2 # cargo-vet imports lock
4 [[publisher.aho-corasick]]
8 user-login = "BurntSushi"
9 user-name = "Andrew Gallant"
11 [[publisher.arbitrary]]
15 user-login = "fitzgen"
16 user-name = "Nick Fitzgerald"
18 [[publisher.async-trait]]
22 user-login = "dtolnay"
23 user-name = "David Tolnay"
29 user-login = "Amanieu"
30 user-name = "Amanieu d'Antras"
32 [[publisher.audio_thread_priority]]
36 user-login = "padenot"
37 user-name = "Paul Adenot"
39 [[publisher.authenticator]]
40 version = "0.4.0-alpha.15"
43 user-login = "jschanck"
44 user-name = "John Schanck"
46 [[publisher.authenticator]]
47 version = "0.4.0-alpha.18"
50 user-login = "jschanck"
51 user-name = "John Schanck"
53 [[publisher.authenticator]]
54 version = "0.4.0-alpha.19"
57 user-login = "jschanck"
58 user-name = "John Schanck"
60 [[publisher.authenticator]]
61 version = "0.4.0-alpha.20"
64 user-login = "jschanck"
65 user-name = "John Schanck"
71 user-login = "martinthomson"
72 user-name = "Martin Thomson"
74 [[publisher.byteorder]]
78 user-login = "BurntSushi"
79 user-name = "Andrew Gallant"
85 user-login = "Darksonn"
86 user-name = "Alice Ryhl"
93 user-name = "Emilio Cobos Álvarez"
100 user-name = "Ed Page"
102 [[publisher.clap_builder]]
107 user-name = "Ed Page"
109 [[publisher.clap_derive]]
114 user-name = "Ed Page"
116 [[publisher.clap_lex]]
121 user-name = "Ed Page"
123 [[publisher.core-foundation]]
127 user-login = "jrmuizel"
128 user-name = "Jeff Muizelaar"
130 [[publisher.core-foundation-sys]]
135 user-name = "Josh Matthews"
137 [[publisher.core-graphics]]
141 user-login = "jrmuizel"
142 user-name = "Jeff Muizelaar"
144 [[publisher.core-graphics-types]]
149 user-name = "Josh Matthews"
151 [[publisher.core-text]]
155 user-login = "jrmuizel"
156 user-name = "Jeff Muizelaar"
158 [[publisher.derive_arbitrary]]
162 user-login = "fitzgen"
163 user-name = "Nick Fitzgerald"
169 user-login = "linabutler"
170 user-name = "Lina Butler"
176 user-login = "dtolnay"
177 user-name = "David Tolnay"
179 [[publisher.encoding_rs]]
183 user-login = "hsivonen"
184 user-name = "Henri Sivonen"
186 [[publisher.etagere]]
191 user-name = "Nicolas Silva"
198 user-name = "Nicolas Silva"
204 user-login = "joshtriplett"
205 user-name = "Josh Triplett"
207 [[publisher.freetype]]
212 user-name = "Josh Matthews"
218 user-login = "jrmuizel"
219 user-name = "Jeff Muizelaar"
225 user-login = "badboy"
226 user-name = "Jan-Erik Rediger"
228 [[publisher.glean-core]]
232 user-login = "badboy"
233 user-name = "Jan-Erik Rediger"
235 [[publisher.glslopt]]
239 user-login = "jamienicol"
240 user-name = "Jamie Nicol"
242 [[publisher.headers]]
246 user-login = "seanmonstar"
247 user-name = "Sean McArthur"
249 [[publisher.httparse]]
253 user-login = "seanmonstar"
254 user-name = "Sean McArthur"
256 [[publisher.indexmap]]
260 user-login = "cuviper"
261 user-name = "Josh Stone"
263 [[publisher.inherent]]
267 user-login = "dtolnay"
268 user-name = "David Tolnay"
274 user-login = "carllerche"
275 user-name = "Carl Lerche"
281 user-login = "dtolnay"
282 user-name = "David Tolnay"
284 [[publisher.jobserver]]
288 user-login = "alexcrichton"
289 user-name = "Alex Crichton"
295 user-login = "Amanieu"
296 user-name = "Amanieu d'Antras"
298 [[publisher.lock_api]]
302 user-login = "Amanieu"
303 user-name = "Amanieu d'Antras"
309 user-login = "BurntSushi"
310 user-name = "Andrew Gallant"
316 user-login = "seanmonstar"
317 user-name = "Sean McArthur"
323 user-login = "carllerche"
324 user-name = "Carl Lerche"
326 [[publisher.nss-gk-api]]
330 user-login = "jschanck"
331 user-name = "John Schanck"
333 [[publisher.num_cpus]]
337 user-login = "seanmonstar"
338 user-name = "Sean McArthur"
344 user-login = "martinthomson"
345 user-name = "Martin Thomson"
347 [[publisher.ordered-float]]
351 user-login = "mbrubeck"
352 user-name = "Matt Brubeck"
354 [[publisher.parking_lot]]
358 user-login = "Amanieu"
359 user-name = "Amanieu d'Antras"
361 [[publisher.parking_lot_core]]
365 user-login = "Amanieu"
366 user-name = "Amanieu d'Antras"
372 user-login = "dtolnay"
373 user-name = "David Tolnay"
379 user-login = "le-automaton"
381 [[publisher.proc-macro2]]
385 user-login = "dtolnay"
386 user-name = "David Tolnay"
388 [[publisher.proc-macro2]]
392 user-login = "dtolnay"
393 user-name = "David Tolnay"
399 user-login = "dtolnay"
400 user-name = "David Tolnay"
406 user-login = "BurntSushi"
407 user-name = "Andrew Gallant"
409 [[publisher.regex-syntax]]
413 user-login = "BurntSushi"
414 user-name = "Andrew Gallant"
416 [[publisher.rust_cascade]]
420 user-login = "mozkeeler"
421 user-name = "Dana Keeler"
427 user-login = "dtolnay"
428 user-name = "David Tolnay"
430 [[publisher.same-file]]
434 user-login = "BurntSushi"
435 user-name = "Andrew Gallant"
437 [[publisher.scopeguard]]
441 user-login = "Amanieu"
442 user-name = "Amanieu d'Antras"
448 user-login = "dtolnay"
449 user-name = "David Tolnay"
451 [[publisher.serde_bytes]]
455 user-login = "dtolnay"
456 user-name = "David Tolnay"
458 [[publisher.serde_derive]]
462 user-login = "dtolnay"
463 user-name = "David Tolnay"
465 [[publisher.serde_json]]
469 user-login = "dtolnay"
470 user-name = "David Tolnay"
472 [[publisher.serde_repr]]
476 user-login = "dtolnay"
477 user-name = "David Tolnay"
479 [[publisher.serde_yaml]]
483 user-login = "dtolnay"
484 user-name = "David Tolnay"
486 [[publisher.smallvec]]
490 user-login = "mbrubeck"
491 user-name = "Matt Brubeck"
497 user-login = "dtolnay"
498 user-name = "David Tolnay"
504 user-login = "dtolnay"
505 user-name = "David Tolnay"
507 [[publisher.termcolor]]
511 user-login = "BurntSushi"
512 user-name = "Andrew Gallant"
514 [[publisher.threadbound]]
518 user-login = "dtolnay"
519 user-name = "David Tolnay"
521 [[publisher.tokio-util]]
525 user-login = "Darksonn"
526 user-name = "Alice Ryhl"
532 user-login = "alexcrichton"
533 user-name = "Alex Crichton"
535 [[publisher.unicode-ident]]
539 user-login = "dtolnay"
540 user-name = "David Tolnay"
542 [[publisher.unicode-segmentation]]
546 user-login = "Manishearth"
547 user-name = "Manish Goregaokar"
549 [[publisher.unicode-width]]
553 user-login = "Manishearth"
554 user-name = "Manish Goregaokar"
556 [[publisher.unicode-xid]]
560 user-login = "Manishearth"
561 user-name = "Manish Goregaokar"
567 user-login = "badboy"
568 user-name = "Jan-Erik Rediger"
570 [[publisher.uniffi_bindgen]]
574 user-login = "badboy"
575 user-name = "Jan-Erik Rediger"
577 [[publisher.uniffi_build]]
581 user-login = "badboy"
582 user-name = "Jan-Erik Rediger"
584 [[publisher.uniffi_checksum_derive]]
588 user-login = "badboy"
589 user-name = "Jan-Erik Rediger"
591 [[publisher.uniffi_core]]
595 user-login = "badboy"
596 user-name = "Jan-Erik Rediger"
598 [[publisher.uniffi_macros]]
602 user-login = "badboy"
603 user-name = "Jan-Erik Rediger"
605 [[publisher.uniffi_meta]]
609 user-login = "badboy"
610 user-name = "Jan-Erik Rediger"
612 [[publisher.uniffi_testing]]
616 user-login = "badboy"
617 user-name = "Jan-Erik Rediger"
619 [[publisher.utf8_iter]]
623 user-login = "hsivonen"
624 user-name = "Henri Sivonen"
626 [[publisher.walkdir]]
630 user-login = "BurntSushi"
631 user-name = "Andrew Gallant"
637 user-login = "seanmonstar"
638 user-name = "Sean McArthur"
641 version = "0.11.0+wasi-snapshot-preview1"
644 user-login = "alexcrichton"
645 user-name = "Alex Crichton"
647 [[publisher.wasm-encoder]]
651 user-login = "alexcrichton"
652 user-name = "Alex Crichton"
654 [[publisher.wasm-smith]]
658 user-login = "alexcrichton"
659 user-name = "Alex Crichton"
661 [[publisher.wasmparser]]
665 user-login = "alexcrichton"
666 user-name = "Alex Crichton"
672 user-login = "alexcrichton"
673 user-name = "Alex Crichton"
675 [[publisher.winapi-util]]
679 user-login = "BurntSushi"
680 user-name = "Andrew Gallant"
682 [[publisher.zeitstempel]]
686 user-login = "badboy"
687 user-name = "Jan-Erik Rediger"
689 [[audits.bytecode-alliance.wildcard-audits.arbitrary]]
690 who = "Nick Fitzgerald <fitzgen@gmail.com>"
691 criteria = "safe-to-deploy"
692 user-id = 696 # Nick Fitzgerald (fitzgen)
695 notes = "I am an author of this crate."
697 [[audits.bytecode-alliance.wildcard-audits.derive_arbitrary]]
698 who = "Nick Fitzgerald <fitzgen@gmail.com>"
699 criteria = "safe-to-deploy"
700 user-id = 696 # Nick Fitzgerald (fitzgen)
703 notes = "I am an author of this crate"
705 [[audits.bytecode-alliance.wildcard-audits.wasm-encoder]]
706 who = "Alex Crichton <alex@alexcrichton.com>"
707 criteria = "safe-to-deploy"
708 user-id = 1 # Alex Crichton (alexcrichton)
712 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
713 repository of which I'm one of the primary maintainers and publishers for.
714 I am employed by a member of the Bytecode Alliance and plan to continue doing
715 so and will actively maintain this crate over time.
718 [[audits.bytecode-alliance.wildcard-audits.wasm-smith]]
719 who = "Alex Crichton <alex@alexcrichton.com>"
720 criteria = "safe-to-deploy"
721 user-id = 1 # Alex Crichton (alexcrichton)
725 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
726 repository of which I'm one of the primary maintainers and publishers for.
727 I am employed by a member of the Bytecode Alliance and plan to continue doing
728 so and will actively maintain this crate over time.
731 [[audits.bytecode-alliance.wildcard-audits.wasmparser]]
732 who = "Alex Crichton <alex@alexcrichton.com>"
733 criteria = "safe-to-deploy"
734 user-id = 1 # Alex Crichton (alexcrichton)
738 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
739 repository of which I'm one of the primary maintainers and publishers for.
740 I am employed by a member of the Bytecode Alliance and plan to continue doing
741 so and will actively maintain this crate over time.
744 [[audits.bytecode-alliance.wildcard-audits.wast]]
745 who = "Alex Crichton <alex@alexcrichton.com>"
746 criteria = "safe-to-deploy"
747 user-id = 1 # Alex Crichton (alexcrichton)
751 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
752 repository of which I'm one of the primary maintainers and publishers for.
753 I am employed by a member of the Bytecode Alliance and plan to continue doing
754 so and will actively maintain this crate over time.
757 [[audits.bytecode-alliance.audits.adler]]
758 who = "Alex Crichton <alex@alexcrichton.com>"
759 criteria = "safe-to-deploy"
761 notes = "This is a small crate which forbids unsafe code and is a straightforward implementation of the adler hashing algorithm."
763 [[audits.bytecode-alliance.audits.arrayref]]
764 who = "Nick Fitzgerald <fitzgen@gmail.com>"
765 criteria = "safe-to-deploy"
768 Unsafe code, but its logic looks good to me. Necessary given what it is
769 doing. Well tested, has quickchecks.
772 [[audits.bytecode-alliance.audits.arrayvec]]
773 who = "Nick Fitzgerald <fitzgen@gmail.com>"
774 criteria = "safe-to-deploy"
777 Well documented invariants, good assertions for those invariants in unsafe code,
778 and tested with MIRI to boot. LGTM.
781 [[audits.bytecode-alliance.audits.base64]]
782 who = "Pat Hickey <phickey@fastly.com>"
783 criteria = "safe-to-deploy"
785 notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
787 [[audits.bytecode-alliance.audits.block-buffer]]
788 who = "Benjamin Bouvier <public@benj.me>"
789 criteria = "safe-to-deploy"
790 delta = "0.9.0 -> 0.10.2"
792 [[audits.bytecode-alliance.audits.bumpalo]]
793 who = "Nick Fitzgerald <fitzgen@gmail.com>"
794 criteria = "safe-to-deploy"
796 notes = "I am the author of this crate."
798 [[audits.bytecode-alliance.audits.cargo-platform]]
799 who = "Pat Hickey <phickey@fastly.com>"
800 criteria = "safe-to-deploy"
802 notes = "no build, no ambient capabilities, no unsafe"
804 [[audits.bytecode-alliance.audits.cc]]
805 who = "Alex Crichton <alex@alexcrichton.com>"
806 criteria = "safe-to-deploy"
808 notes = "I am the author of this crate."
810 [[audits.bytecode-alliance.audits.cfg-if]]
811 who = "Alex Crichton <alex@alexcrichton.com>"
812 criteria = "safe-to-deploy"
814 notes = "I am the author of this crate."
816 [[audits.bytecode-alliance.audits.codespan-reporting]]
817 who = "Jamey Sharp <jsharp@fastly.com>"
818 criteria = "safe-to-deploy"
820 notes = "This library uses `forbid(unsafe_code)` and has no filesystem or network I/O."
822 [[audits.bytecode-alliance.audits.cpufeatures]]
823 who = "Alex Crichton <alex@alexcrichton.com>"
824 criteria = "safe-to-deploy"
825 delta = "0.2.2 -> 0.2.7"
827 This is a minor update that looks to add some more detected CPU features and
828 various other minor portability fixes such as MIRI support.
831 [[audits.bytecode-alliance.audits.crypto-common]]
832 who = "Benjamin Bouvier <public@benj.me>"
833 criteria = "safe-to-deploy"
836 [[audits.bytecode-alliance.audits.foreign-types]]
837 who = "Pat Hickey <phickey@fastly.com>"
838 criteria = "safe-to-deploy"
840 notes = "This crate defined a macro-rules which creates wrappers working with FFI types. The implementation of this crate appears to be safe, but each use of this macro would need to be vetted for correctness as well."
842 [[audits.bytecode-alliance.audits.foreign-types-shared]]
843 who = "Pat Hickey <phickey@fastly.com>"
844 criteria = "safe-to-deploy"
847 [[audits.bytecode-alliance.audits.form_urlencoded]]
848 who = "Alex Crichton <alex@alexcrichton.com>"
849 criteria = "safe-to-deploy"
852 This is a small crate for working with url-encoded forms which doesn't have any
853 more than what it says on the tin. Contains one `unsafe` block related to
854 performance around utf-8 validation which is fairly easy to verify as correct.
857 [[audits.bytecode-alliance.audits.futures-channel]]
858 who = "Pat Hickey <phickey@fastly.com>"
859 criteria = "safe-to-deploy"
861 notes = "build.rs is just detecting the target and setting cfg. unsafety is for implementing a concurrency primitives using atomics and unsafecell, and is not obviously incorrect (this is the sort of thing I wouldn't certify as correct without formal methods)"
863 [[audits.bytecode-alliance.audits.futures-core]]
864 who = "Pat Hickey <phickey@fastly.com>"
865 criteria = "safe-to-deploy"
867 notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
869 [[audits.bytecode-alliance.audits.futures-executor]]
870 who = "Pat Hickey <phickey@fastly.com>"
871 criteria = "safe-to-deploy"
873 notes = "Unsafe used to implement the unpark mutex, which is well commented and not obviously incorrect. Like with futures-channel I wouldn't be able to certify it as correct without formal methods."
875 [[audits.bytecode-alliance.audits.futures-io]]
876 who = "Pat Hickey <phickey@fastly.com>"
877 criteria = "safe-to-deploy"
880 [[audits.bytecode-alliance.audits.futures-sink]]
881 who = "Pat Hickey <phickey@fastly.com>"
882 criteria = "safe-to-deploy"
885 [[audits.bytecode-alliance.audits.heck]]
886 who = "Alex Crichton <alex@alexcrichton.com>"
887 criteria = "safe-to-deploy"
889 notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation."
891 [[audits.bytecode-alliance.audits.id-arena]]
892 who = "Nick Fitzgerald <fitzgen@gmail.com>"
893 criteria = "safe-to-deploy"
895 notes = "I am the author of this crate."
897 [[audits.bytecode-alliance.audits.idna]]
898 who = "Alex Crichton <alex@alexcrichton.com>"
899 criteria = "safe-to-deploy"
902 This is a crate without unsafe code or usage of the standard library. The large
903 size of this crate comes from the large generated unicode tables file. This
904 crate is broadly used throughout the ecosystem and does not contain anything
908 [[audits.bytecode-alliance.audits.leb128]]
909 who = "Nick Fitzgerald <fitzgen@gmail.com>"
910 criteria = "safe-to-deploy"
912 notes = "I am the author of this crate."
914 [[audits.bytecode-alliance.audits.memoffset]]
915 who = "Alex Crichton <alex@alexcrichton.com>"
916 criteria = "safe-to-deploy"
917 delta = "0.7.1 -> 0.8.0"
918 notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes."
920 [[audits.bytecode-alliance.audits.peeking_take_while]]
921 who = "Nick Fitzgerald <fitzgen@gmail.com>"
922 criteria = "safe-to-deploy"
924 notes = "I am the author of this crate."
926 [[audits.bytecode-alliance.audits.percent-encoding]]
927 who = "Alex Crichton <alex@alexcrichton.com>"
928 criteria = "safe-to-deploy"
931 This crate is a single-file crate that does what it says on the tin. There are
932 a few `unsafe` blocks related to utf-8 validation which are locally verifiable
933 as correct and otherwise this crate is good to go.
936 [[audits.bytecode-alliance.audits.pin-utils]]
937 who = "Pat Hickey <phickey@fastly.com>"
938 criteria = "safe-to-deploy"
941 [[audits.bytecode-alliance.audits.pkg-config]]
942 who = "Pat Hickey <phickey@fastly.com>"
943 criteria = "safe-to-deploy"
945 notes = "This crate shells out to the pkg-config executable, but it appears to sanitize inputs reasonably."
947 [[audits.bytecode-alliance.audits.rustc-demangle]]
948 who = "Alex Crichton <alex@alexcrichton.com>"
949 criteria = "safe-to-deploy"
951 notes = "I am the author of this crate."
953 [[audits.bytecode-alliance.audits.semver]]
954 who = "Pat Hickey <phickey@fastly.com>"
955 criteria = "safe-to-deploy"
957 notes = "plenty of unsafe pointer and vec tricks, but in well-structured and commented code that appears to be correct"
959 [[audits.bytecode-alliance.audits.slab]]
960 who = "Pat Hickey <phickey@fastly.com>"
961 criteria = "safe-to-deploy"
963 notes = "provides a datastructure implemented using std's Vec. all uses of unsafe are just delegating to the underlying unsafe Vec methods."
965 [[audits.bytecode-alliance.audits.unicase]]
966 who = "Alex Crichton <alex@alexcrichton.com>"
967 criteria = "safe-to-deploy"
970 This crate contains no `unsafe` code and no unnecessary use of the standard
974 [[audits.bytecode-alliance.audits.unicode-bidi]]
975 who = "Alex Crichton <alex@alexcrichton.com>"
976 criteria = "safe-to-deploy"
979 This crate has no unsafe code and does not use `std::*`. Skimming the crate it
980 does not attempt to out of the bounds of what it's already supposed to be doing.
983 [[audits.bytecode-alliance.audits.unicode-normalization]]
984 who = "Alex Crichton <alex@alexcrichton.com>"
985 criteria = "safe-to-deploy"
988 This crate contains one usage of `unsafe` which I have manually checked to see
989 it as correct. This crate's size comes in large part due to the generated
990 unicode tables that it contains. This crate is additionally widely used
991 throughout the ecosystem and skimming the crate shows no usage of `std::*` APIs
992 and nothing suspicious.
995 [[audits.embark-studios.audits.anyhow]]
996 who = "Johan Andersson <opensource@embark-studios.com>"
997 criteria = "safe-to-deploy"
1000 [[audits.embark-studios.audits.cty]]
1001 who = "Johan Andersson <opensource@embark-studios.com>"
1002 criteria = "safe-to-deploy"
1004 notes = "Inspected it and is a tiny crate with just type definitions"
1006 [[audits.embark-studios.audits.derive_more]]
1007 who = "Johan Andersson <opensource@embark-studios.com>"
1008 criteria = "safe-to-deploy"
1010 notes = "No unsafe usage or ambient capabilities"
1012 [[audits.embark-studios.audits.ident_case]]
1013 who = "Johan Andersson <opensource@embark-studios.com>"
1014 criteria = "safe-to-deploy"
1016 notes = "No unsafe usage or ambient capabilities"
1018 [[audits.embark-studios.audits.line-wrap]]
1019 who = "Johan Andersson <opensource@embark-studios.com>"
1020 criteria = "safe-to-deploy"
1022 notes = "No unsafe usage or ambient capabilities"
1024 [[audits.embark-studios.audits.thiserror]]
1025 who = "Johan Andersson <opensource@embark-studios.com>"
1026 criteria = "safe-to-deploy"
1028 notes = "Wrapper over implementation crate, found no unsafe or ambient capabilities used"
1030 [[audits.embark-studios.audits.thiserror-impl]]
1031 who = "Johan Andersson <opensource@embark-studios.com>"
1032 criteria = "safe-to-deploy"
1034 notes = "Found no unsafe or ambient capabilities used"
1036 [[audits.embark-studios.audits.yaml-rust]]
1037 who = "Johan Andersson <opensource@embark-studios.com>"
1038 criteria = "safe-to-deploy"
1040 notes = "No unsafe usage or ambient capabilities"
1042 [[audits.google.audits.ash]]
1043 who = "David Koloski <dkoloski@google.com>"
1044 criteria = "safe-to-deploy"
1045 version = "0.37.0+1.3.209"
1046 notes = "Reviewed on https://fxrev.dev/694269"
1047 aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
1049 [[audits.google.audits.fastrand]]
1050 who = "George Burgess IV <gbiv@google.com>"
1051 criteria = "safe-to-deploy"
1054 `does-not-implement-crypto` is certified because this crate explicitly says
1055 that the RNG here is not cryptographically secure.
1057 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1059 [[audits.google.audits.futures]]
1060 who = "George Burgess IV <gbiv@google.com>"
1061 criteria = "safe-to-deploy"
1064 `futures` has no logic other than tests - it simply `pub use`s things from
1067 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1069 [[audits.google.audits.glob]]
1070 who = "George Burgess IV <gbiv@google.com>"
1071 criteria = "safe-to-deploy"
1073 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1075 [[audits.google.audits.h2]]
1077 criteria = "safe-to-run"
1079 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1081 [[audits.google.audits.http]]
1083 criteria = "safe-to-run"
1085 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1087 [[audits.google.audits.http-body]]
1089 criteria = "safe-to-run"
1091 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1093 [[audits.google.audits.httpdate]]
1095 criteria = "safe-to-run"
1097 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1099 [[audits.google.audits.hyper]]
1101 criteria = "safe-to-run"
1103 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1105 [[audits.google.audits.pin-project]]
1107 criteria = "safe-to-run"
1109 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1111 [[audits.google.audits.pin-project-internal]]
1113 criteria = "safe-to-run"
1115 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1117 [[audits.google.audits.pin-project-lite]]
1118 who = "David Koloski <dkoloski@google.com>"
1119 criteria = "safe-to-deploy"
1121 notes = "Reviewed on https://fxrev.dev/824504"
1122 aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
1124 [[audits.google.audits.scoped-tls]]
1125 who = "George Burgess IV <gbiv@google.com>"
1126 criteria = "safe-to-run"
1128 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1130 [[audits.google.audits.serde_urlencoded]]
1132 criteria = "safe-to-run"
1134 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1136 [[audits.google.audits.tokio-stream]]
1137 who = "David Koloski <dkoloski@google.com>"
1138 criteria = "safe-to-deploy"
1140 notes = "Reviewed on https://fxrev.dev/804724"
1141 aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
1143 [[audits.google.audits.tower-service]]
1145 criteria = "safe-to-run"
1147 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1149 [[audits.google.audits.tracing]]
1151 criteria = "safe-to-run"
1153 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1155 [[audits.google.audits.tracing-attributes]]
1157 criteria = "safe-to-run"
1159 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1161 [[audits.google.audits.tracing-core]]
1163 criteria = "safe-to-run"
1165 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1167 [[audits.google.audits.try-lock]]
1169 criteria = "safe-to-run"
1171 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1173 [[audits.google.audits.version_check]]
1174 who = "George Burgess IV <gbiv@google.com>"
1175 criteria = "safe-to-deploy"
1177 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1179 [[audits.google.audits.want]]
1181 criteria = "safe-to-run"
1183 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1185 [[audits.isrg.wildcard-audits.prio]]
1186 who = "David Cook <dcook@divviup.org>"
1187 criteria = "safe-to-deploy"
1188 user-id = 101233 # le-automaton
1189 start = "2020-09-28"
1192 [[audits.isrg.audits.block-buffer]]
1193 who = "David Cook <dcook@divviup.org>"
1194 criteria = "safe-to-deploy"
1197 [[audits.isrg.audits.keccak]]
1198 who = "David Cook <dcook@divviup.org>"
1199 criteria = "safe-to-deploy"
1202 [[audits.isrg.audits.once_cell]]
1203 who = "Brandon Pitman <bran@bran.land>"
1204 criteria = "safe-to-deploy"
1205 delta = "1.17.1 -> 1.17.2"
1207 [[audits.isrg.audits.once_cell]]
1208 who = "David Cook <dcook@divviup.org>"
1209 criteria = "safe-to-deploy"
1210 delta = "1.17.2 -> 1.18.0"
1212 [[audits.isrg.audits.rand_core]]
1213 who = "David Cook <dcook@divviup.org>"
1214 criteria = "safe-to-deploy"
1217 [[audits.isrg.audits.rayon-core]]
1218 who = "Brandon Pitman <bran@bran.land>"
1219 criteria = "safe-to-deploy"
1220 delta = "1.10.2 -> 1.11.0"
1222 [[audits.isrg.audits.sha2]]
1223 who = "David Cook <dcook@divviup.org>"
1224 criteria = "safe-to-deploy"
1227 [[audits.isrg.audits.sha3]]
1228 who = "David Cook <dcook@divviup.org>"
1229 criteria = "safe-to-deploy"
1232 [[audits.mozilla.wildcard-audits.zeitstempel]]
1233 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1234 criteria = "safe-to-deploy"
1235 user-id = 48 # Jan-Erik Rediger (badboy)
1236 start = "2021-03-03"
1238 notes = "Maintained by me"
1239 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1241 [[audits.mozilla.audits.askama]]
1242 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1243 criteria = "safe-to-deploy"
1244 delta = "0.11.1 -> 0.12.0"
1245 notes = "No new unsafe usage, mostly dependency updates and smaller API changes"
1246 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1248 [[audits.mozilla.audits.askama_derive]]
1249 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1250 criteria = "safe-to-deploy"
1251 delta = "0.11.2 -> 0.12.1"
1252 notes = "Dependency updates, a new toml dependency and some API changes. No unsafe use."
1253 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1255 [[audits.mozilla.audits.basic-toml]]
1256 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1257 criteria = "safe-to-deploy"
1259 notes = "TOML parser, forked from toml 0.5"
1260 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1262 [[audits.mozilla.audits.either]]
1263 who = "Nika Layzell <nika@thelayzells.com>"
1264 criteria = "safe-to-deploy"
1267 Straightforward crate providing the Either enum and trait implementations with
1270 aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
1272 [[audits.mozilla.audits.lazy_static]]
1273 who = "Nika Layzell <nika@thelayzells.com>"
1274 criteria = "safe-to-deploy"
1276 notes = "I have read over the macros, and audited the unsafe code."
1277 aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
1279 [[audits.mozilla.audits.time]]
1280 who = "Kershaw Chang <kershaw@mozilla.com>"
1281 criteria = "safe-to-deploy"
1282 delta = "0.1.45 -> 0.3.17"
1283 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
1285 [[audits.mozilla.audits.time-macros]]
1286 who = "Kershaw Chang <kershaw@mozilla.com>"
1287 criteria = "safe-to-deploy"
1289 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"