# cargo-vet imports lock [[unpublished.tower-batch-control]] version = "0.2.41-beta.16" audited_as = "0.2.41-beta.15" [[unpublished.tower-fallback]] version = "0.2.41-beta.16" audited_as = "0.2.41-beta.15" [[unpublished.zebra-chain]] version = "1.0.0-beta.40" audited_as = "1.0.0-beta.39" [[unpublished.zebra-consensus]] version = "1.0.0-beta.40" audited_as = "1.0.0-beta.39" [[unpublished.zebra-grpc]] version = "0.1.0-alpha.7" audited_as = "0.1.0-alpha.6" [[unpublished.zebra-network]] version = "1.0.0-beta.40" audited_as = "1.0.0-beta.39" [[unpublished.zebra-node-services]] version = "1.0.0-beta.40" audited_as = "1.0.0-beta.39" [[unpublished.zebra-rpc]] version = "1.0.0-beta.40" audited_as = "1.0.0-beta.39" [[unpublished.zebra-scan]] version = "0.1.0-alpha.9" audited_as = "0.1.0-alpha.7" [[unpublished.zebra-script]] version = "1.0.0-beta.40" audited_as = "1.0.0-beta.39" [[unpublished.zebra-state]] version = "1.0.0-beta.40" audited_as = "1.0.0-beta.39" [[unpublished.zebra-utils]] version = "1.0.0-beta.40" audited_as = "1.0.0-beta.39" [[unpublished.zebrad]] version = "2.0.0-rc.0" audited_as = "1.9.0" [[publisher.cexpr]] version = "0.6.0" when = "2021-10-11" user-id = 3788 user-login = "emilio" user-name = "Emilio Cobos Álvarez" [[publisher.clap]] version = "4.5.20" when = "2024-10-08" user-id = 6743 user-login = "epage" user-name = "Ed Page" [[publisher.clap_builder]] version = "4.5.20" when = "2024-10-08" user-id = 6743 user-login = "epage" user-name = "Ed Page" [[publisher.clap_derive]] version = "4.5.18" when = "2024-09-20" user-id = 6743 user-login = "epage" user-name = "Ed Page" [[publisher.core-foundation]] version = "0.9.3" when = "2022-02-07" user-id = 5946 user-login = "jrmuizel" user-name = "Jeff Muizelaar" [[publisher.encoding_rs]] version = "0.8.34" when = "2024-04-10" user-id = 4484 user-login = "hsivonen" user-name = "Henri Sivonen" [[publisher.serde_json]] version = "1.0.132" when = "2024-10-19" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" [[publisher.syn]] version = "1.0.109" when = "2023-02-24" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" [[publisher.syn]] version = "2.0.82" when = "2024-10-20" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" [[publisher.tokio]] version = "1.41.0" when = "2024-10-22" user-id = 6741 user-login = "Darksonn" user-name = "Alice Ryhl" [[publisher.unicode-normalization]] version = "0.1.23" when = "2024-02-20" user-id = 1139 user-login = "Manishearth" user-name = "Manish Goregaokar" [[publisher.unicode-segmentation]] version = "1.11.0" when = "2024-02-07" user-id = 1139 user-login = "Manishearth" user-name = "Manish Goregaokar" [[audits.google.audits.adler]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.2" notes = ''' Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'` and there were no hits (except in comments and in the `README.md` file). Note that some additional, internal notes about an older version of this crate can be found at go/image-crate-chromium-security-review. ''' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.async-stream]] who = "Tyler Mandry " criteria = "safe-to-deploy" version = "0.3.4" notes = "Reviewed on https://fxrev.dev/761470" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.async-stream]] who = "David Koloski " criteria = "safe-to-deploy" delta = "0.3.4 -> 0.3.5" notes = "Reviewed on https://fxrev.dev/906795" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.async-stream-impl]] who = "Tyler Mandry " criteria = "safe-to-deploy" version = "0.3.4" notes = "Reviewed on https://fxrev.dev/761470" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.async-stream-impl]] who = "David Koloski " criteria = "safe-to-deploy" delta = "0.3.4 -> 0.3.5" notes = "Reviewed on https://fxrev.dev/906795" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.autocfg]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.1.0" notes = """ Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` and there were no hits except for reasonable, client-controlled usage of `std::fs` in `AutoCfg::with_dir`. This crate has been added to Chromium in https://source.chromium.org/chromium/chromium/src/+/591a0f30c5eac93b6a3d981c2714ffa4db28dbcb The CL description contains a link to a Google-internal document with audit details. """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.autocfg]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.1.0 -> 1.2.0" notes = ''' Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` and nothing changed from the baseline audit of 1.1.0. Skimmed through the 1.1.0 => 1.2.0 delta and everything seemed okay. ''' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.base64]] who = "Adam Langley " criteria = "safe-to-deploy" version = "0.13.1" notes = "Skimmed the uses of `std` to ensure that nothing untoward is happening. Code uses `forbid(unsafe_code)` and, indeed, there are no uses of `unsafe`" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.bitflags]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.3.2" notes = """ Security review of earlier versions of the crate can be found at (Google-internal, sorry): go/image-crate-chromium-security-review The crate exposes a function marked as `unsafe`, but doesn't use any `unsafe` blocks (except for tests of the single `unsafe` function). I think this justifies marking this crate as `ub-risk-1`. Additional review comments can be found at https://crrev.com/c/4723145/31 """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.bitflags]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "2.4.2" notes = """ Audit notes: * I've checked for any discussion in Google-internal cl/546819168 (where audit of version 2.3.3 happened) * `src/lib.rs` contains `#![cfg_attr(not(test), forbid(unsafe_code))]` * There are 2 cases of `unsafe` in `src/external.rs` but they seem to be correct in a straightforward way - they just propagate the marker trait's impl (e.g. `impl bytemuck::Pod`) from the inner to the outer type * Additional discussion and/or notes may be found in https://crrev.com/c/5238056 """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.bitflags]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "2.4.2 -> 2.5.0" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.bitflags]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "2.5.0 -> 2.6.0" notes = "The changes from the previous version are negligible and thus it retains the same properties." aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.bytemuck]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.16.3" notes = """ Review notes from the original audit (of 1.14.3) may be found in https://crrev.com/c/5362675. Note that this audit has initially missed UB risk that was fixed in 1.16.2 - see https://github.com/Lokathor/bytemuck/pull/258. Because of this, the original audit has been edited to certify version `1.16.3` instead (see also https://crrev.com/c/5771867). """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.byteorder]] who = "danakj " criteria = "safe-to-deploy" version = "1.5.0" notes = "Unsafe review in https://crrev.com/c/5838022" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.cast]] who = "George Burgess IV " criteria = "safe-to-run" version = "0.3.0" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.cfg-if]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "1.0.0" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.crc32fast]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.4.2" notes = """ Security review of earlier versions of the crate can be found at (Google-internal, sorry): go/image-crate-chromium-security-review Audit comments for 1.4.2 can be found at https://crrev.com/c/4723145. """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.equivalent]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "1.0.1" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.fastrand]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "1.9.0" notes = """ `does-not-implement-crypto` is certified because this crate explicitly says that the RNG here is not cryptographically secure. """ aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.flate2]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.30" notes = ''' WARNING: This certification is a result of a **partial** audit. The `any_zlib` code has **not** been audited. Ability to track partial audits is tracked in https://github.com/mozilla/cargo-vet/issues/380 Chromium does use the `any_zlib` feature(s). Accidentally depending on this feature in the future is prevented using the `ban_features` feature of `gnrt` - see: https://crrev.com/c/4723145/31/third_party/rust/chromium_crates_io/gnrt_config.toml Security review of earlier versions of the crate can be found at (Google-internal, sorry): go/image-crate-chromium-security-review I grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`. All `unsafe` in `flate2` is gated behind `#[cfg(feature = "any_zlib")]`: * The code under `src/ffi/...` will not be used because the `mod c` declaration in `src/ffi/mod.rs` depends on the `any_zlib` config * 7 uses of `unsafe` in `src/mem.rs` also all depend on the `any_zlib` config: - 2 in `fn set_dictionary` (under `impl Compress`) - 2 in `fn set_level` (under `impl Compress`) - 3 in `fn set_dictionary` (under `impl Decompress`) All hits of `'\bfs\b'` are in comments, or example code, or test code (but not in product code). There were no hits of `-i cipher`, `-i crypto`, `'\bnet\b'`. ''' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.futures]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "0.3.28" notes = """ `futures` has no logic other than tests - it simply `pub use`s things from other crates. """ aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.glob]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "0.3.1" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.httpdate]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "1.0.3" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.itertools]] who = "ChromeOS" criteria = "safe-to-run" version = "0.10.5" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.itoa]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.10" notes = ''' I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits. There are a few places where `unsafe` is used. Unsafe review notes can be found in https://crrev.com/c/5350697. Version 1.0.1 of this crate has been added to Chromium in https://crrev.com/c/3321896. ''' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.itoa]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.10 -> 1.0.11" notes = """ Straightforward diff between 1.0.10 and 1.0.11 - only 3 commits: * Bumping up the version * A touch up of comments * And my own PR to make `unsafe` blocks more granular: https://github.com/dtolnay/itoa/pull/42 """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.lazy_static]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.4.0" notes = ''' I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits. There are two places where `unsafe` is used. Unsafe review notes can be found in https://crrev.com/c/5347418. This crate has been added to Chromium in https://crrev.com/c/3321895. ''' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.lazy_static]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.4.0 -> 1.5.0" notes = "Unsafe review notes: https://crrev.com/c/5650836" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.miniz_oxide]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "0.7.4" notes = ''' Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'` and there were no hits, except for some mentions of "unsafe" in the `README.md` and in a comment in `src/deflate/core.rs`. The comment discusses whether a function should be treated as unsafe, but there is no actual `unsafe` code, so the crate meets the `ub-risk-0` criteria. Note that some additional, internal notes about an older version of this crate can be found at go/image-crate-chromium-security-review. ''' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.nom]] who = "danakj@chromium.org" criteria = "safe-to-deploy" version = "7.1.3" notes = """ Reviewed in https://chromium-review.googlesource.com/c/chromium/src/+/5046153 """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.number_prefix]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "0.4.0" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.pin-project-lite]] who = "David Koloski " criteria = "safe-to-deploy" version = "0.2.9" notes = "Reviewed on https://fxrev.dev/824504" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.pin-project-lite]] who = "David Koloski " criteria = "safe-to-deploy" delta = "0.2.9 -> 0.2.13" notes = "Audited at https://fxrev.dev/946396" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.proc-macro-error-attr]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "1.0.4" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.proc-macro2]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.78" notes = """ Grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits (except for a benign \"fs\" hit in a doc comment) Notes from the `unsafe` review can be found in https://crrev.com/c/5385745. """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.proc-macro2]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "1.0.78 -> 1.0.79" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.proc-macro2]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "1.0.79 -> 1.0.80" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.proc-macro2]] who = "Dustin J. Mitchell " criteria = "safe-to-deploy" delta = "1.0.80 -> 1.0.81" notes = "Comment changes only" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.proc-macro2]] who = "danakj " criteria = "safe-to-deploy" delta = "1.0.81 -> 1.0.82" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.proc-macro2]] who = "Dustin J. Mitchell " criteria = "safe-to-deploy" delta = "1.0.82 -> 1.0.83" notes = "Substantive change is replacing String with Box, saving memory." aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.proc-macro2]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.83 -> 1.0.84" notes = "Only doc comment changes in `src/lib.rs`." aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.proc-macro2]] who = "danakj@chromium.org" criteria = "safe-to-deploy" delta = "1.0.84 -> 1.0.85" notes = "Test-only changes." aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.proc-macro2]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.85 -> 1.0.86" notes = """ Comment-only changes in `build.rs`. Reordering of `Cargo.toml` entries. Just bumping up the version number in `lib.rs`. Config-related changes in `test_size.rs`. """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.quote]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.35" notes = """ Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits (except for benign \"net\" hit in tests and \"fs\" hit in README.md) """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.quote]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "1.0.35 -> 1.0.36" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.quote]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.36 -> 1.0.37" notes = """ The delta just 1) inlines/expands `impl ToTokens` that used to be handled via `primitive!` macro and 2) adds `impl ToTokens` for `CStr` and `CString`. """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.rustversion]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.14" notes = """ Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` and there were no hits except for: * Using trivially-safe `unsafe` in test code: ``` tests/test_const.rs:unsafe fn _unsafe() {} tests/test_const.rs:const _UNSAFE: () = unsafe { _unsafe() }; ``` * Using `unsafe` in a string: ``` src/constfn.rs: \"unsafe\" => Qualifiers::Unsafe, ``` * Using `std::fs` in `build/build.rs` to write `${OUT_DIR}/version.expr` which is later read back via `include!` used in `src/lib.rs`. Version `1.0.6` of this crate has been added to Chromium in https://source.chromium.org/chromium/chromium/src/+/28841c33c77833cc30b286f9ae24c97e7a8f4057 """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.rustversion]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "1.0.14 -> 1.0.15" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.rustversion]] who = "danakj " criteria = "safe-to-deploy" delta = "1.0.15 -> 1.0.16" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.rustversion]] who = "Dustin J. Mitchell " criteria = "safe-to-deploy" delta = "1.0.16 -> 1.0.17" notes = "Just updates windows compat" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.same-file]] who = "Android Legacy" criteria = "safe-to-run" version = "1.0.6" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.serde]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.197" notes = """ Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`. There were some hits for `net`, but they were related to serialization and not actually opening any connections or anything like that. There were 2 hits of `unsafe` when grepping: * In `fn as_str` in `impl Buf` * In `fn serialize` in `impl Serialize for net::Ipv4Addr` Unsafe review comments can be found in https://crrev.com/c/5350573/2 (this review also covered `serde_json_lenient`). Version 1.0.130 of the crate has been added to Chromium in https://crrev.com/c/3265545. The CL description contains a link to a (Google-internal, sorry) document with a mini security review. """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde]] who = "Dustin J. Mitchell " criteria = "safe-to-deploy" delta = "1.0.197 -> 1.0.198" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde]] who = "danakj " criteria = "safe-to-deploy" delta = "1.0.198 -> 1.0.201" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde]] who = "Dustin J. Mitchell " criteria = "safe-to-deploy" delta = "1.0.201 -> 1.0.202" notes = "Trivial changes" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.202 -> 1.0.203" notes = "s/doc_cfg/docsrs/ + tuple_impls/tuple_impl_body-related changes" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "1.0.203 -> 1.0.204" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.204 -> 1.0.207" notes = "The small change in `src/private/ser.rs` should have no impact on `ub-risk-2`." aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.207 -> 1.0.209" notes = """ The delta carries fairly small changes in `src/private/de.rs` and `src/private/ser.rs` (see https://crrev.com/c/5812194/2..5). AFAICT the delta has no impact on the `unsafe`, `from_utf8_unchecked`-related parts of the crate (in `src/de/format.rs` and `src/ser/impls.rs`). """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "1.0.209 -> 1.0.210" notes = "Almost no new code - just feature rearrangement" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.197" notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] who = "danakj " criteria = "safe-to-deploy" delta = "1.0.197 -> 1.0.201" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] who = "Dustin J. Mitchell " criteria = "safe-to-deploy" delta = "1.0.201 -> 1.0.202" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.202 -> 1.0.203" notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "1.0.203 -> 1.0.204" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.204 -> 1.0.207" notes = 'Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.207 -> 1.0.209" notes = ''' There are no code changes in this delta - see https://crrev.com/c/5812194/2..5 I've neverthless also grepped for `-i cipher`, `-i crypto`, `\bfs\b`, `\bnet\b`, and `\bunsafe\b`. There were no hits. ''' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "1.0.209 -> 1.0.210" notes = "Almost no new code - just feature rearrangement" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.static_assertions]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.1.0" notes = """ Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'` and there were no hits except for one `unsafe`. The lambda where `unsafe` is used is never invoked (e.g. the `unsafe` code never runs) and is only introduced for some compile-time checks. Additional unsafe review comments can be found in https://crrev.com/c/5353376. This crate has been added to Chromium in https://crrev.com/c/3736562. The CL description contains a link to a document with an additional security review. """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.strsim]] who = "danakj@chromium.org" criteria = "safe-to-deploy" version = "0.10.0" notes = """ Reviewed in https://crrev.com/c/5171063 Previously reviewed during security review and the audit is grandparented in. """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.tinytemplate]] who = "Ying Hsu " criteria = "safe-to-run" version = "1.2.1" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.tinyvec]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.6.0" notes = """ Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` and there were no hits except for some \"unsafe\" appearing in comments: ``` src/arrayvec.rs: // Note: This shouldn't use A::CAPACITY, because unsafe code can't rely on src/lib.rs://! All of this is done with no `unsafe` code within the crate. Technically the src/lib.rs://! `Vec` type from the standard library uses `unsafe` internally, but *this src/lib.rs://! crate* introduces no new `unsafe` code into your project. src/array.rs:/// Just a reminder: this trait is 100% safe, which means that `unsafe` code ``` This crate has been added to Chromium in https://source.chromium.org/chromium/chromium/src/+/24773c33e1b7a1b5069b9399fd034375995f290b """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.tinyvec]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "1.6.0 -> 1.6.1" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.tinyvec]] who = "Adrian Taylor " criteria = "safe-to-deploy" delta = "1.6.1 -> 1.7.0" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.tinyvec]] who = "Dustin J. Mitchell " criteria = "safe-to-deploy" delta = "1.7.0 -> 1.8.0" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.tinyvec_macros]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "0.1.0" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.tokio-stream]] who = "David Koloski " criteria = "safe-to-deploy" version = "0.1.11" notes = "Reviewed on https://fxrev.dev/804724" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.tokio-stream]] who = "David Koloski " criteria = "safe-to-deploy" delta = "0.1.11 -> 0.1.14" notes = "Reviewed on https://fxrev.dev/907732." aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.unicode-ident]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.12" notes = ''' I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits. All two functions from the public API of this crate use `unsafe` to avoid bound checks for an array access. Cross-module analysis shows that the offsets can be statically proven to be within array bounds. More details can be found in the unsafe review CL at https://crrev.com/c/5350386. This crate has been added to Chromium in https://crrev.com/c/3891618. ''' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.unicode-xid]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "0.2.4" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.version_check]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "0.9.4" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.google.audits.void]] who = "George Burgess IV " criteria = "safe-to-deploy" version = "1.0.2" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" [[audits.mozilla.wildcard-audits.cexpr]] who = "Emilio Cobos Álvarez " criteria = "safe-to-deploy" user-id = 3788 # Emilio Cobos Álvarez (emilio) start = "2021-06-21" end = "2024-04-21" notes = "No unsafe code, rather straight-forward parser." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.wildcard-audits.core-foundation]] who = "Bobby Holley " criteria = "safe-to-deploy" user-id = 5946 # Jeff Muizelaar (jrmuizel) start = "2019-03-29" end = "2023-05-04" renew = false notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.wildcard-audits.encoding_rs]] who = "Henri Sivonen " criteria = "safe-to-deploy" user-id = 4484 # Henri Sivonen (hsivonen) start = "2019-02-26" end = "2024-08-28" notes = "I, Henri Sivonen, wrote encoding_rs for Gecko and have reviewed contributions by others. There are two caveats to the certification: 1) The crate does things that are documented to be UB but that do not appear to actually be UB due to integer types differing from the general rule; https://github.com/hsivonen/encoding_rs/issues/79 . 2) It would be prudent to re-review the code that reinterprets buffers of integers as SIMD vectors; see https://github.com/hsivonen/encoding_rs/issues/87 ." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.wildcard-audits.unicode-normalization]] who = "Manish Goregaokar " criteria = "safe-to-deploy" user-id = 1139 # Manish Goregaokar (Manishearth) start = "2019-11-06" end = "2024-05-03" notes = "All code written or reviewed by Manish" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.wildcard-audits.unicode-segmentation]] who = "Manish Goregaokar " criteria = "safe-to-deploy" user-id = 1139 # Manish Goregaokar (Manishearth) start = "2019-05-15" end = "2024-05-03" notes = "All code written or reviewed by Manish" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.allocator-api2]] who = "Nicolas Silva " criteria = "safe-to-deploy" version = "0.2.18" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.android_system_properties]] who = "Nicolas Silva " criteria = "safe-to-deploy" version = "0.1.2" notes = "I wrote this crate, reviewed by jimb. It is mostly a Rust port of some C++ code we already ship." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.android_system_properties]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.1.2 -> 0.1.4" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.android_system_properties]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.1.4 -> 0.1.5" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bindgen]] who = "Emilio Cobos Álvarez " criteria = "safe-to-deploy" version = "0.59.2" notes = "I'm the primary author and maintainer of the crate." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bindgen]] who = "Emilio Cobos Álvarez " criteria = "safe-to-deploy" delta = "0.59.2 -> 0.63.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bindgen]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.63.0 -> 0.64.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bindgen]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.64.0 -> 0.66.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bindgen]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.66.1 -> 0.68.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bindgen]] who = "Andreas Pehrson " criteria = "safe-to-deploy" delta = "0.68.1 -> 0.69.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bindgen]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.69.1 -> 0.69.2" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bindgen]] who = "Emilio Cobos Álvarez " criteria = "safe-to-deploy" delta = "0.69.2 -> 0.69.4" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bit-set]] who = "Aria Beingessner " criteria = "safe-to-deploy" version = "0.5.2" notes = "Another crate I own via contain-rs that is ancient and maintenance mode, no known issues." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bit-set]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.5.2 -> 0.5.3" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.bit-vec]] who = "Aria Beingessner " criteria = "safe-to-deploy" version = "0.6.3" notes = "Another crate I own via contain-rs that is ancient and in maintenance mode but otherwise perfectly fine." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.cfg_aliases]] who = "Alex Franchuk " criteria = "safe-to-deploy" delta = "0.1.1 -> 0.2.1" notes = "Very minor changes." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.core-foundation]] who = "Teodor Tanasoaia " criteria = "safe-to-deploy" delta = "0.9.3 -> 0.9.4" notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.debugid]] who = "Gabriele Svelto " criteria = "safe-to-deploy" version = "0.8.0" notes = "This crates was written by Sentry and I've fully audited it as Firefox crash reporting machinery relies on it." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.deranged]] who = "Alex Franchuk " criteria = "safe-to-deploy" version = "0.3.11" notes = """ This crate contains a decent bit of `unsafe` code, however all internal unsafety is verified with copious assertions (many are compile-time), and otherwise the unsafety is documented and left to the caller to verify. """ aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.document-features]] who = "Erich Gubler " criteria = "safe-to-deploy" version = "0.2.8" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.fastrand]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "1.9.0 -> 2.0.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.fastrand]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "2.0.1 -> 2.1.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.fnv]] who = "Bobby Holley " criteria = "safe-to-deploy" version = "1.0.7" notes = "Simple hasher implementation with no unsafe code." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.form_urlencoded]] who = "Valentin Gosu " criteria = "safe-to-deploy" version = "1.2.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.form_urlencoded]] who = "Valentin Gosu " criteria = "safe-to-deploy" delta = "1.2.0 -> 1.2.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.hashbrown]] who = "Mike Hommey " criteria = "safe-to-deploy" version = "0.12.3" notes = "This version is used in rust's libstd, so effectively we're already trusting it" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.hex]] who = "Simon Friedberger " criteria = "safe-to-deploy" version = "0.4.3" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.linked-hash-map]] who = "Aria Beingessner " criteria = "safe-to-deploy" version = "0.5.4" notes = "I own this crate (I am contain-rs) and 0.5.4 passes miri. This code is very old and used by lots of people, so I'm pretty confident in it, even though it's in maintenance-mode and missing some nice-to-have APIs." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.linked-hash-map]] who = "Alex Franchuk " criteria = "safe-to-deploy" delta = "0.5.4 -> 0.5.6" notes = "New unsafe code has debug assertions and meets invariants. All other changes are formatting-related." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.litrs]] who = "Erich Gubler " criteria = "safe-to-deploy" version = "0.4.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.log]] who = "Mike Hommey " criteria = "safe-to-deploy" version = "0.4.17" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.log]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" delta = "0.4.17 -> 0.4.18" notes = "One dependency removed, others updated (which we don't rely on), some APIs (which we don't use) changed." aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" [[audits.mozilla.audits.log]] who = "Kagami Sascha Rosylight " criteria = "safe-to-deploy" delta = "0.4.18 -> 0.4.20" notes = "Only cfg attribute and internal macro changes and module refactorings" aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" [[audits.mozilla.audits.nix]] who = "Gabriele Svelto " criteria = "safe-to-deploy" delta = "0.15.0 -> 0.25.0" notes = "Plenty of new bindings but also several important bug fixes (including buffer overflows). New unsafe sections are restricted to wrappers and are no more dangerous than calling the C functions." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.nix]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.25.0 -> 0.25.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.nix]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.25.1 -> 0.26.2" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.nix]] who = "Gabriele Svelto " criteria = "safe-to-deploy" delta = "0.26.2 -> 0.27.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.nix]] who = "Alex Franchuk " criteria = "safe-to-deploy" delta = "0.27.1 -> 0.28.0" notes = """ Many new features and bugfixes. Obviously there's a lot of unsafe code calling libc, but the usage looks correct. """ aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.nix]] who = "Alex Franchuk " criteria = "safe-to-deploy" delta = "0.28.0 -> 0.29.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.num-conv]] who = "Alex Franchuk " criteria = "safe-to-deploy" version = "0.1.0" notes = """ Very straightforward, simple crate. No dependencies, unsafe, extern, side-effectful std functions, etc. """ aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.powerfmt]] who = "Alex Franchuk " criteria = "safe-to-deploy" version = "0.2.0" notes = """ A tiny bit of unsafe code to implement functionality that isn't in stable rust yet, but it's all valid. Otherwise it's a pretty simple crate. """ aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.rustc-hash]] who = "Bobby Holley " criteria = "safe-to-deploy" version = "1.1.0" notes = "Straightforward crate with no unsafe code, does what it says on the tin." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.strsim]] who = "Ben Dean-Kawamura " criteria = "safe-to-deploy" delta = "0.10.0 -> 0.11.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.synstructure]] who = "Nika Layzell " criteria = "safe-to-deploy" version = "0.12.6" notes = """ I am the primary author of the `synstructure` crate, and its current maintainer. The one use of `unsafe` is unnecessary, but documented and harmless. It will be removed in the next version. """ aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.time-core]] who = "Kershaw Chang " criteria = "safe-to-deploy" version = "0.1.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.time-core]] who = "Kershaw Chang " criteria = "safe-to-deploy" delta = "0.1.0 -> 0.1.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.time-core]] who = "Alex Franchuk " criteria = "safe-to-deploy" delta = "0.1.1 -> 0.1.2" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.time-macros]] who = "Kershaw Chang " criteria = "safe-to-deploy" version = "0.2.6" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.time-macros]] who = "Kershaw Chang " criteria = "safe-to-deploy" delta = "0.2.6 -> 0.2.10" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.time-macros]] who = "Alex Franchuk " criteria = "safe-to-deploy" delta = "0.2.10 -> 0.2.18" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.tracing-core]] who = "Alex Franchuk " criteria = "safe-to-deploy" version = "0.1.30" notes = """ Most unsafe code is in implementing non-std sync primitives. Unsafe impls are logically correct and justified in comments, and unsafe code is sound and justified in comments. """ aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.zerocopy]] who = "Alex Franchuk " criteria = "safe-to-deploy" version = "0.7.32" notes = """ This crate is `no_std` so doesn't use any side-effectful std functions. It contains quite a lot of `unsafe` code, however. I verified portions of this. It also has a large, thorough test suite. The project claims to run tests with Miri to have stronger soundness checks, and also claims to use formal verification tools to prove correctness. """ aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.zerocopy-derive]] who = "Alex Franchuk " criteria = "safe-to-deploy" version = "0.7.32" notes = "Clean, safe macros for zerocopy." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.zcash.audits.autocfg]] who = "Daira-Emma Hopwood " criteria = "safe-to-deploy" delta = "1.2.0 -> 1.3.0" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.bip32]] who = "Jack Grigg " criteria = "safe-to-deploy" version = "0.5.1" notes = """ - Crate has no unsafe code, and sets `#![forbid(unsafe_code)]`. - Crate has no powerful imports. Only filesystem acces is via `include_str!`, and is safe. """ aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.bytes]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "1.7.1 -> 1.7.2" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.fastrand]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "2.0.0 -> 2.0.1" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.fastrand]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "2.1.0 -> 2.1.1" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.futures]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.3.28 -> 0.3.30" notes = "Only sub-crate updates and corresponding changes to tests." aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.h2]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.3.26 -> 0.4.5" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.hyper-timeout]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.4.1 -> 0.5.1" notes = "New uses of pin_project! look fine." aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.hyper-util]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.1.5 -> 0.1.6" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.inout]] who = "Daira Hopwood " criteria = "safe-to-deploy" version = "0.1.3" notes = "Reviewed in full." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.known-folders]] who = "Jack Grigg " criteria = "safe-to-deploy" version = "1.0.1" notes = """ Uses `unsafe` blocks to interact with `windows-sys` crate. - `SHGetKnownFolderPath` safety requirements are met. - `CoTaskMemFree` has no effect if passed `NULL`, so there is no issue if some future refactor created a pathway where `ffi::Guard` could be dropped before `SHGetKnownFolderPath` is called. - Small nit: `ffi::Guard::as_pwstr` takes `&self` but returns `PWSTR` which is the mutable type; it should instead return `PCWSTR` which is the const type (and what `lstrlenW` takes) instead of implicitly const-casting the pointer, as this would better reflect the intent to take an immutable reference. - The slice constructed from the `PWSTR` correctly goes out of scope before `guard` is dropped. - A code comment says that `path_ptr` is valid for `len` bytes, but `PCWSTR` is a `*const u16` and `lstrlenW` returns its length \"in characters\" (which the Windows documentation confirms means the number of `WCHAR` values). This is likely a typo; the code checks that `len * size_of::() <= isize::MAX`. """ aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.known-folders]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "1.0.1 -> 1.1.0" notes = "Addresses the notes from my previous review :)" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.log]] who = "Daira-Emma Hopwood " criteria = "safe-to-deploy" delta = "0.4.20 -> 0.4.21" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.maybe-rayon]] who = "Sean Bowe " criteria = "safe-to-deploy" version = "0.1.1" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.pin-project-lite]] who = "Daira-Emma Hopwood " criteria = "safe-to-deploy" delta = "0.2.13 -> 0.2.14" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.rand_xorshift]] who = "Sean Bowe " criteria = "safe-to-deploy" version = "0.3.0" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.redjubjub]] who = "Daira Emma Hopwood " criteria = "safe-to-deploy" version = "0.7.0" notes = """ This crate is a thin wrapper around the `reddsa` crate, which I did not review. I also did not review tests or verify test vectors. The comment on `batch::Verifier::verify` has an error in the batch verification equation, filed as https://github.com/ZcashFoundation/redjubjub/issues/163 . It does not affect the implementation which just delegates to `reddsa`. `reddsa` has the same comment bug filed as https://github.com/ZcashFoundation/reddsa/issues/52 , but its batch verification implementation is correct. (I checked the latter against https://zips.z.cash/protocol/protocol.pdf#reddsabatchvalidate which has had previous cryptographic review by NCC group; see finding NCC-Zcash2018-009 in https://research.nccgroup.com/wp-content/uploads/2020/07/NCC_Group_Zcash2018_Public_Report_2019-01-30_v1.3.pdf ). """ aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.rustc_version]] who = "Jack Grigg " criteria = "safe-to-deploy" version = "0.4.0" notes = """ Most of the crate is code to parse and validate the output of `rustc -vV`. The caller can choose which `rustc` to use, or can use `rustc_version::{version, version_meta}` which will try `$RUSTC` followed by `rustc`. If an adversary can arbitrarily set the `$RUSTC` environment variable then this crate will execute arbitrary code. But when this crate is used within a build script, `$RUSTC` should be set correctly by `cargo`. """ aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.secp256k1]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.26.0 -> 0.27.0" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.signature]] who = "Daira Emma Hopwood " criteria = "safe-to-deploy" version = "2.1.0" notes = """ This crate uses `#![forbid(unsafe_code)]`, has no build script, and only provides traits with some trivial default implementations. I did not review whether implementing these APIs would present any undocumented cryptographic hazards. """ aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.signature]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "2.1.0 -> 2.2.0" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.sync_wrapper]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.1.2 -> 1.0.1" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.thiserror]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "1.0.61 -> 1.0.63" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.thiserror-impl]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "1.0.61 -> 1.0.63" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.tinyvec_macros]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.1.0 -> 0.1.1" notes = "Adds `#![forbid(unsafe_code)]` and license files." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.tokio-stream]] who = "Daira-Emma Hopwood " criteria = "safe-to-deploy" delta = "0.1.14 -> 0.1.15" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.tonic]] who = "Daira-Emma Hopwood " criteria = "safe-to-deploy" delta = "0.10.2 -> 0.11.0" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.tonic]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.12.0 -> 0.12.1" notes = "Changes to generics bounds look fine" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.tonic-build]] who = "Daira-Emma Hopwood " criteria = "safe-to-deploy" delta = "0.10.2 -> 0.11.0" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.tonic-build]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.11.0 -> 0.12.0" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.tonic-build]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.12.0 -> 0.12.1" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.tracing-core]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.1.30 -> 0.1.31" notes = """ The only new `unsafe` block is to intentionally leak a scoped subscriber onto the heap when setting it as the global default dispatcher. I checked that the global default can only be set once and is never dropped. """ aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.tracing-core]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.1.31 -> 0.1.32" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.visibility]] who = "Kris Nuttycombe " criteria = "safe-to-deploy" version = "0.1.1" notes = """ - Crate has no unsafe code, and sets `#![forbid(unsafe_code)]`. - Crate has no powerful imports, and exclusively provides a proc macro that safely malleates a visibility modifier. """ aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.wagyu-zcash-parameters]] who = "Sean Bowe " criteria = "safe-to-deploy" version = "0.2.0" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.wagyu-zcash-parameters-1]] who = "Sean Bowe " criteria = "safe-to-deploy" version = "0.2.0" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.wagyu-zcash-parameters-2]] who = "Sean Bowe " criteria = "safe-to-deploy" version = "0.2.0" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.wagyu-zcash-parameters-3]] who = "Sean Bowe " criteria = "safe-to-deploy" version = "0.2.0" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.wagyu-zcash-parameters-4]] who = "Sean Bowe " criteria = "safe-to-deploy" version = "0.2.0" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.wagyu-zcash-parameters-5]] who = "Sean Bowe " criteria = "safe-to-deploy" version = "0.2.0" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.wagyu-zcash-parameters-6]] who = "Sean Bowe " criteria = "safe-to-deploy" version = "0.2.0" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.wasm-bindgen-macro-support]] who = "Daira-Emma Hopwood " criteria = "safe-to-deploy" version = "0.2.92" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.zcash_address]] who = "Kris Nuttycombe " criteria = "safe-to-deploy" delta = "0.3.2 -> 0.4.0" notes = "This release contains no unsafe code and consists soley of added convenience methods." aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.zcash_encoding]] who = "Kris Nuttycombe " criteria = "safe-to-deploy" delta = "0.2.0 -> 0.2.1" notes = "This release adds minor convenience methods and involves no unsafe code." aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.zcash_keys]] who = "Kris Nuttycombe " criteria = "safe-to-deploy" delta = "0.2.0 -> 0.3.0" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.zcash_primitives]] who = "Kris Nuttycombe " criteria = "safe-to-deploy" delta = "0.15.1 -> 0.16.0" notes = "The primary change here is the switch from the `hdwallet` dependency to using `bip32`." aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.zcash_proofs]] who = "Kris Nuttycombe " criteria = "safe-to-deploy" delta = "0.15.0 -> 0.16.0" notes = "This release involves only updates of previously-vetted dependencies." aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.zerocopy]] who = "Daira-Emma Hopwood " criteria = "safe-to-deploy" delta = "0.7.32 -> 0.7.34" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [[audits.zcash.audits.zerocopy-derive]] who = "Daira-Emma Hopwood " criteria = "safe-to-deploy" delta = "0.7.32 -> 0.7.34" aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml" [audits.zcashd.audits]