mozilla-mobile/application-services/components/external/glean/supply-chain/imports.lock

Revision control

Copy as Markdown

# cargo-vet imports lock
[[publisher.jsonschema-valid]]
version = "0.5.2"
when = "2023-11-08"
user-id = 48
user-login = "badboy"
user-name = "Jan-Erik Rediger"
[[publisher.linux-raw-sys]]
version = "0.4.10"
when = "2023-10-09"
user-id = 6825
user-login = "sunfishcode"
user-name = "Dan Gohman"
[[publisher.rustix]]
version = "0.38.20"
when = "2023-10-19"
user-id = 6825
user-login = "sunfishcode"
user-name = "Dan Gohman"
[[publisher.uniffi]]
version = "0.29.0"
when = "2025-02-06"
user-id = 127697
user-login = "bendk"
[[publisher.uniffi_bindgen]]
version = "0.29.0"
when = "2025-02-06"
user-id = 127697
user-login = "bendk"
[[publisher.uniffi_build]]
version = "0.29.0"
when = "2025-02-06"
user-id = 127697
user-login = "bendk"
[[publisher.uniffi_core]]
version = "0.29.0"
when = "2025-02-06"
user-id = 127697
user-login = "bendk"
[[publisher.uniffi_internal_macros]]
version = "0.29.0"
when = "2025-02-06"
user-id = 127697
user-login = "bendk"
[[publisher.uniffi_macros]]
version = "0.29.0"
when = "2025-02-06"
user-id = 127697
user-login = "bendk"
[[publisher.uniffi_meta]]
version = "0.29.0"
when = "2025-02-06"
user-id = 127697
user-login = "bendk"
[[publisher.uniffi_udl]]
version = "0.29.0"
when = "2025-02-06"
user-id = 127697
user-login = "bendk"
[[publisher.weedle2]]
version = "5.0.0"
when = "2024-01-24"
user-id = 127697
user-login = "bendk"
[[publisher.wr_malloc_size_of]]
version = "0.2.1"
when = "2025-05-07"
user-id = 48
user-login = "badboy"
user-name = "Jan-Erik Rediger"
[[publisher.zeitstempel]]
version = "0.1.1"
when = "2021-03-18"
user-id = 48
user-login = "badboy"
user-name = "Jan-Erik Rediger"
[[audits.bytecode-alliance.audits.adler2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "2.0.0"
notes = "Fork of the original `adler` crate, zero unsfae code, works in `no_std`, does what it says on th tin."
[[audits.bytecode-alliance.audits.anyhow]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.0.69 -> 1.0.71"
[[audits.bytecode-alliance.audits.arrayref]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "0.3.6"
notes = """
Unsafe code, but its logic looks good to me. Necessary given what it is
doing. Well tested, has quickchecks.
"""
[[audits.bytecode-alliance.audits.bitflags]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
delta = "2.1.0 -> 2.2.1"
notes = """
This version adds unsafe impls of traits from the bytemuck crate when built
with that library enabled, but I believe the impls satisfy the documented
safety requirements for bytemuck. The other changes are minor.
"""
[[audits.bytecode-alliance.audits.bitflags]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "2.3.2 -> 2.3.3"
notes = """
Nothing outside the realm of what one would expect from a bitflags generator,
all as expected.
"""
[[audits.bytecode-alliance.audits.camino]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "1.1.4"
[[audits.bytecode-alliance.audits.cargo-platform]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = "no build, no ambient capabilities, no unsafe"
[[audits.bytecode-alliance.audits.cargo_metadata]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.15.3"
notes = "no build, no unsafe, inputs to cargo command are reasonably sanitized"
[[audits.bytecode-alliance.audits.cc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.73"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.cfg-if]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.0"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.errno]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.3.0"
notes = "This crate uses libc and windows-sys APIs to get and set the raw OS error value."
[[audits.bytecode-alliance.audits.errno]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.3.0 -> 0.3.1"
notes = "Just a dependency version bump and a bug fix for redox"
[[audits.bytecode-alliance.audits.errno-dragonfly]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = "This should be portable to any POSIX system and seems like it should be part of the libc crate, but at any rate it's safe as is."
[[audits.bytecode-alliance.audits.fd-lock]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "3.0.9"
notes = "This crate uses unsafe to make Windows syscalls, to borrow an Fd with an appropriate lifetime, and to zero a windows API structure that appears to have a valid representation with zeroed memory."
[[audits.bytecode-alliance.audits.fd-lock]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "3.0.9 -> 3.0.10"
notes = "Just a dependency version bump"
[[audits.bytecode-alliance.audits.fd-lock]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.0.10 -> 3.0.12"
notes = "Just a dependency version bump"
[[audits.bytecode-alliance.audits.form_urlencoded]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = """
This is a small crate for working with url-encoded forms which doesn't have any
more than what it says on the tin. Contains one `unsafe` block related to
performance around utf-8 validation which is fairly easy to verify as correct.
"""
[[audits.bytecode-alliance.audits.heck]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.1 -> 0.5.0"
notes = "Minor changes for a `no_std` upgrade but otherwise everything looks as expected."
[[audits.bytecode-alliance.audits.id-arena]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "2.2.1"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.idna]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.3.0"
notes = """
This is a crate without unsafe code or usage of the standard library. The large
size of this crate comes from the large generated unicode tables file. This
crate is broadly used throughout the ecosystem and does not contain anything
suspicious.
"""
[[audits.bytecode-alliance.audits.itoa]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "1.0.11 -> 1.0.14"
[[audits.bytecode-alliance.audits.libc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.146 -> 0.2.147"
notes = "Only new type definitions and updating others for some platforms, no major changes"
[[audits.bytecode-alliance.audits.libc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.148 -> 0.2.149"
notes = "Lots of new functions and constants for new platforms and nothing out of the ordinary for what one would expect of the `libc` crate."
[[audits.bytecode-alliance.audits.miniz_oxide]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.7.1"
notes = """
This crate is a Rust implementation of zlib compression/decompression and has
been used by default by the Rust standard library for quite some time. It's also
a default dependency of the popular `backtrace` crate for decompressing debug
information. This crate forbids unsafe code and does not otherwise access system
resources. It's originally a port of the `miniz.c` library as well, and given
its own longevity should be relatively hardened against some of the more common
compression-related issues.
"""
[[audits.bytecode-alliance.audits.miniz_oxide]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.7.1 -> 0.8.0"
notes = "Minor updates, using new Rust features like `const`, no major changes."
[[audits.bytecode-alliance.audits.percent-encoding]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "2.2.0"
notes = """
This crate is a single-file crate that does what it says on the tin. There are
a few `unsafe` blocks related to utf-8 validation which are locally verifiable
as correct and otherwise this crate is good to go.
"""
[[audits.bytecode-alliance.audits.semver]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "1.0.17"
notes = "plenty of unsafe pointer and vec tricks, but in well-structured and commented code that appears to be correct"
[[audits.bytecode-alliance.audits.static_assertions]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = "No dependencies and completely a compile-time crate as advertised. Uses `unsafe` in one module as a compile-time check only: `mem::transmute` and `ptr::write` are wrapped in an impossible-to-run closure."
[[audits.bytecode-alliance.audits.tempfile]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "3.5.0 -> 3.6.0"
notes = "Dependency updates and new optimized trait implementations, but otherwise everything looks normal."
[[audits.bytecode-alliance.audits.tinyvec]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.6.0"
notes = """
This crate, while it implements collections, does so without `std::*` APIs and
without `unsafe`. Skimming the crate everything looks reasonable and what one
would expect from idiomatic safe collections in Rust.
"""
[[audits.bytecode-alliance.audits.tinyvec_macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
notes = """
This is a trivial crate which only contains a singular macro definition which is
intended to multiplex across the internal representation of a tinyvec,
presumably. This trivially doesn't contain anything bad.
"""
[[audits.bytecode-alliance.audits.unicase]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "2.6.0"
notes = """
This crate contains no `unsafe` code and no unnecessary use of the standard
library.
"""
[[audits.bytecode-alliance.audits.unicode-bidi]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.3.8"
notes = """
This crate has no unsafe code and does not use `std::*`. Skimming the crate it
does not attempt to out of the bounds of what it's already supposed to be doing.
"""
[[audits.bytecode-alliance.audits.unicode-normalization]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.19"
notes = """
This crate contains one usage of `unsafe` which I have manually checked to see
it as correct. This crate's size comes in large part due to the generated
unicode tables that it contains. This crate is additionally widely used
throughout the ecosystem and skimming the crate shows no usage of `std::*` APIs
and nothing suspicious.
"""
[[audits.bytecode-alliance.audits.url]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "2.3.1"
notes = """
This crate contains no `unsafe` code and otherwise doesn't use any functionality
it's not supposed to from `std` or such. This crate is the defacto standard for
URL parsing in the Rust community with widespread usage to battle-test, harden,
and suss out bugs. I've historically reviewed this crate in the past and it
is similar to what it once was back then. Skimming over the crate there is
nothing suspicious and it's everything you'd expect a Rust URL parser to be.
"""
[[audits.embark-studios.audits.anyhow]]
who = "Johan Andersson <opensource@embark-studios.com>"
criteria = "safe-to-deploy"
version = "1.0.58"
[[audits.embark-studios.audits.cargo_metadata]]
who = "Johan Andersson <opensource@embark-studios.com>"
criteria = "safe-to-deploy"
delta = "0.15.3 -> 0.15.4"
notes = "No notable changes"
[[audits.embark-studios.audits.thiserror]]
who = "Johan Andersson <opensource@embark-studios.com>"
criteria = "safe-to-deploy"
version = "1.0.40"
notes = "Wrapper over implementation crate, found no unsafe or ambient capabilities used"
[[audits.embark-studios.audits.thiserror-impl]]
who = "Johan Andersson <opensource@embark-studios.com>"
criteria = "safe-to-deploy"
version = "1.0.40"
notes = "Found no unsafe or ambient capabilities used"
[[audits.google.audits.autocfg]]
who = "Manish Goregaokar <manishearth@google.com>"
criteria = "safe-to-deploy"
version = "1.4.0"
notes = "Contains no unsafe"
[[audits.google.audits.bitflags]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.3.2"
notes = """
Security review of earlier versions of the crate can be found at
(Google-internal, sorry): go/image-crate-chromium-security-review
The crate exposes a function marked as `unsafe`, but doesn't use any
`unsafe` blocks (except for tests of the single `unsafe` function). I
think this justifies marking this crate as `ub-risk-1`.
Additional review comments can be found at https://crrev.com/c/4723145/31
"""
[[audits.google.audits.ctor]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
version = "0.1.26"
[[audits.google.audits.fastrand]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "1.9.0"
notes = """
`does-not-implement-crypto` is certified because this crate explicitly says
that the RNG here is not cryptographically secure.
"""
[[audits.google.audits.flate2]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.30"
notes = '''
WARNING: This certification is a result of a **partial** audit. The
`any_zlib` code has **not** been audited. Ability to track partial
Chromium does use the `any_zlib` feature(s). Accidentally depending on
this feature in the future is prevented using the `ban_features` feature
of `gnrt` - see:
Security review of earlier versions of the crate can be found at
(Google-internal, sorry): go/image-crate-chromium-security-review
I grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`.
All `unsafe` in `flate2` is gated behind `#[cfg(feature = "any_zlib")]`:
* The code under `src/ffi/...` will not be used because the `mod c`
declaration in `src/ffi/mod.rs` depends on the `any_zlib` config
* 7 uses of `unsafe` in `src/mem.rs` also all depend on the
`any_zlib` config:
- 2 in `fn set_dictionary` (under `impl Compress`)
- 2 in `fn set_level` (under `impl Compress`)
- 3 in `fn set_dictionary` (under `impl Decompress`)
All hits of `'\bfs\b'` are in comments, or example code, or test code
(but not in product code).
There were no hits of `-i cipher`, `-i crypto`, `'\bnet\b'`.
'''
[[audits.google.audits.flate2]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.30 -> 1.0.31"
notes = """
WARNING: This certification is a result of a **partial** audit. The
`any_zlib` code has **not** been audited. See the audit of 1.0.30 for
more details.
Only benign changes:
* Comment-only changes in `.rs` files
* Also changing dependency version in `Cargo.toml`, but this is for `any_zlib`
feature which is not used in Chromium (i.e. this is a *partial* audit - see
the previous audit notes for 1.0.30)
"""
[[audits.google.audits.flate2]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.31 -> 1.0.33"
notes = """
WARNING: This certification is a result of a **partial** audit. The
`any_zlib` code has **not** been audited. See the audit of 1.0.30 for
more details.
This delta audit has been reviewed in https://crrev.com/c/5811890
The delta can be seen at https://diff.rs/flate2/1.0.31/1.0.33
The delta bumps up `miniz_oxide` dependency to `0.8.0`
The delta also contains some changes to `src/ffi/c.rs` which is *NOT* used by Chromium
and therefore hasn't been covered by this partial audit.
"""
[[audits.google.audits.flate2]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.33 -> 1.0.34"
notes = """
WARNING: This certification is a result of a **partial** audit. The
`any_zlib` code has **not** been audited. See the audit of 1.0.30 for
more details.
The delta can be seen at https://diff.rs/flate2/1.0.33/1.0.34
The delta bumps up `libz-rs-sys` dependency from `0.2.1` to `0.3.0`
The delta in `lib.rs` only tweaks comments and has no code changes.
The delta also contains some changes to `src/ffi/c.rs` which is *NOT* used by Chromium
and therefore hasn't been covered by this partial audit.
"""
[[audits.google.audits.flate2]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.34 -> 1.0.35"
notes = "There are no significant code changes in this delta (just one string constant change). Note that prior audits may have been partial."
[[audits.google.audits.glob]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "0.3.1"
[[audits.google.audits.glob]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "0.3.1 -> 0.3.2"
notes = "Still no unsafe"
[[audits.google.audits.heck]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "0.4.1"
notes = """
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'``
and there were no hits.
`heck` (version `0.3.3`) has been added to Chromium in
"""
[[audits.google.audits.iso8601]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
version = "0.4.2"
[[audits.google.audits.itoa]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.10"
notes = '''
I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits.
There are a few places where `unsafe` is used. Unsafe review notes can be found
Version 1.0.1 of this crate has been added to Chromium in
'''
[[audits.google.audits.itoa]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.10 -> 1.0.11"
notes = """
Straightforward diff between 1.0.10 and 1.0.11 - only 3 commits:
* Bumping up the version
* A touch up of comments
* And my own PR to make `unsafe` blocks more granular:
"""
[[audits.google.audits.log]]
who = "danakj <danakj@chromium.org>"
criteria = "safe-to-deploy"
version = "0.4.22"
notes = """
Unsafety is generally very well-documented, with one exception, which we
describe in the review doc.
"""
[[audits.google.audits.log]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "0.4.22 -> 0.4.25"
notes = "No impact on `unsafe` usage in `lib.rs`."
[[audits.google.audits.miniz_oxide]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "0.8.0 -> 0.8.2"
[[audits.google.audits.nom]]
who = "danakj@chromium.org"
criteria = "safe-to-deploy"
version = "7.1.3"
notes = """
"""
[[audits.google.audits.proc-macro2]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.78"
notes = """
Grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits
(except for a benign \"fs\" hit in a doc comment)
Notes from the `unsafe` review can be found in https://crrev.com/c/5385745.
"""
[[audits.google.audits.proc-macro2]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.78 -> 1.0.79"
[[audits.google.audits.proc-macro2]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.79 -> 1.0.80"
[[audits.google.audits.proc-macro2]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.80 -> 1.0.81"
notes = "Comment changes only"
[[audits.google.audits.proc-macro2]]
who = "danakj <danakj@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.81 -> 1.0.82"
[[audits.google.audits.proc-macro2]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.82 -> 1.0.83"
notes = "Substantive change is replacing String with Box<str>, saving memory."
[[audits.google.audits.proc-macro2]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.83 -> 1.0.84"
notes = "Only doc comment changes in `src/lib.rs`."
[[audits.google.audits.proc-macro2]]
who = "danakj@chromium.org"
criteria = "safe-to-deploy"
delta = "1.0.84 -> 1.0.85"
notes = "Test-only changes."
[[audits.google.audits.proc-macro2]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.85 -> 1.0.86"
notes = """
Comment-only changes in `build.rs`.
Reordering of `Cargo.toml` entries.
Just bumping up the version number in `lib.rs`.
Config-related changes in `test_size.rs`.
"""
[[audits.google.audits.proc-macro2]]
who = "danakj <danakj@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.86 -> 1.0.87"
notes = "No new unsafe interactions."
[[audits.google.audits.proc-macro2]]
who = "Liza Burakova <liza@chromium.org"
criteria = "safe-to-deploy"
delta = "1.0.87 -> 1.0.89"
notes = """
Biggest change is adding error handling in build.rs.
Some config related changes in wrapper.rs.
"""
[[audits.google.audits.proc-macro2]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.89 -> 1.0.92"
notes = """
I looked at the delta and the previous discussion at
and the changes look okay to me (including the `unsafe fn from_str_unchecked`
changes in `wrapper.rs`).
"""
[[audits.google.audits.proc-macro2]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.92 -> 1.0.93"
notes = "No `unsafe`-related changes."
[[audits.google.audits.quote]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.35"
notes = """
Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits
(except for benign \"net\" hit in tests and \"fs\" hit in README.md)
"""
[[audits.google.audits.quote]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.35 -> 1.0.36"
[[audits.google.audits.quote]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.36 -> 1.0.37"
notes = """
The delta just 1) inlines/expands `impl ToTokens` that used to be handled via
`primitive!` macro and 2) adds `impl ToTokens` for `CStr` and `CString`.
"""
[[audits.google.audits.quote]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.37 -> 1.0.38"
notes = "Still no unsafe"
[[audits.google.audits.serde]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.197"
notes = """
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`.
There were some hits for `net`, but they were related to serialization and
not actually opening any connections or anything like that.
There were 2 hits of `unsafe` when grepping:
* In `fn as_str` in `impl Buf`
* In `fn serialize` in `impl Serialize for net::Ipv4Addr`
Unsafe review comments can be found in https://crrev.com/c/5350573/2 (this
review also covered `serde_json_lenient`).
Version 1.0.130 of the crate has been added to Chromium in
https://crrev.com/c/3265545. The CL description contains a link to a
(Google-internal, sorry) document with a mini security review.
"""
[[audits.google.audits.serde]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.197 -> 1.0.198"
[[audits.google.audits.serde]]
who = "danakj <danakj@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.198 -> 1.0.201"
[[audits.google.audits.serde]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.201 -> 1.0.202"
notes = "Trivial changes"
[[audits.google.audits.serde]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.202 -> 1.0.203"
notes = "s/doc_cfg/docsrs/ + tuple_impls/tuple_impl_body-related changes"
[[audits.google.audits.serde]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.203 -> 1.0.204"
[[audits.google.audits.serde]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.204 -> 1.0.207"
notes = "The small change in `src/private/ser.rs` should have no impact on `ub-risk-2`."
[[audits.google.audits.serde]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.207 -> 1.0.209"
notes = """
The delta carries fairly small changes in `src/private/de.rs` and
`src/private/ser.rs` (see https://crrev.com/c/5812194/2..5). AFAICT the
delta has no impact on the `unsafe`, `from_utf8_unchecked`-related parts
of the crate (in `src/de/format.rs` and `src/ser/impls.rs`).
"""
[[audits.google.audits.serde]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.209 -> 1.0.210"
notes = "Almost no new code - just feature rearrangement"
[[audits.google.audits.serde]]
who = "Liza Burakova <liza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.210 -> 1.0.213"
[[audits.google.audits.serde]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.213 -> 1.0.214"
notes = "No unsafe, no crypto"
[[audits.google.audits.serde]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.214 -> 1.0.215"
[[audits.google.audits.serde]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.215 -> 1.0.216"
notes = "The delta makes minor changes in `build.rs` - switching to the `?` syntax sugar."
[[audits.google.audits.serde]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.216 -> 1.0.217"
notes = "Minimal changes, nothing unsafe"
[[audits.google.audits.serde_derive]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.197"
notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits"
[[audits.google.audits.serde_derive]]
who = "danakj <danakj@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.197 -> 1.0.201"
[[audits.google.audits.serde_derive]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.201 -> 1.0.202"
[[audits.google.audits.serde_derive]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.202 -> 1.0.203"
notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits"
[[audits.google.audits.serde_derive]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.203 -> 1.0.204"
[[audits.google.audits.serde_derive]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.204 -> 1.0.207"
notes = 'Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits'
[[audits.google.audits.serde_derive]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.207 -> 1.0.209"
notes = '''
There are no code changes in this delta - see https://crrev.com/c/5812194/2..5
I've neverthless also grepped for `-i cipher`, `-i crypto`, `\bfs\b`,
`\bnet\b`, and `\bunsafe\b`. There were no hits.
'''
[[audits.google.audits.serde_derive]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.209 -> 1.0.210"
notes = "Almost no new code - just feature rearrangement"
[[audits.google.audits.serde_derive]]
who = "Liza Burakova <liza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.210 -> 1.0.213"
notes = "Grepped for 'unsafe', 'crypt', 'cipher', 'fs', 'net' - there were no hits"
[[audits.google.audits.serde_derive]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.213 -> 1.0.214"
notes = "No changes to unsafe, no crypto"
[[audits.google.audits.serde_derive]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.214 -> 1.0.215"
notes = "Minor changes should not impact UB risk"
[[audits.google.audits.serde_derive]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.215 -> 1.0.216"
notes = "The delta adds `#[automatically_derived]` in a few places. Still no `unsafe`."
[[audits.google.audits.serde_derive]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.216 -> 1.0.217"
notes = "No changes"
[[audits.google.audits.synstructure]]
who = "Manish Goregaokar <manishearth@google.com>"
criteria = "safe-to-deploy"
version = "0.13.1"
notes = "Exposes unsafe codegen APIs but does not itself contain unsafe"
[[audits.google.audits.unicode-ident]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.12"
notes = '''
I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits.
All two functions from the public API of this crate use `unsafe` to avoid bound
checks for an array access. Cross-module analysis shows that the offsets can
be statically proven to be within array bounds. More details can be found in
the unsafe review CL at https://crrev.com/c/5350386.
This crate has been added to Chromium in https://crrev.com/c/3891618.
'''
[[audits.google.audits.unicode-ident]]
who = "Dustin J. Mitchell <djmitche@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.12 -> 1.0.13"
notes = "Lots of table updates, and tables are assumed correct with unsafe `.get_unchecked()`, so ub-risk-2 is appropriate"
[[audits.google.audits.unicode-ident]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.13 -> 1.0.14"
notes = "Minimal delta in `.rs` files: new test assertions + doc changes."
[[audits.google.audits.unicode-ident]]
who = "Adrian Taylor <adetaylor@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.14 -> 1.0.15"
notes = "No changes relevant to any of these criteria."
[[audits.google.audits.unicode-ident]]
who = "Liza Burakova <liza@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.0.15 -> 1.0.16"
[[audits.isrg.audits.libc]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "0.2.139 -> 0.2.141"
[[audits.isrg.audits.once_cell]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.17.1 -> 1.17.2"
[[audits.isrg.audits.once_cell]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.17.2 -> 1.18.0"
[[audits.isrg.audits.once_cell]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.18.0 -> 1.19.0"
[[audits.isrg.audits.once_cell]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "1.19.0 -> 1.20.1"
[[audits.isrg.audits.thiserror]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.0.40 -> 1.0.43"
[[audits.isrg.audits.thiserror-impl]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
delta = "1.0.40 -> 1.0.43"
[[audits.mozilla.audits.android_logger]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.11.0"
notes = "Small crate, wrapping Android log functionality, reviewed by janerik"
[[audits.mozilla.audits.android_logger]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.11.0 -> 0.11.1"
notes = "Small crate, wrapping Android log functionality, now switched to properly using MaybeUninit"
[[audits.mozilla.audits.android_logger]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.11.1 -> 0.11.3"
[[audits.mozilla.audits.android_logger]]
who = "Chris H-C <chutten@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.11.3 -> 0.12.0"
notes = "Small wrapper crate. This update fixes log level filtering."
[[audits.mozilla.audits.anyhow]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.57 -> 1.0.61"
[[audits.mozilla.audits.anyhow]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
delta = "1.0.58 -> 1.0.57"
notes = "No functional differences, just CI config and docs."
[[audits.mozilla.audits.anyhow]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.61 -> 1.0.62"
[[audits.mozilla.audits.anyhow]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.62 -> 1.0.68"
[[audits.mozilla.audits.anyhow]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.68 -> 1.0.69"
[[audits.mozilla.audits.bitflags]]
who = "Alex Franchuk <afranchuk@mozilla.com>"
criteria = "safe-to-deploy"
delta = "1.3.2 -> 2.0.2"
notes = "Removal of some unsafe code/methods. No changes to externals, just some refactoring (mostly internal)."
[[audits.mozilla.audits.bitflags]]
who = "Nicolas Silva <nical@fastmail.com>"
criteria = "safe-to-deploy"
delta = "2.0.2 -> 2.1.0"
[[audits.mozilla.audits.bitflags]]
who = "Teodor Tanasoaia <ttanasoaia@mozilla.com>"
criteria = "safe-to-deploy"
delta = "2.2.1 -> 2.3.2"
[[audits.mozilla.audits.bitflags]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "2.3.3 -> 2.4.0"
[[audits.mozilla.audits.bytes]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.3.0 -> 1.4.0"
[[audits.mozilla.audits.cc]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.73 -> 1.0.78"
[[audits.mozilla.audits.crossbeam-channel]]
who = "Glenn Watson <git@intuitionlibrary.com>"
criteria = "safe-to-deploy"
delta = "0.5.12 -> 0.5.13"
[[audits.mozilla.audits.crossbeam-utils]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.8.8 -> 0.8.11"
[[audits.mozilla.audits.crossbeam-utils]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.8.11 -> 0.8.14"
[[audits.mozilla.audits.either]]
who = "Nika Layzell <nika@thelayzells.com>"
criteria = "safe-to-deploy"
version = "1.6.1"
notes = """
Straightforward crate providing the Either enum and trait implementations with
no unsafe code.
"""
[[audits.mozilla.audits.errno]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.1 -> 0.3.3"
[[audits.mozilla.audits.fastrand]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.9.0 -> 2.0.0"
[[audits.mozilla.audits.goblin]]
who = "Gabriele Svelto <gsvelto@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.6.0 -> 0.7.1"
[[audits.mozilla.audits.goblin]]
who = "Alexandre Lissy <lissyx+mozillians@lissyx.dyndns.org>"
criteria = "safe-to-deploy"
delta = "0.8.0 -> 0.8.1"
notes = "Updating goblin to 0.8.1 that includes my fix for Elf SectionHeader parsing"
[[audits.mozilla.audits.goblin]]
who = "Alex Franchuk <afranchuk@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.8.1 -> 0.8.2"
notes = "Removes the TE feature/functionality, otherwise no meaningful changes."
[[audits.mozilla.audits.lazy_static]]
who = "Nika Layzell <nika@thelayzells.com>"
criteria = "safe-to-deploy"
version = "1.4.0"
notes = "I have read over the macros, and audited the unsafe code."
[[audits.mozilla.audits.libc]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.147 -> 0.2.148"
[[audits.mozilla.audits.malloc_size_of_derive]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = """
This was originally servo code which I put on crates.io some years ago but didn't
examine at the time, so I examined it now. I didn't perform a full logic review
but convinced myself that any generated code will be entirely safe to deploy.
"""
[[audits.mozilla.audits.num-integer]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "0.1.45"
notes = "All code written or reviewed by Josh Stone."
[[audits.mozilla.audits.num-traits]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "0.2.15"
notes = "All code written or reviewed by Josh Stone."
[[audits.mozilla.audits.once_cell]]
who = "Erich Gubler <erichdongubler@gmail.com>"
criteria = "safe-to-deploy"
delta = "1.20.1 -> 1.20.2"
notes = "This update works around a Cargo bug that forces the addition of `portable-atomic` into a lockfile, which we have never needed to use."
[[audits.mozilla.audits.redox_syscall]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.13 -> 0.2.16"
[[audits.mozilla.audits.rinja]]
who = "Ben Dean-Kawamura <bdk@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.3.5"
notes = """
Template crate, forked from askama which has been audited. The only unsafe code is calls to
`str::from_utf8_unchecked` for known ASCII strings.
"""
[[audits.mozilla.audits.rinja_derive]]
who = "Ben Dean-Kawamura <bdk@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.3.5"
notes = """
Template crate, forked from askama which has been audited. The only unsafe code is calls to
`str::from_utf8_unchecked` for known ASCII strings.
"""
[[audits.mozilla.audits.rinja_parser]]
who = "Ben Dean-Kawamura <bdk@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.3.5"
notes = """
Template crate, forked from askama which has been audited. The only unsafe code is calls to
`str::from_utf8_unchecked` for known ASCII strings.
"""
[[audits.mozilla.audits.rkv]]
who = "Chris H-C <chutten@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.18.4"
[[audits.mozilla.audits.rustc-hash]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = "Straightforward crate with no unsafe code, does what it says on the tin."
[[audits.mozilla.audits.rustc-hash]]
who = "Ben Dean-Kawamura <bdk@mozilla.com>"
criteria = "safe-to-deploy"
delta = "1.1.0 -> 2.1.1"
notes = "Simple hashing crate, no unsafe code."
[[audits.mozilla.audits.ryu]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.11 -> 1.0.12"
[[audits.mozilla.audits.tempfile]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "3.6.0 -> 3.8.0"
[[audits.mozilla.audits.textwrap]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.15.0 -> 0.15.2"
[[audits.mozilla.audits.textwrap]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.15.2 -> 0.16.0"
[[audits.mozilla.audits.textwrap]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.16.0 -> 0.16.1"
[[audits.mozilla.audits.toml]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.5.10 -> 0.5.11"
[[audits.mozilla.audits.unicode-normalization]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.1.19 -> 0.1.20"
notes = "I am the author of most of these changes upstream, and prepared the release myself, at which point I looked at the other changes since 0.1.19."
[[audits.mozilla.audits.unicode-normalization]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.1.20 -> 0.1.21"
[[audits.mozilla.audits.unicode-normalization]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.1.21 -> 0.1.22"
[[audits.mozilla.audits.whatsys]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = """
Contains platform-specific FFI code for apple, mac, and windows. The windows code
also contains a small C file compiled at build-time. I audited all of it and it
looks correct.
"""
[[audits.mozilla.audits.whatsys]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.1.2 -> 0.3.1"
notes = "Maintained by me. I have written or reviewed all of the code."