mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-23 04:41:11 +00:00
7cdbac8ef2
This gives a big speed improvement on aarch64: https://github.com/RustCrypto/hashes/pull/490#issue-1757989147 Differential Revision: https://phabricator.services.mozilla.com/D229400
1815 lines
51 KiB
Plaintext
1815 lines
51 KiB
Plaintext
|
|
# cargo-vet imports lock
|
|
|
|
[[unpublished.allocator-api2]]
|
|
version = "0.2.999"
|
|
audited_as = "0.2.18"
|
|
|
|
[[publisher.aho-corasick]]
|
|
version = "1.1.0"
|
|
when = "2023-09-18"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.anstyle]]
|
|
version = "1.0.8"
|
|
when = "2024-07-25"
|
|
user-id = 6743
|
|
user-login = "epage"
|
|
user-name = "Ed Page"
|
|
|
|
[[publisher.arbitrary]]
|
|
version = "1.3.2"
|
|
when = "2023-10-30"
|
|
user-id = 696
|
|
user-login = "fitzgen"
|
|
user-name = "Nick Fitzgerald"
|
|
|
|
[[publisher.async-trait]]
|
|
version = "0.1.68"
|
|
when = "2023-03-24"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.atomic]]
|
|
version = "0.4.6"
|
|
when = "2020-07-05"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.audio_thread_priority]]
|
|
version = "0.32.0"
|
|
when = "2024-03-14"
|
|
user-id = 1258
|
|
user-login = "padenot"
|
|
user-name = "Paul Adenot"
|
|
|
|
[[publisher.authenticator]]
|
|
version = "0.4.1"
|
|
when = "2024-09-25"
|
|
user-id = 175410
|
|
user-login = "jschanck"
|
|
user-name = "John Schanck"
|
|
|
|
[[publisher.bhttp]]
|
|
version = "0.3.1"
|
|
when = "2023-02-23"
|
|
user-id = 128763
|
|
user-login = "martinthomson"
|
|
user-name = "Martin Thomson"
|
|
|
|
[[publisher.breakpad-symbols]]
|
|
version = "0.22.1"
|
|
when = "2024-09-05"
|
|
user-id = 72814
|
|
user-login = "gabrielesvelto"
|
|
user-name = "Gabriele Svelto"
|
|
|
|
[[publisher.bumpalo]]
|
|
version = "3.15.4"
|
|
when = "2024-03-07"
|
|
user-id = 696
|
|
user-login = "fitzgen"
|
|
user-name = "Nick Fitzgerald"
|
|
|
|
[[publisher.byteorder]]
|
|
version = "1.5.0"
|
|
when = "2023-10-06"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.bytes]]
|
|
version = "1.4.0"
|
|
when = "2023-01-31"
|
|
user-id = 6741
|
|
user-login = "Darksonn"
|
|
user-name = "Alice Ryhl"
|
|
|
|
[[publisher.cachemap2]]
|
|
version = "0.3.0"
|
|
when = "2024-01-19"
|
|
user-id = 106639
|
|
user-login = "afranchuk"
|
|
user-name = "Alex Franchuk"
|
|
|
|
[[publisher.cc]]
|
|
version = "1.0.89"
|
|
when = "2024-03-04"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.cexpr]]
|
|
version = "0.6.0"
|
|
when = "2021-10-11"
|
|
user-id = 3788
|
|
user-login = "emilio"
|
|
user-name = "Emilio Cobos Álvarez"
|
|
|
|
[[publisher.clap]]
|
|
version = "4.5.16"
|
|
when = "2024-08-15"
|
|
user-id = 6743
|
|
user-login = "epage"
|
|
user-name = "Ed Page"
|
|
|
|
[[publisher.clap_derive]]
|
|
version = "4.5.13"
|
|
when = "2024-07-31"
|
|
user-id = 6743
|
|
user-login = "epage"
|
|
user-name = "Ed Page"
|
|
|
|
[[publisher.clap_lex]]
|
|
version = "0.7.2"
|
|
when = "2024-07-25"
|
|
user-id = 6743
|
|
user-login = "epage"
|
|
user-name = "Ed Page"
|
|
|
|
[[publisher.clubcard]]
|
|
version = "0.3.2"
|
|
when = "2024-10-08"
|
|
user-id = 175410
|
|
user-login = "jschanck"
|
|
user-name = "John Schanck"
|
|
|
|
[[publisher.clubcard-crlite]]
|
|
version = "0.3.0"
|
|
when = "2024-10-14"
|
|
user-id = 175410
|
|
user-login = "jschanck"
|
|
user-name = "John Schanck"
|
|
|
|
[[publisher.core-foundation]]
|
|
version = "0.9.3"
|
|
when = "2022-02-07"
|
|
user-id = 5946
|
|
user-login = "jrmuizel"
|
|
user-name = "Jeff Muizelaar"
|
|
|
|
[[publisher.core-foundation-sys]]
|
|
version = "0.8.4"
|
|
when = "2023-04-03"
|
|
user-id = 5946
|
|
user-login = "jrmuizel"
|
|
user-name = "Jeff Muizelaar"
|
|
|
|
[[publisher.core-graphics]]
|
|
version = "0.22.3"
|
|
when = "2021-11-02"
|
|
user-id = 5946
|
|
user-login = "jrmuizel"
|
|
user-name = "Jeff Muizelaar"
|
|
|
|
[[publisher.core-graphics-types]]
|
|
version = "0.1.1"
|
|
when = "2020-09-15"
|
|
user-id = 2396
|
|
user-login = "jdm"
|
|
user-name = "Josh Matthews"
|
|
|
|
[[publisher.core-text]]
|
|
version = "19.2.0"
|
|
when = "2021-02-14"
|
|
user-id = 5946
|
|
user-login = "jrmuizel"
|
|
user-name = "Jeff Muizelaar"
|
|
|
|
[[publisher.derive_arbitrary]]
|
|
version = "1.3.2"
|
|
when = "2023-10-30"
|
|
user-id = 696
|
|
user-login = "fitzgen"
|
|
user-name = "Nick Fitzgerald"
|
|
|
|
[[publisher.dogear]]
|
|
version = "0.4.0"
|
|
when = "2019-09-16"
|
|
user-id = 27901
|
|
user-login = "linabutler"
|
|
user-name = "Lina Butler"
|
|
|
|
[[publisher.dtoa]]
|
|
version = "0.4.8"
|
|
when = "2021-03-29"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.encoding_rs]]
|
|
version = "0.8.35"
|
|
when = "2024-10-24"
|
|
user-id = 4484
|
|
user-login = "hsivonen"
|
|
user-name = "Henri Sivonen"
|
|
|
|
[[publisher.errno]]
|
|
version = "0.3.8"
|
|
when = "2023-11-28"
|
|
user-id = 6825
|
|
user-login = "sunfishcode"
|
|
user-name = "Dan Gohman"
|
|
|
|
[[publisher.etagere]]
|
|
version = "0.2.13"
|
|
when = "2024-06-17"
|
|
user-id = 1281
|
|
user-login = "nical"
|
|
user-name = "Nicolas Silva"
|
|
|
|
[[publisher.euclid]]
|
|
version = "0.22.10"
|
|
when = "2024-05-21"
|
|
user-id = 1281
|
|
user-login = "nical"
|
|
user-name = "Nicolas Silva"
|
|
|
|
[[publisher.flate2]]
|
|
version = "1.0.26"
|
|
when = "2023-04-28"
|
|
user-id = 4333
|
|
user-login = "joshtriplett"
|
|
user-name = "Josh Triplett"
|
|
|
|
[[publisher.framehop]]
|
|
version = "0.12.1"
|
|
when = "2024-06-04"
|
|
user-id = 20227
|
|
user-login = "mstange"
|
|
user-name = "Markus Stange"
|
|
|
|
[[publisher.freetype]]
|
|
version = "0.7.0"
|
|
when = "2020-07-14"
|
|
user-id = 2396
|
|
user-login = "jdm"
|
|
user-name = "Josh Matthews"
|
|
|
|
[[publisher.gleam]]
|
|
version = "0.15.0"
|
|
when = "2023-04-21"
|
|
user-id = 5946
|
|
user-login = "jrmuizel"
|
|
user-name = "Jeff Muizelaar"
|
|
|
|
[[publisher.glean]]
|
|
version = "62.0.0"
|
|
when = "2024-11-05"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.glean-core]]
|
|
version = "62.0.0"
|
|
when = "2024-11-05"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.glslopt]]
|
|
version = "0.1.11"
|
|
when = "2024-08-30"
|
|
user-id = 84794
|
|
user-login = "jamienicol"
|
|
user-name = "Jamie Nicol"
|
|
|
|
[[publisher.h2]]
|
|
version = "0.3.22"
|
|
when = "2023-11-15"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.hashbrown]]
|
|
version = "0.14.5"
|
|
when = "2024-04-28"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.headers]]
|
|
version = "0.3.9"
|
|
when = "2023-08-31"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.httparse]]
|
|
version = "1.8.0"
|
|
when = "2022-08-30"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.indexmap]]
|
|
version = "2.2.6"
|
|
when = "2024-03-23"
|
|
user-id = 539
|
|
user-login = "cuviper"
|
|
user-name = "Josh Stone"
|
|
|
|
[[publisher.inherent]]
|
|
version = "1.0.7"
|
|
when = "2023-03-25"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.io-surface]]
|
|
version = "0.15.1"
|
|
when = "2020-06-30"
|
|
user-id = 2396
|
|
user-login = "jdm"
|
|
user-name = "Josh Matthews"
|
|
|
|
[[publisher.iovec]]
|
|
version = "0.1.4"
|
|
when = "2019-10-09"
|
|
user-id = 10
|
|
user-login = "carllerche"
|
|
user-name = "Carl Lerche"
|
|
|
|
[[publisher.itoa]]
|
|
version = "1.0.5"
|
|
when = "2022-12-17"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.jobserver]]
|
|
version = "0.1.25"
|
|
when = "2022-09-23"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.libc]]
|
|
version = "0.2.154"
|
|
when = "2024-04-29"
|
|
user-id = 51017
|
|
user-login = "JohnTitor"
|
|
user-name = "Yuki Okushi"
|
|
|
|
[[publisher.libz-rs-sys]]
|
|
version = "0.2.1"
|
|
when = "2024-07-08"
|
|
user-id = 1303
|
|
user-login = "rnijveld"
|
|
user-name = "Ruben Nijveld"
|
|
|
|
[[publisher.linux-raw-sys]]
|
|
version = "0.4.12"
|
|
when = "2023-11-30"
|
|
user-id = 6825
|
|
user-login = "sunfishcode"
|
|
user-name = "Dan Gohman"
|
|
|
|
[[publisher.lock_api]]
|
|
version = "0.4.9"
|
|
when = "2022-09-20"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.macho-unwind-info]]
|
|
version = "0.4.0"
|
|
when = "2024-01-17"
|
|
user-id = 20227
|
|
user-login = "mstange"
|
|
user-name = "Markus Stange"
|
|
|
|
[[publisher.memchr]]
|
|
version = "2.7.4"
|
|
when = "2024-06-14"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.mime]]
|
|
version = "0.3.16"
|
|
when = "2020-01-07"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.minidump]]
|
|
version = "0.22.1"
|
|
when = "2024-09-05"
|
|
user-id = 72814
|
|
user-login = "gabrielesvelto"
|
|
user-name = "Gabriele Svelto"
|
|
|
|
[[publisher.minidump-common]]
|
|
version = "0.22.1"
|
|
when = "2024-09-05"
|
|
user-id = 72814
|
|
user-login = "gabrielesvelto"
|
|
user-name = "Gabriele Svelto"
|
|
|
|
[[publisher.minidump-unwind]]
|
|
version = "0.22.1"
|
|
when = "2024-09-05"
|
|
user-id = 72814
|
|
user-login = "gabrielesvelto"
|
|
user-name = "Gabriele Svelto"
|
|
|
|
[[publisher.nss-gk-api]]
|
|
version = "0.3.0"
|
|
when = "2023-06-14"
|
|
user-id = 175410
|
|
user-login = "jschanck"
|
|
user-name = "John Schanck"
|
|
|
|
[[publisher.num_cpus]]
|
|
version = "1.16.0"
|
|
when = "2023-06-29"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.ohttp]]
|
|
version = "0.5.1"
|
|
when = "2024-01-10"
|
|
user-id = 128763
|
|
user-login = "martinthomson"
|
|
user-name = "Martin Thomson"
|
|
|
|
[[publisher.ordered-float]]
|
|
version = "3.4.0"
|
|
when = "2022-11-06"
|
|
user-id = 2017
|
|
user-login = "mbrubeck"
|
|
user-name = "Matt Brubeck"
|
|
|
|
[[publisher.parking_lot]]
|
|
version = "0.12.1"
|
|
when = "2022-05-31"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.parking_lot_core]]
|
|
version = "0.9.10"
|
|
when = "2024-04-25"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.paste]]
|
|
version = "1.0.11"
|
|
when = "2022-12-17"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.pe-unwind-info]]
|
|
version = "0.2.3"
|
|
when = "2024-03-04"
|
|
user-id = 106639
|
|
user-login = "afranchuk"
|
|
user-name = "Alex Franchuk"
|
|
|
|
[[publisher.presser]]
|
|
version = "0.3.1"
|
|
when = "2022-10-16"
|
|
user-id = 52553
|
|
user-login = "embark-studios"
|
|
|
|
[[publisher.prio]]
|
|
version = "0.16.2"
|
|
when = "2024-03-19"
|
|
user-id = 213776
|
|
user-login = "divviup-github-automation"
|
|
|
|
[[publisher.proc-macro2]]
|
|
version = "1.0.84"
|
|
when = "2024-05-25"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.qcms]]
|
|
version = "0.3.0"
|
|
when = "2024-01-09"
|
|
user-id = 5946
|
|
user-login = "jrmuizel"
|
|
user-name = "Jeff Muizelaar"
|
|
|
|
[[publisher.quote]]
|
|
version = "1.0.35"
|
|
when = "2024-01-02"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.regex]]
|
|
version = "1.9.4"
|
|
when = "2023-08-26"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.regex-automata]]
|
|
version = "0.3.7"
|
|
when = "2023-08-26"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.regex-syntax]]
|
|
version = "0.7.5"
|
|
when = "2023-08-26"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.rust_cascade]]
|
|
version = "1.5.0"
|
|
when = "2023-04-05"
|
|
user-id = 57462
|
|
user-login = "mozkeeler"
|
|
user-name = "Dana Keeler"
|
|
|
|
[[publisher.rustix]]
|
|
version = "0.38.34"
|
|
when = "2024-04-22"
|
|
user-id = 6825
|
|
user-login = "sunfishcode"
|
|
user-name = "Dan Gohman"
|
|
|
|
[[publisher.ryu]]
|
|
version = "1.0.12"
|
|
when = "2022-12-17"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.same-file]]
|
|
version = "1.0.6"
|
|
when = "2020-01-11"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.scopeguard]]
|
|
version = "1.1.0"
|
|
when = "2020-02-16"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.serde]]
|
|
version = "1.0.214"
|
|
when = "2024-10-28"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.serde_bytes]]
|
|
version = "0.11.9"
|
|
when = "2023-02-05"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.serde_derive]]
|
|
version = "1.0.214"
|
|
when = "2024-10-28"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.serde_json]]
|
|
version = "1.0.116"
|
|
when = "2024-04-16"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.serde_repr]]
|
|
version = "0.1.12"
|
|
when = "2023-03-18"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.serde_yaml]]
|
|
version = "0.8.26"
|
|
when = "2022-07-16"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.smallvec]]
|
|
version = "1.13.1"
|
|
when = "2024-01-19"
|
|
user-id = 2017
|
|
user-login = "mbrubeck"
|
|
user-name = "Matt Brubeck"
|
|
|
|
[[publisher.syn]]
|
|
version = "2.0.87"
|
|
when = "2024-11-02"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.termcolor]]
|
|
version = "1.4.1"
|
|
when = "2024-01-10"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.thiserror]]
|
|
version = "1.0.69"
|
|
when = "2024-11-10"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.thiserror-impl]]
|
|
version = "1.0.69"
|
|
when = "2024-11-10"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.threadbound]]
|
|
version = "0.1.5"
|
|
when = "2022-12-17"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.tokio]]
|
|
version = "1.39.2"
|
|
when = "2024-07-27"
|
|
user-id = 6741
|
|
user-login = "Darksonn"
|
|
user-name = "Alice Ryhl"
|
|
|
|
[[publisher.tokio-macros]]
|
|
version = "2.4.0"
|
|
when = "2024-07-23"
|
|
user-id = 6741
|
|
user-login = "Darksonn"
|
|
user-name = "Alice Ryhl"
|
|
|
|
[[publisher.tokio-util]]
|
|
version = "0.7.2"
|
|
when = "2022-05-15"
|
|
user-id = 6741
|
|
user-login = "Darksonn"
|
|
user-name = "Alice Ryhl"
|
|
|
|
[[publisher.toml]]
|
|
version = "0.5.7"
|
|
when = "2020-10-11"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.unicode-ident]]
|
|
version = "1.0.6"
|
|
when = "2022-12-17"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.unicode-width]]
|
|
version = "0.1.10"
|
|
when = "2022-09-13"
|
|
user-id = 1139
|
|
user-login = "Manishearth"
|
|
user-name = "Manish Goregaokar"
|
|
|
|
[[publisher.unicode-xid]]
|
|
version = "0.2.4"
|
|
when = "2022-09-15"
|
|
user-id = 1139
|
|
user-login = "Manishearth"
|
|
user-name = "Manish Goregaokar"
|
|
|
|
[[publisher.uniffi]]
|
|
version = "0.28.2"
|
|
when = "2024-10-08"
|
|
user-id = 127697
|
|
user-login = "bendk"
|
|
|
|
[[publisher.uniffi_bindgen]]
|
|
version = "0.28.2"
|
|
when = "2024-10-08"
|
|
user-id = 127697
|
|
user-login = "bendk"
|
|
|
|
[[publisher.uniffi_build]]
|
|
version = "0.28.2"
|
|
when = "2024-10-08"
|
|
user-id = 127697
|
|
user-login = "bendk"
|
|
|
|
[[publisher.uniffi_checksum_derive]]
|
|
version = "0.28.2"
|
|
when = "2024-10-08"
|
|
user-id = 127697
|
|
user-login = "bendk"
|
|
|
|
[[publisher.uniffi_core]]
|
|
version = "0.28.2"
|
|
when = "2024-10-08"
|
|
user-id = 127697
|
|
user-login = "bendk"
|
|
|
|
[[publisher.uniffi_macros]]
|
|
version = "0.28.2"
|
|
when = "2024-10-08"
|
|
user-id = 127697
|
|
user-login = "bendk"
|
|
|
|
[[publisher.uniffi_meta]]
|
|
version = "0.28.2"
|
|
when = "2024-10-08"
|
|
user-id = 127697
|
|
user-login = "bendk"
|
|
|
|
[[publisher.uniffi_testing]]
|
|
version = "0.28.2"
|
|
when = "2024-10-08"
|
|
user-id = 127697
|
|
user-login = "bendk"
|
|
|
|
[[publisher.uniffi_udl]]
|
|
version = "0.28.2"
|
|
when = "2024-10-08"
|
|
user-id = 127697
|
|
user-login = "bendk"
|
|
|
|
[[publisher.utf8_iter]]
|
|
version = "1.0.4"
|
|
when = "2023-12-01"
|
|
user-id = 4484
|
|
user-login = "hsivonen"
|
|
user-name = "Henri Sivonen"
|
|
|
|
[[publisher.walkdir]]
|
|
version = "2.3.2"
|
|
when = "2021-03-22"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.warp]]
|
|
version = "0.3.7"
|
|
when = "2024-04-05"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.wasi]]
|
|
version = "0.11.0+wasi-snapshot-preview1"
|
|
when = "2022-01-19"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.wasm-encoder]]
|
|
version = "0.219.1"
|
|
when = "2024-10-10"
|
|
user-id = 73222
|
|
user-login = "wasmtime-publish"
|
|
|
|
[[publisher.wasm-smith]]
|
|
version = "0.219.1"
|
|
when = "2024-10-10"
|
|
user-id = 73222
|
|
user-login = "wasmtime-publish"
|
|
|
|
[[publisher.wasmparser]]
|
|
version = "0.219.1"
|
|
when = "2024-10-10"
|
|
user-id = 73222
|
|
user-login = "wasmtime-publish"
|
|
|
|
[[publisher.wast]]
|
|
version = "219.0.1"
|
|
when = "2024-10-10"
|
|
user-id = 73222
|
|
user-login = "wasmtime-publish"
|
|
|
|
[[publisher.weedle2]]
|
|
version = "5.0.0"
|
|
when = "2024-01-24"
|
|
user-id = 127697
|
|
user-login = "bendk"
|
|
|
|
[[publisher.winapi-util]]
|
|
version = "0.1.5"
|
|
when = "2020-04-20"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.windows]]
|
|
version = "0.58.0"
|
|
when = "2024-07-03"
|
|
user-id = 64539
|
|
user-login = "kennykerr"
|
|
user-name = "Kenny Kerr"
|
|
|
|
[[publisher.windows-core]]
|
|
version = "0.58.0"
|
|
when = "2024-07-03"
|
|
user-id = 64539
|
|
user-login = "kennykerr"
|
|
user-name = "Kenny Kerr"
|
|
|
|
[[publisher.windows-implement]]
|
|
version = "0.58.0"
|
|
when = "2024-07-03"
|
|
user-id = 64539
|
|
user-login = "kennykerr"
|
|
user-name = "Kenny Kerr"
|
|
|
|
[[publisher.windows-interface]]
|
|
version = "0.58.0"
|
|
when = "2024-07-03"
|
|
user-id = 64539
|
|
user-login = "kennykerr"
|
|
user-name = "Kenny Kerr"
|
|
|
|
[[publisher.windows-result]]
|
|
version = "0.2.0"
|
|
when = "2024-07-03"
|
|
user-id = 64539
|
|
user-login = "kennykerr"
|
|
user-name = "Kenny Kerr"
|
|
|
|
[[publisher.windows-strings]]
|
|
version = "0.1.0"
|
|
when = "2024-07-03"
|
|
user-id = 64539
|
|
user-login = "kennykerr"
|
|
user-name = "Kenny Kerr"
|
|
|
|
[[publisher.windows-sys]]
|
|
version = "0.52.0"
|
|
when = "2023-11-15"
|
|
user-id = 64539
|
|
user-login = "kennykerr"
|
|
user-name = "Kenny Kerr"
|
|
|
|
[[publisher.zeitstempel]]
|
|
version = "0.1.1"
|
|
when = "2021-03-18"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.zlib-rs]]
|
|
version = "0.2.1"
|
|
when = "2024-07-08"
|
|
user-id = 1303
|
|
user-login = "rnijveld"
|
|
user-name = "Ruben Nijveld"
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.arbitrary]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696 # Nick Fitzgerald (fitzgen)
|
|
start = "2020-01-14"
|
|
end = "2025-07-30"
|
|
notes = "I am an author of this crate."
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.bumpalo]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696 # Nick Fitzgerald (fitzgen)
|
|
start = "2019-03-16"
|
|
end = "2025-07-30"
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.derive_arbitrary]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696 # Nick Fitzgerald (fitzgen)
|
|
start = "2020-01-14"
|
|
end = "2025-07-30"
|
|
notes = "I am an author of this crate"
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 73222 # wasmtime-publish
|
|
start = "2023-01-01"
|
|
end = "2025-05-08"
|
|
notes = """
|
|
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
|
|
publication of this crate from CI. This repository requires all PRs are reviewed
|
|
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 73222 # wasmtime-publish
|
|
start = "2023-01-01"
|
|
end = "2025-05-08"
|
|
notes = """
|
|
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
|
|
publication of this crate from CI. This repository requires all PRs are reviewed
|
|
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 73222 # wasmtime-publish
|
|
start = "2023-01-01"
|
|
end = "2025-05-08"
|
|
notes = """
|
|
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
|
|
publication of this crate from CI. This repository requires all PRs are reviewed
|
|
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.adler]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.2"
|
|
notes = "This is a small crate which forbids unsafe code and is a straightforward implementation of the adler hashing algorithm."
|
|
|
|
[[audits.bytecode-alliance.audits.ahash]]
|
|
who = "Chris Fallin <chris@cfallin.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.6 -> 0.8.2"
|
|
|
|
[[audits.bytecode-alliance.audits.ahash]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.2 -> 0.8.7"
|
|
notes = """
|
|
Shuffling of features in this update and while there are updates to `unsafe`
|
|
code it's no different than before and the usage remains the same.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.arrayref]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.6"
|
|
notes = """
|
|
Unsafe code, but its logic looks good to me. Necessary given what it is
|
|
doing. Well tested, has quickchecks.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.arrayvec]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.7.2"
|
|
notes = """
|
|
Well documented invariants, good assertions for those invariants in unsafe code,
|
|
and tested with MIRI to boot. LGTM.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.base64]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.21.0"
|
|
notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
|
|
|
|
[[audits.bytecode-alliance.audits.block-buffer]]
|
|
who = "Benjamin Bouvier <public@benj.me>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.0 -> 0.10.2"
|
|
|
|
[[audits.bytecode-alliance.audits.cargo-platform]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.2"
|
|
notes = "no build, no ambient capabilities, no unsafe"
|
|
|
|
[[audits.bytecode-alliance.audits.cfg-if]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.0"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.codespan-reporting]]
|
|
who = "Jamey Sharp <jsharp@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.11.1"
|
|
notes = "This library uses `forbid(unsafe_code)` and has no filesystem or network I/O."
|
|
|
|
[[audits.bytecode-alliance.audits.core-foundation-sys]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.4 -> 0.8.6"
|
|
notes = """
|
|
The changes here are all typical bindings updates: new functions, types, and
|
|
constants. I have not audited all the bindings for ABI conformance.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.cpufeatures]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.2 -> 0.2.7"
|
|
notes = """
|
|
This is a minor update that looks to add some more detected CPU features and
|
|
various other minor portability fixes such as MIRI support.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.crossbeam-channel]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.5.4 -> 0.5.8"
|
|
notes = """
|
|
This diff does what it says on the tin for this version range, notably fixing a
|
|
race condition, improving handling of durations, and additionally swapping out a
|
|
spin lock with a lock from the standard library. Minor bits of `unsafe` code
|
|
are modified but that's expected given the nature of this crate.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.crypto-common]]
|
|
who = "Benjamin Bouvier <public@benj.me>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.3"
|
|
|
|
[[audits.bytecode-alliance.audits.fallible-iterator]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.0 -> 0.3.0"
|
|
notes = """
|
|
This major version update has a few minor breaking changes but everything
|
|
this crate has to do with iterators and `Result` and such. No `unsafe` or
|
|
anything like that, all looks good.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.fastrand]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "2.0.0 -> 2.0.1"
|
|
notes = """
|
|
This update had a few doc updates but no otherwise-substantial source code
|
|
updates.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.flate2]]
|
|
who = "Andrew Brown <andrew.brown@intel.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.26 -> 1.0.28"
|
|
notes = "No new `unsafe` and no large changes in function. This diff is mostly refactoring with a lot of docs, CI, test changes. Adds some defensive clearing out of certain variables as a safeguard."
|
|
|
|
[[audits.bytecode-alliance.audits.foreign-types]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.2"
|
|
notes = "This crate defined a macro-rules which creates wrappers working with FFI types. The implementation of this crate appears to be safe, but each use of this macro would need to be vetted for correctness as well."
|
|
|
|
[[audits.bytecode-alliance.audits.foreign-types-shared]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.1"
|
|
|
|
[[audits.bytecode-alliance.audits.futures-channel]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
notes = "build.rs is just detecting the target and setting cfg. unsafety is for implementing a concurrency primitives using atomics and unsafecell, and is not obviously incorrect (this is the sort of thing I wouldn't certify as correct without formal methods)"
|
|
|
|
[[audits.bytecode-alliance.audits.futures-core]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
|
|
|
|
[[audits.bytecode-alliance.audits.futures-executor]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
notes = "Unsafe used to implement the unpark mutex, which is well commented and not obviously incorrect. Like with futures-channel I wouldn't be able to certify it as correct without formal methods."
|
|
|
|
[[audits.bytecode-alliance.audits.futures-io]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
|
|
[[audits.bytecode-alliance.audits.futures-sink]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
|
|
[[audits.bytecode-alliance.audits.heck]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.1 -> 0.5.0"
|
|
notes = "Minor changes for a `no_std` upgrade but otherwise everything looks as expected."
|
|
|
|
[[audits.bytecode-alliance.audits.id-arena]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.2.1"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.idna]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.0"
|
|
notes = """
|
|
This is a crate without unsafe code or usage of the standard library. The large
|
|
size of this crate comes from the large generated unicode tables file. This
|
|
crate is broadly used throughout the ecosystem and does not contain anything
|
|
suspicious.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.leb128]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.5"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.memoffset]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.1 -> 0.8.0"
|
|
notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes."
|
|
|
|
[[audits.bytecode-alliance.audits.miniz_oxide]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.7.1"
|
|
notes = """
|
|
This crate is a Rust implementation of zlib compression/decompression and has
|
|
been used by default by the Rust standard library for quite some time. It's also
|
|
a default dependency of the popular `backtrace` crate for decompressing debug
|
|
information. This crate forbids unsafe code and does not otherwise access system
|
|
resources. It's originally a port of the `miniz.c` library as well, and given
|
|
its own longevity should be relatively hardened against some of the more common
|
|
compression-related issues.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.mio]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.6 -> 0.8.8"
|
|
notes = "Mostly OS portability updates along with some minor bugfixes."
|
|
|
|
[[audits.bytecode-alliance.audits.num-traits]]
|
|
who = "Andrew Brown <andrew.brown@intel.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.19"
|
|
notes = "As advertised: a numeric library. The only `unsafe` is from some float-to-int conversions, which seems expected."
|
|
|
|
[[audits.bytecode-alliance.audits.object]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.30.3 -> 0.31.1"
|
|
notes = "A large-ish update to the crate but nothing out of the ordering. Support for new formats like xcoff, new constants, minor refactorings, etc. Nothing out of the ordinary."
|
|
|
|
[[audits.bytecode-alliance.audits.object]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.31.1 -> 0.32.0"
|
|
notes = "Various new features and refactorings as one would expect from an object parsing crate, all looks good."
|
|
|
|
[[audits.bytecode-alliance.audits.object]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.32.0 -> 0.33.0"
|
|
notes = """
|
|
No `unsafe` code in this update. Lots of changes but all
|
|
object-file-format-related, everything looks good.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.percent-encoding]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.2.0"
|
|
notes = """
|
|
This crate is a single-file crate that does what it says on the tin. There are
|
|
a few `unsafe` blocks related to utf-8 validation which are locally verifiable
|
|
as correct and otherwise this crate is good to go.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.pin-utils]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0"
|
|
|
|
[[audits.bytecode-alliance.audits.pkg-config]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.25"
|
|
notes = "This crate shells out to the pkg-config executable, but it appears to sanitize inputs reasonably."
|
|
|
|
[[audits.bytecode-alliance.audits.rustc-demangle]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.21"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.semver]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.17"
|
|
notes = "plenty of unsafe pointer and vec tricks, but in well-structured and commented code that appears to be correct"
|
|
|
|
[[audits.bytecode-alliance.audits.slab]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.6"
|
|
notes = "provides a datastructure implemented using std's Vec. all uses of unsafe are just delegating to the underlying unsafe Vec methods."
|
|
|
|
[[audits.bytecode-alliance.audits.tempfile]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.3.0 -> 3.5.0"
|
|
|
|
[[audits.bytecode-alliance.audits.tempfile]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.5.0 -> 3.6.0"
|
|
notes = "Dependency updates and new optimized trait implementations, but otherwise everything looks normal."
|
|
|
|
[[audits.bytecode-alliance.audits.unicase]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.6.0"
|
|
notes = """
|
|
This crate contains no `unsafe` code and no unnecessary use of the standard
|
|
library.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.unicode-bidi]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.8"
|
|
notes = """
|
|
This crate has no unsafe code and does not use `std::*`. Skimming the crate it
|
|
does not attempt to out of the bounds of what it's already supposed to be doing.
|
|
"""
|
|
|
|
[[audits.embark-studios.wildcard-audits.presser]]
|
|
who = "Gray Olson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 52553 # embark-studios
|
|
start = "2021-01-01"
|
|
end = "2024-05-23"
|
|
notes = """
|
|
Small crate with no dependencies and no ambient capabilities. The safe interface of the crate
|
|
is gated behind unsafe implementation of a core trait, and care must be taken to ensure that
|
|
the relevant invariants are guaranteed when doing so. Maintained by the Ark team at Embark
|
|
and used in production.
|
|
"""
|
|
|
|
[[audits.embark-studios.audits.anyhow]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.58"
|
|
|
|
[[audits.embark-studios.audits.cfg_aliases]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.1"
|
|
notes = "No unsafe usage or ambient capabilities"
|
|
|
|
[[audits.embark-studios.audits.derive_more]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.99.17"
|
|
notes = "No unsafe usage or ambient capabilities"
|
|
|
|
[[audits.embark-studios.audits.ident_case]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.1"
|
|
notes = "No unsafe usage or ambient capabilities"
|
|
|
|
[[audits.embark-studios.audits.idna]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.0 -> 0.4.0"
|
|
notes = "No unsafe usage or ambient capabilities"
|
|
|
|
[[audits.embark-studios.audits.line-wrap]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.1"
|
|
notes = "No unsafe usage or ambient capabilities"
|
|
|
|
[[audits.embark-studios.audits.yaml-rust]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.5"
|
|
notes = "No unsafe usage or ambient capabilities"
|
|
|
|
[[audits.google.audits.ash]]
|
|
who = "David Koloski <dkoloski@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.37.0+1.3.209"
|
|
notes = "Reviewed on https://fxrev.dev/694269"
|
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.bitflags]]
|
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.4.2"
|
|
notes = """
|
|
Audit notes:
|
|
|
|
* I've checked for any discussion in Google-internal cl/546819168 (where audit
|
|
of version 2.3.3 happened)
|
|
* `src/lib.rs` contains `#![cfg_attr(not(test), forbid(unsafe_code))]`
|
|
* There are 2 cases of `unsafe` in `src/external.rs` but they seem to be
|
|
correct in a straightforward way - they just propagate the marker trait's
|
|
impl (e.g. `impl bytemuck::Pod`) from the inner to the outer type
|
|
* Additional discussion and/or notes may be found in https://crrev.com/c/5238056
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.bitflags]]
|
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "2.4.2 -> 2.5.0"
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.bitflags]]
|
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "2.5.0 -> 2.6.0"
|
|
notes = "The changes from the previous version are negligible and thus it retains the same properties."
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.clap_builder]]
|
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "4.5.15"
|
|
notes = '''
|
|
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`
|
|
and there were no hits.
|
|
'''
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.crc32fast]]
|
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.4.2"
|
|
notes = """
|
|
Security review of earlier versions of the crate can be found at
|
|
(Google-internal, sorry): go/image-crate-chromium-security-review
|
|
|
|
Audit comments for 1.4.2 can be found at https://crrev.com/c/4723145.
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.equivalent]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.1"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.fastrand]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.9.0"
|
|
notes = """
|
|
`does-not-implement-crypto` is certified because this crate explicitly says
|
|
that the RNG here is not cryptographically secure.
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.futures]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.28"
|
|
notes = """
|
|
`futures` has no logic other than tests - it simply `pub use`s things from
|
|
other crates.
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.glob]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.1"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.heck]]
|
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.1"
|
|
notes = """
|
|
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'``
|
|
and there were no hits.
|
|
|
|
`heck` (version `0.3.3`) has been added to Chromium in
|
|
https://source.chromium.org/chromium/chromium/src/+/28841c33c77833cc30b286f9ae24c97e7a8f4057
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.http]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.8"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.http-body]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.4.5"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.httpdate]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "1.0.2"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.hyper]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.14.20"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.nom]]
|
|
who = "danakj@chromium.org"
|
|
criteria = "safe-to-deploy"
|
|
version = "7.1.3"
|
|
notes = """
|
|
Reviewed in https://chromium-review.googlesource.com/c/chromium/src/+/5046153
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.pin-project]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "1.0.12"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.pin-project-internal]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "1.0.12"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.pin-project-lite]]
|
|
who = "David Koloski <dkoloski@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.9"
|
|
notes = "Reviewed on https://fxrev.dev/824504"
|
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.pin-project-lite]]
|
|
who = "David Koloski <dkoloski@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.9 -> 0.2.13"
|
|
notes = "Audited at https://fxrev.dev/946396"
|
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.proc-macro2]]
|
|
who = "danakj@chromium.org"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.84 -> 1.0.85"
|
|
notes = "Test-only changes."
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.proc-macro2]]
|
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.85 -> 1.0.86"
|
|
notes = """
|
|
Comment-only changes in `build.rs`.
|
|
Reordering of `Cargo.toml` entries.
|
|
Just bumping up the version number in `lib.rs`.
|
|
Config-related changes in `test_size.rs`.
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.scoped-tls]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-run"
|
|
version = "1.0.0"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.serde_urlencoded]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.7.1"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.socket2]]
|
|
who = "David Koloski <dkoloski@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.4 -> 0.5.5"
|
|
notes = "Reviewed at https://fxrev.dev/946307"
|
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.static_assertions]]
|
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.1.0"
|
|
notes = """
|
|
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`
|
|
and there were no hits except for one `unsafe`.
|
|
|
|
The lambda where `unsafe` is used is never invoked (e.g. the `unsafe` code
|
|
never runs) and is only introduced for some compile-time checks. Additional
|
|
unsafe review comments can be found in https://crrev.com/c/5353376.
|
|
|
|
This crate has been added to Chromium in https://crrev.com/c/3736562. The CL
|
|
description contains a link to a document with an additional security review.
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.strsim]]
|
|
who = "danakj@chromium.org"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.10.0"
|
|
notes = """
|
|
Reviewed in https://crrev.com/c/5171063
|
|
|
|
Previously reviewed during security review and the audit is grandparented in.
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.tokio-stream]]
|
|
who = "David Koloski <dkoloski@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.11"
|
|
notes = "Reviewed on https://fxrev.dev/804724"
|
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.tower-service]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.3.2"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.try-lock]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.3"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.unicode-linebreak]]
|
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.5"
|
|
notes = """
|
|
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'``
|
|
and there were no hits.
|
|
|
|
Version `0.1.2` of this crate has been added to Chromium in
|
|
https://source.chromium.org/chromium/chromium/src/+/591a0f30c5eac93b6a3d981c2714ffa4db28dbcb
|
|
The CL description contains a link to a Google-internal document with audit details.
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.version_check]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.9.4"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.want]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.3.0"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.isrg.wildcard-audits.prio]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 213776 # divviup-github-automation
|
|
start = "2020-09-28"
|
|
end = "2025-02-12"
|
|
|
|
[[audits.isrg.audits.base64]]
|
|
who = "Tim Geoghegan <timg@letsencrypt.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.21.0 -> 0.21.1"
|
|
|
|
[[audits.isrg.audits.base64]]
|
|
who = "Brandon Pitman <bran@bran.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.21.1 -> 0.21.2"
|
|
|
|
[[audits.isrg.audits.base64]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.21.2 -> 0.21.3"
|
|
|
|
[[audits.isrg.audits.block-buffer]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.9.0"
|
|
|
|
[[audits.isrg.audits.digest]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.10.6 -> 0.10.7"
|
|
|
|
[[audits.isrg.audits.getrandom]]
|
|
who = "Tim Geoghegan <timg@letsencrypt.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.9 -> 0.2.10"
|
|
notes = "These changes include some new `unsafe` code for the `emscripten` and `psvita` targets, but all it does is call `libc::getentropy`."
|
|
|
|
[[audits.isrg.audits.getrandom]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.11 -> 0.2.12"
|
|
|
|
[[audits.isrg.audits.getrandom]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.12 -> 0.2.14"
|
|
|
|
[[audits.isrg.audits.keccak]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.2"
|
|
|
|
[[audits.isrg.audits.keccak]]
|
|
who = "Brandon Pitman <bran@bran.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.3 -> 0.1.4"
|
|
|
|
[[audits.isrg.audits.once_cell]]
|
|
who = "Brandon Pitman <bran@bran.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.17.1 -> 1.17.2"
|
|
|
|
[[audits.isrg.audits.once_cell]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.17.2 -> 1.18.0"
|
|
|
|
[[audits.isrg.audits.once_cell]]
|
|
who = "Brandon Pitman <bran@bran.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.18.0 -> 1.19.0"
|
|
|
|
[[audits.isrg.audits.once_cell]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.19.0 -> 1.20.1"
|
|
|
|
[[audits.isrg.audits.rand_chacha]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.1"
|
|
|
|
[[audits.isrg.audits.rand_core]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.6.3"
|
|
|
|
[[audits.isrg.audits.rayon-core]]
|
|
who = "Brandon Pitman <bran@bran.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.10.2 -> 1.11.0"
|
|
|
|
[[audits.isrg.audits.rayon-core]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.11.0 -> 1.12.0"
|
|
|
|
[[audits.isrg.audits.sha2]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.10.2"
|
|
|
|
[[audits.isrg.audits.sha3]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.10.6"
|
|
|
|
[[audits.isrg.audits.sha3]]
|
|
who = "Brandon Pitman <bran@bran.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.10.7 -> 0.10.8"
|
|
|
|
[[audits.mozilla.wildcard-audits.weedle2]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 127697 # bendk
|
|
start = "2022-06-16"
|
|
end = "2025-03-05"
|
|
notes = "Maintained by Mozilla"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.wildcard-audits.zeitstempel]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 48 # Jan-Erik Rediger (badboy)
|
|
start = "2021-03-03"
|
|
end = "2025-08-05"
|
|
notes = "Maintained by me"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.askama]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.11.1 -> 0.12.0"
|
|
notes = "No new unsafe usage, mostly dependency updates and smaller API changes"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.askama_derive]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.11.2 -> 0.12.1"
|
|
notes = "Dependency updates, a new toml dependency and some API changes. No unsafe use."
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.basic-toml]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.2"
|
|
notes = "TOML parser, forked from toml 0.5"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.crossbeam-channel]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.5.8 -> 0.5.11"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.crossbeam-channel]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.5.11 -> 0.5.12"
|
|
notes = "Minimal change fixing a memory leak."
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.crossbeam-utils]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.14 -> 0.8.19"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.either]]
|
|
who = "Nika Layzell <nika@thelayzells.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.6.1"
|
|
notes = """
|
|
Straightforward crate providing the Either enum and trait implementations with
|
|
no unsafe code.
|
|
"""
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.lazy_static]]
|
|
who = "Nika Layzell <nika@thelayzells.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.4.0"
|
|
notes = "I have read over the macros, and audited the unsafe code."
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.log]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.17 -> 0.4.18"
|
|
notes = "One dependency removed, others updated (which we don't rely on), some APIs (which we don't use) changed."
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.log]]
|
|
who = "Kagami Sascha Rosylight <krosylight@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.18 -> 0.4.20"
|
|
notes = "Only cfg attribute and internal macro changes and module refactorings"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.rkv]]
|
|
who = "Kagami Sascha Rosylight <krosylight@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.18.4 -> 0.19.0"
|
|
notes = "Maintained by Mozilla, no addition of unsafe blocks"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.scroll]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.11.0 -> 0.12.0"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.scroll_derive]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.11.1 -> 0.12.0"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.smawk]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.2"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.textwrap]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.15.0"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|