1361 lines
40 KiB
TOML
1361 lines
40 KiB
TOML
|
|
# cargo-vet audits file
|
|
|
|
[criteria.crypto-reviewed]
|
|
description = "The cryptographic code in this crate has been reviewed for correctness by a member of a designated set of cryptography experts within the project."
|
|
|
|
[criteria.license-reviewed]
|
|
description = "The license of this crate has been reviewed for compatibility with its usage in this repository. If the crate is not available under the MIT license, `contrib/debian/copyright` has been updated with a corresponding copyright notice for files under `depends/*/vendored-sources/CRATE_NAME`."
|
|
|
|
[[audits.addr2line]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.17.0 -> 0.19.0"
|
|
notes = "Only change to unsafe code is to reduce the scope of some unsafe blocks."
|
|
|
|
[[audits.aead]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.3 -> 0.5.1"
|
|
notes = "Adds an AeadCore::generate_nonce function to generate random nonces, given a CryptoRng."
|
|
|
|
[[audits.anyhow]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.56 -> 1.0.61"
|
|
notes = "Update does not introduce new code. Minor build script changes look fine."
|
|
|
|
[[audits.anyhow]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.61 -> 1.0.65"
|
|
notes = "Build script changes just alter what it is probing for; no difference in side effects."
|
|
|
|
[[audits.anyhow]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.68 -> 1.0.69"
|
|
|
|
[[audits.anyhow]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.69 -> 1.0.70"
|
|
|
|
[[audits.arrayref]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.6 -> 0.3.7"
|
|
|
|
[[audits.bellman]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.13.0 -> 0.13.1"
|
|
notes = "Adds multi-threaded batch validation, which I checked against the existing single-threaded batch validation."
|
|
|
|
[[audits.bellman]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.13.1 -> 0.14.0"
|
|
|
|
[[audits.blake2b_simd]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.0 -> 1.0.1"
|
|
notes = "Switches to `constant_time_eq 0.2.4`, which bumps its MSRV to 1.59."
|
|
|
|
[[audits.blake2s_simd]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.0 -> 1.0.1"
|
|
notes = "Switches to `constant_time_eq 0.2.4`, which bumps its MSRV to 1.59."
|
|
|
|
[[audits.block-buffer]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.10.3 -> 0.10.4"
|
|
notes = "Adds panics to prevent a block size of zero from causing unsoundness."
|
|
|
|
[[audits.bls12_381]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.0 -> 0.7.1"
|
|
|
|
[[audits.bls12_381]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.1 -> 0.8.0"
|
|
notes = "I previously reviewed the crypto-sensitive portions of these changes as well."
|
|
|
|
[[audits.bumpalo]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.11.1 -> 3.12.0"
|
|
notes = "Changes to `unsafe` code are to replace `mem::forget` uses with `ManuallyDrop`."
|
|
|
|
[[audits.byte-slice-cast]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.2.1 -> 1.2.2"
|
|
|
|
[[audits.bytes]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.3.0 -> 1.4.0"
|
|
notes = """
|
|
Adds a `mem::forget` as part of avoiding `Vec::into_boxed_slice` when it would reallocate.
|
|
I checked that the required semantics of `mem::forget` are maintained, but it seems like
|
|
`ManuallyDrop` should also work here and be compatible with their MSRV.
|
|
"""
|
|
|
|
[[audits.chacha20]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.8.1 -> 0.8.2"
|
|
notes = "Unpins zeroize."
|
|
|
|
[[audits.chacha20]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.2 -> 0.9.0"
|
|
|
|
[[audits.chacha20poly1305]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.9.0 -> 0.9.1"
|
|
notes = "Unpins zeroize."
|
|
|
|
[[audits.chacha20poly1305]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.1 -> 0.10.1"
|
|
notes = "This mainly adapts to API changes between aead 0.4 and aead 0.5."
|
|
|
|
[[audits.cipher]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.0 -> 0.4.3"
|
|
notes = "Significant rework of (mainly RustCrypto-internal) APIs."
|
|
|
|
[[audits.cipher]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = ["safe-to-deploy", "crypto-reviewed"]
|
|
delta = "0.4.3 -> 0.4.4"
|
|
notes = "Adds panics to prevent a block size of zero from causing unsoundness."
|
|
|
|
[[audits.clearscreen]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.9 -> 1.0.10"
|
|
notes = "Bumps nix and removes some of its default features."
|
|
|
|
[[audits.clearscreen]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.10 -> 1.0.11"
|
|
|
|
[[audits.clearscreen]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.11 -> 2.0.0"
|
|
|
|
[[audits.constant_time_eq]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = ["safe-to-deploy", "crypto-reviewed"]
|
|
delta = "0.2.4 -> 0.2.5"
|
|
notes = "No code changes."
|
|
|
|
[[audits.cpufeatures]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.2 -> 0.2.5"
|
|
notes = "Unsafe changes just introduce `#[inline(never)]` wrappers."
|
|
|
|
[[audits.cpufeatures]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.5 -> 0.2.6"
|
|
|
|
[[audits.crossbeam-channel]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.5.6 -> 0.5.7"
|
|
notes = "Fixes wrapping overflows for large timeouts."
|
|
|
|
[[audits.crossbeam-deque]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.2 -> 0.8.3"
|
|
notes = "No new code."
|
|
|
|
[[audits.crossbeam-epoch]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.13 -> 0.9.14"
|
|
notes = "Bumps memoffset to 0.8, and marks some BPF and Sony Vita targets as not having atomics."
|
|
|
|
[[audits.crossbeam-utils]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.14 -> 0.8.15"
|
|
notes = """
|
|
- Fixes a wrapping overflow for large timeouts.
|
|
- Marks some BPF and Sony Vita targets as not having atomics.
|
|
"""
|
|
|
|
[[audits.crypto-common]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.1.3 -> 0.1.6"
|
|
notes = "New trait and type alias look fine."
|
|
|
|
[[audits.cxx]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.68 -> 1.0.72"
|
|
|
|
[[audits.cxx]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.72 -> 1.0.76"
|
|
notes = "Impls Unpin for SharedPtr and UniquePtr. The rationale makes sense."
|
|
|
|
[[audits.cxx]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.76 -> 1.0.78"
|
|
|
|
[[audits.cxx]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.78 -> 1.0.79"
|
|
notes = """
|
|
This release changes the result of the `cxxbridge` `exception` call to return
|
|
a struct containing both the pointer to an error message and its length,
|
|
instead of just the raw `*const u8`.
|
|
"""
|
|
|
|
[[audits.cxx]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.79 -> 1.0.83"
|
|
|
|
[[audits.cxx]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.83 -> 1.0.91"
|
|
notes = """
|
|
- Buildscript change is only to bump MSRV.
|
|
- Only change to C++ side is to fix a memory leak.
|
|
"""
|
|
|
|
[[audits.cxx]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.91 -> 1.0.92"
|
|
|
|
[[audits.cxxbridge-flags]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.68 -> 1.0.72"
|
|
|
|
[[audits.cxxbridge-flags]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.72 -> 1.0.76"
|
|
|
|
[[audits.cxxbridge-flags]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.76 -> 1.0.78"
|
|
|
|
[[audits.cxxbridge-flags]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.78 -> 1.0.79"
|
|
notes = "This is exclusively an update to the `cxxbridge` dependency version."
|
|
|
|
[[audits.cxxbridge-flags]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.79 -> 1.0.83"
|
|
|
|
[[audits.cxxbridge-flags]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.83 -> 1.0.91"
|
|
|
|
[[audits.cxxbridge-flags]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.91 -> 1.0.92"
|
|
|
|
[[audits.cxxbridge-macro]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.68 -> 1.0.72"
|
|
|
|
[[audits.cxxbridge-macro]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.72 -> 1.0.76"
|
|
|
|
[[audits.cxxbridge-macro]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.76 -> 1.0.78"
|
|
|
|
[[audits.cxxbridge-macro]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.78 -> 1.0.79"
|
|
|
|
[[audits.cxxbridge-macro]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.78 -> 1.0.79"
|
|
notes = "This is exclusively an update to the `cxxbridge` dependency version."
|
|
|
|
[[audits.cxxbridge-macro]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.79 -> 1.0.83"
|
|
|
|
[[audits.cxxbridge-macro]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.83 -> 1.0.91"
|
|
|
|
[[audits.cxxbridge-macro]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.91 -> 1.0.92"
|
|
|
|
[[audits.dirs]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "2.0.2 -> 4.0.0"
|
|
notes = "Some paths change across this upgrade (AFAICT they were bugfixes)."
|
|
|
|
[[audits.ed25519-zebra]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.0.0 -> 3.1.0"
|
|
|
|
[[audits.either]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.8.0 -> 1.8.1"
|
|
|
|
[[audits.equihash]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.equihash]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.0 -> 0.2.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.f4jumble]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
version = "0.1.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.ff]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.12.0 -> 0.12.1"
|
|
|
|
[[audits.ff]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.12.1 -> 0.13.0"
|
|
|
|
[[audits.futures-channel]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.25 -> 0.3.26"
|
|
notes = "Atomics usage in `Stream::size_hint` impls looks fine."
|
|
|
|
[[audits.futures-channel]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.26 -> 0.3.27"
|
|
|
|
[[audits.futures-core]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.25 -> 0.3.26"
|
|
notes = "Adds optional dependency on `portable-atomic 1` that can be enabled to replace `core::sync::atomic`."
|
|
|
|
[[audits.futures-core]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.26 -> 0.3.27"
|
|
|
|
[[audits.futures-task]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.25 -> 0.3.26"
|
|
|
|
[[audits.futures-task]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.26 -> 0.3.27"
|
|
|
|
[[audits.futures-util]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.25 -> 0.3.26"
|
|
notes = """
|
|
Changes to `unsafe` usage are to split `Either::project` into `Either::as_pin_ref` and
|
|
`Either::as_pin_mut`. The new code follows the old code's pattern, and also now has SAFETY
|
|
documentation.
|
|
"""
|
|
|
|
[[audits.generic-array]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.14.6 -> 0.14.7"
|
|
|
|
[[audits.getrandom]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.6 -> 0.2.7"
|
|
notes = """
|
|
Checked that getrandom::wasi::getrandom_inner matches wasi::random_get.
|
|
Checked that getrandom::util_libc::Weak lock ordering matches std::sys::unix::weak::DlsymWeak.
|
|
"""
|
|
|
|
[[audits.gimli]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.27.0 -> 0.27.2"
|
|
|
|
[[audits.group]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.12.0 -> 0.12.1"
|
|
|
|
[[audits.group]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.12.1 -> 0.13.0"
|
|
|
|
[[audits.halo2_gadgets]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
version = "0.1.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.halo2_gadgets]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.1.0 -> 0.2.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.halo2_legacy_pdqsort]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.halo2_proofs]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
version = "0.1.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.halo2_proofs]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.1.0 -> 0.2.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.http]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.8 -> 0.2.9"
|
|
|
|
[[audits.hyper]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.14.23 -> 0.14.24"
|
|
notes = """
|
|
Fixes a bug where memory was reserved based on an adversary-controllable size, before the
|
|
corresponding data was received.
|
|
"""
|
|
|
|
[[audits.incrementalmerkletree]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.0 -> 0.3.1"
|
|
notes = "Fixes bug in calculating altitudes from tree positions on 32-bit platforms."
|
|
|
|
[[audits.indexmap]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.8.1 -> 1.9.1"
|
|
notes = "I'm satisfied that the assertion guarding the new unsafe block is correct."
|
|
|
|
[[audits.indexmap]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.9.2 -> 1.9.3"
|
|
|
|
[[audits.inout]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.3"
|
|
notes = "Reviewed in full."
|
|
|
|
[[audits.ipnet]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "2.5.0 -> 2.7.1"
|
|
|
|
[[audits.ipnet]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "2.7.1 -> 2.7.2"
|
|
|
|
[[audits.itoa]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.1 -> 1.0.3"
|
|
notes = "Update makes no changes to code."
|
|
|
|
[[audits.itoa]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.5 -> 1.0.6"
|
|
|
|
[[audits.js-sys]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.60 -> 0.3.61"
|
|
notes = """
|
|
- Adds `i64` variants of existing `Atomics` methods, which I checked them against.
|
|
- Adds `Array.length` setter and `Intl.RelativeTimeFormat`; I checked these against their
|
|
MDN documentation.
|
|
"""
|
|
|
|
[[audits.jubjub]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.0 -> 0.10.0"
|
|
notes = "I previously reviewed the crypto-sensitive portions of these changes as well."
|
|
|
|
[[audits.libm]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.2 -> 0.2.5"
|
|
|
|
[[audits.libm]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.5 -> 0.2.6"
|
|
|
|
[[audits.link-cplusplus]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.6 -> 1.0.7"
|
|
|
|
[[audits.link-cplusplus]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.7 -> 1.0.8"
|
|
|
|
[[audits.lock_api]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.7 -> 0.4.9"
|
|
notes = "The unsafe changes fix soundness bugs. The unsafe additions in the new ArcMutexGuard::into_arc method seem fine, but it should probably have used ManuallyDrop instead of mem::forget."
|
|
|
|
[[audits.log]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.16 -> 0.4.17"
|
|
notes = "I confirmed that the unsafe transmutes are fine; NonZeroU128 and NonZeroI128 are `#[repr(transparent)]` wrappers around u128 and i128 respectively."
|
|
|
|
[[audits.maybe-rayon]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.1"
|
|
|
|
[[audits.memuse]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.0 -> 0.2.1"
|
|
notes = "Exposes an existing macro. Note that I am the author of the crate."
|
|
|
|
[[audits.metrics]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.19.0 -> 0.20.1"
|
|
|
|
[[audits.metrics-exporter-prometheus]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.10.0 -> 0.11.0"
|
|
|
|
[[audits.metrics-macros]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.5.1 -> 0.6.0"
|
|
|
|
[[audits.metrics-util]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.13.0 -> 0.14.0"
|
|
|
|
[[audits.mio]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.2 -> 0.8.4"
|
|
notes = """
|
|
Migrates from winapi to windows-sys. The changes to API usage look reasonable
|
|
based on what I've seen in other uses of the windows-sys crate. Unsafe code
|
|
falls into two categories:
|
|
- Usage of `mem::zeroed()`, which doesn't look obviously wrong. The
|
|
`..unsafe { mem::zeroed() }` in `sys::unix::selector::kqueue` looks weird
|
|
but AFAICT is saying \"take any unspecified fields from an instance of this
|
|
struct that has been zero-initialized\", which is fine for integer fields. It
|
|
would be nice if there was documentation to this effect (explaining why this
|
|
is done instead of `..Default::default()`).
|
|
- Calls to Windows API methods. These are either pre-existing (and altered for
|
|
the differences in the crate abstractions), or newly added in logic that
|
|
appears to be copied from miow 0.3.6 (I scanned this by eye and didn't see
|
|
any noteworthy changes other than handling windows-sys API differences).
|
|
"""
|
|
|
|
[[audits.mio]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.4 -> 0.8.5"
|
|
notes = "The only unsafe changes are in epoll_create1 failure cases. Usage of epoll_create and fcntl looks fine; it is vulnerable to a race condition in multithreaded programs that fork child processes, but epoll_create1 is how you avoid this problem. See the discussion of the O_CLOEXEC flag in the open(2) man page for details."
|
|
|
|
[[audits.mio]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.5 -> 0.8.6"
|
|
notes = """
|
|
New `unsafe` usages:
|
|
- `NonZeroU8::new_unchecked`: I verified the constant is non-zero.
|
|
- Additional `syscall!(close(socket))` calls before returning errors.
|
|
"""
|
|
|
|
[[audits.nix]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.26.1 -> 0.26.2"
|
|
notes = "Fixes `SockaddrIn6` endianness bug."
|
|
|
|
[[audits.num-integer]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.44 -> 0.1.45"
|
|
notes = "Fixes some argument-handling panic bugs."
|
|
|
|
[[audits.num_cpus]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.14.0 -> 1.15.0"
|
|
|
|
[[audits.object]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.30.1 -> 0.30.2"
|
|
|
|
[[audits.object]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.30.2 -> 0.30.3"
|
|
|
|
[[audits.once_cell]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.17.0 -> 1.17.1"
|
|
notes = """
|
|
Small refactor that reduces the overall amount of `unsafe` code. The new strict provenance
|
|
approach looks reasonable.
|
|
"""
|
|
|
|
[[audits.orchard]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
version = "0.1.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.orchard]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.1.0 -> 0.2.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.orchard]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.0 -> 0.3.0"
|
|
|
|
[[audits.pairing]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.22.0 -> 0.23.0"
|
|
|
|
[[audits.parity-scale-codec]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.2.1 -> 3.4.0"
|
|
notes = "No new code, just refactoring to remove the `full` feature flag."
|
|
|
|
[[audits.parity-scale-codec-derive]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.1.3 -> 3.1.4"
|
|
notes = """
|
|
- Bumps `syn` minimum version.
|
|
- Fixes `max_encoded_len()` to pay attention to `#[codec(skip)]` attribute.
|
|
"""
|
|
|
|
[[audits.parking_lot]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.11.2 -> 0.12.1"
|
|
notes = "Most `unsafe {}` changes were to reduce the scope of the unsafe blocks. I didn't closely review the migration to the asm! macro but it looks reasonable."
|
|
|
|
[[audits.parking_lot_core]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.5 -> 0.9.3"
|
|
|
|
[[audits.parking_lot_core]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.5 -> 0.9.6"
|
|
|
|
[[audits.parking_lot_core]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.6 -> 0.9.7"
|
|
|
|
[[audits.pasta_curves]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.0 -> 0.4.1"
|
|
|
|
[[audits.pasta_curves]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.1 -> 0.5.1"
|
|
|
|
[[audits.phf]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.0 -> 0.11.1"
|
|
notes = """
|
|
Mostly modernisation, migrating to `PhfBorrow`, and making more things `&'static`.
|
|
No unsafe code in the new `OrderedMap` and `OrderedSet` types.
|
|
"""
|
|
|
|
[[audits.phf_codegen]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.0 -> 0.11.1"
|
|
notes = "New codegen and changes to existing codegen look fine."
|
|
|
|
[[audits.phf_generator]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.0 -> 0.11.1"
|
|
notes = "Just dependency and edition bumps and code formatting."
|
|
|
|
[[audits.phf_shared]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.0 -> 0.11.1"
|
|
notes = """
|
|
Adds `uncased` dependency, and newly generates unsafe code to transmute `&'static str`
|
|
into `&'static UncasedStr`. I verified that `UncasedStr` is a `#[repr(transparent)]`
|
|
newtype around `str`.
|
|
"""
|
|
|
|
[[audits.poly1305]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.2 -> 0.8.0"
|
|
notes = "Changes to unsafe (avx2) code look reasonable."
|
|
|
|
[[audits.proc-macro-crate]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.2.1 -> 1.3.0"
|
|
notes = "Migrates from `toml` to `toml_edit`."
|
|
|
|
[[audits.proc-macro-crate]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.3.0 -> 1.3.1"
|
|
notes = "Bumps MSRV to 1.60."
|
|
|
|
[[audits.proc-macro2]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.37 -> 1.0.41"
|
|
|
|
[[audits.proc-macro2]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.49 -> 1.0.51"
|
|
|
|
[[audits.proc-macro2]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.51 -> 1.0.52"
|
|
|
|
[[audits.quanta]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.3 -> 0.10.1"
|
|
|
|
[[audits.quote]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.23 -> 1.0.26"
|
|
|
|
[[audits.raw-cpuid]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "10.6.0 -> 10.6.1"
|
|
|
|
[[audits.raw-cpuid]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "10.6.1 -> 10.7.0"
|
|
notes = """
|
|
Appears to be a move-only change in display code to expose an internal API.
|
|
I did not verify that the change was move-only, but there is no unsafe code affected.
|
|
"""
|
|
|
|
[[audits.reddsa]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.0 -> 0.5.0"
|
|
|
|
[[audits.regex]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.7.0 -> 1.7.1"
|
|
|
|
[[audits.regex]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.7.1 -> 1.7.3"
|
|
|
|
[[audits.regex-syntax]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.6.28 -> 0.6.29"
|
|
|
|
[[audits.rustc-demangle]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.21 -> 0.1.22"
|
|
|
|
[[audits.ryu]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.12 -> 1.0.13"
|
|
|
|
[[audits.serde]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.136 -> 1.0.143"
|
|
notes = "Bumps serde-derive and adds some constructors."
|
|
|
|
[[audits.serde]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.143 -> 1.0.145"
|
|
|
|
[[audits.serde]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.155 -> 1.0.156"
|
|
|
|
[[audits.serde_derive]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.136 -> 1.0.143"
|
|
notes = "Bumps syn, inverts some build flags."
|
|
|
|
[[audits.serde_derive]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.143 -> 1.0.145"
|
|
|
|
[[audits.serde_derive]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.155 -> 1.0.156"
|
|
|
|
[[audits.sketches-ddsketch]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.3 -> 0.2.0"
|
|
notes = "I did not review the refactor, but there are no unsafe blocks and I didn't see any obvious changes that could result in panics."
|
|
|
|
[[audits.syn]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.91 -> 1.0.98"
|
|
|
|
[[audits.syn]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.102 -> 1.0.104"
|
|
|
|
[[audits.syn]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.102 -> 1.0.107"
|
|
|
|
[[audits.syn]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.107 -> 1.0.109"
|
|
notes = "Fixes string literal parsing to only skip specified whitespace characters."
|
|
|
|
[[audits.terminfo]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.3 -> 0.7.5"
|
|
notes = "Just dependency and edition updates."
|
|
|
|
[[audits.thiserror]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.30 -> 1.0.32"
|
|
notes = "Bumps thiserror-impl, no code changes."
|
|
|
|
[[audits.thiserror]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.32 -> 1.0.37"
|
|
notes = "The new build script invokes rustc to determine whether it supports the Provider API. The only side-effect is it overwrites `$OUT_DIR/probe.rs`, which is fine because it is unique to the thiserror package."
|
|
|
|
[[audits.thiserror-impl]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.30 -> 1.0.32"
|
|
notes = "Only change is to refine an error message."
|
|
|
|
[[audits.thiserror-impl]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.32 -> 1.0.37"
|
|
notes = "Proc macro changes migrating to the Provider API look fine."
|
|
|
|
[[audits.thread_local]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.1.4 -> 1.1.7"
|
|
notes = """
|
|
New `unsafe` usage:
|
|
- An extra `deallocate_bucket`, to replace a `Mutex::lock` with a `compare_exchange`.
|
|
- Setting and getting a `#[thread_local] static mut Option<Thread>` on nightly.
|
|
"""
|
|
|
|
[[audits.time-macros]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.4 -> 0.2.6"
|
|
|
|
[[audits.time-macros]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.7 -> 0.2.8"
|
|
notes = """
|
|
- Only new `unsafe` code takes a `NonZeroU16` at proc-macro evaluation time and hard-codes
|
|
its contents into a `NonZeroU16::new_unchecked` constructor, which is safe.
|
|
- Bumps MSRV to 1.63.
|
|
"""
|
|
|
|
[[audits.tinyvec_macros]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.0 -> 0.1.1"
|
|
notes = "Adds `#![forbid(unsafe_code)]` and license files."
|
|
|
|
[[audits.toml_datetime]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.5.1"
|
|
notes = "Crate has `#![forbid(unsafe_code)]`, no `unwrap / expect / panic`, no ambient capabilities."
|
|
|
|
[[audits.toml_datetime]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.5.1 -> 0.6.1"
|
|
notes = "Fixes a bug in parsing negative minutes in datetime string offsets."
|
|
|
|
[[audits.toml_edit]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.19.7 -> 0.19.8"
|
|
|
|
[[audits.try-lock]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.3 -> 0.2.4"
|
|
notes = "Fixes unsoundness."
|
|
|
|
[[audits.uint]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.4 -> 0.9.5"
|
|
|
|
[[audits.unicode-ident]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.2"
|
|
|
|
[[audits.unicode-ident]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.0.6 -> 1.0.8"
|
|
|
|
[[audits.universal-hash]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.4.1 -> 0.5.0"
|
|
notes = "I checked correctness of to_blocks which uses unsafe code in a safe function."
|
|
|
|
[[audits.wasm-bindgen-shared]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.83 -> 0.2.84"
|
|
notes = "Bumps the schema version to add `linked_modules`."
|
|
|
|
[[audits.which]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "4.3.0 -> 4.4.0"
|
|
notes = "New APIs are remixes of existing code."
|
|
|
|
[[audits.windows-targets]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.1 -> 0.42.2"
|
|
|
|
[[audits.windows_aarch64_gnullvm]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = """
|
|
This is a Windows API bindings library maintained by Microsoft themselves.
|
|
Changes are to a bundled binary library; it looks like these were accidentally left out of 0.42.0.
|
|
"""
|
|
|
|
[[audits.windows_aarch64_gnullvm]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.1 -> 0.42.2"
|
|
notes = "This is an opaque Windows API bindings library maintained by Microsoft."
|
|
|
|
[[audits.windows_aarch64_msvc]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-run"
|
|
version = "0.36.1"
|
|
notes = """
|
|
Adds a binary blob to the library search path, that contains a subset of
|
|
the Windows SDK to avoid a direct dependency on the latter. See
|
|
https://github.com/microsoft/windows-rs/pull/1217 for context. I did not
|
|
audit the binary blob, but the build script looks fine.
|
|
"""
|
|
|
|
[[audits.windows_aarch64_msvc]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = """
|
|
This is a Windows API bindings library maintained by Microsoft themselves.
|
|
Changes are to a bundled binary library; it looks like these were accidentally left out of 0.42.0.
|
|
"""
|
|
|
|
[[audits.windows_aarch64_msvc]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.1 -> 0.42.2"
|
|
notes = "This is an opaque Windows API bindings library maintained by Microsoft."
|
|
|
|
[[audits.windows_i686_gnu]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-run"
|
|
version = "0.36.1"
|
|
notes = """
|
|
Adds a binary blob to the library search path, that contains a subset of
|
|
the Windows SDK to avoid a direct dependency on the latter. See
|
|
https://github.com/microsoft/windows-rs/pull/1217 for context. I did not
|
|
audit the binary blob, but the build script looks fine.
|
|
"""
|
|
|
|
[[audits.windows_i686_gnu]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = """
|
|
This is a Windows API bindings library maintained by Microsoft themselves.
|
|
Changes are to a bundled binary library; it looks like these were accidentally left out of 0.42.0.
|
|
"""
|
|
|
|
[[audits.windows_i686_gnu]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.1 -> 0.42.2"
|
|
notes = "This is an opaque Windows API bindings library maintained by Microsoft."
|
|
|
|
[[audits.windows_i686_msvc]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-run"
|
|
version = "0.36.1"
|
|
notes = """
|
|
Adds a binary blob to the library search path, that contains a subset of
|
|
the Windows SDK to avoid a direct dependency on the latter. See
|
|
https://github.com/microsoft/windows-rs/pull/1217 for context. I did not
|
|
audit the binary blob, but the build script looks fine.
|
|
"""
|
|
|
|
[[audits.windows_i686_msvc]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = """
|
|
This is a Windows API bindings library maintained by Microsoft themselves.
|
|
Changes are to a bundled binary library; it looks like these were accidentally left out of 0.42.0.
|
|
"""
|
|
|
|
[[audits.windows_i686_msvc]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.1 -> 0.42.2"
|
|
notes = "This is an opaque Windows API bindings library maintained by Microsoft."
|
|
|
|
[[audits.windows_x86_64_gnu]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-run"
|
|
version = "0.36.1"
|
|
notes = """
|
|
Adds a binary blob to the library search path, that contains a subset of
|
|
the Windows SDK to avoid a direct dependency on the latter. See
|
|
https://github.com/microsoft/windows-rs/pull/1217 for context. I did not
|
|
audit the binary blob, but the build script looks fine.
|
|
"""
|
|
|
|
[[audits.windows_x86_64_gnu]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = """
|
|
This is a Windows API bindings library maintained by Microsoft themselves.
|
|
Changes are to a bundled binary library; it looks like these were accidentally left out of 0.42.0.
|
|
"""
|
|
|
|
[[audits.windows_x86_64_gnu]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.1 -> 0.42.2"
|
|
notes = "This is an opaque Windows API bindings library maintained by Microsoft."
|
|
|
|
[[audits.windows_x86_64_gnullvm]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = """
|
|
This is a Windows API bindings library maintained by Microsoft themselves.
|
|
Changes are to a bundled binary library; it looks like these were accidentally left out of 0.42.0.
|
|
"""
|
|
|
|
[[audits.windows_x86_64_gnullvm]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.1 -> 0.42.2"
|
|
notes = "This is an opaque Windows API bindings library maintained by Microsoft."
|
|
|
|
[[audits.windows_x86_64_msvc]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-run"
|
|
version = "0.36.1"
|
|
notes = """
|
|
Adds a binary blob to the library search path, that contains a subset of
|
|
the Windows SDK to avoid a direct dependency on the latter. See
|
|
https://github.com/microsoft/windows-rs/pull/1217 for context. I did not
|
|
audit the binary blob, but the build script looks fine.
|
|
"""
|
|
|
|
[[audits.windows_x86_64_msvc]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.0 -> 0.42.1"
|
|
notes = """
|
|
This is a Windows API bindings library maintained by Microsoft themselves.
|
|
Changes are to a bundled binary library; it looks like these were accidentally left out of 0.42.0.
|
|
"""
|
|
|
|
[[audits.windows_x86_64_msvc]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.42.1 -> 0.42.2"
|
|
notes = "This is an opaque Windows API bindings library maintained by Microsoft."
|
|
|
|
[[audits.wyz]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.5.0 -> 0.5.1"
|
|
notes = "Only change to unsafe code is to extract a drop impl into a method. I note however that most of the changes in the published 0.5.1 are not present in the v0.5.1 tag on the GitHub repository."
|
|
|
|
[[audits.zcash_address]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_address]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.0 -> 0.2.0"
|
|
|
|
[[audits.zcash_encoding]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_encoding]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.0 -> 0.2.0"
|
|
|
|
[[audits.zcash_history]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_note_encryption]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
version = "0.1.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_note_encryption]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.1.0 -> 0.2.0"
|
|
|
|
[[audits.zcash_primitives]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
version = "0.6.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_primitives]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.6.0 -> 0.7.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_primitives]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.0 -> 0.8.1"
|
|
|
|
[[audits.zcash_primitives]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.1 -> 0.9.1"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_primitives]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = ["safe-to-deploy", "crypto-reviewed"]
|
|
delta = "0.9.1 -> 0.10.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_primitives]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = ["safe-to-deploy", "crypto-reviewed"]
|
|
delta = "0.10.0 -> 0.10.1"
|
|
notes = """
|
|
The ECC core team maintains this crate, and we have reviewed every line.
|
|
This point release temporarily re-exposes some constructors.
|
|
"""
|
|
|
|
[[audits.zcash_primitives]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = ["safe-to-deploy", "crypto-reviewed"]
|
|
delta = "0.10.1 -> 0.10.2"
|
|
notes = """
|
|
The ECC core team maintains this crate, and we have reviewed every line.
|
|
This point release temporarily re-exposes a constructor.
|
|
"""
|
|
|
|
[[audits.zcash_proofs]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
version = "0.6.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_proofs]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.6.0 -> 0.7.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_proofs]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
|
delta = "0.7.0 -> 0.7.1"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zcash_proofs]]
|
|
who = "Kris Nuttycombe <kris@nutty.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.1 -> 0.8.0"
|
|
|
|
[[audits.zcash_proofs]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.0 -> 0.9.0"
|
|
|
|
[[audits.zcash_proofs]]
|
|
who = "Jack Grigg <jack@electriccoin.co>"
|
|
criteria = ["safe-to-deploy", "crypto-reviewed"]
|
|
delta = "0.9.0 -> 0.10.0"
|
|
notes = "The ECC core team maintains this crate, and we have reviewed every line."
|
|
|
|
[[audits.zeroize]]
|
|
who = "Daira Hopwood <daira@jacaranda.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.4.3 -> 1.5.7"
|
|
notes = "The zeroize_c_string unit test has UB, but that's very unlikely to cause a problem in practice."
|
|
|
|
[[audits.zeroize]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.5.7 -> 1.6.0"
|
|
|
|
[[audits.zeroize_derive]]
|
|
who = "Jack Grigg <jack@z.cash>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.3.2 -> 1.3.3"
|
|
notes = "Removes `T: Drop` bound from `impl<T: Zeroize> Drop for SomeType<T>`. I agree it was unnecessary."
|
|
|
|
[[audits.zeroize_derive]]
|
|
who = "Sean Bowe <ewillbefull@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.3.3 -> 1.4.1"
|