gecko-dev/supply-chain/audits.toml

# cargo-vet audits file

[[audits.android_logger]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.11.0"
notes = "Small crate, wrapping Android log functionality, reviewed by janerik"

[[audits.android_logger]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.11.0 -> 0.11.1"
notes = "Small crate, wrapping Android log functionality, now switched to properly using MaybeUninit"

[[audits.android_system_properties]]
who = "Nicolas Silva <nical@fastmail.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = "I wrote this crate, reviewed by jimb. It is mostly a Rust port of some C++ code we already ship."

[[audits.android_system_properties]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.1.2 -> 0.1.4"

[[audits.anyhow]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.57 -> 1.0.61"

[[audits.app_units]]
who = "Emilio Cobos Álvarez <emilio@crisal.io>"
criteria = "safe-to-deploy"
version = "0.7.1"
notes = """
I'm pretty familiar with this crate. It provides a fixed-point numeric type.
The code is pretty straight-forward, there's no unsafe code at all.
"""

[[audits.arbitrary]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-run"
delta = "1.1.0 -> 1.1.1"

[[audits.arbitrary]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-run"
delta = "1.1.1 -> 1.1.3"

[[audits.ashmem]]
who = "Matthew Gregan <kinetik@flim.org>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = """
Small unsafe wrapper around Android 8.0's ASharedMemory native API that falls
back to older private ioctl-based API at runtime on earlier OS releases.  The
shim code is small and doesn't inspect the API arguments, so is unlikely to
expose any safety issues beyond those presented by the native OS API.
"""

[[audits.askama]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.11.1"
notes = """
Just contains some traits and re-exports for use by a broader package of related
crates. No unsafe code or ambient capability usage.
"""

[[audits.async-trait]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.1.56 -> 0.1.57"

[[audits.atomic_refcell]]
who = "Bobby Holley <bholley@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.1.8"
notes = "I maintain this crate and have reviewed every line."

[[audits.bindgen]]
who = "Emilio Cobos Álvarez <emilio@crisal.io>"
criteria = "safe-to-deploy"
version = "0.59.2"
notes = "I'm the primary author and maintainer of the crate."

[[audits.bit-set]]
who = "Aria Beingessner <a.beingessner@gmail.com>"
criteria = "safe-to-deploy"
version = "0.5.2"
notes = "Another crate I own via contain-rs that is ancient and maintenance mode, no known issues."

[[audits.bit-vec]]
who = "Aria Beingessner <a.beingessner@gmail.com>"
criteria = "safe-to-deploy"
version = "0.6.3"
notes = "Another crate I own via contain-rs that is ancient and in maintenance mode but otherwise perfectly fine."

[[audits.build-parallel]]
who = "Jeff Muizelaar <jmuizelaar@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.1.2"

[[audits.clap_lex]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.0 -> 0.2.2"

[[audits.cstr]]
who = "Emilio Cobos Álvarez <emilio@crisal.io>"
criteria = "safe-to-deploy"
version = "0.2.10"
notes = """
I've reviewed the code of the crate thoroughly. It generates an unsafe block
which is statically guaranteed to be safe. Inputs to the macro have to be
static so there's no uncontrolled input whatsoever.
"""

[[audits.derive_arbitrary]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-run"
delta = "1.1.0 -> 1.1.1"

[[audits.derive_arbitrary]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-run"
delta = "1.1.1 -> 1.1.3"

[[audits.dogear]]
who = "Sammy Khamis <skhamis@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.4.0 -> 0.5.0"
notes = "The repository for this crate belongs in the Mozilla org."

[[audits.extend]]
who = "Ben Dean-Kawamura <bdk@mozilla.com>"
criteria = "safe-to-deploy"
version = "1.1.2"
notes = "Inspected the crate and noted that the impl block comes directly from the proc-macro input.  If no new code can be added by this crate, I don't think there can be any issues."

[[audits.flagset]]
who = "Ryan Hunt <rhunt@eqrion.net>"
criteria = "safe-to-deploy"
version = "0.4.3"
notes = "Uses no ambient capabilities, vetted the one instance of unsafe."

[[audits.fluent]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.16.0"

[[audits.fluent-bundle]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.15.2"

[[audits.fluent-fallback]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.6.0"

[[audits.fluent-langneg]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.13.0"

[[audits.fluent-pseudo]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.3.1"

[[audits.fluent-syntax]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.11.0"

[[audits.fluent-testing]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-run"
version = "0.0.2"

[[audits.fnv]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "1.0.7"
notes = "Simple hasher implementation with no unsafe code."

[[audits.fxhash]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.2.1"
notes = "Straightforward crate with no unsafe code, does what it says on the tin."

[[audits.getrandom]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.6 -> 0.2.7"

[[audits.glean]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
version = "50.1.0"
notes = "Maintained by the Glean team at Mozilla"

[[audits.glean]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "50.1.2"
notes = "Maintained by the Glean team at Mozilla"

[[audits.glean]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
version = "51.1.0"
notes = "Maintained by the Glean team at Mozilla"

[[audits.glean]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "50.1.2 -> 50.1.3"
notes = "Unchanged from last version"

[[audits.glean]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "50.1.3 -> 51.0.1"
notes = "Maintained by the Glean team at Mozilla"

[[audits.glean-core]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
version = "50.1.0"
notes = "Maintained by the Glean team at Mozilla"

[[audits.glean-core]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "50.1.2"
notes = "Maintained by the Glean team at Mozilla"

[[audits.glean-core]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
version = "51.1.0"
notes = "Maintained by the Glean team at Mozilla"

[[audits.glean-core]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "50.1.2 -> 50.1.3"
notes = "Bug fix release with minimal changes, changes done by myself"

[[audits.glean-core]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "50.1.3 -> 51.0.1"
notes = "Maintained by the Glean team at Mozilla"

[[audits.guid_win]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.2.0"
notes = """
This crate has some unsafe code for the FFI bits, which I've reviewed carefully.
It uses the deprecated mem::uninitialized(), which is generally sketchy. However
the usage is pretty straightforward and while it's technically UB, it seems no
more likely to lead to miscompilation than any other use of mem::uninitialized.
"""

[[audits.intl-memoizer]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.5.1"

[[audits.intl_pluralrules]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "7.0.1"

[[audits.linked-hash-map]]
who = "Aria Beingessner <a.beingessner@gmail.com>"
criteria = "safe-to-deploy"
version = "0.5.4"
notes = "I own this crate (I am contain-rs) and 0.5.4 passes miri. This code is very old and used by lots of people, so I'm pretty confident in it, even though it's in maintenance-mode and missing some nice-to-have APIs."

[[audits.log]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
version = "0.4.17"

[[audits.malloc_size_of_derive]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = """
This was originally servo code which I put on crates.io some years ago but didn't
examine at the time, so I examined it now. I didn't perform a full logic review
but convinced myself that any generated code will be entirely safe to deploy.
"""

[[audits.matches]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.9"
notes = "This is a trivial crate."

[[audits.naga]]
who = "Dzmitry Malyshau <kvark@fastmail.com>"
criteria = "safe-to-deploy"
version = "0.8.0"
notes = """
This crate, up through the indicated version, was written or reviewed
by Dzmitry Malyshau while he was a Mozilla employee. Dzmitry left
Mozilla at the beginning of February 2022. This audit statement was
collected by Jim Blandy, a Mozilla employee, over email in July 2022:
Dzmitry was shown, and agreed to, the 'safe-to-deploy' text.
"""

[[audits.new_debug_unreachable]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "1.0.4"
notes = "This is a trivial crate."

[[audits.origin-trial-token]]
who = "Emilio Cobos Álvarez <emilio@crisal.io>"
criteria = "safe-to-deploy"
version = "0.1.1"
notes = """
I'm the author of the crate. The only unsafe code is a view over a byte array
which is properly validated.

Cryptography shenanigans are delegated to the caller so there's no possible
unsoundness there.
"""

[[audits.packed_simd_2]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.7 -> 0.3.8"

[[audits.precomputed-hash]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.1"
notes = "This is a trivial crate."

[[audits.rust_decimal]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.24.0 -> 1.25.0"

[[audits.rustc-hash]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = "Straightforward crate with no unsafe code, does what it says on the tin."

[[audits.semver]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.9 -> 1.0.10"

[[audits.svg_fmt]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.4.1"
notes = "Simple string processing with no unsafe code or ambient capability usage."

[[audits.thin-vec]]
who = "Aria Beingessner <a.beingessner@gmail.com>"
criteria = "safe-to-deploy"
version = "0.2.5"
notes = "I own this crate, and most of its versions were codeveloped and reviewed by Nika Layzell. This version was not explicitly reviewed by her, but it was specifically a release that made the code pass miri and was reviewed by me. Firefox uses it in the gecko-ffi configuration which is less thoroughly tested and more dangerous but we're reasonably confident in it. The real danger is from C++ code failing to use it correctly in FFI but that's just how FFI is."

[[audits.tinystr]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.3.4"

[[audits.tinystr]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.6.0"

[[audits.topological-sort]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
notes = "Simple algorithm crate with no unsafe code or capability usage."

[[audits.tracy-rs]]
who = "Glenn Watson <git@intuitionlibrary.com>"
criteria = "safe-to-deploy"
version = "0.1.2"

[[audits.uluru]]
who = "Emilio Cobos Álvarez <emilio@crisal.io>"
criteria = "safe-to-deploy"
version = "3.0.0"
notes = """
I've reviewed multiple patches in this crate, including the initial
implementation back in the day. It has no unsafe code at all nowadays.
"""

[[audits.unic-langid]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.9.0"

[[audits.unic-langid-impl]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.9.0"

[[audits.unic-langid-macros]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.9.0"

[[audits.unic-langid-macros-impl]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.9.0"

[[audits.unicode-ident]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.0 -> 1.0.1"

[[audits.unicode-normalization]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.1.19 -> 0.1.20"
notes = "I am the author of most of these changes upstream, and prepared the release myself, at which point I looked at the other changes since 0.1.19."

[[audits.uniffi]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.19.3"
notes = "Maintained by the Glean and Application Services teams"

[[audits.uniffi_bindgen]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.19.3"
notes = "Maintained by the Glean and Application Services teams."

[[audits.uniffi_build]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.19.3"
notes = "Maintained by the Glean and Application Services teams."

[[audits.uniffi_macros]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.19.3"
notes = "Maintained by the Glean and Application Services teams."

[[audits.void]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "1.0.2"
notes = "Very small crate, just hosts the Void type for easier cross-crate interfacing."

[[audits.wasm-encoder]]
who = "Ryan Hunt <rhunt@eqrion.net>"
criteria = "safe-to-deploy"
version = "0.7.0"
notes = "Maintained by the Bytecode Alliance, with contributions from Mozilla. This has no unsafe code and uses no ambient capabilities."

[[audits.wasm-encoder]]
who = "Ryan Hunt <rhunt@eqrion.net>"
criteria = "safe-to-deploy"
delta = "0.7.0 -> 0.14.0"
notes = "wasm-encoder has no unsafe code and uses no ambient capabilities."

[[audits.wasm-smith]]
who = "Ryan Hunt <rhunt@eqrion.net>"
criteria = "safe-to-deploy"
version = "0.11.2"
notes = "Maintained by the Bytecode Alliance, with contributions from Mozilla. I've vetted the one instance of unsafe code."

[[audits.wasmparser]]
who = "Ryan Hunt <rhunt@eqrion.net>"
criteria = "safe-to-deploy"
version = "0.87.0"
notes = "Maintained by the Bytecode Alliance, with contributions from Mozilla. I've vetted the one instance of unsafe code."

[[audits.wast]]
who = "Ryan Hunt <rhunt@eqrion.net>"
criteria = "safe-to-deploy"
version = "44.0.0"
notes = "Maintained by the Bytecode Alliance, with contributions from Mozilla. wast has no unsafe code and the only ambient capability it uses is to read the full contents of a file that is given to it."

[[audits.webdriver]]
who = "Henrik Skupin <mail@hskupin.info>"
criteria = "safe-to-deploy"
version = "0.46.0"
notes = "Maintained by the DevTools team at Mozilla and has no unsafe code."

[[audits.weedle2]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "3.0.0"
notes = "Maintained by the Glean and Application Services teams."

[[audits.wgpu-core]]
who = "Dzmitry Malyshau <kvark@fastmail.com>"
criteria = "safe-to-deploy"
version = "0.12.0"
notes = """
This crate, up through the indicated version, was written or reviewed
by Dzmitry Malyshau while he was a Mozilla employee. Dzmitry left
Mozilla at the beginning of February 2022. This audit statement was
collected by Jim Blandy, a Mozilla employee, over email in July 2022:
Dzmitry was shown, and agreed to, the 'safe-to-deploy' text.
"""

[[audits.wgpu-hal]]
who = "Dzmitry Malyshau <kvark@fastmail.com>"
criteria = "safe-to-deploy"
version = "0.12.0"
notes = """
This crate, up through the indicated version, was written or reviewed
by Dzmitry Malyshau while he was a Mozilla employee. Dzmitry left
Mozilla at the beginning of February 2022. This audit statement was
collected by Jim Blandy, a Mozilla employee, over email in July 2022:
Dzmitry was shown, and agreed to, the 'safe-to-deploy' text.
"""

[[audits.wgpu-types]]
who = "Dzmitry Malyshau <kvark@fastmail.com>"
criteria = "safe-to-deploy"
version = "0.12.0"
notes = """
This crate, up through the indicated version, was written or reviewed
by Dzmitry Malyshau while he was a Mozilla employee. Dzmitry left
Mozilla at the beginning of February 2022. This audit statement was
collected by Jim Blandy, a Mozilla employee, over email in July 2022:
Dzmitry was shown, and agreed to, the 'safe-to-deploy' text.
"""

[[audits.whatsys]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = """
Contains platform-specific FFI code for apple, mac, and windows. The windows code
also contains a small C file compiled at build-time. I audited all of it and it
looks correct.
"""

[[audits.xmldecl]]
who = "Henri Sivonen <hsivonen@hsivonen.fi>"
criteria = "safe-to-deploy"
version = "0.2.0"
notes = "I, Henri Sivonen, wrote this crate myself for Gecko even though it's published on crates.io."