cost-effective CI runners. All Rust repositories are now managed through Infrastructure-as-Code, improving maintainability and security.

Investing in the Future of Rust

The report also recognizes the Rust Foundation’s role in driving long-term sustainability for the Rust ecosystem. Through support for the Ferrocene Language Specification and efforts to publish an official Rust Language Specification, the Foundation is laying the groundwork for broader safety certification and formal tooling.

“Everything in this report points toward one goal: ensuring Rust remains secure, scalable, and developer-friendly for the long term,” said Marcey. “We’re proud of the progress we’ve made—and excited for what comes next.”

To learn more about supporting the Rust Foundation’s technical work, visit rustfoundation.org/get-involved or reach out to contact@rustfoundation.org.

About the Rust Foundation

The Rust Foundation is an independent nonprofit dedicated to the safety, security, sustainability, and health of the Rust Programming language and the people who use it. Through close partnerships with organizations passionate about Rust and the growing Rust Project and community, the Rust Foundation is helping forge a better open source future with Rust.Visit the Rust Foundation website to learn more. Follow the Rust Foundation on Mastodon, Bluesky, and LinkedIn.