I read your article "Backdooring Rust crates for fun and profit" today which said:

While it’s possible to audit the code of a crate on https://docs.rs on clicking on a [src] button, it turns that I couldn’t find a way to inspect build.rs files. Thus, combined with a malicious update, it’s the almost perfect backdoor.

There is a way to view build.rs files, you just have to use docs.rs' source view on /crate instead of rustdoc's. e.g. for boring-sys you can see the build.rs on https://docs.rs/crate/boring-sys/1.1.1/source/build.rs.

Fixed, Thank you very much 🙏