zec
/
librustzcash
mirror of https://github.com/zcash/librustzcash.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Import Rust crate audits from Google

This commit is contained in:
Jack Grigg 2024-04-23 00:00:52 +00:00
parent 6bbd002f59
commit 12334b3a18
2 changed files with 343 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
supply-chain/config.toml
View File

@ -4,6 +4,9 @@
[cargo-vet]
version = "0.9"
[imports.google]
url = "https://raw.githubusercontent.com/google/supply-chain/main/audits.toml"
[imports.mozilla]
url = "https://raw.githubusercontent.com/mozilla/supply-chain/main/audits.toml"
@ -97,22 +100,10 @@ criteria = "safe-to-deploy"
version = "1.5.0"
criteria = "safe-to-deploy"
[[exemptions.async-stream]]
version = "0.3.5"
criteria = "safe-to-deploy"
[[exemptions.async-stream-impl]]
version = "0.3.5"
criteria = "safe-to-deploy"
[[exemptions.async-trait]]
version = "0.1.78"
criteria = "safe-to-deploy"
[[exemptions.atty]]
version = "0.2.14"
criteria = "safe-to-run"
[[exemptions.axum]]
version = "0.6.20"
criteria = "safe-to-deploy"
@ -205,10 +196,6 @@ criteria = "safe-to-deploy"
version = "1.0.83"
criteria = "safe-to-deploy"
[[exemptions.cfg-if]]
version = "1.0.0"
criteria = "safe-to-deploy"
[[exemptions.chacha20]]
version = "0.9.1"
criteria = "safe-to-deploy"
@ -237,10 +224,6 @@ criteria = "safe-to-deploy"
version = "3.2.25"
criteria = "safe-to-run"
[[exemptions.clap_lex]]
version = "0.2.4"
criteria = "safe-to-run"
[[exemptions.constant_time_eq]]
version = "0.2.6"
criteria = "safe-to-deploy"
@ -293,10 +276,6 @@ criteria = "safe-to-deploy"
version = "0.10.7"
criteria = "safe-to-deploy"
[[exemptions.equivalent]]
version = "1.0.1"
criteria = "safe-to-deploy"
[[exemptions.errno]]
version = "0.3.6"
criteria = "safe-to-deploy"
@ -309,10 +288,6 @@ criteria = "safe-to-deploy"
version = "0.1.9"
criteria = "safe-to-deploy"
[[exemptions.fastrand]]
version = "2.0.1"
criteria = "safe-to-deploy"
[[exemptions.ff]]
version = "0.13.0"
criteria = "safe-to-deploy"
@ -401,10 +376,6 @@ criteria = "safe-to-deploy"
version = "0.4.1"
criteria = "safe-to-deploy"
[[exemptions.heck]]
version = "0.4.1"
criteria = "safe-to-deploy"
[[exemptions.hermit-abi]]
version = "0.1.19"
criteria = "safe-to-run"
@ -433,10 +404,6 @@ criteria = "safe-to-deploy"
version = "1.8.0"
criteria = "safe-to-deploy"
[[exemptions.httpdate]]
version = "1.0.3"
criteria = "safe-to-deploy"
[[exemptions.hyper]]
version = "0.14.27"
criteria = "safe-to-deploy"
@ -457,14 +424,6 @@ criteria = "safe-to-deploy"
version = "0.11.17"
criteria = "safe-to-run"
[[exemptions.is-terminal]]
version = "0.4.9"
criteria = "safe-to-run"
[[exemptions.itertools]]
version = "0.10.5"
criteria = "safe-to-run"
[[exemptions.itertools]]
version = "0.11.0"
criteria = "safe-to-deploy"
@ -545,14 +504,6 @@ criteria = "safe-to-deploy"
version = "0.8.3"
criteria = "safe-to-deploy"
[[exemptions.nix]]
version = "0.26.4"
criteria = "safe-to-run"
[[exemptions.nom]]
version = "7.1.3"
criteria = "safe-to-deploy"
[[exemptions.nonempty]]
version = "0.7.0"
criteria = "safe-to-deploy"
@ -597,10 +548,6 @@ criteria = "safe-to-run"
version = "0.23.0"
criteria = "safe-to-deploy"
[[exemptions.parking_lot]]
version = "0.12.1"
criteria = "safe-to-run"
[[exemptions.parking_lot_core]]
version = "0.9.9"
criteria = "safe-to-run"
@ -633,10 +580,6 @@ criteria = "safe-to-deploy"
version = "1.1.3"
criteria = "safe-to-deploy"
[[exemptions.pin-project-lite]]
version = "0.2.13"
criteria = "safe-to-deploy"
[[exemptions.pin-utils]]
version = "0.1.0"
criteria = "safe-to-deploy"
@ -677,10 +620,6 @@ criteria = "safe-to-deploy"
version = "0.12.2"
criteria = "safe-to-deploy"
[[exemptions.proc-macro2]]
version = "1.0.79"
criteria = "safe-to-deploy"
[[exemptions.proptest]]
version = "1.3.1"
criteria = "safe-to-deploy"
@ -709,10 +648,6 @@ criteria = "safe-to-deploy"
version = "0.26.0"
criteria = "safe-to-run"
[[exemptions.quote]]
version = "1.0.35"
criteria = "safe-to-deploy"
[[exemptions.radium]]
version = "0.7.0"
criteria = "safe-to-deploy"
@ -801,10 +736,6 @@ criteria = "safe-to-deploy"
version = "1.0.15"
criteria = "safe-to-run"
[[exemptions.same-file]]
version = "1.0.6"
criteria = "safe-to-run"
[[exemptions.schemer]]
version = "0.2.1"
criteria = "safe-to-deploy"
@ -841,10 +772,6 @@ criteria = "safe-to-deploy"
version = "1.0.192"
criteria = "safe-to-deploy"
[[exemptions.serde_json]]
version = "1.0.108"
criteria = "safe-to-run"
[[exemptions.sha2]]
version = "0.10.8"
criteria = "safe-to-deploy"
@ -873,14 +800,6 @@ criteria = "safe-to-deploy"
version = "0.9.8"
criteria = "safe-to-deploy"
[[exemptions.stable_deref_trait]]
version = "1.2.0"
criteria = "safe-to-run"
[[exemptions.static_assertions]]
version = "1.1.0"
criteria = "safe-to-deploy"
[[exemptions.str_stack]]
version = "0.1.0"
criteria = "safe-to-run"
@ -897,10 +816,6 @@ criteria = "safe-to-run"
version = "10.2.1"
criteria = "safe-to-run"
[[exemptions.syn]]
version = "1.0.109"
criteria = "safe-to-run"
[[exemptions.syn]]
version = "2.0.53"
criteria = "safe-to-deploy"
@ -933,14 +848,6 @@ criteria = "safe-to-deploy"
version = "1.2.1"
criteria = "safe-to-run"
[[exemptions.tinyvec]]
version = "1.6.0"
criteria = "safe-to-deploy"
[[exemptions.tinyvec_macros]]
version = "0.1.1"
criteria = "safe-to-deploy"
[[exemptions.tokio]]
version = "1.35.1"
criteria = "safe-to-deploy"
@ -949,10 +856,6 @@ criteria = "safe-to-deploy"
version = "1.2.0"
criteria = "safe-to-deploy"
[[exemptions.tokio-stream]]
version = "0.1.14"
criteria = "safe-to-deploy"
[[exemptions.tokio-util]]
version = "0.7.10"
criteria = "safe-to-deploy"
@ -1005,10 +908,6 @@ criteria = "safe-to-deploy"
version = "0.1.4"
criteria = "safe-to-deploy"
[[exemptions.unicode-ident]]
version = "1.0.12"
criteria = "safe-to-deploy"
[[exemptions.universal-hash]]
version = "0.5.1"
criteria = "safe-to-deploy"
@ -1029,10 +928,6 @@ criteria = "safe-to-deploy"
version = "0.2.15"
criteria = "safe-to-deploy"
[[exemptions.version_check]]
version = "0.9.4"
criteria = "safe-to-deploy"
[[exemptions.wait-timeout]]
version = "0.2.0"
criteria = "safe-to-deploy"
@ -1089,10 +984,6 @@ criteria = "safe-to-deploy"
version = "0.4.0"
criteria = "safe-to-deploy"
[[exemptions.winapi-util]]
version = "0.1.6"
criteria = "safe-to-run"
[[exemptions.winapi-x86_64-pc-windows-gnu]]
version = "0.4.0"
criteria = "safe-to-deploy"

340
supply-chain/imports.lock
View File

@ -218,6 +218,313 @@ user-id = 169181
user-login = "nuttycom"
user-name = "Kris Nuttycombe"
[[audits.google.audits.async-stream]]
who = "Tyler Mandry <tmandry@google.com>"
criteria = "safe-to-deploy"
version = "0.3.4"
notes = "Reviewed on https://fxrev.dev/761470"
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.async-stream]]
who = "David Koloski <dkoloski@google.com>"
criteria = "safe-to-deploy"
delta = "0.3.4 -> 0.3.5"
notes = "Reviewed on https://fxrev.dev/906795"
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.async-stream-impl]]
who = "Tyler Mandry <tmandry@google.com>"
criteria = "safe-to-deploy"
version = "0.3.4"
notes = "Reviewed on https://fxrev.dev/761470"
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.async-stream-impl]]
who = "David Koloski <dkoloski@google.com>"
criteria = "safe-to-deploy"
delta = "0.3.4 -> 0.3.5"
notes = "Reviewed on https://fxrev.dev/906795"
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.atty]]
who = "Android Legacy"
criteria = "safe-to-run"
version = "0.2.14"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.cfg-if]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "1.0.0"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.clap_lex]]
who = "ChromeOS"
criteria = "safe-to-run"
version = "0.2.4"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.equivalent]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "1.0.1"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.fastrand]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "1.9.0"
notes = """
`does-not-implement-crypto` is certified because this crate explicitly says
that the RNG here is not cryptographically secure.
"""
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.heck]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "0.4.1"
notes = """
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'``
and there were no hits.
`heck` (version `0.3.3`) has been added to Chromium in
https://source.chromium.org/chromium/chromium/src/+/28841c33c77833cc30b286f9ae24c97e7a8f4057
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.httpdate]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "1.0.3"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.is-terminal]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
version = "0.4.2"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.is-terminal]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
delta = "0.4.2 -> 0.4.9"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.itertools]]
who = "ChromeOS"
criteria = "safe-to-run"
version = "0.10.5"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.nix]]
who = "David Koloski <dkoloski@google.com>"
criteria = "safe-to-run"
version = "0.26.2"
notes = """
Reviewed on https://fxrev.dev/780283
Issues:
- https://github.com/nix-rust/nix/issues/1975
- https://github.com/nix-rust/nix/issues/1977
- https://github.com/nix-rust/nix/pull/1978
- https://github.com/nix-rust/nix/pull/1979
- https://github.com/nix-rust/nix/issues/1980
- https://github.com/nix-rust/nix/issues/1981
- https://github.com/nix-rust/nix/pull/1983
- https://github.com/nix-rust/nix/issues/1990
- https://github.com/nix-rust/nix/pull/1992
- https://github.com/nix-rust/nix/pull/1993
"""
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.nom]]
who = "danakj@chromium.org"
criteria = "safe-to-deploy"
version = "7.1.3"
notes = """
Reviewed in https://chromium-review.googlesource.com/c/chromium/src/+/5046153
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.parking_lot]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
version = "0.11.2"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.parking_lot]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
delta = "0.11.2 -> 0.12.1"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.pin-project-lite]]
who = "David Koloski <dkoloski@google.com>"
criteria = "safe-to-deploy"
version = "0.2.9"
notes = "Reviewed on https://fxrev.dev/824504"
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.pin-project-lite]]
who = "David Koloski <dkoloski@google.com>"
criteria = "safe-to-deploy"
delta = "0.2.9 -> 0.2.13"
notes = "Audited at https://fxrev.dev/946396"
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.proc-macro2]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.78"
notes = """
Grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits
(except for a benign \"fs\" hit in a doc comment)
Notes from the `unsafe` review can be found in https://crrev.com/c/5385745.
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.proc-macro2]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.78 -> 1.0.79"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.quote]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.35"
notes = """
Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits
(except for benign \"net\" hit in tests and \"fs\" hit in README.md)
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.same-file]]
who = "Android Legacy"
criteria = "safe-to-run"
version = "1.0.6"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.serde_json]]
who = "danakj@chromium.org"
criteria = "safe-to-run"
version = "1.0.108"
notes = """
Reviewed in https://crrev.com/c/5171063
Previously reviewed during security review and the audit is grandparented in.
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.stable_deref_trait]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
version = "1.2.0"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.static_assertions]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = """
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`
and there were no hits except for one `unsafe`.
The lambda where `unsafe` is used is never invoked (e.g. the `unsafe` code
never runs) and is only introduced for some compile-time checks. Additional
unsafe review comments can be found in https://crrev.com/c/5353376.
This crate has been added to Chromium in https://crrev.com/c/3736562. The CL
description contains a link to a document with an additional security review.
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.syn]]
who = "danakj@chromium.org"
criteria = "safe-to-run"
version = "1.0.109"
notes = """
Reviewed in https://crrev.com/c/5171063
Previously reviewed during security review and the audit is grandparented in.
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.tinyvec]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.6.0"
notes = """
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'``
and there were no hits except for some \"unsafe\" appearing in comments:
```
src/arrayvec.rs: // Note: This shouldn't use A::CAPACITY, because unsafe code can't rely on
src/lib.rs://! All of this is done with no `unsafe` code within the crate. Technically the
src/lib.rs://! `Vec` type from the standard library uses `unsafe` internally, but *this
src/lib.rs://! crate* introduces no new `unsafe` code into your project.
src/array.rs:/// Just a reminder: this trait is 100% safe, which means that `unsafe` code
```
This crate has been added to Chromium in
https://source.chromium.org/chromium/chromium/src/+/24773c33e1b7a1b5069b9399fd034375995f290b
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.tinyvec_macros]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.tokio-stream]]
who = "David Koloski <dkoloski@google.com>"
criteria = "safe-to-deploy"
version = "0.1.11"
notes = "Reviewed on https://fxrev.dev/804724"
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.tokio-stream]]
who = "David Koloski <dkoloski@google.com>"
criteria = "safe-to-deploy"
delta = "0.1.11 -> 0.1.14"
notes = "Reviewed on https://fxrev.dev/907732."
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.unicode-ident]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.12"
notes = '''
I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits.
All two functions from the public API of this crate use `unsafe` to avoid bound
checks for an array access. Cross-module analysis shows that the offsets can
be statically proven to be within array bounds. More details can be found in
the unsafe review CL at https://crrev.com/c/5350386.
This crate has been added to Chromium in https://crrev.com/c/3891618.
'''
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.version_check]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "0.9.4"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.winapi-util]]
who = "danakj@chromium.org"
criteria = "safe-to-run"
version = "0.1.6"
notes = """
Reviewed in https://crrev.com/c/5171063
Previously reviewed during security review and the audit is grandparented in.
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.mozilla.wildcard-audits.unicode-normalization]]
who = "Manish Goregaokar <manishsmail@gmail.com>"
criteria = "safe-to-deploy"
@ -295,6 +602,12 @@ criteria = "safe-to-deploy"
delta = "1.8.0 -> 1.8.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.fastrand]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.9.0 -> 2.0.0"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.fnv]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
@ -433,6 +746,12 @@ criteria = "safe-to-deploy"
delta = "1.8.1 -> 1.9.0"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.fastrand]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "2.0.0 -> 2.0.1"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.inout]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
@ -469,6 +788,20 @@ criteria = "safe-to-deploy"
version = "0.1.1"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.nix]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.26.2 -> 0.26.4"
notes = """
Most of the `unsafe` changes are cleaning up their usage:
- Replacing `data.len() * std::mem::size_of::<$ty>()` with `std::mem::size_of_val(data)`.
- Removing some `mem::transmute`s.
- Using `*mut` instead of `*const` to convey intended semantics.
A new unsafe trait method `SockaddrLike::set_length` is added; it's impls look fine.
"""
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.rand_xorshift]]
who = "Sean Bowe <ewillbefull@gmail.com>"
criteria = "safe-to-deploy"
@ -499,6 +832,13 @@ criteria = "safe-to-deploy"
delta = "0.7.5 -> 0.8.2"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.tinyvec_macros]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.1.0 -> 0.1.1"
notes = "Adds `#![forbid(unsafe_code)]` and license files."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.wagyu-zcash-parameters]]
who = "Sean Bowe <ewillbefull@gmail.com>"
criteria = "safe-to-deploy"