BOMnipotent v0.4.1 switches server frameworks
It now uses xitca-web under the hood, and also brings some functionality to make your life easier.
Until now, BOMnipotent has been built on the actix-web server framework for Rust. But with the project nearing maturity, I decided it was time to formally evaluate alternatives – especially with the recent release of Secure Sum by AUNOVIS , which scans repositories for their security posture.
It turns out that in 2025, actix is still good – but perhaps no longer optimal.
After some testing, I’ve chosen to migrate to xitca-web . The name is “actix” spelled backwards—but that’s where the similarities mostly end.
The xitca-web framework enforces strict typing, fully embraces async, and avoids unsafe code entirely. The trade-off? It can be a bit more work to get things compiling. But once they do, the result is typically safer and faster.
This migration is a big step forward for BOMnipotent itself. As the product matures, it now stands on a stronger, safer foundation, ready to host your supply chain security data.