You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2388 lines
73 KiB
2388 lines
73 KiB
|
|
# cargo-vet audits file
|
|
|
|
[[wildcard-audits.arbitrary]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696
|
|
start = "2020-01-14"
|
|
end = "2024-04-21"
|
|
notes = "I am an author of this crate."
|
|
|
|
[[wildcard-audits.bumpalo]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696
|
|
start = "2019-03-16"
|
|
end = "2024-03-10"
|
|
|
|
[[wildcard-audits.derive_arbitrary]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696
|
|
start = "2020-01-14"
|
|
end = "2024-04-27"
|
|
notes = "I am an author of this crate"
|
|
|
|
[[wildcard-audits.regalloc2]]
|
|
who = "Chris Fallin <chris@cfallin.org>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 3726
|
|
start = "2021-12-03"
|
|
end = "2024-05-02"
|
|
notes = "We (Bytecode Alliance) are the primary authors of regalloc2 and co-develop it with Cranelift/Wasmtime, with the same code-review, testing/fuzzing, and security standards."
|
|
|
|
[[wildcard-audits.regalloc2]]
|
|
who = "Trevor Elliott <telliott@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 187138
|
|
start = "2022-11-29"
|
|
end = "2024-05-02"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `regalloc2`
|
|
repository of which I'm one of the maintainers and publishers for. I am employed
|
|
by a member of the Bytecode Alliance and plan to continue doing so and will
|
|
actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2020-12-11"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wasm-metadata]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2020-12-11"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wasm-mutate]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696
|
|
start = "2022-02-17"
|
|
end = "2024-03-10"
|
|
|
|
[[wildcard-audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2022-01-05"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2020-09-03"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2020-07-13"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wasmprinter]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696
|
|
start = "2021-04-28"
|
|
end = "2024-03-10"
|
|
|
|
[[wildcard-audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2019-11-18"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2019-10-16"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2019-10-18"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wit-bindgen]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2020-12-11"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wit-bindgen`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wit-bindgen-core]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2020-12-11"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wit-bindgen`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wit-bindgen-rust]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2020-12-11"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wit-bindgen`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wit-bindgen-rust-lib]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2020-12-11"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wit-bindgen`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wit-bindgen-rust-macro]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2020-12-11"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wit-bindgen`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wit-component]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2020-12-11"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[wildcard-audits.wit-component]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696
|
|
start = "2019-03-16"
|
|
end = "2024-03-10"
|
|
|
|
[[wildcard-audits.wit-parser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1
|
|
start = "2019-12-02"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[audits.addr2line]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.17.0 -> 0.19.0"
|
|
notes = """
|
|
This is a minor update for addr2line which looks to mainly update its
|
|
dependencies and refactor existing code to expose more functionality and such.
|
|
"""
|
|
|
|
[[audits.ahash]]
|
|
who = "Chris Fallin <chris@cfallin.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.6 -> 0.8.2"
|
|
|
|
[[audits.ambient-authority]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.0.2"
|
|
notes = "Contains no unsafe code, no IO, no build.rs."
|
|
|
|
[[audits.anes]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.6"
|
|
notes = "Contains no unsafe code, no IO, no build.rs."
|
|
|
|
[[audits.anyhow]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.62 -> 1.0.66"
|
|
notes = """
|
|
This update looks to be related to minor fixes and mostly integrating with a
|
|
nightly feature in the standard library for backtrace integration. No undue
|
|
`unsafe` is added and nothing unsurprising for the `anyhow` crate is happening
|
|
here.
|
|
"""
|
|
|
|
[[audits.anyhow]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.69 -> 1.0.71"
|
|
|
|
[[audits.arbitrary]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.1.0"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.arbitrary]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.1.4"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.arrayref]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.6"
|
|
notes = """
|
|
Unsafe code, but its logic looks good to me. Necessary given what it is
|
|
doing. Well tested, has quickchecks.
|
|
"""
|
|
|
|
[[audits.arrayvec]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.7.2"
|
|
notes = """
|
|
Well documented invariants, good assertions for those invariants in unsafe code,
|
|
and tested with MIRI to boot. LGTM.
|
|
"""
|
|
|
|
[[audits.atty]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.14"
|
|
notes = """
|
|
Contains only unsafe code for what this crate's purpose is and only accesses
|
|
the environment's terminal information when asked. Does its stated purpose and
|
|
no more.
|
|
"""
|
|
|
|
[[audits.backtrace]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.66"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.backtrace]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
delta = "0.3.66 -> 0.3.67"
|
|
notes = """
|
|
This change introduced a new means of learning the current exe by parsing
|
|
Linux-specific constructs and does not constitute any major changes to the
|
|
crate.
|
|
"""
|
|
|
|
[[audits.base64]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.21.0"
|
|
notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
|
|
|
|
[[audits.base64]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.21.0"
|
|
notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
|
|
|
|
[[audits.bitflags]]
|
|
who = "Jamey Sharp <jsharp@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "2.1.0 -> 2.2.1"
|
|
notes = """
|
|
This version adds unsafe impls of traits from the bytemuck crate when built
|
|
with that library enabled, but I believe the impls satisfy the documented
|
|
safety requirements for bytemuck. The other changes are minor.
|
|
"""
|
|
|
|
[[audits.block-buffer]]
|
|
who = "Benjamin Bouvier <public@benj.me>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.0 -> 0.10.2"
|
|
|
|
[[audits.bumpalo]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "3.9.1"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bumpalo]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "3.11.1"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.camino]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.1.4"
|
|
|
|
[[audits.cap-fs-ext]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.26.0"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.cap-fs-ext]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.1"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.cap-fs-ext]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.1 -> 1.0.5"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-fs-ext]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.5 -> 1.0.14"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-primitives]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.26.0"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.cap-primitives]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.1"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.cap-primitives]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.1 -> 1.0.5"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-primitives]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.5 -> 1.0.14"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-rand]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.26.0"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.cap-rand]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.1"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.cap-rand]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.1 -> 1.0.14"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-std]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.26.0"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.cap-std]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.1"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.cap-std]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.1 -> 1.0.5"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-std]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.5 -> 1.0.14"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-tempfile]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-run"
|
|
version = "0.26.0"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.cap-tempfile]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-run"
|
|
version = "1.0.1"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.cap-tempfile]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.1 -> 1.0.14"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-time-ext]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.26.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-time-ext]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.1"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-time-ext]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.1 -> 1.0.5"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cap-time-ext]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.5 -> 1.0.14"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.cargo-platform]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.2"
|
|
notes = "no build, no ambient capabilities, no unsafe"
|
|
|
|
[[audits.cargo_metadata]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.15.3"
|
|
notes = "no build, no unsafe, inputs to cargo command are reasonably sanitized"
|
|
|
|
[[audits.cast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
delta = "0.2.7 -> 0.3.0"
|
|
notes = """
|
|
This release appears to have brought support for 128-bit integers and removed a
|
|
`transmute` around converting between float bits and the float itself.
|
|
Otherwise no major changes except what was presumably minor API breaking changes
|
|
due to the major version bump.
|
|
"""
|
|
|
|
[[audits.cc]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.73"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.cfg-if]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.0"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.ciborium]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.0"
|
|
|
|
[[audits.ciborium-io]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.0"
|
|
|
|
[[audits.ciborium-ll]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.0"
|
|
|
|
[[audits.codespan-reporting]]
|
|
who = "Jamey Sharp <jsharp@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.11.1"
|
|
notes = "This library uses `forbid(unsafe_code)` and has no filesystem or network I/O."
|
|
|
|
[[audits.constant_time_eq]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.4"
|
|
notes = "A few tiny blocks of `unsafe` but each of them is very obviously correct."
|
|
|
|
[[audits.cpufeatures]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.2 -> 0.2.7"
|
|
notes = """
|
|
This is a minor update that looks to add some more detected CPU features and
|
|
various other minor portability fixes such as MIRI support.
|
|
"""
|
|
|
|
[[audits.criterion]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
delta = "0.3.5 -> 0.3.6"
|
|
notes = """
|
|
There were no major changes to code in this update, mostly just stylistic and
|
|
updating some version dependency requirements.
|
|
"""
|
|
|
|
[[audits.criterion]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.6 -> 0.4.0"
|
|
notes = """
|
|
criterion v0.3.6..v0.4.0 is mostly re-arranging the crate features and bumping dependencies. all changes
|
|
to code seem to be confined to benchmarks.
|
|
"""
|
|
|
|
[[audits.criterion-plot]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
delta = "0.4.4 -> 0.4.5"
|
|
notes = """
|
|
No major changes in this update, it was almost entirely stylistic with what
|
|
appears to be a few clippy fixes here and there.
|
|
"""
|
|
|
|
[[audits.criterion-plot]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.5 -> 0.5.0"
|
|
notes = "Just a version bump, only change to code is to remove an allow(deprecated)"
|
|
|
|
[[audits.crossbeam-channel]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.5.4 -> 0.5.8"
|
|
notes = """
|
|
This diff does what it says on the tin for this version range, notably fixing a
|
|
race condition, improving handling of durations, and additionally swapping out a
|
|
spin lock with a lock from the standard library. Minor bits of `unsafe` code
|
|
are modified but that's expected given the nature of this crate.
|
|
"""
|
|
|
|
[[audits.crypto-common]]
|
|
who = "Benjamin Bouvier <public@benj.me>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.3"
|
|
|
|
[[audits.derive_arbitrary]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.1.0"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.derive_arbitrary]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.1.4"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.digest]]
|
|
who = "Benjamin Bouvier <public@benj.me>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.0 -> 0.10.3"
|
|
|
|
[[audits.ed25519]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.4.1 -> 1.5.3"
|
|
notes = """
|
|
This diff brings in a number of minor updates of which none are related to
|
|
`unsafe` code or anything system-related like filesystems.
|
|
"""
|
|
|
|
[[audits.errno]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.0"
|
|
notes = "This crate uses libc and windows-sys APIs to get and set the raw OS error value."
|
|
|
|
[[audits.errno]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.0 -> 0.3.1"
|
|
notes = "Just a dependency version bump and a bug fix for redox"
|
|
|
|
[[audits.fd-lock]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "3.0.9"
|
|
notes = "This crate uses unsafe to make Windows syscalls, to borrow an Fd with an appropriate lifetime, and to zero a windows API structure that appears to have a valid representation with zeroed memory."
|
|
|
|
[[audits.fd-lock]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.0.9 -> 3.0.10"
|
|
notes = "Just a dependency version bump"
|
|
|
|
[[audits.fd-lock]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.0.10 -> 3.0.12"
|
|
notes = "Just a dependency version bump"
|
|
|
|
[[audits.file-per-thread-logger]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.5"
|
|
notes = """
|
|
Contains no unsafe code but does write log files to the filesystem. Log files
|
|
are only created when requested by the application, however, and otherwise
|
|
only does its stated purpose.
|
|
"""
|
|
|
|
[[audits.file-per-thread-logger]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.5 -> 0.1.6"
|
|
notes = "Just a dependency version bump"
|
|
|
|
[[audits.foreign-types]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.2"
|
|
notes = "This crate defined a macro-rules which creates wrappers working with FFI types. The implementation of this crate appears to be safe, but each use of this macro would need to be vetted for correctness as well."
|
|
|
|
[[audits.foreign-types-shared]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.1"
|
|
|
|
[[audits.form_urlencoded]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.1.0"
|
|
notes = """
|
|
This is a small crate for working with url-encoded forms which doesn't have any
|
|
more than what it says on the tin. Contains one `unsafe` block related to
|
|
performance around utf-8 validation which is fairly easy to verify as correct.
|
|
"""
|
|
|
|
[[audits.fs-set-times]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.18.0"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.fs-set-times]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.18.0 -> 0.18.1"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.fs-set-times]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.18.1 -> 0.19.1"
|
|
notes = "Just a dependency version bump"
|
|
|
|
[[audits.futures]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
notes = "There are no definitions in this crate, just exports of definitions from child crates."
|
|
|
|
[[audits.futures-channel]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
notes = "build.rs is just detecting the target and setting cfg. unsafety is for implementing a concurrency primitives using atomics and unsafecell, and is not obviously incorrect (this is the sort of thing I wouldn't certify as correct without formal methods)"
|
|
|
|
[[audits.futures-core]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
|
|
|
|
[[audits.futures-executor]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
notes = "Unsafe used to implement the unpark mutex, which is well commented and not obviously incorrect. Like with futures-channel I wouldn't be able to certify it as correct without formal methods."
|
|
|
|
[[audits.futures-io]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
|
|
[[audits.futures-sink]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
|
|
[[audits.fxprof-processed-profile]]
|
|
who = "Jamey Sharp <jsharp@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.6.0"
|
|
notes = """
|
|
No unsafe code, I/O, or powerful imports. This is a straightforward set of data
|
|
structures representing the Firefox \"processed\" profile format, with serde
|
|
serialization support. All logic is trivial: either unit conversion, or
|
|
hash-consing to support de-duplication required by the format.
|
|
"""
|
|
|
|
[[audits.gimli]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.26.1 -> 0.27.0"
|
|
notes = """
|
|
This is a standard update to gimli for more DWARF support for more platforms,
|
|
more features, etc. Some minor `unsafe` code was added that does not appear
|
|
incorrect. Otherwise looks like someone probably ran clippy and/or rustfmt.
|
|
"""
|
|
|
|
[[audits.hashbrown]]
|
|
who = "Chris Fallin <chris@cfallin.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.12.3 -> 0.13.1"
|
|
notes = "The diff looks plausible. Much of it is low-level memory-layout code and I can't be 100% certain without a deeper dive into the implementation logic, but nothing looks actively malicious."
|
|
|
|
[[audits.hashbrown]]
|
|
who = "Trevor Elliott <telliott@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.13.1 -> 0.13.2"
|
|
notes = "I read through the diff between v0.13.1 and v0.13.2, and verified that the changes made matched up with the changelog entries. There were very few changes between these two releases, and it was easy to verify what they did."
|
|
|
|
[[audits.heck]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.0"
|
|
notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation."
|
|
|
|
[[audits.hermit-abi]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.0 -> 0.3.0"
|
|
|
|
[[audits.http-body]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.0-rc.2"
|
|
|
|
[[audits.http-body-util]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0-rc.2"
|
|
notes = "only one use of unsafe related to pin projection. unclear to me why pin_project! is used in many modules of the project, but the expanded output of that macro is inlined in either.rs"
|
|
|
|
[[audits.httpdate]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.2"
|
|
notes = "No unsafety, no io"
|
|
|
|
[[audits.id-arena]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.2.1"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.idna]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.0"
|
|
notes = """
|
|
This is a crate without unsafe code or usage of the standard library. The large
|
|
size of this crate comes from the large generated unicode tables file. This
|
|
crate is broadly used throughout the ecosystem and does not contain anything
|
|
suspicious.
|
|
"""
|
|
|
|
[[audits.indexmap-nostd]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.4.0"
|
|
notes = """
|
|
I've verified that this is a sliced-down version of the `indexmap` crate which
|
|
is otherwise certified. This doesn't contain unnecessary `unsafe` and
|
|
additionally doesn't reach for ambient capabilities.
|
|
"""
|
|
|
|
[[audits.io-extras]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.17.0"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.io-extras]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.17.0 -> 0.17.2"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.io-extras]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.17.2 -> 0.17.4"
|
|
notes = "Just a dependency version bump"
|
|
|
|
[[audits.io-lifetimes]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.3"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.io-lifetimes]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.3 -> 1.0.5"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.io-lifetimes]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.5 -> 1.0.10"
|
|
notes = "I am the maintainer of this crate."
|
|
|
|
[[audits.is-terminal]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.0"
|
|
notes = "Contains only unsafe code for interacting with the crate's intended purpose."
|
|
|
|
[[audits.is-terminal]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.1"
|
|
notes = "Contains only unsafe code for interacting with the crate's intended purpose."
|
|
|
|
[[audits.is-terminal]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.7"
|
|
notes = """
|
|
The is-terminal implementation code is now sync'd up with the prototype
|
|
implementation in the Rust standard library.
|
|
"""
|
|
|
|
[[audits.is-terminal]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.1 -> 0.4.3"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.ittapi]]
|
|
who = "Andrew Brown <andrew.brown@intel.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.1 -> 0.3.3"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.ittapi-sys]]
|
|
who = "Andrew Brown <andrew.brown@intel.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.1 -> 0.3.3"
|
|
notes = "Unsafe code is due to auto-generated bindings to a widely-deployed C library."
|
|
|
|
[[audits.leb128]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.5"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.libc]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.133 -> 0.2.141"
|
|
notes = """
|
|
I have performed a very rough survey of the changes and didn't see anything
|
|
obviously out of place, or that looks like a silent ABI break on a platform
|
|
Wasmtime supports. I didn't check all the new struct layouts, constants,
|
|
function signatures, and so on for ABI conformance though.
|
|
|
|
This crate is maintained by the Rust project and is a dependency of the Rust
|
|
standard library itself. It contains tests that generate C source files to
|
|
ensure that the ABI it describes matches the ABI described by the C header
|
|
files in the correspond to match.
|
|
"""
|
|
|
|
[[audits.libfuzzer-sys]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-run"
|
|
delta = "0.4.3 -> 0.4.4"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.libfuzzer-sys]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-run"
|
|
delta = "0.4.4 -> 0.4.5"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.libm]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.2 -> 0.2.4"
|
|
notes = """
|
|
This diff primarily fixes a few issues with the `fma`-related functions,
|
|
but also contains some other minor fixes as well. Everything looks A-OK and
|
|
as expected.
|
|
"""
|
|
|
|
[[audits.libm]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.4 -> 0.2.7"
|
|
notes = """
|
|
This is a minor update which has some testing affordances as well as some
|
|
updated math algorithms.
|
|
"""
|
|
|
|
[[audits.linux-raw-sys]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.3"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.linux-raw-sys]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.3"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.matchers]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0"
|
|
|
|
[[audits.memfd]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.6.1"
|
|
notes = """
|
|
Does not interact with the system in any way than otherwise instructed to.
|
|
Contains unsafe blocks but are encapsulated and required for the operation at
|
|
hand.
|
|
"""
|
|
|
|
[[audits.memfd]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.6.2"
|
|
notes = """
|
|
The only changes from 0.6.1 were from my own PR which updated memfd to newer
|
|
dependencies.
|
|
"""
|
|
|
|
[[audits.memfd]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.6.2 -> 0.6.3"
|
|
notes = "Just a dependency version bump and documentation update"
|
|
|
|
[[audits.memoffset]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.1 -> 0.8.0"
|
|
notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes."
|
|
|
|
[[audits.memory_units]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
delta = "0.3.0 -> 0.4.0"
|
|
notes = """
|
|
This bump only changed from a function to an associated `const` and trivially
|
|
contains no significant changes.
|
|
"""
|
|
|
|
[[audits.miniz_oxide]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
delta = "0.5.1 -> 0.5.3"
|
|
notes = """
|
|
This looks to be a minor update to the crate to remove some `unsafe` code,
|
|
update Rust stylistic conventions, and perhaps some clippy lints. No major
|
|
changes.
|
|
"""
|
|
|
|
[[audits.native-tls]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.11"
|
|
notes = "build is only looking for environment variables to set cfg. only two minor uses of unsafe,on macos, with ffi bindings to digest primitives and libc atexit. otherwise, this is an abstraction over three very complex systems (schannel, security-framework, and openssl) which may end up having subtle differences, but none of those are apparent from the implementation of this crate"
|
|
|
|
[[audits.object]]
|
|
who = "Chris Fallin <chris@cfallin.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.29.0 -> 0.30.1"
|
|
|
|
[[audits.object]]
|
|
who = "Jamey Sharp <jsharp@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.30.1 -> 0.30.3"
|
|
notes = """
|
|
No unsafe blocks or I/O in the diff. The only changes clearly implement what
|
|
the changelog says is new in these versions.
|
|
"""
|
|
|
|
[[audits.once_cell]]
|
|
who = "Chris Fallin <chris@cfallin.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.16.0 -> 1.17.0"
|
|
|
|
[[audits.openssl-macros]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0"
|
|
|
|
[[audits.openssl-probe]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.5"
|
|
notes = "IO is only checking for the existence of paths in the filesystem"
|
|
|
|
[[audits.openvino]]
|
|
who = "Matthew Tamayo-Rios <matthew@geekbeast.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.2"
|
|
notes = """
|
|
I am the author of most of these changes.
|
|
"""
|
|
|
|
[[audits.openvino]]
|
|
who = "Andrew Brown <andrew.brown@intel.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.2 -> 0.5.0"
|
|
|
|
[[audits.openvino-finder]]
|
|
who = "Matthew Tamayo-Rios <matthew@geekbeast.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.1 -> 0.4.2"
|
|
notes = """
|
|
Only updates to Cargo file for versioning.
|
|
"""
|
|
|
|
[[audits.openvino-finder]]
|
|
who = "Andrew Brown <andrew.brown@intel.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.2 -> 0.5.0"
|
|
|
|
[[audits.openvino-sys]]
|
|
who = "Matthew Tamayo-Rios <matthew@geekbeast.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.1 -> 0.4.2"
|
|
notes = """
|
|
Only updates to tests to use new rust functions for mut pointers.
|
|
"""
|
|
|
|
[[audits.openvino-sys]]
|
|
who = "Andrew Brown <andrew.brown@intel.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.2 -> 0.5.0"
|
|
|
|
[[audits.peeking_take_while]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.0"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.percent-encoding]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.2.0"
|
|
notes = """
|
|
This crate is a single-file crate that does what it says on the tin. There are
|
|
a few `unsafe` blocks related to utf-8 validation which are locally verifiable
|
|
as correct and otherwise this crate is good to go.
|
|
"""
|
|
|
|
[[audits.pin-utils]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0"
|
|
|
|
[[audits.pkg-config]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.25"
|
|
notes = "This crate shells out to the pkg-config executable, but it appears to sanitize inputs reasonably."
|
|
|
|
[[audits.proc-macro2]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.51 -> 1.0.57"
|
|
|
|
[[audits.pulldown-cmark]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.8.0"
|
|
notes = """
|
|
This crate has `unsafe` blocks and they're all related to SIMD-acceleration and
|
|
are otherwise not doing other `unsafe` operations. Additionally the crate does
|
|
not do anything other than markdown rendering as is expected.
|
|
"""
|
|
|
|
[[audits.quote]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.23 -> 1.0.27"
|
|
|
|
[[audits.regalloc2]]
|
|
who = "Jamey Sharp <jsharp@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.1 -> 0.3.2"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.regalloc2]]
|
|
who = "Chris Fallin <chris@cfallin.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.2 -> 0.4.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.regalloc2]]
|
|
who = "Chris Fallin <chris@cfallin.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.0 -> 0.4.1"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.regalloc2]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.1 -> 0.4.2"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.regalloc2]]
|
|
who = "Trevor Elliott <telliott@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.2 -> 0.5.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.regalloc2]]
|
|
who = "Trevor Elliott <telliott@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.5.0 -> 0.5.1"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.regalloc2]]
|
|
who = "Trevor Elliott <telliott@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.5.1 -> 0.6.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.regalloc2]]
|
|
who = "Chris Fallin <chris@cfallin.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.6.0 -> 0.6.1"
|
|
notes = "Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.regalloc2]]
|
|
who = "Trevor Elliott <telliott@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.6.1 -> 0.7.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.rustc-demangle]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.21"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.rustix]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.36.4"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.rustix]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.36.7"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.rustix]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.37.13"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.rustix]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.36.7 -> 0.36.8"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.rustls]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.21.0"
|
|
notes = "no unsafe code, ambient capabilities only used in tests"
|
|
|
|
[[audits.rustls-webpki]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.100.1"
|
|
|
|
[[audits.sct]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.7.0"
|
|
notes = "no unsafe, no build, no ambient capabilities"
|
|
|
|
[[audits.semver]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.17"
|
|
notes = "plenty of unsafe pointer and vec tricks, but in well-structured and commented code that appears to be correct"
|
|
|
|
[[audits.sha2]]
|
|
who = "Benjamin Bouvier <public@benj.me>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.9 -> 0.10.2"
|
|
notes = "This upgrade is mostly a code refactor, as far as I can tell. No new uses of unsafe nor any new ambient capabilities usage."
|
|
|
|
[[audits.slab]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.6"
|
|
notes = "provides a datastructure implemented using std's Vec. all uses of unsafe are just delegating to the underlying unsafe Vec methods."
|
|
|
|
[[audits.slice-group-by]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.0 -> 0.3.1"
|
|
notes = """
|
|
This update runs `rustfmt` for the first time in awhile and additionally fixes a
|
|
few minor issues related to Stacked Borrows and running in MIRI. No fundamental
|
|
change to any preexisting unsafe code is happening here.
|
|
"""
|
|
|
|
[[audits.spin]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.9.4"
|
|
notes = """
|
|
I've verified the contents of this crate and that while they contain `unsafe`
|
|
it's exclusively around implementing atomic primitive where some `unsafe` is to
|
|
be expected. Otherwise this crate does not unduly access ambient capabilities
|
|
and does what it says on the tin, providing spin-based synchronization
|
|
primitives.
|
|
"""
|
|
|
|
[[audits.sptr]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.2"
|
|
notes = """
|
|
This crate is 90% documentation and does contain a good deal of `unsafe` code,
|
|
but it's all doing what it says on the tin: being a stable polyfill for strict
|
|
provenance APIs in the standard library while they're on Nightly.
|
|
"""
|
|
|
|
[[audits.syn]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.92 -> 2.0.16"
|
|
|
|
[[audits.system-interface]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.23.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.system-interface]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.25.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.system-interface]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.25.0 -> 0.25.4"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.system-interface]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.25.4 -> 0.25.6"
|
|
notes = "Just a dependency version bump"
|
|
|
|
[[audits.system-interface]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.25.6 -> 0.25.7"
|
|
notes = "This is a minor bug-fix update."
|
|
|
|
[[audits.tempfile]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.3.0 -> 3.5.0"
|
|
|
|
[[audits.test-log]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.11"
|
|
|
|
[[audits.tinyvec]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.6.0"
|
|
notes = """
|
|
This crate, while it implements collections, does so without `std::*` APIs and
|
|
without `unsafe`. Skimming the crate everything looks reasonable and what one
|
|
would expect from idiomatic safe collections in Rust.
|
|
"""
|
|
|
|
[[audits.tinyvec_macros]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0"
|
|
notes = """
|
|
This is a trivial crate which only contains a singular macro definition which is
|
|
intended to multiplex across the internal representation of a tinyvec,
|
|
presumably. This trivially doesn't contain anything bad.
|
|
"""
|
|
|
|
[[audits.tokio]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.18.1 -> 1.18.4"
|
|
notes = """
|
|
This looks to be a minor release primarily to fix a security-related Windows
|
|
issue plus some reorganization around lazy initialization. Altogether nothing
|
|
amiss here.
|
|
"""
|
|
|
|
[[audits.tokio-native-tls]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.1"
|
|
notes = "unsafety is used for smuggling std::task::Context as a raw pointer. Lifetime and type safety appears to be taken care of correctly."
|
|
|
|
[[audits.tokio-rustls]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.24.0"
|
|
notes = "no unsafe, no build, no ambient capabilities"
|
|
|
|
[[audits.tokio-util]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.7.4"
|
|
notes = "Alex Crichton audited the safety of src/sync/reusable_box.rs, I audited the remainder of the crate."
|
|
|
|
[[audits.try-lock]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.4"
|
|
notes = "Implements a concurrency primitive with atomics, and is not obviously incorrect"
|
|
|
|
[[audits.unicase]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.6.0"
|
|
notes = """
|
|
This crate contains no `unsafe` code and no unnecessary use of the standard
|
|
library.
|
|
"""
|
|
|
|
[[audits.unicode-bidi]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.8"
|
|
notes = """
|
|
This crate has no unsafe code and does not use `std::*`. Skimming the crate it
|
|
does not attempt to out of the bounds of what it's already supposed to be doing.
|
|
"""
|
|
|
|
[[audits.unicode-ident]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.8"
|
|
|
|
[[audits.unicode-normalization]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.19"
|
|
notes = """
|
|
This crate contains one usage of `unsafe` which I have manually checked to see
|
|
it as correct. This crate's size comes in large part due to the generated
|
|
unicode tables that it contains. This crate is additionally widely used
|
|
throughout the ecosystem and skimming the crate shows no usage of `std::*` APIs
|
|
and nothing suspicious.
|
|
"""
|
|
|
|
[[audits.url]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.3.1"
|
|
notes = """
|
|
This crate contains no `unsafe` code and otherwise doesn't use any functionality
|
|
it's not supposed to from `std` or such. This crate is the defacto standard for
|
|
URL parsing in the Rust community with widespread usage to battle-test, harden,
|
|
and suss out bugs. I've historically reviewed this crate in the past and it
|
|
is similar to what it once was back then. Skimming over the crate there is
|
|
nothing suspicious and it's everything you'd expect a Rust URL parser to be.
|
|
"""
|
|
|
|
[[audits.vcpkg]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.15"
|
|
notes = "no build.rs, no macros, no unsafe. It reads the filesystem and makes copies of DLLs into OUT_DIR."
|
|
|
|
[[audits.walkdir]]
|
|
who = "Andrew Brown <andrew.brown@intel.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "2.3.2 -> 2.3.3"
|
|
notes = "No significant changes: minor refactoring and removes the need to use `winapi`."
|
|
|
|
[[audits.want]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.0"
|
|
|
|
[[audits.wasm-bindgen-shared]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.83 -> 0.2.80"
|
|
|
|
[[audits.wasm-coredump-builder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.10"
|
|
notes = """
|
|
This is a small crate which doesn't deviate outside of its intended purpose and
|
|
additionally contains no `unsafe` code.
|
|
"""
|
|
|
|
[[audits.wasm-coredump-builder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.10 -> 0.1.11"
|
|
notes = "This is a minor update which only adds a small bit of functionality."
|
|
|
|
[[audits.wasm-coredump-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.10"
|
|
notes = """
|
|
This small crate contains no `unsafe` code and does no more than what it says on
|
|
the tin.
|
|
"""
|
|
|
|
[[audits.wasm-coredump-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.10 -> 0.1.11"
|
|
notes = """
|
|
This is a small update which accounts for a function offset in frames and
|
|
doesn't add in too much extra.
|
|
"""
|
|
|
|
[[audits.wasm-coredump-types]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.10"
|
|
notes = """
|
|
This small crate contains no `unsafe` code and only contains type definitions
|
|
used for wasm core dumps and trivially stays within its bounds.
|
|
"""
|
|
|
|
[[audits.wasm-coredump-types]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.10 -> 0.1.11"
|
|
notes = "This is quite a small update which only adds a small bit of offset-related functionality."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.14.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.15.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.16.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.17.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.18.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.19.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.20.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.21.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.22.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.23.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.25.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.19.0 -> 0.19.1"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.5"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.6"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.7"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.8"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.9"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.10"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.11"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.12"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.13"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.14"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.16"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.18"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-mutate]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.21"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.11.2"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.11.3"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.11.4"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.11.5"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.11.6"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.11.7"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.11.8"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.11.9"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.11.10"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.11.11"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.12.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.12.2"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.12.5"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmi]]
|
|
who = "Robin Freyler <robin.freyler@gmail.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.20.0"
|
|
notes = """
|
|
I am the author of this crate. It contains unsafe Rust code.
|
|
However, the crate does not read or write data from any parts of the filesystem,
|
|
it does not install software upon compilation e.g. via build scripts,
|
|
it does not connect to network endpoints and does not misuse system resources.
|
|
|
|
If any of the above happens it is either by the user explicitly telling the
|
|
crate to do so (it is an interpreter) or due to a bug or other unintended
|
|
behavior.
|
|
"""
|
|
|
|
[[audits.wasmi_arena]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.1.0"
|
|
notes = """
|
|
This crate contains no `unsafe` code and doesn't reach in unnecessarily to the
|
|
standard library or anything like that. This only contains a few data structures
|
|
used by `wasmi` and various idiomatic Rust trait implementations.
|
|
"""
|
|
|
|
[[audits.wasmi_core]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.4.0"
|
|
notes = """
|
|
This crate contains no `unsafe` code and otherwise is only the bits and bobs for
|
|
the internals of a wasm implementation. Reading over this crate there is no
|
|
unexpected usage of the filesystem or things like that and otherwise is mostly
|
|
plumbing for all the integer operations in core wasm.
|
|
"""
|
|
|
|
[[audits.wasmi_core]]
|
|
who = "Robin Freyler <robin.freyler@gmail.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.5.0"
|
|
notes = "See notes for version 0.4.0"
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.87.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.88.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.89.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.89.1"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.91.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.92.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.93.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.94.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.95.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.96.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.97.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.99.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.100.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.102.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmparser-nostd]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-run"
|
|
version = "0.91.0"
|
|
notes = """
|
|
I have certified that this crate is a one-to-one fork of `wasmparser` with
|
|
updates exclusively for the usage on targets without the standard library.
|
|
This crate is otherwise primarily authored by the Bytecode Alliance and
|
|
otherwise certified.
|
|
"""
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.37"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.38"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.39"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.40"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.41"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.42"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.43"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.44"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.45"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.46"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.49"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.50"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wasmprinter]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.53"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "35.0.2"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "44.0.0"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "45.0.0"
|
|
notes = "The Bytecode Alliance is the author of this crate"
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "46.0.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "47.0.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "47.0.1"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "48.0.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "49.0.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "50.0.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "51.0.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "52.0.2"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "53.0.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "55.0.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.46"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.47"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.48"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.50"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.51"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.52"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.53"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.56"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.58"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.61"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wat]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.48 -> 1.0.49"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.webpki-roots]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.22.4 -> 0.23.0"
|
|
|
|
[[audits.windows-sys]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.42.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows-sys]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.48.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows-sys]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.45.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows-targets]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.42.1"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves. Additionally, this particular crate is empty and just collects a bunch of dependencies, which are not exported, so I don't understand why it exists at all."
|
|
|
|
[[audits.windows-targets]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.48.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves. It just provides the import libs needed by windows-sys."
|
|
|
|
[[audits.windows_aarch64_gnullvm]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.42.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_aarch64_gnullvm]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.48.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_aarch64_gnullvm]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files."
|
|
|
|
[[audits.windows_aarch64_msvc]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.42.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_aarch64_msvc]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.48.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_aarch64_msvc]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files."
|
|
|
|
[[audits.windows_i686_gnu]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.42.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_i686_gnu]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.48.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_i686_gnu]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files."
|
|
|
|
[[audits.windows_i686_msvc]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.42.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_i686_msvc]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.48.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_i686_msvc]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files."
|
|
|
|
[[audits.windows_x86_64_gnu]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.42.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_x86_64_gnu]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.48.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_x86_64_gnu]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files."
|
|
|
|
[[audits.windows_x86_64_gnullvm]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.42.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_x86_64_gnullvm]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.48.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_x86_64_gnullvm]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files."
|
|
|
|
[[audits.windows_x86_64_msvc]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.42.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_x86_64_msvc]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.48.0"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
|
|
|
[[audits.windows_x86_64_msvc]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files."
|
|
|
|
[[audits.winx]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.34.0"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.winx]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.34.0 -> 0.35.0"
|
|
notes = "Dan Gohman, a Bytecode Alliance core contributor, is the author of this crate."
|
|
|
|
[[audits.winx]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.35.0 -> 0.35.1"
|
|
notes = "Just a dependency version bump"
|
|
|
|
[[audits.wit-parser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wit-parser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.1"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wit-parser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wit-parser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.1"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wit-parser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.5.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wit-parser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.6.0"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wit-parser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.6.1"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|
|
[[audits.wit-parser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.6.4"
|
|
notes = "The Bytecode Alliance is the author of this crate."
|
|
|