2 # cargo-vet imports lock
4 [[publisher.aho-corasick]]
8 user-login = "BurntSushi"
9 user-name = "Andrew Gallant"
11 [[publisher.arbitrary]]
15 user-login = "fitzgen"
16 user-name = "Nick Fitzgerald"
18 [[publisher.async-trait]]
22 user-login = "dtolnay"
23 user-name = "David Tolnay"
29 user-login = "Amanieu"
30 user-name = "Amanieu d'Antras"
32 [[publisher.audio_thread_priority]]
36 user-login = "padenot"
37 user-name = "Paul Adenot"
39 [[publisher.authenticator]]
40 version = "0.4.0-alpha.15"
43 user-login = "jschanck"
44 user-name = "John Schanck"
46 [[publisher.authenticator]]
47 version = "0.4.0-alpha.18"
50 user-login = "jschanck"
51 user-name = "John Schanck"
57 user-login = "martinthomson"
58 user-name = "Martin Thomson"
60 [[publisher.byteorder]]
64 user-login = "BurntSushi"
65 user-name = "Andrew Gallant"
71 user-login = "Darksonn"
72 user-name = "Alice Ryhl"
79 user-name = "Emilio Cobos Álvarez"
88 [[publisher.clap_builder]]
95 [[publisher.clap_derive]]
100 user-name = "Ed Page"
102 [[publisher.clap_lex]]
107 user-name = "Ed Page"
109 [[publisher.core-foundation]]
113 user-login = "jrmuizel"
114 user-name = "Jeff Muizelaar"
116 [[publisher.core-foundation-sys]]
121 user-name = "Josh Matthews"
123 [[publisher.core-graphics]]
127 user-login = "jrmuizel"
128 user-name = "Jeff Muizelaar"
130 [[publisher.core-graphics-types]]
135 user-name = "Josh Matthews"
137 [[publisher.core-text]]
141 user-login = "jrmuizel"
142 user-name = "Jeff Muizelaar"
144 [[publisher.derive_arbitrary]]
148 user-login = "fitzgen"
149 user-name = "Nick Fitzgerald"
155 user-login = "linabutler"
156 user-name = "Lina Butler"
162 user-login = "dtolnay"
163 user-name = "David Tolnay"
165 [[publisher.etagere]]
170 user-name = "Nicolas Silva"
177 user-name = "Nicolas Silva"
183 user-login = "joshtriplett"
184 user-name = "Josh Triplett"
186 [[publisher.freetype]]
191 user-name = "Josh Matthews"
197 user-login = "jrmuizel"
198 user-name = "Jeff Muizelaar"
204 user-login = "badboy"
205 user-name = "Jan-Erik Rediger"
207 [[publisher.glean-core]]
211 user-login = "badboy"
212 user-name = "Jan-Erik Rediger"
214 [[publisher.glslopt]]
218 user-login = "jamienicol"
219 user-name = "Jamie Nicol"
221 [[publisher.headers]]
225 user-login = "seanmonstar"
226 user-name = "Sean McArthur"
228 [[publisher.httparse]]
232 user-login = "seanmonstar"
233 user-name = "Sean McArthur"
235 [[publisher.indexmap]]
239 user-login = "cuviper"
240 user-name = "Josh Stone"
242 [[publisher.inherent]]
246 user-login = "dtolnay"
247 user-name = "David Tolnay"
253 user-login = "carllerche"
254 user-name = "Carl Lerche"
260 user-login = "dtolnay"
261 user-name = "David Tolnay"
263 [[publisher.jobserver]]
267 user-login = "alexcrichton"
268 user-name = "Alex Crichton"
274 user-login = "Amanieu"
275 user-name = "Amanieu d'Antras"
277 [[publisher.lock_api]]
281 user-login = "Amanieu"
282 user-name = "Amanieu d'Antras"
288 user-login = "BurntSushi"
289 user-name = "Andrew Gallant"
295 user-login = "seanmonstar"
296 user-name = "Sean McArthur"
302 user-login = "carllerche"
303 user-name = "Carl Lerche"
305 [[publisher.nss-gk-api]]
309 user-login = "jschanck"
310 user-name = "John Schanck"
312 [[publisher.num_cpus]]
316 user-login = "seanmonstar"
317 user-name = "Sean McArthur"
323 user-login = "martinthomson"
324 user-name = "Martin Thomson"
326 [[publisher.ordered-float]]
330 user-login = "mbrubeck"
331 user-name = "Matt Brubeck"
333 [[publisher.parking_lot]]
337 user-login = "Amanieu"
338 user-name = "Amanieu d'Antras"
340 [[publisher.parking_lot_core]]
344 user-login = "Amanieu"
345 user-name = "Amanieu d'Antras"
351 user-login = "dtolnay"
352 user-name = "David Tolnay"
358 user-login = "le-automaton"
360 [[publisher.proc-macro2]]
364 user-login = "dtolnay"
365 user-name = "David Tolnay"
371 user-login = "dtolnay"
372 user-name = "David Tolnay"
378 user-login = "BurntSushi"
379 user-name = "Andrew Gallant"
381 [[publisher.regex-syntax]]
385 user-login = "BurntSushi"
386 user-name = "Andrew Gallant"
388 [[publisher.rust_cascade]]
392 user-login = "mozkeeler"
393 user-name = "Dana Keeler"
399 user-login = "dtolnay"
400 user-name = "David Tolnay"
402 [[publisher.same-file]]
406 user-login = "BurntSushi"
407 user-name = "Andrew Gallant"
409 [[publisher.scopeguard]]
413 user-login = "Amanieu"
414 user-name = "Amanieu d'Antras"
420 user-login = "dtolnay"
421 user-name = "David Tolnay"
423 [[publisher.serde_bytes]]
427 user-login = "dtolnay"
428 user-name = "David Tolnay"
430 [[publisher.serde_derive]]
434 user-login = "dtolnay"
435 user-name = "David Tolnay"
437 [[publisher.serde_json]]
441 user-login = "dtolnay"
442 user-name = "David Tolnay"
444 [[publisher.serde_repr]]
448 user-login = "dtolnay"
449 user-name = "David Tolnay"
451 [[publisher.serde_yaml]]
455 user-login = "dtolnay"
456 user-name = "David Tolnay"
458 [[publisher.smallvec]]
462 user-login = "mbrubeck"
463 user-name = "Matt Brubeck"
469 user-login = "dtolnay"
470 user-name = "David Tolnay"
476 user-login = "dtolnay"
477 user-name = "David Tolnay"
479 [[publisher.termcolor]]
483 user-login = "BurntSushi"
484 user-name = "Andrew Gallant"
486 [[publisher.threadbound]]
490 user-login = "dtolnay"
491 user-name = "David Tolnay"
493 [[publisher.tokio-util]]
497 user-login = "Darksonn"
498 user-name = "Alice Ryhl"
504 user-login = "alexcrichton"
505 user-name = "Alex Crichton"
507 [[publisher.unicode-ident]]
511 user-login = "dtolnay"
512 user-name = "David Tolnay"
514 [[publisher.unicode-segmentation]]
518 user-login = "Manishearth"
519 user-name = "Manish Goregaokar"
521 [[publisher.unicode-width]]
525 user-login = "Manishearth"
526 user-name = "Manish Goregaokar"
528 [[publisher.unicode-xid]]
532 user-login = "Manishearth"
533 user-name = "Manish Goregaokar"
539 user-login = "badboy"
540 user-name = "Jan-Erik Rediger"
542 [[publisher.uniffi_bindgen]]
546 user-login = "badboy"
547 user-name = "Jan-Erik Rediger"
549 [[publisher.uniffi_build]]
553 user-login = "badboy"
554 user-name = "Jan-Erik Rediger"
556 [[publisher.uniffi_checksum_derive]]
560 user-login = "badboy"
561 user-name = "Jan-Erik Rediger"
563 [[publisher.uniffi_core]]
567 user-login = "badboy"
568 user-name = "Jan-Erik Rediger"
570 [[publisher.uniffi_macros]]
574 user-login = "badboy"
575 user-name = "Jan-Erik Rediger"
577 [[publisher.uniffi_meta]]
581 user-login = "badboy"
582 user-name = "Jan-Erik Rediger"
584 [[publisher.uniffi_testing]]
588 user-login = "badboy"
589 user-name = "Jan-Erik Rediger"
591 [[publisher.utf8_iter]]
595 user-login = "hsivonen"
596 user-name = "Henri Sivonen"
598 [[publisher.walkdir]]
602 user-login = "BurntSushi"
603 user-name = "Andrew Gallant"
609 user-login = "seanmonstar"
610 user-name = "Sean McArthur"
613 version = "0.11.0+wasi-snapshot-preview1"
616 user-login = "alexcrichton"
617 user-name = "Alex Crichton"
619 [[publisher.wasm-encoder]]
623 user-login = "alexcrichton"
624 user-name = "Alex Crichton"
626 [[publisher.wasm-smith]]
630 user-login = "alexcrichton"
631 user-name = "Alex Crichton"
633 [[publisher.wasmparser]]
637 user-login = "alexcrichton"
638 user-name = "Alex Crichton"
644 user-login = "alexcrichton"
645 user-name = "Alex Crichton"
647 [[publisher.winapi-util]]
651 user-login = "BurntSushi"
652 user-name = "Andrew Gallant"
654 [[publisher.zeitstempel]]
658 user-login = "badboy"
659 user-name = "Jan-Erik Rediger"
661 [[audits.bytecode-alliance.wildcard-audits.arbitrary]]
662 who = "Nick Fitzgerald <fitzgen@gmail.com>"
663 criteria = "safe-to-deploy"
664 user-id = 696 # Nick Fitzgerald (fitzgen)
667 notes = "I am an author of this crate."
669 [[audits.bytecode-alliance.wildcard-audits.derive_arbitrary]]
670 who = "Nick Fitzgerald <fitzgen@gmail.com>"
671 criteria = "safe-to-deploy"
672 user-id = 696 # Nick Fitzgerald (fitzgen)
675 notes = "I am an author of this crate"
677 [[audits.bytecode-alliance.wildcard-audits.wasm-encoder]]
678 who = "Alex Crichton <alex@alexcrichton.com>"
679 criteria = "safe-to-deploy"
680 user-id = 1 # Alex Crichton (alexcrichton)
684 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
685 repository of which I'm one of the primary maintainers and publishers for.
686 I am employed by a member of the Bytecode Alliance and plan to continue doing
687 so and will actively maintain this crate over time.
690 [[audits.bytecode-alliance.wildcard-audits.wasm-smith]]
691 who = "Alex Crichton <alex@alexcrichton.com>"
692 criteria = "safe-to-deploy"
693 user-id = 1 # Alex Crichton (alexcrichton)
697 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
698 repository of which I'm one of the primary maintainers and publishers for.
699 I am employed by a member of the Bytecode Alliance and plan to continue doing
700 so and will actively maintain this crate over time.
703 [[audits.bytecode-alliance.wildcard-audits.wasmparser]]
704 who = "Alex Crichton <alex@alexcrichton.com>"
705 criteria = "safe-to-deploy"
706 user-id = 1 # Alex Crichton (alexcrichton)
710 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
711 repository of which I'm one of the primary maintainers and publishers for.
712 I am employed by a member of the Bytecode Alliance and plan to continue doing
713 so and will actively maintain this crate over time.
716 [[audits.bytecode-alliance.wildcard-audits.wast]]
717 who = "Alex Crichton <alex@alexcrichton.com>"
718 criteria = "safe-to-deploy"
719 user-id = 1 # Alex Crichton (alexcrichton)
723 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
724 repository of which I'm one of the primary maintainers and publishers for.
725 I am employed by a member of the Bytecode Alliance and plan to continue doing
726 so and will actively maintain this crate over time.
729 [[audits.bytecode-alliance.audits.adler]]
730 who = "Alex Crichton <alex@alexcrichton.com>"
731 criteria = "safe-to-deploy"
733 notes = "This is a small crate which forbids unsafe code and is a straightforward implementation of the adler hashing algorithm."
735 [[audits.bytecode-alliance.audits.arrayref]]
736 who = "Nick Fitzgerald <fitzgen@gmail.com>"
737 criteria = "safe-to-deploy"
740 Unsafe code, but its logic looks good to me. Necessary given what it is
741 doing. Well tested, has quickchecks.
744 [[audits.bytecode-alliance.audits.arrayvec]]
745 who = "Nick Fitzgerald <fitzgen@gmail.com>"
746 criteria = "safe-to-deploy"
749 Well documented invariants, good assertions for those invariants in unsafe code,
750 and tested with MIRI to boot. LGTM.
753 [[audits.bytecode-alliance.audits.base64]]
754 who = "Pat Hickey <phickey@fastly.com>"
755 criteria = "safe-to-deploy"
757 notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
759 [[audits.bytecode-alliance.audits.block-buffer]]
760 who = "Benjamin Bouvier <public@benj.me>"
761 criteria = "safe-to-deploy"
762 delta = "0.9.0 -> 0.10.2"
764 [[audits.bytecode-alliance.audits.bumpalo]]
765 who = "Nick Fitzgerald <fitzgen@gmail.com>"
766 criteria = "safe-to-deploy"
768 notes = "I am the author of this crate."
770 [[audits.bytecode-alliance.audits.cargo-platform]]
771 who = "Pat Hickey <phickey@fastly.com>"
772 criteria = "safe-to-deploy"
774 notes = "no build, no ambient capabilities, no unsafe"
776 [[audits.bytecode-alliance.audits.cc]]
777 who = "Alex Crichton <alex@alexcrichton.com>"
778 criteria = "safe-to-deploy"
780 notes = "I am the author of this crate."
782 [[audits.bytecode-alliance.audits.cfg-if]]
783 who = "Alex Crichton <alex@alexcrichton.com>"
784 criteria = "safe-to-deploy"
786 notes = "I am the author of this crate."
788 [[audits.bytecode-alliance.audits.codespan-reporting]]
789 who = "Jamey Sharp <jsharp@fastly.com>"
790 criteria = "safe-to-deploy"
792 notes = "This library uses `forbid(unsafe_code)` and has no filesystem or network I/O."
794 [[audits.bytecode-alliance.audits.cpufeatures]]
795 who = "Alex Crichton <alex@alexcrichton.com>"
796 criteria = "safe-to-deploy"
797 delta = "0.2.2 -> 0.2.7"
799 This is a minor update that looks to add some more detected CPU features and
800 various other minor portability fixes such as MIRI support.
803 [[audits.bytecode-alliance.audits.crypto-common]]
804 who = "Benjamin Bouvier <public@benj.me>"
805 criteria = "safe-to-deploy"
808 [[audits.bytecode-alliance.audits.foreign-types]]
809 who = "Pat Hickey <phickey@fastly.com>"
810 criteria = "safe-to-deploy"
812 notes = "This crate defined a macro-rules which creates wrappers working with FFI types. The implementation of this crate appears to be safe, but each use of this macro would need to be vetted for correctness as well."
814 [[audits.bytecode-alliance.audits.foreign-types-shared]]
815 who = "Pat Hickey <phickey@fastly.com>"
816 criteria = "safe-to-deploy"
819 [[audits.bytecode-alliance.audits.form_urlencoded]]
820 who = "Alex Crichton <alex@alexcrichton.com>"
821 criteria = "safe-to-deploy"
824 This is a small crate for working with url-encoded forms which doesn't have any
825 more than what it says on the tin. Contains one `unsafe` block related to
826 performance around utf-8 validation which is fairly easy to verify as correct.
829 [[audits.bytecode-alliance.audits.futures-channel]]
830 who = "Pat Hickey <phickey@fastly.com>"
831 criteria = "safe-to-deploy"
833 notes = "build.rs is just detecting the target and setting cfg. unsafety is for implementing a concurrency primitives using atomics and unsafecell, and is not obviously incorrect (this is the sort of thing I wouldn't certify as correct without formal methods)"
835 [[audits.bytecode-alliance.audits.futures-core]]
836 who = "Pat Hickey <phickey@fastly.com>"
837 criteria = "safe-to-deploy"
839 notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
841 [[audits.bytecode-alliance.audits.futures-executor]]
842 who = "Pat Hickey <phickey@fastly.com>"
843 criteria = "safe-to-deploy"
845 notes = "Unsafe used to implement the unpark mutex, which is well commented and not obviously incorrect. Like with futures-channel I wouldn't be able to certify it as correct without formal methods."
847 [[audits.bytecode-alliance.audits.futures-io]]
848 who = "Pat Hickey <phickey@fastly.com>"
849 criteria = "safe-to-deploy"
852 [[audits.bytecode-alliance.audits.futures-sink]]
853 who = "Pat Hickey <phickey@fastly.com>"
854 criteria = "safe-to-deploy"
857 [[audits.bytecode-alliance.audits.heck]]
858 who = "Alex Crichton <alex@alexcrichton.com>"
859 criteria = "safe-to-deploy"
861 notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation."
863 [[audits.bytecode-alliance.audits.id-arena]]
864 who = "Nick Fitzgerald <fitzgen@gmail.com>"
865 criteria = "safe-to-deploy"
867 notes = "I am the author of this crate."
869 [[audits.bytecode-alliance.audits.idna]]
870 who = "Alex Crichton <alex@alexcrichton.com>"
871 criteria = "safe-to-deploy"
874 This is a crate without unsafe code or usage of the standard library. The large
875 size of this crate comes from the large generated unicode tables file. This
876 crate is broadly used throughout the ecosystem and does not contain anything
880 [[audits.bytecode-alliance.audits.leb128]]
881 who = "Nick Fitzgerald <fitzgen@gmail.com>"
882 criteria = "safe-to-deploy"
884 notes = "I am the author of this crate."
886 [[audits.bytecode-alliance.audits.memoffset]]
887 who = "Alex Crichton <alex@alexcrichton.com>"
888 criteria = "safe-to-deploy"
889 delta = "0.7.1 -> 0.8.0"
890 notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes."
892 [[audits.bytecode-alliance.audits.peeking_take_while]]
893 who = "Nick Fitzgerald <fitzgen@gmail.com>"
894 criteria = "safe-to-deploy"
896 notes = "I am the author of this crate."
898 [[audits.bytecode-alliance.audits.percent-encoding]]
899 who = "Alex Crichton <alex@alexcrichton.com>"
900 criteria = "safe-to-deploy"
903 This crate is a single-file crate that does what it says on the tin. There are
904 a few `unsafe` blocks related to utf-8 validation which are locally verifiable
905 as correct and otherwise this crate is good to go.
908 [[audits.bytecode-alliance.audits.pin-utils]]
909 who = "Pat Hickey <phickey@fastly.com>"
910 criteria = "safe-to-deploy"
913 [[audits.bytecode-alliance.audits.pkg-config]]
914 who = "Pat Hickey <phickey@fastly.com>"
915 criteria = "safe-to-deploy"
917 notes = "This crate shells out to the pkg-config executable, but it appears to sanitize inputs reasonably."
919 [[audits.bytecode-alliance.audits.rustc-demangle]]
920 who = "Alex Crichton <alex@alexcrichton.com>"
921 criteria = "safe-to-deploy"
923 notes = "I am the author of this crate."
925 [[audits.bytecode-alliance.audits.semver]]
926 who = "Pat Hickey <phickey@fastly.com>"
927 criteria = "safe-to-deploy"
929 notes = "plenty of unsafe pointer and vec tricks, but in well-structured and commented code that appears to be correct"
931 [[audits.bytecode-alliance.audits.slab]]
932 who = "Pat Hickey <phickey@fastly.com>"
933 criteria = "safe-to-deploy"
935 notes = "provides a datastructure implemented using std's Vec. all uses of unsafe are just delegating to the underlying unsafe Vec methods."
937 [[audits.bytecode-alliance.audits.unicase]]
938 who = "Alex Crichton <alex@alexcrichton.com>"
939 criteria = "safe-to-deploy"
942 This crate contains no `unsafe` code and no unnecessary use of the standard
946 [[audits.bytecode-alliance.audits.unicode-bidi]]
947 who = "Alex Crichton <alex@alexcrichton.com>"
948 criteria = "safe-to-deploy"
951 This crate has no unsafe code and does not use `std::*`. Skimming the crate it
952 does not attempt to out of the bounds of what it's already supposed to be doing.
955 [[audits.bytecode-alliance.audits.unicode-normalization]]
956 who = "Alex Crichton <alex@alexcrichton.com>"
957 criteria = "safe-to-deploy"
960 This crate contains one usage of `unsafe` which I have manually checked to see
961 it as correct. This crate's size comes in large part due to the generated
962 unicode tables that it contains. This crate is additionally widely used
963 throughout the ecosystem and skimming the crate shows no usage of `std::*` APIs
964 and nothing suspicious.
967 [[audits.embark-studios.audits.anyhow]]
968 who = "Johan Andersson <opensource@embark-studios.com>"
969 criteria = "safe-to-deploy"
972 [[audits.embark-studios.audits.cty]]
973 who = "Johan Andersson <opensource@embark-studios.com>"
974 criteria = "safe-to-deploy"
976 notes = "Inspected it and is a tiny crate with just type definitions"
978 [[audits.embark-studios.audits.derive_more]]
979 who = "Johan Andersson <opensource@embark-studios.com>"
980 criteria = "safe-to-deploy"
982 notes = "No unsafe usage or ambient capabilities"
984 [[audits.embark-studios.audits.ident_case]]
985 who = "Johan Andersson <opensource@embark-studios.com>"
986 criteria = "safe-to-deploy"
988 notes = "No unsafe usage or ambient capabilities"
990 [[audits.embark-studios.audits.line-wrap]]
991 who = "Johan Andersson <opensource@embark-studios.com>"
992 criteria = "safe-to-deploy"
994 notes = "No unsafe usage or ambient capabilities"
996 [[audits.embark-studios.audits.thiserror]]
997 who = "Johan Andersson <opensource@embark-studios.com>"
998 criteria = "safe-to-deploy"
1000 notes = "Wrapper over implementation crate, found no unsafe or ambient capabilities used"
1002 [[audits.embark-studios.audits.thiserror-impl]]
1003 who = "Johan Andersson <opensource@embark-studios.com>"
1004 criteria = "safe-to-deploy"
1006 notes = "Found no unsafe or ambient capabilities used"
1008 [[audits.embark-studios.audits.yaml-rust]]
1009 who = "Johan Andersson <opensource@embark-studios.com>"
1010 criteria = "safe-to-deploy"
1012 notes = "No unsafe usage or ambient capabilities"
1014 [[audits.google.audits.ash]]
1015 who = "David Koloski <dkoloski@google.com>"
1016 criteria = "safe-to-deploy"
1017 version = "0.37.0+1.3.209"
1018 notes = "Reviewed on https://fxrev.dev/694269"
1019 aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
1021 [[audits.google.audits.fastrand]]
1022 who = "George Burgess IV <gbiv@google.com>"
1023 criteria = "safe-to-deploy"
1026 `does-not-implement-crypto` is certified because this crate explicitly says
1027 that the RNG here is not cryptographically secure.
1029 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1031 [[audits.google.audits.futures]]
1032 who = "George Burgess IV <gbiv@google.com>"
1033 criteria = "safe-to-deploy"
1036 `futures` has no logic other than tests - it simply `pub use`s things from
1039 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1041 [[audits.google.audits.glob]]
1042 who = "George Burgess IV <gbiv@google.com>"
1043 criteria = "safe-to-deploy"
1045 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1047 [[audits.google.audits.h2]]
1049 criteria = "safe-to-run"
1051 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1053 [[audits.google.audits.http]]
1055 criteria = "safe-to-run"
1057 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1059 [[audits.google.audits.http-body]]
1061 criteria = "safe-to-run"
1063 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1065 [[audits.google.audits.httpdate]]
1067 criteria = "safe-to-run"
1069 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1071 [[audits.google.audits.hyper]]
1073 criteria = "safe-to-run"
1075 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1077 [[audits.google.audits.pin-project]]
1079 criteria = "safe-to-run"
1081 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1083 [[audits.google.audits.pin-project-internal]]
1085 criteria = "safe-to-run"
1087 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1089 [[audits.google.audits.pin-project-lite]]
1090 who = "David Koloski <dkoloski@google.com>"
1091 criteria = "safe-to-deploy"
1093 notes = "Reviewed on https://fxrev.dev/824504"
1094 aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
1096 [[audits.google.audits.scoped-tls]]
1097 who = "George Burgess IV <gbiv@google.com>"
1098 criteria = "safe-to-run"
1100 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1102 [[audits.google.audits.serde_urlencoded]]
1104 criteria = "safe-to-run"
1106 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1108 [[audits.google.audits.tokio-stream]]
1109 who = "David Koloski <dkoloski@google.com>"
1110 criteria = "safe-to-deploy"
1112 notes = "Reviewed on https://fxrev.dev/804724"
1113 aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
1115 [[audits.google.audits.tower-service]]
1117 criteria = "safe-to-run"
1119 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1121 [[audits.google.audits.tracing]]
1123 criteria = "safe-to-run"
1125 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1127 [[audits.google.audits.tracing-attributes]]
1129 criteria = "safe-to-run"
1131 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1133 [[audits.google.audits.tracing-core]]
1135 criteria = "safe-to-run"
1137 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1139 [[audits.google.audits.try-lock]]
1141 criteria = "safe-to-run"
1143 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1145 [[audits.google.audits.version_check]]
1146 who = "George Burgess IV <gbiv@google.com>"
1147 criteria = "safe-to-deploy"
1149 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1151 [[audits.google.audits.want]]
1153 criteria = "safe-to-run"
1155 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1157 [[audits.isrg.wildcard-audits.prio]]
1158 who = "David Cook <dcook@divviup.org>"
1159 criteria = "safe-to-deploy"
1160 user-id = 101233 # le-automaton
1161 start = "2020-09-28"
1164 [[audits.isrg.audits.block-buffer]]
1165 who = "David Cook <dcook@divviup.org>"
1166 criteria = "safe-to-deploy"
1169 [[audits.isrg.audits.keccak]]
1170 who = "David Cook <dcook@divviup.org>"
1171 criteria = "safe-to-deploy"
1174 [[audits.isrg.audits.once_cell]]
1175 who = "Brandon Pitman <bran@bran.land>"
1176 criteria = "safe-to-deploy"
1177 delta = "1.17.1 -> 1.17.2"
1179 [[audits.isrg.audits.once_cell]]
1180 who = "David Cook <dcook@divviup.org>"
1181 criteria = "safe-to-deploy"
1182 delta = "1.17.2 -> 1.18.0"
1184 [[audits.isrg.audits.rand_core]]
1185 who = "David Cook <dcook@divviup.org>"
1186 criteria = "safe-to-deploy"
1189 [[audits.isrg.audits.rayon-core]]
1190 who = "Brandon Pitman <bran@bran.land>"
1191 criteria = "safe-to-deploy"
1192 delta = "1.10.2 -> 1.11.0"
1194 [[audits.isrg.audits.sha2]]
1195 who = "David Cook <dcook@divviup.org>"
1196 criteria = "safe-to-deploy"
1199 [[audits.isrg.audits.sha3]]
1200 who = "David Cook <dcook@divviup.org>"
1201 criteria = "safe-to-deploy"
1204 [[audits.mozilla.wildcard-audits.zeitstempel]]
1205 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1206 criteria = "safe-to-deploy"
1207 user-id = 48 # Jan-Erik Rediger (badboy)
1208 start = "2021-03-03"
1210 notes = "Maintained by me"
1211 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1213 [[audits.mozilla.audits.askama]]
1214 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1215 criteria = "safe-to-deploy"
1216 delta = "0.11.1 -> 0.12.0"
1217 notes = "No new unsafe usage, mostly dependency updates and smaller API changes"
1218 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1220 [[audits.mozilla.audits.askama_derive]]
1221 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1222 criteria = "safe-to-deploy"
1223 delta = "0.11.2 -> 0.12.1"
1224 notes = "Dependency updates, a new toml dependency and some API changes. No unsafe use."
1225 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1227 [[audits.mozilla.audits.basic-toml]]
1228 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1229 criteria = "safe-to-deploy"
1231 notes = "TOML parser, forked from toml 0.5"
1232 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1234 [[audits.mozilla.audits.either]]
1235 who = "Nika Layzell <nika@thelayzells.com>"
1236 criteria = "safe-to-deploy"
1239 Straightforward crate providing the Either enum and trait implementations with
1242 aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
1244 [[audits.mozilla.audits.lazy_static]]
1245 who = "Nika Layzell <nika@thelayzells.com>"
1246 criteria = "safe-to-deploy"
1248 notes = "I have read over the macros, and audited the unsafe code."
1249 aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
1251 [[audits.mozilla.audits.time]]
1252 who = "Kershaw Chang <kershaw@mozilla.com>"
1253 criteria = "safe-to-deploy"
1254 delta = "0.1.45 -> 0.3.17"
1255 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
1257 [[audits.mozilla.audits.time-macros]]
1258 who = "Kershaw Chang <kershaw@mozilla.com>"
1259 criteria = "safe-to-deploy"
1261 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"