зеркало из https://github.com/mozilla/gecko-dev.git
1399 строки
37 KiB
Plaintext
1399 строки
37 KiB
Plaintext
|
|
# cargo-vet imports lock
|
|
|
|
[[publisher.aho-corasick]]
|
|
version = "0.7.20"
|
|
when = "2022-11-22"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.arbitrary]]
|
|
version = "1.3.0"
|
|
when = "2023-03-13"
|
|
user-id = 696
|
|
user-login = "fitzgen"
|
|
user-name = "Nick Fitzgerald"
|
|
|
|
[[publisher.async-trait]]
|
|
version = "0.1.68"
|
|
when = "2023-03-24"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.atomic]]
|
|
version = "0.4.6"
|
|
when = "2020-07-05"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.audio_thread_priority]]
|
|
version = "0.26.1"
|
|
when = "2022-03-22"
|
|
user-id = 1258
|
|
user-login = "padenot"
|
|
user-name = "Paul Adenot"
|
|
|
|
[[publisher.authenticator]]
|
|
version = "0.4.0-alpha.20"
|
|
when = "2023-08-24"
|
|
user-id = 175410
|
|
user-login = "jschanck"
|
|
user-name = "John Schanck"
|
|
|
|
[[publisher.authenticator]]
|
|
version = "0.4.0-alpha.21"
|
|
when = "2023-09-11"
|
|
user-id = 175410
|
|
user-login = "jschanck"
|
|
user-name = "John Schanck"
|
|
|
|
[[publisher.authenticator]]
|
|
version = "0.4.0-alpha.22"
|
|
when = "2023-09-19"
|
|
user-id = 175410
|
|
user-login = "jschanck"
|
|
user-name = "John Schanck"
|
|
|
|
[[publisher.bhttp]]
|
|
version = "0.3.1"
|
|
when = "2023-02-23"
|
|
user-id = 128763
|
|
user-login = "martinthomson"
|
|
user-name = "Martin Thomson"
|
|
|
|
[[publisher.byteorder]]
|
|
version = "1.4.3"
|
|
when = "2021-03-10"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.bytes]]
|
|
version = "1.4.0"
|
|
when = "2023-01-31"
|
|
user-id = 6741
|
|
user-login = "Darksonn"
|
|
user-name = "Alice Ryhl"
|
|
|
|
[[publisher.cexpr]]
|
|
version = "0.6.0"
|
|
when = "2021-10-11"
|
|
user-id = 3788
|
|
user-login = "emilio"
|
|
user-name = "Emilio Cobos Álvarez"
|
|
|
|
[[publisher.clap]]
|
|
version = "4.1.14"
|
|
when = "2023-03-28"
|
|
user-id = 6743
|
|
user-login = "epage"
|
|
user-name = "Ed Page"
|
|
|
|
[[publisher.clap_builder]]
|
|
version = "4.1.14"
|
|
when = "2023-03-28"
|
|
user-id = 6743
|
|
user-login = "epage"
|
|
user-name = "Ed Page"
|
|
|
|
[[publisher.clap_derive]]
|
|
version = "4.1.14"
|
|
when = "2023-03-28"
|
|
user-id = 6743
|
|
user-login = "epage"
|
|
user-name = "Ed Page"
|
|
|
|
[[publisher.clap_lex]]
|
|
version = "0.4.1"
|
|
when = "2023-03-28"
|
|
user-id = 6743
|
|
user-login = "epage"
|
|
user-name = "Ed Page"
|
|
|
|
[[publisher.core-foundation]]
|
|
version = "0.9.3"
|
|
when = "2022-02-07"
|
|
user-id = 5946
|
|
user-login = "jrmuizel"
|
|
user-name = "Jeff Muizelaar"
|
|
|
|
[[publisher.core-foundation-sys]]
|
|
version = "0.8.3"
|
|
when = "2021-10-12"
|
|
user-id = 2396
|
|
user-login = "jdm"
|
|
user-name = "Josh Matthews"
|
|
|
|
[[publisher.core-graphics]]
|
|
version = "0.22.3"
|
|
when = "2021-11-02"
|
|
user-id = 5946
|
|
user-login = "jrmuizel"
|
|
user-name = "Jeff Muizelaar"
|
|
|
|
[[publisher.core-graphics-types]]
|
|
version = "0.1.1"
|
|
when = "2020-09-15"
|
|
user-id = 2396
|
|
user-login = "jdm"
|
|
user-name = "Josh Matthews"
|
|
|
|
[[publisher.core-text]]
|
|
version = "19.2.0"
|
|
when = "2021-02-14"
|
|
user-id = 5946
|
|
user-login = "jrmuizel"
|
|
user-name = "Jeff Muizelaar"
|
|
|
|
[[publisher.derive_arbitrary]]
|
|
version = "1.3.0"
|
|
when = "2023-03-13"
|
|
user-id = 696
|
|
user-login = "fitzgen"
|
|
user-name = "Nick Fitzgerald"
|
|
|
|
[[publisher.dogear]]
|
|
version = "0.4.0"
|
|
when = "2019-09-16"
|
|
user-id = 27901
|
|
user-login = "linabutler"
|
|
user-name = "Lina Butler"
|
|
|
|
[[publisher.dtoa]]
|
|
version = "0.4.8"
|
|
when = "2021-03-29"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.encoding_rs]]
|
|
version = "0.8.33"
|
|
when = "2023-08-23"
|
|
user-id = 4484
|
|
user-login = "hsivonen"
|
|
user-name = "Henri Sivonen"
|
|
|
|
[[publisher.etagere]]
|
|
version = "0.2.7"
|
|
when = "2022-05-04"
|
|
user-id = 1281
|
|
user-login = "nical"
|
|
user-name = "Nicolas Silva"
|
|
|
|
[[publisher.euclid]]
|
|
version = "0.22.7"
|
|
when = "2022-04-04"
|
|
user-id = 1281
|
|
user-login = "nical"
|
|
user-name = "Nicolas Silva"
|
|
|
|
[[publisher.flate2]]
|
|
version = "1.0.24"
|
|
when = "2022-05-28"
|
|
user-id = 4333
|
|
user-login = "joshtriplett"
|
|
user-name = "Josh Triplett"
|
|
|
|
[[publisher.freetype]]
|
|
version = "0.7.0"
|
|
when = "2020-07-14"
|
|
user-id = 2396
|
|
user-login = "jdm"
|
|
user-name = "Josh Matthews"
|
|
|
|
[[publisher.gleam]]
|
|
version = "0.15.0"
|
|
when = "2023-04-21"
|
|
user-id = 5946
|
|
user-login = "jrmuizel"
|
|
user-name = "Jeff Muizelaar"
|
|
|
|
[[publisher.glean]]
|
|
version = "54.0.0"
|
|
when = "2023-09-13"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.glean-core]]
|
|
version = "54.0.0"
|
|
when = "2023-09-13"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.glslopt]]
|
|
version = "0.1.9"
|
|
when = "2021-03-17"
|
|
user-id = 84794
|
|
user-login = "jamienicol"
|
|
user-name = "Jamie Nicol"
|
|
|
|
[[publisher.headers]]
|
|
version = "0.3.9"
|
|
when = "2023-08-31"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.httparse]]
|
|
version = "1.8.0"
|
|
when = "2022-08-30"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.indexmap]]
|
|
version = "1.9.3"
|
|
when = "2023-03-24"
|
|
user-id = 539
|
|
user-login = "cuviper"
|
|
user-name = "Josh Stone"
|
|
|
|
[[publisher.inherent]]
|
|
version = "1.0.7"
|
|
when = "2023-03-25"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.iovec]]
|
|
version = "0.1.4"
|
|
when = "2019-10-09"
|
|
user-id = 10
|
|
user-login = "carllerche"
|
|
user-name = "Carl Lerche"
|
|
|
|
[[publisher.itoa]]
|
|
version = "1.0.5"
|
|
when = "2022-12-17"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.jobserver]]
|
|
version = "0.1.25"
|
|
when = "2022-09-23"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.libc]]
|
|
version = "0.2.132"
|
|
when = "2022-08-16"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.libc]]
|
|
version = "0.2.146"
|
|
when = "2023-06-06"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.linux-raw-sys]]
|
|
version = "0.4.7"
|
|
when = "2023-09-10"
|
|
user-id = 6825
|
|
user-login = "sunfishcode"
|
|
user-name = "Dan Gohman"
|
|
|
|
[[publisher.lock_api]]
|
|
version = "0.4.9"
|
|
when = "2022-09-20"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.memchr]]
|
|
version = "2.5.0"
|
|
when = "2022-04-30"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.mime]]
|
|
version = "0.3.16"
|
|
when = "2020-01-07"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.mio]]
|
|
version = "0.6.21"
|
|
when = "2019-11-27"
|
|
user-id = 10
|
|
user-login = "carllerche"
|
|
user-name = "Carl Lerche"
|
|
|
|
[[publisher.nss-gk-api]]
|
|
version = "0.3.0"
|
|
when = "2023-06-14"
|
|
user-id = 175410
|
|
user-login = "jschanck"
|
|
user-name = "John Schanck"
|
|
|
|
[[publisher.num_cpus]]
|
|
version = "1.15.0"
|
|
when = "2022-12-20"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.ohttp]]
|
|
version = "0.3.1"
|
|
when = "2023-02-23"
|
|
user-id = 128763
|
|
user-login = "martinthomson"
|
|
user-name = "Martin Thomson"
|
|
|
|
[[publisher.ordered-float]]
|
|
version = "3.4.0"
|
|
when = "2022-11-06"
|
|
user-id = 2017
|
|
user-login = "mbrubeck"
|
|
user-name = "Matt Brubeck"
|
|
|
|
[[publisher.parking_lot]]
|
|
version = "0.12.1"
|
|
when = "2022-05-31"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.parking_lot_core]]
|
|
version = "0.9.8"
|
|
when = "2023-06-05"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.paste]]
|
|
version = "1.0.11"
|
|
when = "2022-12-17"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.prio]]
|
|
version = "0.12.1"
|
|
when = "2023-04-13"
|
|
user-id = 101233
|
|
user-login = "le-automaton"
|
|
|
|
[[publisher.proc-macro2]]
|
|
version = "1.0.66"
|
|
when = "2023-07-16"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.quote]]
|
|
version = "1.0.28"
|
|
when = "2023-05-25"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.regex]]
|
|
version = "1.7.1"
|
|
when = "2023-01-09"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.regex-syntax]]
|
|
version = "0.6.28"
|
|
when = "2022-11-05"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.rust_cascade]]
|
|
version = "1.5.0"
|
|
when = "2023-04-05"
|
|
user-id = 57462
|
|
user-login = "mozkeeler"
|
|
user-name = "Dana Keeler"
|
|
|
|
[[publisher.rustix]]
|
|
version = "0.38.13"
|
|
when = "2023-09-10"
|
|
user-id = 6825
|
|
user-login = "sunfishcode"
|
|
user-name = "Dan Gohman"
|
|
|
|
[[publisher.ryu]]
|
|
version = "1.0.12"
|
|
when = "2022-12-17"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.same-file]]
|
|
version = "1.0.6"
|
|
when = "2020-01-11"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.scopeguard]]
|
|
version = "1.1.0"
|
|
when = "2020-02-16"
|
|
user-id = 2915
|
|
user-login = "Amanieu"
|
|
user-name = "Amanieu d'Antras"
|
|
|
|
[[publisher.serde]]
|
|
version = "1.0.163"
|
|
when = "2023-05-11"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.serde_bytes]]
|
|
version = "0.11.9"
|
|
when = "2023-02-05"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.serde_derive]]
|
|
version = "1.0.163"
|
|
when = "2023-05-10"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.serde_json]]
|
|
version = "1.0.93"
|
|
when = "2023-02-08"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.serde_repr]]
|
|
version = "0.1.12"
|
|
when = "2023-03-18"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.serde_yaml]]
|
|
version = "0.8.26"
|
|
when = "2022-07-16"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.smallvec]]
|
|
version = "1.10.0"
|
|
when = "2022-10-02"
|
|
user-id = 2017
|
|
user-login = "mbrubeck"
|
|
user-name = "Matt Brubeck"
|
|
|
|
[[publisher.smallvec]]
|
|
version = "1.11.1"
|
|
when = "2023-09-20"
|
|
user-id = 2017
|
|
user-login = "mbrubeck"
|
|
user-name = "Matt Brubeck"
|
|
|
|
[[publisher.syn]]
|
|
version = "2.0.18"
|
|
when = "2023-05-26"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.termcolor]]
|
|
version = "1.2.0"
|
|
when = "2023-01-15"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.threadbound]]
|
|
version = "0.1.5"
|
|
when = "2022-12-17"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.tokio-util]]
|
|
version = "0.7.2"
|
|
when = "2022-05-15"
|
|
user-id = 6741
|
|
user-login = "Darksonn"
|
|
user-name = "Alice Ryhl"
|
|
|
|
[[publisher.toml]]
|
|
version = "0.5.7"
|
|
when = "2020-10-11"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.unicode-ident]]
|
|
version = "1.0.6"
|
|
when = "2022-12-17"
|
|
user-id = 3618
|
|
user-login = "dtolnay"
|
|
user-name = "David Tolnay"
|
|
|
|
[[publisher.unicode-segmentation]]
|
|
version = "1.10.0"
|
|
when = "2022-09-13"
|
|
user-id = 1139
|
|
user-login = "Manishearth"
|
|
user-name = "Manish Goregaokar"
|
|
|
|
[[publisher.unicode-width]]
|
|
version = "0.1.10"
|
|
when = "2022-09-13"
|
|
user-id = 1139
|
|
user-login = "Manishearth"
|
|
user-name = "Manish Goregaokar"
|
|
|
|
[[publisher.unicode-xid]]
|
|
version = "0.2.4"
|
|
when = "2022-09-15"
|
|
user-id = 1139
|
|
user-login = "Manishearth"
|
|
user-name = "Manish Goregaokar"
|
|
|
|
[[publisher.uniffi]]
|
|
version = "0.24.3"
|
|
when = "2023-08-01"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.uniffi_bindgen]]
|
|
version = "0.24.3"
|
|
when = "2023-08-01"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.uniffi_build]]
|
|
version = "0.24.3"
|
|
when = "2023-08-01"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.uniffi_checksum_derive]]
|
|
version = "0.24.3"
|
|
when = "2023-08-01"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.uniffi_core]]
|
|
version = "0.24.3"
|
|
when = "2023-08-01"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.uniffi_macros]]
|
|
version = "0.24.3"
|
|
when = "2023-08-01"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.uniffi_meta]]
|
|
version = "0.24.3"
|
|
when = "2023-08-01"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.uniffi_testing]]
|
|
version = "0.24.3"
|
|
when = "2023-08-01"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[publisher.utf8_iter]]
|
|
version = "1.0.3"
|
|
when = "2022-09-09"
|
|
user-id = 4484
|
|
user-login = "hsivonen"
|
|
user-name = "Henri Sivonen"
|
|
|
|
[[publisher.walkdir]]
|
|
version = "2.3.2"
|
|
when = "2021-03-22"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.warp]]
|
|
version = "0.3.3"
|
|
when = "2022-09-27"
|
|
user-id = 359
|
|
user-login = "seanmonstar"
|
|
user-name = "Sean McArthur"
|
|
|
|
[[publisher.wasi]]
|
|
version = "0.11.0+wasi-snapshot-preview1"
|
|
when = "2022-01-19"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.wasm-encoder]]
|
|
version = "0.31.0"
|
|
when = "2023-07-17"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.wasm-encoder]]
|
|
version = "0.33.1"
|
|
when = "2023-09-18"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.wasm-smith]]
|
|
version = "0.12.12"
|
|
when = "2023-07-17"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.wasm-smith]]
|
|
version = "0.12.17"
|
|
when = "2023-09-18"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.wasmparser]]
|
|
version = "0.109.0"
|
|
when = "2023-07-17"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.wasmparser]]
|
|
version = "0.113.1"
|
|
when = "2023-09-18"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.wast]]
|
|
version = "62.0.0"
|
|
when = "2023-07-17"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.wast]]
|
|
version = "65.0.1"
|
|
when = "2023-09-18"
|
|
user-id = 1
|
|
user-login = "alexcrichton"
|
|
user-name = "Alex Crichton"
|
|
|
|
[[publisher.winapi-util]]
|
|
version = "0.1.5"
|
|
when = "2020-04-20"
|
|
user-id = 189
|
|
user-login = "BurntSushi"
|
|
user-name = "Andrew Gallant"
|
|
|
|
[[publisher.windows-sys]]
|
|
version = "0.48.0"
|
|
when = "2023-03-31"
|
|
user-id = 64539
|
|
user-login = "kennykerr"
|
|
user-name = "Kenny Kerr"
|
|
|
|
[[publisher.zeitstempel]]
|
|
version = "0.1.1"
|
|
when = "2021-03-18"
|
|
user-id = 48
|
|
user-login = "badboy"
|
|
user-name = "Jan-Erik Rediger"
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.arbitrary]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696 # Nick Fitzgerald (fitzgen)
|
|
start = "2020-01-14"
|
|
end = "2024-04-21"
|
|
notes = "I am an author of this crate."
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.derive_arbitrary]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 696 # Nick Fitzgerald (fitzgen)
|
|
start = "2020-01-14"
|
|
end = "2024-04-27"
|
|
notes = "I am an author of this crate"
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.wasm-encoder]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1 # Alex Crichton (alexcrichton)
|
|
start = "2020-12-11"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.wasm-smith]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1 # Alex Crichton (alexcrichton)
|
|
start = "2020-09-03"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.wasmparser]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1 # Alex Crichton (alexcrichton)
|
|
start = "2020-07-13"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.wildcard-audits.wast]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 1 # Alex Crichton (alexcrichton)
|
|
start = "2019-10-16"
|
|
end = "2024-04-14"
|
|
notes = """
|
|
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
|
|
repository of which I'm one of the primary maintainers and publishers for.
|
|
I am employed by a member of the Bytecode Alliance and plan to continue doing
|
|
so and will actively maintain this crate over time.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.adler]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.2"
|
|
notes = "This is a small crate which forbids unsafe code and is a straightforward implementation of the adler hashing algorithm."
|
|
|
|
[[audits.bytecode-alliance.audits.arrayref]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.6"
|
|
notes = """
|
|
Unsafe code, but its logic looks good to me. Necessary given what it is
|
|
doing. Well tested, has quickchecks.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.arrayvec]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.7.2"
|
|
notes = """
|
|
Well documented invariants, good assertions for those invariants in unsafe code,
|
|
and tested with MIRI to boot. LGTM.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.base64]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.21.0"
|
|
notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
|
|
|
|
[[audits.bytecode-alliance.audits.bitflags]]
|
|
who = "Jamey Sharp <jsharp@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "2.1.0 -> 2.2.1"
|
|
notes = """
|
|
This version adds unsafe impls of traits from the bytemuck crate when built
|
|
with that library enabled, but I believe the impls satisfy the documented
|
|
safety requirements for bytemuck. The other changes are minor.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.bitflags]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "2.3.2 -> 2.3.3"
|
|
notes = """
|
|
Nothing outside the realm of what one would expect from a bitflags generator,
|
|
all as expected.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.block-buffer]]
|
|
who = "Benjamin Bouvier <public@benj.me>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.9.0 -> 0.10.2"
|
|
|
|
[[audits.bytecode-alliance.audits.bumpalo]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "3.11.1"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.cargo-platform]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.2"
|
|
notes = "no build, no ambient capabilities, no unsafe"
|
|
|
|
[[audits.bytecode-alliance.audits.cc]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.73"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.cfg-if]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.0"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.codespan-reporting]]
|
|
who = "Jamey Sharp <jsharp@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.11.1"
|
|
notes = "This library uses `forbid(unsafe_code)` and has no filesystem or network I/O."
|
|
|
|
[[audits.bytecode-alliance.audits.cpufeatures]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.2 -> 0.2.7"
|
|
notes = """
|
|
This is a minor update that looks to add some more detected CPU features and
|
|
various other minor portability fixes such as MIRI support.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.crypto-common]]
|
|
who = "Benjamin Bouvier <public@benj.me>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.3"
|
|
|
|
[[audits.bytecode-alliance.audits.errno]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.0"
|
|
notes = "This crate uses libc and windows-sys APIs to get and set the raw OS error value."
|
|
|
|
[[audits.bytecode-alliance.audits.errno]]
|
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.3.0 -> 0.3.1"
|
|
notes = "Just a dependency version bump and a bug fix for redox"
|
|
|
|
[[audits.bytecode-alliance.audits.errno-dragonfly]]
|
|
who = "Jamey Sharp <jsharp@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.2"
|
|
notes = "This should be portable to any POSIX system and seems like it should be part of the libc crate, but at any rate it's safe as is."
|
|
|
|
[[audits.bytecode-alliance.audits.foreign-types]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.2"
|
|
notes = "This crate defined a macro-rules which creates wrappers working with FFI types. The implementation of this crate appears to be safe, but each use of this macro would need to be vetted for correctness as well."
|
|
|
|
[[audits.bytecode-alliance.audits.foreign-types-shared]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.1"
|
|
|
|
[[audits.bytecode-alliance.audits.form_urlencoded]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.1.0"
|
|
notes = """
|
|
This is a small crate for working with url-encoded forms which doesn't have any
|
|
more than what it says on the tin. Contains one `unsafe` block related to
|
|
performance around utf-8 validation which is fairly easy to verify as correct.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.futures-channel]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
notes = "build.rs is just detecting the target and setting cfg. unsafety is for implementing a concurrency primitives using atomics and unsafecell, and is not obviously incorrect (this is the sort of thing I wouldn't certify as correct without formal methods)"
|
|
|
|
[[audits.bytecode-alliance.audits.futures-core]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
|
|
|
|
[[audits.bytecode-alliance.audits.futures-executor]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
notes = "Unsafe used to implement the unpark mutex, which is well commented and not obviously incorrect. Like with futures-channel I wouldn't be able to certify it as correct without formal methods."
|
|
|
|
[[audits.bytecode-alliance.audits.futures-io]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
|
|
[[audits.bytecode-alliance.audits.futures-sink]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.27"
|
|
|
|
[[audits.bytecode-alliance.audits.heck]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.0"
|
|
notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation."
|
|
|
|
[[audits.bytecode-alliance.audits.id-arena]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.2.1"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.idna]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.0"
|
|
notes = """
|
|
This is a crate without unsafe code or usage of the standard library. The large
|
|
size of this crate comes from the large generated unicode tables file. This
|
|
crate is broadly used throughout the ecosystem and does not contain anything
|
|
suspicious.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.leb128]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.5"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.libc]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.2.146 -> 0.2.147"
|
|
notes = "Only new type definitions and updating others for some platforms, no major changes"
|
|
|
|
[[audits.bytecode-alliance.audits.memoffset]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.7.1 -> 0.8.0"
|
|
notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes."
|
|
|
|
[[audits.bytecode-alliance.audits.mio]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.8.6 -> 0.8.8"
|
|
notes = "Mostly OS portability updates along with some minor bugfixes."
|
|
|
|
[[audits.bytecode-alliance.audits.peeking_take_while]]
|
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.0"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.percent-encoding]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.2.0"
|
|
notes = """
|
|
This crate is a single-file crate that does what it says on the tin. There are
|
|
a few `unsafe` blocks related to utf-8 validation which are locally verifiable
|
|
as correct and otherwise this crate is good to go.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.pin-utils]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.0"
|
|
|
|
[[audits.bytecode-alliance.audits.pkg-config]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.25"
|
|
notes = "This crate shells out to the pkg-config executable, but it appears to sanitize inputs reasonably."
|
|
|
|
[[audits.bytecode-alliance.audits.rustc-demangle]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.21"
|
|
notes = "I am the author of this crate."
|
|
|
|
[[audits.bytecode-alliance.audits.semver]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.17"
|
|
notes = "plenty of unsafe pointer and vec tricks, but in well-structured and commented code that appears to be correct"
|
|
|
|
[[audits.bytecode-alliance.audits.slab]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.6"
|
|
notes = "provides a datastructure implemented using std's Vec. all uses of unsafe are just delegating to the underlying unsafe Vec methods."
|
|
|
|
[[audits.bytecode-alliance.audits.tempfile]]
|
|
who = "Pat Hickey <phickey@fastly.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.3.0 -> 3.5.0"
|
|
|
|
[[audits.bytecode-alliance.audits.tempfile]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "3.5.0 -> 3.6.0"
|
|
notes = "Dependency updates and new optimized trait implementations, but otherwise everything looks normal."
|
|
|
|
[[audits.bytecode-alliance.audits.unicase]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "2.6.0"
|
|
notes = """
|
|
This crate contains no `unsafe` code and no unnecessary use of the standard
|
|
library.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.unicode-bidi]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.8"
|
|
notes = """
|
|
This crate has no unsafe code and does not use `std::*`. Skimming the crate it
|
|
does not attempt to out of the bounds of what it's already supposed to be doing.
|
|
"""
|
|
|
|
[[audits.bytecode-alliance.audits.unicode-normalization]]
|
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.19"
|
|
notes = """
|
|
This crate contains one usage of `unsafe` which I have manually checked to see
|
|
it as correct. This crate's size comes in large part due to the generated
|
|
unicode tables that it contains. This crate is additionally widely used
|
|
throughout the ecosystem and skimming the crate shows no usage of `std::*` APIs
|
|
and nothing suspicious.
|
|
"""
|
|
|
|
[[audits.embark-studios.audits.anyhow]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.58"
|
|
|
|
[[audits.embark-studios.audits.derive_more]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.99.17"
|
|
notes = "No unsafe usage or ambient capabilities"
|
|
|
|
[[audits.embark-studios.audits.ident_case]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.1"
|
|
notes = "No unsafe usage or ambient capabilities"
|
|
|
|
[[audits.embark-studios.audits.line-wrap]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.1"
|
|
notes = "No unsafe usage or ambient capabilities"
|
|
|
|
[[audits.embark-studios.audits.thiserror]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.40"
|
|
notes = "Wrapper over implementation crate, found no unsafe or ambient capabilities used"
|
|
|
|
[[audits.embark-studios.audits.thiserror-impl]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.0.40"
|
|
notes = "Found no unsafe or ambient capabilities used"
|
|
|
|
[[audits.embark-studios.audits.yaml-rust]]
|
|
who = "Johan Andersson <opensource@embark-studios.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.4.5"
|
|
notes = "No unsafe usage or ambient capabilities"
|
|
|
|
[[audits.google.audits.ash]]
|
|
who = "David Koloski <dkoloski@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.37.0+1.3.209"
|
|
notes = "Reviewed on https://fxrev.dev/694269"
|
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.fastrand]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.9.0"
|
|
notes = """
|
|
`does-not-implement-crypto` is certified because this crate explicitly says
|
|
that the RNG here is not cryptographically secure.
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.futures]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.28"
|
|
notes = """
|
|
`futures` has no logic other than tests - it simply `pub use`s things from
|
|
other crates.
|
|
"""
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.glob]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.1"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.h2]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.3.14"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.http]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.8"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.http-body]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.4.5"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.httpdate]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "1.0.2"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.hyper]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.14.20"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.pin-project]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "1.0.12"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.pin-project-internal]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "1.0.12"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.pin-project-lite]]
|
|
who = "David Koloski <dkoloski@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.2.9"
|
|
notes = "Reviewed on https://fxrev.dev/824504"
|
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.scoped-tls]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-run"
|
|
version = "1.0.0"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.serde_urlencoded]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.7.1"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.tokio-stream]]
|
|
who = "David Koloski <dkoloski@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.11"
|
|
notes = "Reviewed on https://fxrev.dev/804724"
|
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.tower-service]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.3.2"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.tracing]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.1.35"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.tracing-attributes]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.1.22"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.tracing-core]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.1.29"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.try-lock]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.2.3"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.version_check]]
|
|
who = "George Burgess IV <gbiv@google.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.9.4"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.google.audits.want]]
|
|
who = "ChromeOS"
|
|
criteria = "safe-to-run"
|
|
version = "0.3.0"
|
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
|
|
|
[[audits.isrg.wildcard-audits.prio]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 101233 # le-automaton
|
|
start = "2020-09-28"
|
|
end = "2024-03-23"
|
|
|
|
[[audits.isrg.audits.base64]]
|
|
who = "Tim Geoghegan <timg@letsencrypt.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.21.0 -> 0.21.1"
|
|
|
|
[[audits.isrg.audits.base64]]
|
|
who = "Brandon Pitman <bran@bran.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.21.1 -> 0.21.2"
|
|
|
|
[[audits.isrg.audits.base64]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.21.2 -> 0.21.3"
|
|
|
|
[[audits.isrg.audits.block-buffer]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.9.0"
|
|
|
|
[[audits.isrg.audits.keccak]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.2"
|
|
|
|
[[audits.isrg.audits.once_cell]]
|
|
who = "Brandon Pitman <bran@bran.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.17.1 -> 1.17.2"
|
|
|
|
[[audits.isrg.audits.once_cell]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.17.2 -> 1.18.0"
|
|
|
|
[[audits.isrg.audits.rand_chacha]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.3.1"
|
|
|
|
[[audits.isrg.audits.rand_core]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.6.3"
|
|
|
|
[[audits.isrg.audits.rayon-core]]
|
|
who = "Brandon Pitman <bran@bran.land>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.10.2 -> 1.11.0"
|
|
|
|
[[audits.isrg.audits.rayon-core]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "1.11.0 -> 1.12.0"
|
|
|
|
[[audits.isrg.audits.sha2]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.10.2"
|
|
|
|
[[audits.isrg.audits.sha3]]
|
|
who = "David Cook <dcook@divviup.org>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.10.6"
|
|
|
|
[[audits.mozilla.wildcard-audits.zeitstempel]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
user-id = 48 # Jan-Erik Rediger (badboy)
|
|
start = "2021-03-03"
|
|
end = "2024-05-10"
|
|
notes = "Maintained by me"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.askama]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.11.1 -> 0.12.0"
|
|
notes = "No new unsafe usage, mostly dependency updates and smaller API changes"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.askama_derive]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
delta = "0.11.2 -> 0.12.1"
|
|
notes = "Dependency updates, a new toml dependency and some API changes. No unsafe use."
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.basic-toml]]
|
|
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "0.1.2"
|
|
notes = "TOML parser, forked from toml 0.5"
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.either]]
|
|
who = "Nika Layzell <nika@thelayzells.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.6.1"
|
|
notes = """
|
|
Straightforward crate providing the Either enum and trait implementations with
|
|
no unsafe code.
|
|
"""
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
|
|
|
|
[[audits.mozilla.audits.lazy_static]]
|
|
who = "Nika Layzell <nika@thelayzells.com>"
|
|
criteria = "safe-to-deploy"
|
|
version = "1.4.0"
|
|
notes = "I have read over the macros, and audited the unsafe code."
|
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
|