2 # cargo-vet imports lock
4 [[publisher.aho-corasick]]
8 user-login = "BurntSushi"
9 user-name = "Andrew Gallant"
11 [[publisher.arbitrary]]
15 user-login = "fitzgen"
16 user-name = "Nick Fitzgerald"
18 [[publisher.async-trait]]
22 user-login = "dtolnay"
23 user-name = "David Tolnay"
29 user-login = "Amanieu"
30 user-name = "Amanieu d'Antras"
32 [[publisher.audio_thread_priority]]
36 user-login = "padenot"
37 user-name = "Paul Adenot"
39 [[publisher.authenticator]]
40 version = "0.4.0-alpha.15"
43 user-login = "jschanck"
44 user-name = "John Schanck"
50 user-login = "martinthomson"
51 user-name = "Martin Thomson"
53 [[publisher.byteorder]]
57 user-login = "BurntSushi"
58 user-name = "Andrew Gallant"
64 user-login = "Darksonn"
65 user-name = "Alice Ryhl"
72 user-name = "Emilio Cobos Álvarez"
81 [[publisher.clap_builder]]
88 [[publisher.clap_derive]]
95 [[publisher.clap_lex]]
100 user-name = "Ed Page"
102 [[publisher.core-foundation]]
106 user-login = "jrmuizel"
107 user-name = "Jeff Muizelaar"
109 [[publisher.core-foundation-sys]]
114 user-name = "Josh Matthews"
116 [[publisher.core-graphics]]
120 user-login = "jrmuizel"
121 user-name = "Jeff Muizelaar"
123 [[publisher.core-graphics-types]]
128 user-name = "Josh Matthews"
130 [[publisher.core-text]]
134 user-login = "jrmuizel"
135 user-name = "Jeff Muizelaar"
137 [[publisher.derive_arbitrary]]
141 user-login = "fitzgen"
142 user-name = "Nick Fitzgerald"
148 user-login = "linabutler"
149 user-name = "Lina Butler"
155 user-login = "dtolnay"
156 user-name = "David Tolnay"
158 [[publisher.etagere]]
163 user-name = "Nicolas Silva"
170 user-name = "Nicolas Silva"
176 user-login = "joshtriplett"
177 user-name = "Josh Triplett"
179 [[publisher.freetype]]
184 user-name = "Josh Matthews"
190 user-login = "jrmuizel"
191 user-name = "Jeff Muizelaar"
197 user-login = "badboy"
198 user-name = "Jan-Erik Rediger"
200 [[publisher.glean-core]]
204 user-login = "badboy"
205 user-name = "Jan-Erik Rediger"
207 [[publisher.glslopt]]
211 user-login = "jamienicol"
212 user-name = "Jamie Nicol"
214 [[publisher.headers]]
218 user-login = "seanmonstar"
219 user-name = "Sean McArthur"
221 [[publisher.httparse]]
225 user-login = "seanmonstar"
226 user-name = "Sean McArthur"
228 [[publisher.indexmap]]
232 user-login = "cuviper"
233 user-name = "Josh Stone"
235 [[publisher.inherent]]
239 user-login = "dtolnay"
240 user-name = "David Tolnay"
246 user-login = "carllerche"
247 user-name = "Carl Lerche"
253 user-login = "dtolnay"
254 user-name = "David Tolnay"
256 [[publisher.jobserver]]
260 user-login = "alexcrichton"
261 user-name = "Alex Crichton"
267 user-login = "Amanieu"
268 user-name = "Amanieu d'Antras"
270 [[publisher.lock_api]]
274 user-login = "Amanieu"
275 user-name = "Amanieu d'Antras"
281 user-login = "BurntSushi"
282 user-name = "Andrew Gallant"
288 user-login = "seanmonstar"
289 user-name = "Sean McArthur"
295 user-login = "carllerche"
296 user-name = "Carl Lerche"
298 [[publisher.num_cpus]]
302 user-login = "seanmonstar"
303 user-name = "Sean McArthur"
309 user-login = "martinthomson"
310 user-name = "Martin Thomson"
312 [[publisher.ordered-float]]
316 user-login = "mbrubeck"
317 user-name = "Matt Brubeck"
319 [[publisher.parking_lot]]
323 user-login = "Amanieu"
324 user-name = "Amanieu d'Antras"
326 [[publisher.parking_lot_core]]
330 user-login = "Amanieu"
331 user-name = "Amanieu d'Antras"
337 user-login = "dtolnay"
338 user-name = "David Tolnay"
344 user-login = "le-automaton"
346 [[publisher.proc-macro2]]
350 user-login = "dtolnay"
351 user-name = "David Tolnay"
357 user-login = "dtolnay"
358 user-name = "David Tolnay"
364 user-login = "BurntSushi"
365 user-name = "Andrew Gallant"
367 [[publisher.regex-syntax]]
371 user-login = "BurntSushi"
372 user-name = "Andrew Gallant"
374 [[publisher.rust_cascade]]
378 user-login = "mozkeeler"
379 user-name = "Dana Keeler"
385 user-login = "dtolnay"
386 user-name = "David Tolnay"
388 [[publisher.same-file]]
392 user-login = "BurntSushi"
393 user-name = "Andrew Gallant"
395 [[publisher.scopeguard]]
399 user-login = "Amanieu"
400 user-name = "Amanieu d'Antras"
406 user-login = "dtolnay"
407 user-name = "David Tolnay"
409 [[publisher.serde_bytes]]
413 user-login = "dtolnay"
414 user-name = "David Tolnay"
416 [[publisher.serde_derive]]
420 user-login = "dtolnay"
421 user-name = "David Tolnay"
423 [[publisher.serde_json]]
427 user-login = "dtolnay"
428 user-name = "David Tolnay"
430 [[publisher.serde_repr]]
434 user-login = "dtolnay"
435 user-name = "David Tolnay"
437 [[publisher.serde_yaml]]
441 user-login = "dtolnay"
442 user-name = "David Tolnay"
444 [[publisher.smallvec]]
448 user-login = "mbrubeck"
449 user-name = "Matt Brubeck"
455 user-login = "dtolnay"
456 user-name = "David Tolnay"
462 user-login = "dtolnay"
463 user-name = "David Tolnay"
465 [[publisher.termcolor]]
469 user-login = "BurntSushi"
470 user-name = "Andrew Gallant"
472 [[publisher.threadbound]]
476 user-login = "dtolnay"
477 user-name = "David Tolnay"
479 [[publisher.tokio-util]]
483 user-login = "Darksonn"
484 user-name = "Alice Ryhl"
490 user-login = "alexcrichton"
491 user-name = "Alex Crichton"
493 [[publisher.unicode-ident]]
497 user-login = "dtolnay"
498 user-name = "David Tolnay"
500 [[publisher.unicode-segmentation]]
504 user-login = "Manishearth"
505 user-name = "Manish Goregaokar"
507 [[publisher.unicode-width]]
511 user-login = "Manishearth"
512 user-name = "Manish Goregaokar"
514 [[publisher.unicode-xid]]
518 user-login = "Manishearth"
519 user-name = "Manish Goregaokar"
525 user-login = "badboy"
526 user-name = "Jan-Erik Rediger"
528 [[publisher.uniffi_bindgen]]
532 user-login = "badboy"
533 user-name = "Jan-Erik Rediger"
535 [[publisher.uniffi_build]]
539 user-login = "badboy"
540 user-name = "Jan-Erik Rediger"
542 [[publisher.uniffi_checksum_derive]]
546 user-login = "badboy"
547 user-name = "Jan-Erik Rediger"
549 [[publisher.uniffi_core]]
553 user-login = "badboy"
554 user-name = "Jan-Erik Rediger"
556 [[publisher.uniffi_macros]]
560 user-login = "badboy"
561 user-name = "Jan-Erik Rediger"
563 [[publisher.uniffi_meta]]
567 user-login = "badboy"
568 user-name = "Jan-Erik Rediger"
570 [[publisher.uniffi_testing]]
574 user-login = "badboy"
575 user-name = "Jan-Erik Rediger"
577 [[publisher.walkdir]]
581 user-login = "BurntSushi"
582 user-name = "Andrew Gallant"
588 user-login = "seanmonstar"
589 user-name = "Sean McArthur"
592 version = "0.11.0+wasi-snapshot-preview1"
595 user-login = "alexcrichton"
596 user-name = "Alex Crichton"
598 [[publisher.wasm-encoder]]
602 user-login = "alexcrichton"
603 user-name = "Alex Crichton"
605 [[publisher.wasm-smith]]
609 user-login = "alexcrichton"
610 user-name = "Alex Crichton"
612 [[publisher.wasmparser]]
616 user-login = "alexcrichton"
617 user-name = "Alex Crichton"
623 user-login = "alexcrichton"
624 user-name = "Alex Crichton"
626 [[publisher.winapi-util]]
630 user-login = "BurntSushi"
631 user-name = "Andrew Gallant"
633 [[publisher.zeitstempel]]
637 user-login = "badboy"
638 user-name = "Jan-Erik Rediger"
640 [[audits.bytecode-alliance.wildcard-audits.arbitrary]]
641 who = "Nick Fitzgerald <fitzgen@gmail.com>"
642 criteria = "safe-to-deploy"
643 user-id = 696 # Nick Fitzgerald (fitzgen)
646 notes = "I am an author of this crate."
648 [[audits.bytecode-alliance.wildcard-audits.derive_arbitrary]]
649 who = "Nick Fitzgerald <fitzgen@gmail.com>"
650 criteria = "safe-to-deploy"
651 user-id = 696 # Nick Fitzgerald (fitzgen)
654 notes = "I am an author of this crate"
656 [[audits.bytecode-alliance.wildcard-audits.wasm-encoder]]
657 who = "Alex Crichton <alex@alexcrichton.com>"
658 criteria = "safe-to-deploy"
659 user-id = 1 # Alex Crichton (alexcrichton)
663 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
664 repository of which I'm one of the primary maintainers and publishers for.
665 I am employed by a member of the Bytecode Alliance and plan to continue doing
666 so and will actively maintain this crate over time.
669 [[audits.bytecode-alliance.wildcard-audits.wasm-smith]]
670 who = "Alex Crichton <alex@alexcrichton.com>"
671 criteria = "safe-to-deploy"
672 user-id = 1 # Alex Crichton (alexcrichton)
676 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
677 repository of which I'm one of the primary maintainers and publishers for.
678 I am employed by a member of the Bytecode Alliance and plan to continue doing
679 so and will actively maintain this crate over time.
682 [[audits.bytecode-alliance.wildcard-audits.wasmparser]]
683 who = "Alex Crichton <alex@alexcrichton.com>"
684 criteria = "safe-to-deploy"
685 user-id = 1 # Alex Crichton (alexcrichton)
689 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
690 repository of which I'm one of the primary maintainers and publishers for.
691 I am employed by a member of the Bytecode Alliance and plan to continue doing
692 so and will actively maintain this crate over time.
695 [[audits.bytecode-alliance.wildcard-audits.wast]]
696 who = "Alex Crichton <alex@alexcrichton.com>"
697 criteria = "safe-to-deploy"
698 user-id = 1 # Alex Crichton (alexcrichton)
702 This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
703 repository of which I'm one of the primary maintainers and publishers for.
704 I am employed by a member of the Bytecode Alliance and plan to continue doing
705 so and will actively maintain this crate over time.
708 [[audits.bytecode-alliance.audits.adler]]
709 who = "Alex Crichton <alex@alexcrichton.com>"
710 criteria = "safe-to-deploy"
712 notes = "This is a small crate which forbids unsafe code and is a straightforward implementation of the adler hashing algorithm."
714 [[audits.bytecode-alliance.audits.arrayref]]
715 who = "Nick Fitzgerald <fitzgen@gmail.com>"
716 criteria = "safe-to-deploy"
719 Unsafe code, but its logic looks good to me. Necessary given what it is
720 doing. Well tested, has quickchecks.
723 [[audits.bytecode-alliance.audits.arrayvec]]
724 who = "Nick Fitzgerald <fitzgen@gmail.com>"
725 criteria = "safe-to-deploy"
728 Well documented invariants, good assertions for those invariants in unsafe code,
729 and tested with MIRI to boot. LGTM.
732 [[audits.bytecode-alliance.audits.base64]]
733 who = "Pat Hickey <phickey@fastly.com>"
734 criteria = "safe-to-deploy"
736 notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
738 [[audits.bytecode-alliance.audits.block-buffer]]
739 who = "Benjamin Bouvier <public@benj.me>"
740 criteria = "safe-to-deploy"
741 delta = "0.9.0 -> 0.10.2"
743 [[audits.bytecode-alliance.audits.bumpalo]]
744 who = "Nick Fitzgerald <fitzgen@gmail.com>"
745 criteria = "safe-to-deploy"
747 notes = "I am the author of this crate."
749 [[audits.bytecode-alliance.audits.cargo-platform]]
750 who = "Pat Hickey <phickey@fastly.com>"
751 criteria = "safe-to-deploy"
753 notes = "no build, no ambient capabilities, no unsafe"
755 [[audits.bytecode-alliance.audits.cc]]
756 who = "Alex Crichton <alex@alexcrichton.com>"
757 criteria = "safe-to-deploy"
759 notes = "I am the author of this crate."
761 [[audits.bytecode-alliance.audits.cfg-if]]
762 who = "Alex Crichton <alex@alexcrichton.com>"
763 criteria = "safe-to-deploy"
765 notes = "I am the author of this crate."
767 [[audits.bytecode-alliance.audits.codespan-reporting]]
768 who = "Jamey Sharp <jsharp@fastly.com>"
769 criteria = "safe-to-deploy"
771 notes = "This library uses `forbid(unsafe_code)` and has no filesystem or network I/O."
773 [[audits.bytecode-alliance.audits.cpufeatures]]
774 who = "Alex Crichton <alex@alexcrichton.com>"
775 criteria = "safe-to-deploy"
776 delta = "0.2.2 -> 0.2.7"
778 This is a minor update that looks to add some more detected CPU features and
779 various other minor portability fixes such as MIRI support.
782 [[audits.bytecode-alliance.audits.crypto-common]]
783 who = "Benjamin Bouvier <public@benj.me>"
784 criteria = "safe-to-deploy"
787 [[audits.bytecode-alliance.audits.foreign-types]]
788 who = "Pat Hickey <phickey@fastly.com>"
789 criteria = "safe-to-deploy"
791 notes = "This crate defined a macro-rules which creates wrappers working with FFI types. The implementation of this crate appears to be safe, but each use of this macro would need to be vetted for correctness as well."
793 [[audits.bytecode-alliance.audits.foreign-types-shared]]
794 who = "Pat Hickey <phickey@fastly.com>"
795 criteria = "safe-to-deploy"
798 [[audits.bytecode-alliance.audits.form_urlencoded]]
799 who = "Alex Crichton <alex@alexcrichton.com>"
800 criteria = "safe-to-deploy"
803 This is a small crate for working with url-encoded forms which doesn't have any
804 more than what it says on the tin. Contains one `unsafe` block related to
805 performance around utf-8 validation which is fairly easy to verify as correct.
808 [[audits.bytecode-alliance.audits.futures-channel]]
809 who = "Pat Hickey <phickey@fastly.com>"
810 criteria = "safe-to-deploy"
812 notes = "build.rs is just detecting the target and setting cfg. unsafety is for implementing a concurrency primitives using atomics and unsafecell, and is not obviously incorrect (this is the sort of thing I wouldn't certify as correct without formal methods)"
814 [[audits.bytecode-alliance.audits.futures-core]]
815 who = "Pat Hickey <phickey@fastly.com>"
816 criteria = "safe-to-deploy"
818 notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
820 [[audits.bytecode-alliance.audits.futures-executor]]
821 who = "Pat Hickey <phickey@fastly.com>"
822 criteria = "safe-to-deploy"
824 notes = "Unsafe used to implement the unpark mutex, which is well commented and not obviously incorrect. Like with futures-channel I wouldn't be able to certify it as correct without formal methods."
826 [[audits.bytecode-alliance.audits.futures-io]]
827 who = "Pat Hickey <phickey@fastly.com>"
828 criteria = "safe-to-deploy"
831 [[audits.bytecode-alliance.audits.futures-sink]]
832 who = "Pat Hickey <phickey@fastly.com>"
833 criteria = "safe-to-deploy"
836 [[audits.bytecode-alliance.audits.heck]]
837 who = "Alex Crichton <alex@alexcrichton.com>"
838 criteria = "safe-to-deploy"
840 notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation."
842 [[audits.bytecode-alliance.audits.id-arena]]
843 who = "Nick Fitzgerald <fitzgen@gmail.com>"
844 criteria = "safe-to-deploy"
846 notes = "I am the author of this crate."
848 [[audits.bytecode-alliance.audits.idna]]
849 who = "Alex Crichton <alex@alexcrichton.com>"
850 criteria = "safe-to-deploy"
853 This is a crate without unsafe code or usage of the standard library. The large
854 size of this crate comes from the large generated unicode tables file. This
855 crate is broadly used throughout the ecosystem and does not contain anything
859 [[audits.bytecode-alliance.audits.leb128]]
860 who = "Nick Fitzgerald <fitzgen@gmail.com>"
861 criteria = "safe-to-deploy"
863 notes = "I am the author of this crate."
865 [[audits.bytecode-alliance.audits.memoffset]]
866 who = "Alex Crichton <alex@alexcrichton.com>"
867 criteria = "safe-to-deploy"
868 delta = "0.7.1 -> 0.8.0"
869 notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes."
871 [[audits.bytecode-alliance.audits.peeking_take_while]]
872 who = "Nick Fitzgerald <fitzgen@gmail.com>"
873 criteria = "safe-to-deploy"
875 notes = "I am the author of this crate."
877 [[audits.bytecode-alliance.audits.percent-encoding]]
878 who = "Alex Crichton <alex@alexcrichton.com>"
879 criteria = "safe-to-deploy"
882 This crate is a single-file crate that does what it says on the tin. There are
883 a few `unsafe` blocks related to utf-8 validation which are locally verifiable
884 as correct and otherwise this crate is good to go.
887 [[audits.bytecode-alliance.audits.pin-utils]]
888 who = "Pat Hickey <phickey@fastly.com>"
889 criteria = "safe-to-deploy"
892 [[audits.bytecode-alliance.audits.pkg-config]]
893 who = "Pat Hickey <phickey@fastly.com>"
894 criteria = "safe-to-deploy"
896 notes = "This crate shells out to the pkg-config executable, but it appears to sanitize inputs reasonably."
898 [[audits.bytecode-alliance.audits.rustc-demangle]]
899 who = "Alex Crichton <alex@alexcrichton.com>"
900 criteria = "safe-to-deploy"
902 notes = "I am the author of this crate."
904 [[audits.bytecode-alliance.audits.semver]]
905 who = "Pat Hickey <phickey@fastly.com>"
906 criteria = "safe-to-deploy"
908 notes = "plenty of unsafe pointer and vec tricks, but in well-structured and commented code that appears to be correct"
910 [[audits.bytecode-alliance.audits.slab]]
911 who = "Pat Hickey <phickey@fastly.com>"
912 criteria = "safe-to-deploy"
914 notes = "provides a datastructure implemented using std's Vec. all uses of unsafe are just delegating to the underlying unsafe Vec methods."
916 [[audits.bytecode-alliance.audits.unicase]]
917 who = "Alex Crichton <alex@alexcrichton.com>"
918 criteria = "safe-to-deploy"
921 This crate contains no `unsafe` code and no unnecessary use of the standard
925 [[audits.bytecode-alliance.audits.unicode-bidi]]
926 who = "Alex Crichton <alex@alexcrichton.com>"
927 criteria = "safe-to-deploy"
930 This crate has no unsafe code and does not use `std::*`. Skimming the crate it
931 does not attempt to out of the bounds of what it's already supposed to be doing.
934 [[audits.bytecode-alliance.audits.unicode-normalization]]
935 who = "Alex Crichton <alex@alexcrichton.com>"
936 criteria = "safe-to-deploy"
939 This crate contains one usage of `unsafe` which I have manually checked to see
940 it as correct. This crate's size comes in large part due to the generated
941 unicode tables that it contains. This crate is additionally widely used
942 throughout the ecosystem and skimming the crate shows no usage of `std::*` APIs
943 and nothing suspicious.
946 [[audits.embark-studios.audits.anyhow]]
947 who = "Johan Andersson <opensource@embark-studios.com>"
948 criteria = "safe-to-deploy"
951 [[audits.embark-studios.audits.cty]]
952 who = "Johan Andersson <opensource@embark-studios.com>"
953 criteria = "safe-to-deploy"
955 notes = "Inspected it and is a tiny crate with just type definitions"
957 [[audits.embark-studios.audits.derive_more]]
958 who = "Johan Andersson <opensource@embark-studios.com>"
959 criteria = "safe-to-deploy"
961 notes = "No unsafe usage or ambient capabilities"
963 [[audits.embark-studios.audits.ident_case]]
964 who = "Johan Andersson <opensource@embark-studios.com>"
965 criteria = "safe-to-deploy"
967 notes = "No unsafe usage or ambient capabilities"
969 [[audits.embark-studios.audits.line-wrap]]
970 who = "Johan Andersson <opensource@embark-studios.com>"
971 criteria = "safe-to-deploy"
973 notes = "No unsafe usage or ambient capabilities"
975 [[audits.embark-studios.audits.thiserror]]
976 who = "Johan Andersson <opensource@embark-studios.com>"
977 criteria = "safe-to-deploy"
979 notes = "Wrapper over implementation crate, found no unsafe or ambient capabilities used"
981 [[audits.embark-studios.audits.thiserror-impl]]
982 who = "Johan Andersson <opensource@embark-studios.com>"
983 criteria = "safe-to-deploy"
985 notes = "Found no unsafe or ambient capabilities used"
987 [[audits.embark-studios.audits.yaml-rust]]
988 who = "Johan Andersson <opensource@embark-studios.com>"
989 criteria = "safe-to-deploy"
991 notes = "No unsafe usage or ambient capabilities"
993 [[audits.google.audits.ash]]
994 who = "David Koloski <dkoloski@google.com>"
995 criteria = "safe-to-deploy"
996 version = "0.37.0+1.3.209"
997 notes = "Reviewed on https://fxrev.dev/694269"
998 aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
1000 [[audits.google.audits.fastrand]]
1001 who = "George Burgess IV <gbiv@google.com>"
1002 criteria = "safe-to-deploy"
1005 `does-not-implement-crypto` is certified because this crate explicitly says
1006 that the RNG here is not cryptographically secure.
1008 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1010 [[audits.google.audits.futures]]
1011 who = "George Burgess IV <gbiv@google.com>"
1012 criteria = "safe-to-deploy"
1015 `futures` has no logic other than tests - it simply `pub use`s things from
1018 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1020 [[audits.google.audits.glob]]
1021 who = "George Burgess IV <gbiv@google.com>"
1022 criteria = "safe-to-deploy"
1024 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1026 [[audits.google.audits.h2]]
1028 criteria = "safe-to-run"
1030 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1032 [[audits.google.audits.http]]
1034 criteria = "safe-to-run"
1036 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1038 [[audits.google.audits.http-body]]
1040 criteria = "safe-to-run"
1042 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1044 [[audits.google.audits.httpdate]]
1046 criteria = "safe-to-run"
1048 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1050 [[audits.google.audits.hyper]]
1052 criteria = "safe-to-run"
1054 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1056 [[audits.google.audits.pin-project]]
1058 criteria = "safe-to-run"
1060 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1062 [[audits.google.audits.pin-project-internal]]
1064 criteria = "safe-to-run"
1066 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1068 [[audits.google.audits.pin-project-lite]]
1069 who = "David Koloski <dkoloski@google.com>"
1070 criteria = "safe-to-deploy"
1072 notes = "Reviewed on https://fxrev.dev/824504"
1073 aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
1075 [[audits.google.audits.scoped-tls]]
1076 who = "George Burgess IV <gbiv@google.com>"
1077 criteria = "safe-to-run"
1079 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1081 [[audits.google.audits.serde_urlencoded]]
1083 criteria = "safe-to-run"
1085 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1087 [[audits.google.audits.tokio-stream]]
1088 who = "David Koloski <dkoloski@google.com>"
1089 criteria = "safe-to-deploy"
1091 notes = "Reviewed on https://fxrev.dev/804724"
1092 aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
1094 [[audits.google.audits.tower-service]]
1096 criteria = "safe-to-run"
1098 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1100 [[audits.google.audits.tracing]]
1102 criteria = "safe-to-run"
1104 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1106 [[audits.google.audits.tracing-attributes]]
1108 criteria = "safe-to-run"
1110 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1112 [[audits.google.audits.tracing-core]]
1114 criteria = "safe-to-run"
1116 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1118 [[audits.google.audits.try-lock]]
1120 criteria = "safe-to-run"
1122 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1124 [[audits.google.audits.version_check]]
1125 who = "George Burgess IV <gbiv@google.com>"
1126 criteria = "safe-to-deploy"
1128 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1130 [[audits.google.audits.want]]
1132 criteria = "safe-to-run"
1134 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
1136 [[audits.isrg.wildcard-audits.prio]]
1137 who = "David Cook <dcook@divviup.org>"
1138 criteria = "safe-to-deploy"
1139 user-id = 101233 # le-automaton
1140 start = "2020-09-28"
1143 [[audits.isrg.audits.block-buffer]]
1144 who = "David Cook <dcook@divviup.org>"
1145 criteria = "safe-to-deploy"
1148 [[audits.isrg.audits.keccak]]
1149 who = "David Cook <dcook@divviup.org>"
1150 criteria = "safe-to-deploy"
1153 [[audits.isrg.audits.once_cell]]
1154 who = "Brandon Pitman <bran@bran.land>"
1155 criteria = "safe-to-deploy"
1156 delta = "1.17.1 -> 1.17.2"
1158 [[audits.isrg.audits.once_cell]]
1159 who = "David Cook <dcook@divviup.org>"
1160 criteria = "safe-to-deploy"
1161 delta = "1.17.2 -> 1.18.0"
1163 [[audits.isrg.audits.rayon-core]]
1164 who = "Brandon Pitman <bran@bran.land>"
1165 criteria = "safe-to-deploy"
1166 delta = "1.10.2 -> 1.11.0"
1168 [[audits.isrg.audits.sha3]]
1169 who = "David Cook <dcook@divviup.org>"
1170 criteria = "safe-to-deploy"
1173 [[audits.mozilla.wildcard-audits.zeitstempel]]
1174 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1175 criteria = "safe-to-deploy"
1176 user-id = 48 # Jan-Erik Rediger (badboy)
1177 start = "2021-03-03"
1179 notes = "Maintained by me"
1180 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1182 [[audits.mozilla.audits.askama]]
1183 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1184 criteria = "safe-to-deploy"
1185 delta = "0.11.1 -> 0.12.0"
1186 notes = "No new unsafe usage, mostly dependency updates and smaller API changes"
1187 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1189 [[audits.mozilla.audits.askama_derive]]
1190 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1191 criteria = "safe-to-deploy"
1192 delta = "0.11.2 -> 0.12.1"
1193 notes = "Dependency updates, a new toml dependency and some API changes. No unsafe use."
1194 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1196 [[audits.mozilla.audits.basic-toml]]
1197 who = "Jan-Erik Rediger <jrediger@mozilla.com>"
1198 criteria = "safe-to-deploy"
1200 notes = "TOML parser, forked from toml 0.5"
1201 aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
1203 [[audits.mozilla.audits.either]]
1204 who = "Nika Layzell <nika@thelayzells.com>"
1205 criteria = "safe-to-deploy"
1208 Straightforward crate providing the Either enum and trait implementations with
1211 aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
1213 [[audits.mozilla.audits.lazy_static]]
1214 who = "Nika Layzell <nika@thelayzells.com>"
1215 criteria = "safe-to-deploy"
1217 notes = "I have read over the macros, and audited the unsafe code."
1218 aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"