1 2# cargo-vet audits file 3 4[criteria.crypto-safe] 5description = """ 6All crypto algorithms in this crate have been reviewed by a relevant expert. 7 8**Note**: If a crate does not implement crypto, use `does-not-implement-crypto`, 9which implies `crypto-safe`, but does not require expert review in order to 10audit for.""" 11 12[criteria.does-not-implement-crypto] 13description = """ 14Inspection reveals that the crate in question does not attempt to implement any 15cryptographic algorithms on its own. 16 17Note that certification of this does not require an expert on all forms of 18cryptography: it's expected for crates we import to be \"good enough\" citizens, 19so they'll at least be forthcoming if they try to implement something 20cryptographic. When in doubt, please ask an expert.""" 21implies = "crypto-safe" 22 23[criteria.ub-risk-0] 24description = """ 25No unsafe code. 26 27Full description of the audit criteria can be found at 28https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-0 29""" 30implies = "ub-risk-1" 31 32[criteria.ub-risk-1] 33description = """ 34Excellent soundness. 35 36Full description of the audit criteria can be found at 37https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-1 38""" 39implies = "ub-risk-2" 40 41[criteria.ub-risk-2] 42description = """ 43Negligible unsoundness or average soundness. 44 45Full description of the audit criteria can be found at 46https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-2 47""" 48implies = "ub-risk-3" 49 50[criteria.ub-risk-3] 51description = """ 52Mild unsoundness or suboptimal soundness. 53 54Full description of the audit criteria can be found at 55https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-3 56""" 57implies = "ub-risk-4" 58 59[criteria.ub-risk-4] 60description = """ 61Extreme unsoundness. 62 63Full description of the audit criteria can be found at 64https://github.com/google/rust-crate-audits/blob/main/auditing_standards.md#ub-risk-4 65""" 66 67[[audits.adler]] 68who = "Lukasz Anforowicz <lukasza@chromium.org>" 69criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 70version = "1.0.2" 71notes = ''' 72Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'` 73and there were no hits (except in comments and in the `README.md` file). 74 75Note that some additional, internal notes about an older version of this crate 76can be found at go/image-crate-chromium-security-review. 77''' 78 79[[audits.adler2]] 80who = "Lukasz Anforowicz <lukasza@chromium.org>" 81criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 82version = "2.0.0" 83notes = ''' 84This audit has been reviewed in https://crrev.com/c/5811890 85 86The crate is fairly easy to read thanks to its small size and rich comments. 87 88I've grepped for `-i cipher`, `-i crypto`, `\bfs\b`, `\bnet\b`, and 89`\bunsafe\b`. There were no hits (except for a comment in `README.md` 90and `lib.rs` pointing out "Zero `unsafe`"). 91''' 92 93[[audits.aho-corasick]] 94who = "danakj@chromium.org" 95criteria = ["safe-to-run", "does-not-implement-crypto"] 96version = "1.1.2" 97notes = """ 98Reviewed in https://crrev.com/c/5171063 99 100Previously reviewed during security review and the audit is grandparented in. 101""" 102 103[[audits.aho-corasick]] 104who = "Dustin J. Mitchell <djmitche@chromium.org>" 105criteria = ["safe-to-run", "does-not-implement-crypto"] 106delta = "1.1.2 -> 1.1.3" 107 108[[audits.anstyle]] 109who = "danakj@chromium.org" 110criteria = ["safe-to-run", "does-not-implement-crypto"] 111version = "1.0.4" 112notes = """ 113Reviewed in https://crrev.com/c/5171063 114 115Previously reviewed during security review and the audit is grandparented in. 116""" 117 118[[audits.anstyle]] 119who = "Lukasz Anforowicz <lukasza@chromium.org>" 120criteria = ["safe-to-run", "does-not-implement-crypto"] 121delta = "1.0.4 -> 1.0.6" 122 123[[audits.anstyle]] 124who = "danakj <danakj@chromium.org>" 125criteria = ["safe-to-run", "does-not-implement-crypto"] 126delta = "1.0.6 -> 1.0.7" 127 128[[audits.anstyle]] 129who = "Lukasz Anforowicz <lukasza@chromium.org>" 130criteria = ["safe-to-run", "does-not-implement-crypto"] 131delta = "1.0.7 -> 1.0.8" 132notes = "Only Cargo.toml changes in the 1.0.7 => 1.0.8 delta." 133 134[[audits.anstyle]] 135who = "Dustin J. Mitchell <djmitche@chromium.org>" 136criteria = ["safe-to-run", "does-not-implement-crypto"] 137delta = "1.0.8 -> 1.0.9" 138notes = "No changes" 139 140[[audits.anstyle]] 141who = "Lukasz Anforowicz <lukasza@chromium.org>" 142criteria = ["safe-to-run", "does-not-implement-crypto"] 143delta = "1.0.9 -> 1.0.10" 144notes = "Minor changes related to `write_str`." 145 146[[audits.anyhow]] 147who = "Lukasz Anforowicz <lukasza@chromium.org>" 148criteria = ["safe-to-run", "does-not-implement-crypto"] 149delta = "1.0.75 -> 1.0.79" 150notes = """ 1511.0.75 has been previously audited as \"safe-to-run\", 152\"does-not-implement-crypto\" - see 153https://github.com/google/rust-crate-audits/blob/c2d49cb6e80bb817f569debecf846161dcebd88c/audits.toml#L277-L305 154The \"1.0.75 -> 1.0.79\" delta meets the same criteria. 155 156This is an incremental/delta audit - we don't claim any particular `ub-risk-N` 157level for the baseline or for the final version. OTOH note that additional 158uses of `unsafe` have been reviewed in https://crrev.com/c/5178771 and the 159**delta** was evaluated as `ub-risk-3` - no known unsoundness but: 160* Little safety comments to explain why a particular usage of `unsafe` 161 is safe and/or necessary 162* Safety analysis couldn't be done locally, but required considering the 163 whole crate (e.g. checking if the public `Ref.ptr` is mutated anywhere) 164""" 165 166[[audits.anyhow]] 167who = "Lukasz Anforowicz <lukasza@chromium.org>" 168criteria = ["safe-to-run", "does-not-implement-crypto"] 169delta = "1.0.79 -> 1.0.80" 170 171[[audits.anyhow]] 172who = "Adrian Taylor <adetaylor@chromium.org>" 173criteria = ["safe-to-run", "does-not-implement-crypto"] 174delta = "1.0.80 -> 1.0.81" 175 176[[audits.anyhow]] 177who = "Adrian Taylor <adetaylor@chromium.org>" 178criteria = ["safe-to-run", "does-not-implement-crypto"] 179delta = "1.0.81 -> 1.0.82" 180 181[[audits.anyhow]] 182who = "danakj <danakj@chromium.org>" 183criteria = ["safe-to-run", "does-not-implement-crypto"] 184delta = "1.0.82 -> 1.0.83" 185notes = "No change to UB-risk profile either." 186 187[[audits.anyhow]] 188who = "Dustin J. Mitchell <djmitche@chromium.org>" 189criteria = ["safe-to-run", "does-not-implement-crypto"] 190delta = "1.0.83 -> 1.0.86" 191notes = "Delta only updates the ensure macro implementation, still safe to run, no crypto" 192 193[[audits.anyhow]] 194who = "Adrian Taylor <adetaylor@chromium.org>" 195criteria = ["safe-to-run", "does-not-implement-crypto"] 196delta = "1.0.86 -> 1.0.87" 197notes = "Minimal changes, mostly renaming std to core for a type" 198 199[[audits.anyhow]] 200who = "Dustin J. Mitchell <djmitche@chromium.org>" 201criteria = ["safe-to-run", "does-not-implement-crypto"] 202delta = "1.0.87 -> 1.0.89" 203notes = "No safety-related changes in this delta" 204 205[[audits.anyhow]] 206who = "Liza Burakova <liza@chromium.org>" 207criteria = ["safe-to-run", "does-not-implement-crypto"] 208delta = "1.0.89 -> 1.0.91" 209notes = "Minimal changes" 210 211[[audits.anyhow]] 212who = "Lukasz Anforowicz <lukasza@chromium.org>" 213criteria = ["safe-to-run", "does-not-implement-crypto"] 214delta = "1.0.91 -> 1.0.93" 215notes = """ 216`ensure!` macro tweaks to handle 217https://github.com/rust-lang/rfcs/blob/master/text/2582-raw-reference-mir-operator.md 218""" 219 220[[audits.autocfg]] 221who = "Lukasz Anforowicz <lukasza@chromium.org>" 222criteria = ["ub-risk-0", "safe-to-deploy", "does-not-implement-crypto"] 223version = "1.1.0" 224notes = """ 225Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` 226and there were no hits except for reasonable, client-controlled usage of 227`std::fs` in `AutoCfg::with_dir`. 228 229This crate has been added to Chromium in 230https://source.chromium.org/chromium/chromium/src/+/591a0f30c5eac93b6a3d981c2714ffa4db28dbcb 231The CL description contains a link to a Google-internal document with audit details. 232""" 233 234[[audits.autocfg]] 235who = "Lukasz Anforowicz <lukasza@chromium.org>" 236criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 237delta = "1.1.0 -> 1.2.0" 238notes = ''' 239Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` 240and nothing changed from the baseline audit of 1.1.0. Skimmed through the 2411.1.0 => 1.2.0 delta and everything seemed okay. 242''' 243 244[[audits.base64]] 245who = "Adam Langley <agl@chromium.org>" 246criteria = ["ub-risk-0", "safe-to-deploy", "does-not-implement-crypto"] 247version = "0.13.1" 248notes = "Skimmed the uses of `std` to ensure that nothing untoward is happening. Code uses `forbid(unsafe_code)` and, indeed, there are no uses of `unsafe`" 249 250[[audits.bitflags]] 251who = "Lukasz Anforowicz <lukasza@chromium.org>" 252criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 253version = "1.3.2" 254notes = """ 255Security review of earlier versions of the crate can be found at 256(Google-internal, sorry): go/image-crate-chromium-security-review 257 258The crate exposes a function marked as `unsafe`, but doesn't use any 259`unsafe` blocks (except for tests of the single `unsafe` function). I 260think this justifies marking this crate as `ub-risk-1`. 261 262Additional review comments can be found at https://crrev.com/c/4723145/31 263""" 264 265[[audits.bitflags]] 266who = "Lukasz Anforowicz <lukasza@chromium.org>" 267criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 268version = "2.4.2" 269notes = """ 270Audit notes: 271 272* I've checked for any discussion in Google-internal cl/546819168 (where audit 273 of version 2.3.3 happened) 274* `src/lib.rs` contains `#![cfg_attr(not(test), forbid(unsafe_code))]` 275* There are 2 cases of `unsafe` in `src/external.rs` but they seem to be 276 correct in a straightforward way - they just propagate the marker trait's 277 impl (e.g. `impl bytemuck::Pod`) from the inner to the outer type 278* Additional discussion and/or notes may be found in https://crrev.com/c/5238056 279""" 280 281[[audits.bitflags]] 282who = "Adrian Taylor <adetaylor@chromium.org>" 283criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 284delta = "2.4.2 -> 2.5.0" 285 286[[audits.bitflags]] 287who = "Adrian Taylor <adetaylor@chromium.org>" 288criteria = ["safe-to-deploy", "crypto-safe", "ub-risk-2"] 289delta = "2.5.0 -> 2.6.0" 290notes = "The changes from the previous version are negligible and thus it retains the same properties." 291 292[[audits.bstr]] 293who = "danakj <danakj@chromium.org>" 294criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 295version = "1.10.0" 296notes = """ 297WARNING: This certification is a result of a **partial** audit. The 298`unicode` feature has **not** been audited. The unicode feature has 299soundness that depends on the correctness of regex automata that are 300shipped as binary blobs. They have not been reviewed here.Ability to 301track partial audits is tracked in 302https://github.com/mozilla/cargo-vet/issues/380. 303""" 304 305[[audits.bstr]] 306who = "Adrian Taylor <adetaylor@chromium.org>" 307criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 308delta = "1.10.0 -> 1.11.0" 309notes = "Changes two unsafe blocks to use core::mem::align_of<usize> instead of core::mem::size_of<usize> which shouldn't differ on mainstream platforms." 310 311[[audits.bytemuck]] 312who = "Lukasz Anforowicz <lukasza@chromium.org>" 313criteria = "safe-to-deploy" 314version = "1.16.3" 315notes = """ 316Review notes from the original audit (of 1.14.3) may be found in 317https://crrev.com/c/5362675. Note that this audit has initially missed UB risk 318that was fixed in 1.16.2 - see https://github.com/Lokathor/bytemuck/pull/258. 319Because of this, the original audit has been edited to certify version `1.16.3` 320instead (see also https://crrev.com/c/5771867). 321""" 322 323[[audits.bytemuck]] 324who = "Lukasz Anforowicz <lukasza@chromium.org>" 325criteria = ["does-not-implement-crypto", "ub-risk-4"] 326delta = "1.13.1 -> 1.14.3" 327notes = """ 328Review notes from the original audit may be found in 329https://crrev.com/c/5362675. Note that this audit has initially missed UB risk 330that was fixed in 1.16.2 - see https://github.com/Lokathor/bytemuck/pull/258. 331Because of this, the original audit has been edited to certify `ub-risk-4` 332instead. 333""" 334 335[[audits.bytemuck]] 336who = "Lukasz Anforowicz <lukasza@chromium.org>" 337criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 338delta = "1.13.1 -> 1.16.3" 339notes = """ 340The certification of the 1.13.1 => 1.16.1 delta is based on: 341 342* 1.13.1 -> 1.14.3 audit in https://crrev.com/c/5362675. Note that this audit 343 has initially missed UB risk that was fixed in 1.16.2 - see 344 https://github.com/Lokathor/bytemuck/pull/258. 345* 1.14.3 -> 1.15.0 audit in https://crrev.com/c/5380327 346* 1.15.0 -> 1.16.0 audit in https://crrev.com/c/5535688 347* 1.16.0 -> 1.16.1 audit in https://crrev.com/c/5650895 348 349When auditing the changes in the 1.16.1 -> 1.16.3 delta it seems that: 350 351* The changes correctly account for ZSTs: 352 * Avoiding division-by-zero errors 353 * Avoiding UB in `BoxBytes::drop` 354* The changes preserve safety gurantees for nearby `unsafe` blocks 355""" 356 357[[audits.bytemuck]] 358who = "Adrian Taylor <adetaylor@chromium.org>" 359criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 360delta = "1.14.3 -> 1.15.0" 361 362[[audits.bytemuck]] 363who = "danakj <danakj@chromium.org>" 364criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 365delta = "1.15.0 -> 1.16.0" 366 367[[audits.bytemuck]] 368who = "Lukasz Anforowicz <lukasza@chromium.org>" 369criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 370delta = "1.16.0 -> 1.16.1" 371notes = """ 372The delta only adds `f16` and `f128` support (with some other minor changes) 373and has no impact on the audit criteria. 374""" 375 376[[audits.bytemuck]] 377who = "Lukasz Anforowicz <lukasza@chromium.org>" 378criteria = "ub-risk-3" 379delta = "1.16.3 -> 1.17.0" 380notes = """ 3811.17.0 may rely on `union` layout that is not guaranteed by the compiler. 382See https://github.com/Lokathor/bytemuck/pull/268 383""" 384 385[[audits.bytemuck]] 386who = "Lukasz Anforowicz <lukasza@chromium.org>" 387criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 388delta = "1.16.3 -> 1.17.1" 389notes = "Unsafe review comments can be found in https://crrev.com/c/5813463" 390 391[[audits.bytemuck]] 392who = "Adrian Taylor <adetaylor@chromium.org>" 393criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 394delta = "1.17.1 -> 1.18.0" 395notes = "No code changes - just altering feature flag arrangements" 396 397[[audits.bytemuck]] 398who = "Adrian Taylor <adetaylor@chromium.org>" 399criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 400delta = "1.18.0 -> 1.19.0" 401notes = "No code changes - just comment changes and adding the track_caller attribute." 402 403[[audits.bytemuck_derive]] 404who = "Lukasz Anforowicz <lukasza@chromium.org>" 405criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 406version = "1.6.0" 407notes = """ 408Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no 409hits except for 8 occurrences of `unsafe`. Additional `unsafe` review comments 410can be found in https://crrev.com/c/5445719. 411""" 412 413[[audits.bytemuck_derive]] 414who = "Lukasz Anforowicz <lukasza@chromium.org>" 415criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 416delta = "1.6.0 -> 1.6.1" 417notes = """ 418No behavior/code changes AFAICT - only adding 419`#[allow(clippy::multiple_bound_locations)]`, doc comments, and making 420some cosmetic changes in non-`.rs` files. 421""" 422 423[[audits.bytemuck_derive]] 424who = "danakj <danakj@chromium.org>" 425criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 426delta = "1.6.1 -> 1.7.0" 427notes = """ 428Added support for Zeroable enums, which requires them to be represented as an integer and to have 0 as one of their values. 429 430Other trivial/formatting changes. 431""" 432 433[[audits.bytemuck_derive]] 434who = "Lukasz Anforowicz <lukasza@chromium.org>" 435criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 436delta = "1.7.0 -> 1.7.1" 437notes = """ 438No impact on safety AFAICT - the delta only specifies a new attribute for 439`proc_macro_derive` to work around re-export issues described at 440https://github.com/Lokathor/bytemuck/issues/159 441""" 442 443[[audits.bytemuck_derive]] 444who = "danakj <danakj@chromium.org>" 445criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 446delta = "1.7.1 -> 1.8.0" 447notes = "Unsafe review: https://crrev.com/c/5921014" 448 449[[audits.byteorder]] 450who = "danakj <danakj@chromium.org>" 451criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 452version = "1.5.0" 453notes = "Unsafe review in https://crrev.com/c/5838022" 454 455[[audits.bytes]] 456who = "agl@chromium.org" 457criteria = ["safe-to-run", "does-not-implement-crypto"] 458delta = "1.4.0 -> 1.5.0" 459 460[[audits.bytes]] 461who = "Dustin J. Mitchell <djmitche@chromium.org>" 462criteria = ["safe-to-run", "does-not-implement-crypto"] 463delta = "1.5.0 -> 1.6.0" 464notes = "Update removes some unsafe, and includes verifiable safety comments for newly-added unsafe." 465 466[[audits.bytes]] 467who = "Dustin J. Mitchell <djmitche@chromium.org>" 468criteria = ["safe-to-run", "does-not-implement-crypto"] 469delta = "1.6.0 -> 1.6.1" 470notes = "Very minor update, no unsafe changes" 471 472[[audits.bytes]] 473who = "Lukasz Anforowicz <lukasza@chromium.org>" 474criteria = ["safe-to-run", "does-not-implement-crypto"] 475delta = "1.6.1 -> 1.7.1" 476notes = "Many changes but they seem to meet the low bar of safe-to-run." 477 478[[audits.bytes]] 479who = "Lukasz Anforowicz <lukasza@chromium.org>" 480criteria = ["safe-to-run", "does-not-implement-crypto"] 481delta = "1.7.1 -> 1.7.2" 482 483[[audits.bytes]] 484who = "Liza Burakova <liza@chromium.org>" 485criteria = ["safe-to-run", "does-not-implement-crypto"] 486delta = "1.7.2 -> 1.8.0" 487notes = "smol change, does not add unsafe code, majority of change is new tests" 488 489[[audits.cfg-if]] 490who = "Lukasz Anforowicz <lukasza@chromium.org>" 491criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 492version = "1.0.0" 493notes = ''' 494I grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were 495no hits. This is a really small crate (only `lib.rs` which is less than 200 496lines + one end-to-end test) so I also skimmed through the macro's definition 497and everything looks okay to me. 498''' 499 500[[audits.clap]] 501who = "danakj@chromium.org" 502criteria = ["safe-to-run", "does-not-implement-crypto"] 503version = "4.4.8" 504notes = """ 505Reviewed in https://crrev.com/c/5171063 506 507Previously reviewed during security review and the audit is grandparented in. 508""" 509 510[[audits.clap]] 511who = "Lukasz Anforowicz <lukasza@chromium.org>" 512criteria = "ub-risk-0" 513version = "4.5.0" 514notes = "No `unsafe`" 515 516[[audits.clap]] 517who = "Lukasz Anforowicz <lukasza@chromium.org>" 518criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 519version = "4.5.15" 520notes = ''' 521Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'` 522and there were no hits, except for `std::net::IpAddr` usage in 523`examples/typed-derive.rs`. 524''' 525 526[[audits.clap]] 527who = "Lukasz Anforowicz <lukasza@chromium.org>" 528criteria = ["safe-to-run", "does-not-implement-crypto"] 529delta = "4.4.8 -> 4.4.14" 530 531[[audits.clap]] 532who = "Lukasz Anforowicz <lukasza@chromium.org>" 533criteria = ["safe-to-run", "does-not-implement-crypto"] 534delta = "4.4.14 -> 4.5.0" 535 536[[audits.clap]] 537who = "Lukasz Anforowicz <lukasza@chromium.org>" 538criteria = ["safe-to-run", "does-not-implement-crypto"] 539delta = "4.5.0 -> 4.5.1" 540 541[[audits.clap]] 542who = "danakj <danakj@chromium.org>" 543criteria = ["safe-to-run", "does-not-implement-crypto"] 544delta = "4.5.1 -> 4.5.2" 545notes = "Reviewed in https://crrev.com/c/5362201" 546 547[[audits.clap]] 548who = "Adrian Taylor <adetaylor@chromium.org>" 549criteria = ["safe-to-run", "does-not-implement-crypto"] 550delta = "4.5.2 -> 4.5.3" 551 552[[audits.clap]] 553who = "Lukasz Anforowicz <lukasza@chromium.org>" 554criteria = ["safe-to-run", "does-not-implement-crypto"] 555delta = "4.5.3 -> 4.5.4" 556notes = "Minimal diff - only module naming/nesting-related changes." 557 558[[audits.clap]] 559who = "Adrian Taylor <adetaylor@chromium.org>" 560criteria = ["safe-to-run", "does-not-implement-crypto"] 561delta = "4.5.4 -> 4.5.7" 562 563[[audits.clap]] 564who = "Adrian Taylor <adetaylor@chromium.org>" 565criteria = ["safe-to-run", "does-not-implement-crypto"] 566delta = "4.5.7 -> 4.5.8" 567 568[[audits.clap]] 569who = "Dustin J. Mitchell <djmitche@chromium.org>" 570criteria = ["safe-to-run", "does-not-implement-crypto"] 571delta = "4.5.8 -> 4.5.9" 572 573[[audits.clap]] 574who = "Lukasz Anforowicz <lukasza@chromium.org>" 575criteria = ["safe-to-run", "does-not-implement-crypto"] 576delta = "4.5.15 -> 4.5.16" 577notes = """ 578The only change in the delta is explicitly listing re-exports 579instead of using a `*` wildcard in `pub use clap_derive::{self, *}`. 580""" 581 582[[audits.clap]] 583who = "danakj <danakj@chromium.org>" 584criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 585delta = "4.5.15 -> 4.5.17" 586notes = "Minor code change and toml changes." 587 588[[audits.clap]] 589who = "Lukasz Anforowicz <lukasza@chromium.org>" 590criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 591delta = "4.5.17 -> 4.5.18" 592 593[[audits.clap]] 594who = "danakj <danakj@chromium.org>" 595criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 596delta = "4.5.18 -> 4.5.20" 597notes = "Trivial changes" 598 599[[audits.clap]] 600who = "Adrian Taylor <adetaylor@chromium.org>" 601criteria = ["safe-to-run", "does-not-implement-crypto"] 602delta = "4.5.20 -> 4.5.21" 603 604[[audits.clap_builder]] 605who = "danakj@chromium.org" 606criteria = ["safe-to-run", "does-not-implement-crypto"] 607version = "4.4.8" 608notes = """ 609Reviewed in https://crrev.com/c/5171063 610 611Previously reviewed during security review and the audit is grandparented in. 612""" 613 614[[audits.clap_builder]] 615who = "Lukasz Anforowicz <lukasza@chromium.org>" 616criteria = "ub-risk-0" 617version = "4.5.0" 618notes = "No `unsafe`" 619 620[[audits.clap_builder]] 621who = "Lukasz Anforowicz <lukasza@chromium.org>" 622criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 623version = "4.5.15" 624notes = ''' 625Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'` 626and there were no hits. 627''' 628 629[[audits.clap_builder]] 630who = "Lukasz Anforowicz <lukasza@chromium.org>" 631criteria = ["safe-to-run", "does-not-implement-crypto"] 632delta = "4.4.8 -> 4.4.14" 633 634[[audits.clap_builder]] 635who = "Lukasz Anforowicz <lukasza@chromium.org>" 636criteria = ["safe-to-run", "does-not-implement-crypto"] 637delta = "4.4.14 -> 4.5.0" 638 639[[audits.clap_builder]] 640who = "Lukasz Anforowicz <lukasza@chromium.org>" 641criteria = ["safe-to-run", "does-not-implement-crypto"] 642delta = "4.5.0 -> 4.5.1" 643 644[[audits.clap_builder]] 645who = "danakj <danakj@chromium.org>" 646criteria = ["safe-to-run", "does-not-implement-crypto"] 647delta = "4.5.1 -> 4.5.2" 648notes = "Reviewed in https://crrev.com/c/5362201" 649 650[[audits.clap_builder]] 651who = "Adrian Taylor <adetaylor@chromium.org>" 652criteria = ["safe-to-run", "does-not-implement-crypto"] 653delta = "4.5.2 -> 4.5.7" 654 655[[audits.clap_builder]] 656who = "Adrian Taylor <adetaylor@chromium.org>" 657criteria = ["safe-to-run", "does-not-implement-crypto"] 658delta = "4.5.7 -> 4.5.8" 659 660[[audits.clap_builder]] 661who = "Dustin J. Mitchell <djmitche@chromium.org>" 662criteria = ["safe-to-run", "does-not-implement-crypto"] 663delta = "4.5.8 -> 4.5.9" 664 665[[audits.clap_builder]] 666who = "danakj <danakj@chromium.org>" 667criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 668delta = "4.5.15 -> 4.5.17" 669notes = "No new unsafe, net, fs" 670 671[[audits.clap_builder]] 672who = "Lukasz Anforowicz <lukasza@chromium.org>" 673criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 674delta = "4.5.17 -> 4.5.18" 675 676[[audits.clap_builder]] 677who = "danakj <danakj@chromium.org>" 678criteria = ["safe-to-run", "does-not-implement-crypto", "ub-risk-0"] 679delta = "4.5.18 -> 4.5.20" 680notes = "No new unsafe" 681 682[[audits.clap_builder]] 683who = "Adrian Taylor <adetaylor@chromium.org>" 684criteria = ["safe-to-run", "does-not-implement-crypto"] 685delta = "4.5.20 -> 4.5.21" 686 687[[audits.clap_lex]] 688who = "danakj@chromium.org" 689criteria = ["safe-to-run", "does-not-implement-crypto"] 690version = "0.6.0" 691notes = """ 692Reviewed in https://crrev.com/c/5171063 693 694Previously reviewed during security review and the audit is grandparented in. 695""" 696 697[[audits.clap_lex]] 698who = "Lukasz Anforowicz <lukasza@chromium.org>" 699criteria = ["safe-to-run", "does-not-implement-crypto"] 700delta = "0.6.0 -> 0.7.0" 701 702[[audits.clap_lex]] 703who = "Adrian Taylor <adetaylor@chromium.org>" 704criteria = ["safe-to-run", "does-not-implement-crypto"] 705delta = "0.7.0 -> 0.7.1" 706 707[[audits.clap_lex]] 708who = "Lukasz Anforowicz <lukasza@chromium.org>" 709criteria = ["safe-to-run", "does-not-implement-crypto"] 710delta = "0.7.1 -> 0.7.2" 711notes = "No `.rs` changes in the delta." 712 713[[audits.clap_lex]] 714who = "Adrian Taylor <adetaylor@chromium.org>" 715criteria = ["safe-to-run", "does-not-implement-crypto"] 716delta = "0.7.2 -> 0.7.3" 717 718[[audits.codespan-reporting]] 719who = "danakj@chromium.org" 720criteria = ["safe-to-run", "does-not-implement-crypto"] 721version = "0.11.1" 722notes = """ 723Reviewed in https://crrev.com/c/5171063 724 725Previously reviewed during security review and the audit is grandparented in. 726""" 727 728[[audits.crc32fast]] 729who = "Lukasz Anforowicz <lukasza@chromium.org>" 730criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 731version = "1.4.2" 732notes = """ 733Security review of earlier versions of the crate can be found at 734(Google-internal, sorry): go/image-crate-chromium-security-review 735 736Audit comments for 1.4.2 can be found at https://crrev.com/c/4723145. 737""" 738 739[[audits.cxx]] 740who = "danakj@chromium.org" 741criteria = ["safe-to-run", "does-not-implement-crypto"] 742version = "1.0.110" 743notes = """ 744Reviewed in https://crrev.com/c/5171063 745 746Previously reviewed during security review and the audit is grandparented in. 747""" 748 749[[audits.cxx]] 750who = "Lukasz Anforowicz <lukasza@chromium.org>" 751criteria = "does-not-implement-crypto" 752version = "1.0.117" 753notes = """ 754Grepped for \"crypt\", \"cipher\" - there were no hits 755(except for benign hits in `MODULE.bazel.lock`) 756""" 757 758[[audits.cxx]] 759who = "danakj <danakj@chromium.org>" 760criteria = "does-not-implement-crypto" 761version = "1.0.122" 762notes = """ 763safe-to-deploy and ub-risk-2 are provided by exemption. 764""" 765 766[[audits.cxx]] 767who = "danakj <danakj@chromium.org>" 768criteria = "does-not-implement-crypto" 769delta = "1.0.117 -> 1.0.119" 770notes = "Reviewed in https://crrev.com/c/5362739" 771 772[[audits.cxx]] 773who = "Dustin J. Mitchell <djmitche@chromium.org>" 774criteria = "does-not-implement-crypto" 775delta = "1.0.119 -> 1.0.120" 776notes = "Reviewed in https://chromium-review.googlesource.com/c/chromium/src/+/5392544." 777 778[[audits.cxx]] 779who = "Adrian Taylor <adetaylor@chromium.org>" 780criteria = "does-not-implement-crypto" 781delta = "1.0.120 -> 1.0.121" 782 783[[audits.cxx]] 784who = "Adrian Taylor <adetaylor@chromium.org>" 785criteria = "does-not-implement-crypto" 786delta = "1.0.122 -> 1.0.123" 787notes = "safe-to-deploy and ub-risk-2 are provided by exemption" 788 789[[audits.cxx]] 790who = "Dustin J. Mitchell <djmitche@chromium.org>" 791criteria = "does-not-implement-crypto" 792delta = "1.0.123 -> 1.0.124" 793 794[[audits.cxx]] 795who = "Lukasz Anforowicz <lukasza@chromium.org>" 796criteria = "does-not-implement-crypto" 797delta = "1.0.124 -> 1.0.126" 798 799[[audits.cxx]] 800who = "Adrian Taylor <adetaylor@chromium.org>" 801criteria = "does-not-implement-crypto" 802delta = "1.0.129 -> 1.0.130" 803 804[[audits.cxxbridge]] 805who = "danakj@chromium.org" 806criteria = ["safe-to-run", "does-not-implement-crypto"] 807version = "1.0.110" 808notes = """ 809Reviewed in https://crrev.com/c/5171063 810 811Previously reviewed during security review and the audit is grandparented in. 812""" 813 814[[audits.cxxbridge-cmd]] 815who = "danakj@chromium.org" 816criteria = ["safe-to-run", "does-not-implement-crypto"] 817version = "1.0.110" 818notes = """ 819Reviewed in https://crrev.com/c/5171063 820 821Previously reviewed during security review and the audit is grandparented in. 822""" 823 824[[audits.cxxbridge-cmd]] 825who = "Lukasz Anforowicz <lukasza@chromium.org>" 826criteria = ["safe-to-run", "does-not-implement-crypto"] 827delta = "1.0.110 -> 1.0.115" 828 829[[audits.cxxbridge-cmd]] 830who = "Lukasz Anforowicz <lukasza@chromium.org>" 831criteria = ["safe-to-run", "does-not-implement-crypto"] 832delta = "1.0.115 -> 1.0.116" 833 834[[audits.cxxbridge-cmd]] 835who = "Lukasz Anforowicz <lukasza@chromium.org>" 836criteria = ["safe-to-run", "does-not-implement-crypto"] 837delta = "1.0.116 -> 1.0.117" 838 839[[audits.cxxbridge-cmd]] 840who = "Lukasz Anforowicz <lukasza@chromium.org>" 841criteria = ["safe-to-run", "does-not-implement-crypto"] 842delta = "1.0.117 -> 1.0.118" 843 844[[audits.cxxbridge-cmd]] 845who = "danakj <danakj@chromium.org>" 846criteria = ["safe-to-run", "does-not-implement-crypto"] 847delta = "1.0.118 -> 1.0.119" 848notes = "Reviewed in https://crrev.com/c/5362136" 849 850[[audits.cxxbridge-cmd]] 851who = "Dustin J. Mitchell <djmitche@chromium.org>" 852criteria = ["safe-to-run", "does-not-implement-crypto"] 853delta = "1.0.119 -> 1.0.120" 854notes = "Version bump only." 855 856[[audits.cxxbridge-cmd]] 857who = "Adrian Taylor <adetaylor@chromium.org>" 858criteria = ["safe-to-run", "does-not-implement-crypto"] 859delta = "1.0.120 -> 1.0.121" 860 861[[audits.cxxbridge-cmd]] 862who = "danakj <danakj@chromium.org>" 863criteria = ["safe-to-run", "does-not-implement-crypto"] 864delta = "1.0.121 -> 1.0.122" 865 866[[audits.cxxbridge-cmd]] 867who = "Adrian Taylor <adetaylor@chromium.org>" 868criteria = ["safe-to-run", "does-not-implement-crypto"] 869delta = "1.0.122 -> 1.0.123" 870 871[[audits.cxxbridge-cmd]] 872who = "Dustin J. Mitchell <djmitche@chromium.org>" 873criteria = ["safe-to-run", "does-not-implement-crypto"] 874delta = "1.0.123 -> 1.0.124" 875notes = "No changes except to dependencies" 876 877[[audits.cxxbridge-cmd]] 878who = "Lukasz Anforowicz <lukasza@chromium.org>" 879criteria = ["safe-to-run", "does-not-implement-crypto"] 880delta = "1.0.124 -> 1.0.126" 881notes = """ 882Only minor changes: 883 884* Using `let Some(foo) = ... else { ... }` pattern in a few places. 885* Exposing an extra constructor for `rust::Slice`. 886""" 887 888[[audits.cxxbridge-cmd]] 889who = "danakj <danakj@chromium.org>" 890criteria = ["safe-to-run", "does-not-implement-crypto"] 891delta = "1.0.126 -> 1.0.128" 892 893[[audits.cxxbridge-cmd]] 894who = "Liza Burakova <liza@chromium.org>" 895criteria = ["safe-to-run", "does-not-implement-crypto"] 896delta = "1.0.128 -> 1.0.129" 897 898[[audits.cxxbridge-cmd]] 899who = "Adrian Taylor <adetaylor@chromium.org>" 900criteria = ["safe-to-run", "does-not-implement-crypto"] 901delta = "1.0.129 -> 1.0.130" 902 903[[audits.cxxbridge-cmd]] 904who = "Liza Burakova <liza@chromium.org>" 905criteria = ["safe-to-run", "does-not-implement-crypto"] 906delta = "1.0.130 -> 1.0.131" 907 908[[audits.cxxbridge-flags]] 909who = "danakj@chromium.org" 910criteria = ["safe-to-run", "does-not-implement-crypto"] 911version = "1.0.110" 912notes = """ 913Reviewed in https://crrev.com/c/5171063 914 915Previously reviewed during security review and the audit is grandparented in. 916""" 917 918[[audits.cxxbridge-flags]] 919who = "danakj <danakj@chromium.org>" 920criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 921version = "1.0.122" 922notes = "no grep hits for cipher, crypto, fs, net, or unsafe" 923 924[[audits.cxxbridge-flags]] 925who = "Adrian Taylor <adetaylor@chromium.org>" 926criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 927delta = "1.0.122 -> 1.0.123" 928 929[[audits.cxxbridge-flags]] 930who = "Dustin J. Mitchell <djmitche@chromium.org>" 931criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 932delta = "1.0.123 -> 1.0.124" 933notes = "No changes in this delta" 934 935[[audits.cxxbridge-flags]] 936who = "Lukasz Anforowicz <lukasza@chromium.org>" 937criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 938delta = "1.0.124 -> 1.0.126" 939notes = "No changes in this delta" 940 941[[audits.cxxbridge-flags]] 942who = "danakj <danakj@chromium.org>" 943criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 944delta = "1.0.126 -> 1.0.128" 945 946[[audits.cxxbridge-flags]] 947who = "Liza Burakova <liza@chromium.org>" 948criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 949delta = "1.0.128 -> 1.0.129" 950 951[[audits.cxxbridge-flags]] 952who = "Adrian Taylor <adetaylor@chromium.org>" 953criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 954delta = "1.0.129 -> 1.0.130" 955 956[[audits.cxxbridge-macro]] 957who = "danakj <danakj@chromium.org>" 958criteria = "does-not-implement-crypto" 959version = "1.0.122" 960notes = """ 961no grep hits for cipher, crypto. 962 963safe-to-deploy and ub-risk-2 are provided by exemption. 964""" 965 966[[audits.cxxbridge-macro]] 967who = "Adrian Taylor <adetaylor@chromium.org>" 968criteria = "does-not-implement-crypto" 969delta = "1.0.122 -> 1.0.123" 970 971[[audits.cxxbridge-macro]] 972who = "Dustin J. Mitchell <djmitche@chromium.org>" 973criteria = "does-not-implement-crypto" 974delta = "1.0.123 -> 1.0.124" 975 976[[audits.cxxbridge-macro]] 977who = "Lukasz Anforowicz <lukasza@chromium.org>" 978criteria = "does-not-implement-crypto" 979delta = "1.0.124 -> 1.0.126" 980 981[[audits.cxxbridge-macro]] 982who = "Adrian Taylor <adetaylor@chromium.org>" 983criteria = "does-not-implement-crypto" 984delta = "1.0.129 -> 1.0.130" 985 986[[audits.either]] 987who = "agl@chromium.org" 988criteria = ["safe-to-run", "does-not-implement-crypto"] 989version = "1.9.0" 990 991[[audits.either]] 992who = "Lukasz Anforowicz <lukasza@chromium.org>" 993criteria = ["safe-to-run", "does-not-implement-crypto"] 994delta = "1.9.0 -> 1.10.0" 995 996[[audits.either]] 997who = "Adrian Taylor <adetaylor@chromium.org>" 998criteria = ["safe-to-run", "does-not-implement-crypto"] 999delta = "1.10.0 -> 1.11.0" 1000 1001[[audits.either]] 1002who = "Dustin J. Mitchell <djmitche@chromium.org>" 1003criteria = ["safe-to-run", "does-not-implement-crypto"] 1004delta = "1.11.0 -> 1.12.0" 1005notes = "Only changes the MSRV and adds a (safe) trait specialization." 1006 1007[[audits.either]] 1008who = "Adrian Taylor <adetaylor@chromium.org>" 1009criteria = ["safe-to-run", "does-not-implement-crypto"] 1010delta = "1.12.0 -> 1.13.0" 1011 1012[[audits.fdeflate]] 1013who = "Lukasz Anforowicz <lukasza@chromium.org>" 1014criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1015version = "0.3.4" 1016notes = ''' 1017Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'` 1018and there were no hits. 1019 1020Note that some additional, internal notes about an older version of this crate 1021can be found at go/image-crate-chromium-security-review. 1022''' 1023 1024[[audits.fdeflate]] 1025who = "Lukasz Anforowicz <lukasza@chromium.org>" 1026criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1027delta = "0.3.4 -> 0.3.5" 1028 1029[[audits.fdeflate]] 1030who = "Dustin J. Mitchell <djmitche@chromium.org>" 1031criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1032delta = "0.3.5 -> 0.3.6" 1033notes = "No unsafe, no crypto, mysterious tables replaced with const expressions" 1034 1035[[audits.fend-core]] 1036who = "jiwan@chromium.org" 1037criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1038version = "1.4.6" 1039 1040[[audits.fend-core]] 1041who = "danakj <danakj@chromium.org>" 1042criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1043delta = "1.4.6 -> 1.4.8" 1044 1045[[audits.fend-core]] 1046who = "Lukasz Anforowicz <lukasza@chromium.org>" 1047criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1048delta = "1.4.8 -> 1.4.9" 1049 1050[[audits.fend-core]] 1051who = "Lukasz Anforowicz <lukasza@chromium.org>" 1052criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1053delta = "1.4.9 -> 1.5.0" 1054 1055[[audits.fend-core]] 1056who = "Lukasz Anforowicz <lukasza@chromium.org>" 1057criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1058delta = "1.5.0 -> 1.5.1" 1059notes = "Only `Cargo.toml` changes + defining two new measurement units." 1060 1061[[audits.fend-core]] 1062who = "Dustin J. Mitchell <djmitche@chromium.org>" 1063criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1064delta = "1.5.1 -> 1.5.2" 1065notes = "No unsafe, no crypto" 1066 1067[[audits.fend-core]] 1068who = "danakj <danakj@chromium.org>" 1069criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1070delta = "1.5.2 -> 1.5.3" 1071notes = "No new unsafe, fs, net." 1072 1073[[audits.fend-core]] 1074who = "Adrian Taylor <adetaylor@chromium.org>" 1075criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1076delta = "1.5.3 -> 1.5.5" 1077 1078[[audits.flate2]] 1079who = "Lukasz Anforowicz <lukasza@chromium.org>" 1080criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1081version = "1.0.30" 1082notes = ''' 1083WARNING: This certification is a result of a **partial** audit. The 1084`any_zlib` code has **not** been audited. Ability to track partial 1085audits is tracked in https://github.com/mozilla/cargo-vet/issues/380 1086Chromium does use the `any_zlib` feature(s). Accidentally depending on 1087this feature in the future is prevented using the `ban_features` feature 1088of `gnrt` - see: 1089https://crrev.com/c/4723145/31/third_party/rust/chromium_crates_io/gnrt_config.toml 1090 1091Security review of earlier versions of the crate can be found at 1092(Google-internal, sorry): go/image-crate-chromium-security-review 1093 1094I grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`. 1095 1096All `unsafe` in `flate2` is gated behind `#[cfg(feature = "any_zlib")]`: 1097 1098* The code under `src/ffi/...` will not be used because the `mod c` 1099 declaration in `src/ffi/mod.rs` depends on the `any_zlib` config 1100* 7 uses of `unsafe` in `src/mem.rs` also all depend on the 1101 `any_zlib` config: 1102 - 2 in `fn set_dictionary` (under `impl Compress`) 1103 - 2 in `fn set_level` (under `impl Compress`) 1104 - 3 in `fn set_dictionary` (under `impl Decompress`) 1105 1106All hits of `'\bfs\b'` are in comments, or example code, or test code 1107(but not in product code). 1108 1109There were no hits of `-i cipher`, `-i crypto`, `'\bnet\b'`. 1110''' 1111 1112[[audits.flate2]] 1113who = "Lukasz Anforowicz <lukasza@chromium.org>" 1114criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1115delta = "1.0.30 -> 1.0.31" 1116notes = """ 1117WARNING: This certification is a result of a **partial** audit. The 1118`any_zlib` code has **not** been audited. See the audit of 1.0.30 for 1119more details. 1120 1121Only benign changes: 1122 1123* Comment-only changes in `.rs` files 1124* Also changing dependency version in `Cargo.toml`, but this is for `any_zlib` 1125 feature which is not used in Chromium (i.e. this is a *partial* audit - see 1126 the previous audit notes for 1.0.30) 1127""" 1128 1129[[audits.flate2]] 1130who = "Lukasz Anforowicz <lukasza@chromium.org>" 1131criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1132delta = "1.0.31 -> 1.0.33" 1133notes = """ 1134WARNING: This certification is a result of a **partial** audit. The 1135`any_zlib` code has **not** been audited. See the audit of 1.0.30 for 1136more details. 1137 1138This delta audit has been reviewed in https://crrev.com/c/5811890 1139The delta can be seen at https://diff.rs/flate2/1.0.31/1.0.33 1140The delta bumps up `miniz_oxide` dependency to `0.8.0` 1141The delta also contains some changes to `src/ffi/c.rs` which is *NOT* used by Chromium 1142and therefore hasn't been covered by this partial audit. 1143""" 1144 1145[[audits.flate2]] 1146who = "Lukasz Anforowicz <lukasza@chromium.org>" 1147criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1148delta = "1.0.33 -> 1.0.34" 1149notes = """ 1150WARNING: This certification is a result of a **partial** audit. The 1151`any_zlib` code has **not** been audited. See the audit of 1.0.30 for 1152more details. 1153 1154The delta can be seen at https://diff.rs/flate2/1.0.33/1.0.34 1155The delta bumps up `libz-rs-sys` dependency from `0.2.1` to `0.3.0` 1156The delta in `lib.rs` only tweaks comments and has no code changes. 1157The delta also contains some changes to `src/ffi/c.rs` which is *NOT* used by Chromium 1158and therefore hasn't been covered by this partial audit. 1159""" 1160 1161[[audits.flate2]] 1162who = "Adrian Taylor <adetaylor@chromium.org>" 1163criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1164delta = "1.0.34 -> 1.0.35" 1165notes = "There are no significant code changes in this delta (just one string constant change). Note that prior audits may have been partial." 1166 1167[[audits.font-types]] 1168who = "Lukasz Anforowicz <lukasza@chromium.org>" 1169criteria = ["ub-risk-0", "safe-to-deploy", "does-not-implement-crypto"] 1170version = "0.4.2" 1171notes = """ 1172Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` 1173and there were no hits. 1174 1175The initial version of this crate has been added to Chromium in 1176https://source.chromium.org/chromium/chromium/src/+/a59c3c448941f92f870d0c18c6d53d5c6104ab72 1177The CL description contains a link to a Google-internal document with audit details. 1178""" 1179 1180[[audits.font-types]] 1181who = "Lukasz Anforowicz <lukasza@chromium.org>" 1182criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 1183version = "0.5.2" 1184notes = """ 1185Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no 1186hits except for 3 `unsafe impl bytemuck::SomeTrait for ...`. Each `impl` had a 1187reasonable safety comment and there were no actual `unsafe` blocks, so I think 1188this can be treated as `ub-risk-1`. Additional `unsafe` review comments can be 1189found in https://crrev.com/c/5445719. 1190 1191For overall `safe-to-deploy` and `does-not-implement-crypto` I am mostly 1192relying on certification by the Chromium engineers who work on the library 1193(mostly drott@chromium.org). 1194""" 1195 1196[[audits.font-types]] 1197who = "danakj <danakj@chromium.org>" 1198criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1199delta = "0.4.2 -> 0.4.3" 1200notes = "Reviewed in https://crrev.com/c/5362378. No new use of unsafe." 1201 1202[[audits.font-types]] 1203who = "danakj <danakj@chromium.org>" 1204criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 1205delta = "0.5.2 -> 0.5.3" 1206 1207[[audits.font-types]] 1208who = "Lukasz Anforowicz <lukasza@chromium.org>" 1209criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 1210delta = "0.5.3 -> 0.5.4" 1211notes = """ 1212The delta just adds `impl From<GlyphId> for u32` - no impact on `unsafe impl`s 1213elsewhere. 1214""" 1215 1216[[audits.font-types]] 1217who = "danakj@chromium.org" 1218criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 1219delta = "0.5.4 -> 0.5.5" 1220notes = "No unsafe changes." 1221 1222[[audits.font-types]] 1223who = "Dominik Röttsches <drott@chromium.org>" 1224criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 1225delta = "0.5.5 -> 0.6.0" 1226notes = "This change comprises changes to understand larger GlyphId and compatibility with older Mac TrueType fonts. No unsafe code is introduced." 1227 1228[[audits.font-types]] 1229who = "Dominik Röttsches <drott@chromium.org>" 1230criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 1231delta = "0.6.0 -> 0.7.1" 1232notes = "No new unsafe, mostly changes about int24 as a new OpenType type, and moving Pen from Skrifa." 1233 1234[[audits.font-types]] 1235who = "Dominik Röttsches <drott@chromium.org>" 1236criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 1237delta = "0.7.1 -> 0.7.2" 1238notes = "Explicit inlining of some type conversion. No new unsafe." 1239 1240[[audits.font-types]] 1241who = "Dominik Röttsches <drott@chromium.org>" 1242criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 1243delta = "0.7.2 -> 0.7.3" 1244notes = "Wrapping math for Fixed type, no new unsafe." 1245 1246[[audits.getrandom]] 1247who = "danakj@chromium.org" 1248criteria = ["safe-to-run", "does-not-implement-crypto"] 1249version = "0.2.11" 1250notes = """ 1251Reviewed in https://crrev.com/c/5171063 1252 1253Previously reviewed during security review and the audit is grandparented in. 1254""" 1255 1256[[audits.getrandom]] 1257who = "Lukasz Anforowicz <lukasza@chromium.org>" 1258criteria = "does-not-implement-crypto" 1259delta = "0.2.11 -> 0.2.12" 1260 1261[[audits.getrandom]] 1262who = "Adrian Taylor <adetaylor@chromium.org>" 1263criteria = ["safe-to-run", "does-not-implement-crypto"] 1264delta = "0.2.12 -> 0.2.14" 1265 1266[[audits.getrandom]] 1267who = "danakj <danakj@chromium.org>" 1268criteria = ["safe-to-run", "does-not-implement-crypto"] 1269delta = "0.2.14 -> 0.2.15" 1270 1271[[audits.glob]] 1272who = "danakj <danakj@chromium.org>" 1273criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1274version = "0.3.1" 1275notes = """ 1276No unsafe. The crate's purpose is to find files based on a glob, so it 1277uses the fs module for that and returns lists of paths. There's no net 1278usage or crypto. 1279""" 1280 1281[[audits.heck]] 1282who = "Lukasz Anforowicz <lukasza@chromium.org>" 1283criteria = ["ub-risk-0", "safe-to-deploy", "does-not-implement-crypto"] 1284version = "0.4.1" 1285notes = """ 1286Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` 1287and there were no hits. 1288 1289`heck` (version `0.3.3`) has been added to Chromium in 1290https://source.chromium.org/chromium/chromium/src/+/28841c33c77833cc30b286f9ae24c97e7a8f4057 1291""" 1292 1293[[audits.hex-literal]] 1294who = "danakj@chromium.org" 1295criteria = ["safe-to-run", "does-not-implement-crypto"] 1296version = "0.4.1" 1297notes = """ 1298Reviewed in https://crrev.com/c/5171063 1299 1300Previously reviewed during security review and the audit is grandparented in. 1301""" 1302 1303[[audits.itertools]] 1304who = "agl@chromium.org" 1305criteria = ["safe-to-run", "does-not-implement-crypto"] 1306version = "0.11.0" 1307notes = """ 1308This is 12K lines of code, plus 6K lines of tests and benchmarks. 1309It has minimal use of unsafe and so I have paged though it all with \"::\" 1310highlighted and paid attention to which imported functions are being called. 1311""" 1312 1313[[audits.itoa]] 1314who = "Lukasz Anforowicz <lukasza@chromium.org>" 1315criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1316version = "1.0.10" 1317notes = ''' 1318I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits. 1319 1320There are a few places where `unsafe` is used. Unsafe review notes can be found 1321in https://crrev.com/c/5350697. 1322 1323Version 1.0.1 of this crate has been added to Chromium in 1324https://crrev.com/c/3321896. 1325''' 1326 1327[[audits.itoa]] 1328who = "Lukasz Anforowicz <lukasza@chromium.org>" 1329criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1330delta = "1.0.10 -> 1.0.11" 1331notes = """ 1332Straightforward diff between 1.0.10 and 1.0.11 - only 3 commits: 1333 1334* Bumping up the version 1335* A touch up of comments 1336* And my own PR to make `unsafe` blocks more granular: 1337 https://github.com/dtolnay/itoa/pull/42 1338""" 1339 1340[[audits.itoa]] 1341who = "Liza Burakova <liza@chromium.org>" 1342criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1343delta = "1.0.11 -> 1.0.14" 1344notes = """ 1345Unsafe review at https://crrev.com/c/6051067 1346""" 1347 1348[[audits.lazy_static]] 1349who = "Lukasz Anforowicz <lukasza@chromium.org>" 1350criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1351version = "1.4.0" 1352notes = ''' 1353I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits. 1354 1355There are two places where `unsafe` is used. Unsafe review notes can be found 1356in https://crrev.com/c/5347418. 1357 1358This crate has been added to Chromium in https://crrev.com/c/3321895. 1359''' 1360 1361[[audits.lazy_static]] 1362who = "Lukasz Anforowicz <lukasza@chromium.org>" 1363criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1364delta = "1.4.0 -> 1.5.0" 1365notes = "Unsafe review notes: https://crrev.com/c/5650836" 1366 1367[[audits.log]] 1368who = "danakj <danakj@chromium.org>" 1369criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1370version = "0.4.22" 1371notes = """ 1372Unsafe review in https://docs.google.com/document/d/1IXQbD1GhTRqNHIGxq6yy7qHqxeO4CwN5noMFXnqyDIM/edit?usp=sharing 1373 1374Unsafety is generally very well-documented, with one exception, which we 1375describe in the review doc. 1376""" 1377 1378[[audits.log]] 1379who = "Lukasz Anforowicz <lukasza@chromium.org>" 1380criteria = ["safe-to-run", "does-not-implement-crypto"] 1381delta = "0.4.20 -> 0.4.21" 1382notes = """ 1383I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits. I also skimmed 1384through the 0.4.20 => 0.4.21 delta and there was no new crypto-related code AFAICT. 1385""" 1386 1387[[audits.log]] 1388who = "Adrian Taylor <adetaylor@chromium.org>" 1389criteria = ["safe-to-run", "does-not-implement-crypto"] 1390delta = "0.4.21 -> 0.4.22" 1391 1392[[audits.memchr]] 1393who = "Dustin J. Mitchell <djmitche@chromium.org>" 1394criteria = "does-not-implement-crypto" 1395delta = "2.7.2 -> 2.7.4" 1396 1397[[audits.minimal-lexical]] 1398who = "danakj@chromium.org" 1399criteria = "ub-risk-3" 1400version = "0.2.1" 1401notes = """ 1402Reviewed in https://chromium-review.googlesource.com/c/chromium/src/+/4977110 1403- Unsound unsafe blocks present. 1404- Safe traits that can cause soundness bugs. 1405""" 1406 1407[[audits.miniz_oxide]] 1408who = "Lukasz Anforowicz <lukasza@chromium.org>" 1409criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1410version = "0.7.4" 1411notes = ''' 1412Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'` 1413and there were no hits, except for some mentions of "unsafe" in the `README.md` 1414and in a comment in `src/deflate/core.rs`. The comment discusses whether a 1415function should be treated as unsafe, but there is no actual `unsafe` code, so 1416the crate meets the `ub-risk-0` criteria. 1417 1418Note that some additional, internal notes about an older version of this crate 1419can be found at go/image-crate-chromium-security-review. 1420''' 1421 1422[[audits.miniz_oxide]] 1423who = "Lukasz Anforowicz <lukasza@chromium.org>" 1424criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1425delta = "0.7.4 -> 0.8.0" 1426notes = ''' 1427This delta audit has been reviewed in https://crrev.com/c/5811890 1428 1429The delta can be inspected at https://diff.rs/miniz_oxide/0.7.4/0.8.0 1430and is fairly small (changes related to `const fn` and to `adler2` 1431switch). 1432 1433I've grepped for `-i cipher`, `-i crypto`, `\bfs\b`, `\bnet\b`, and 1434`\bunsafe\b`. There were no hits (except for comments in `core.rs` 1435and in `Readme.md`). 1436''' 1437 1438[[audits.nom]] 1439who = "danakj@chromium.org" 1440criteria = ["does-not-implement-crypto", "safe-to-deploy", "ub-risk-1"] 1441version = "7.1.3" 1442notes = """ 1443Reviewed in https://chromium-review.googlesource.com/c/chromium/src/+/5046153 1444""" 1445 1446[[audits.png]] 1447who = "Lukasz Anforowicz <lukasza@chromium.org>" 1448criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1449version = "0.17.13" 1450notes = ''' 1451Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'` 1452and there were no hits except for reasonable, client-controlled usage of 1453`std::fs::File` in tests in `src/encoder.rs`, tests in `src/decoder/stream.rs`, 1454and in some example code. 1455 1456Note that some additional, internal notes about an older version of this crate 1457can be found at go/image-crate-chromium-security-review. 1458''' 1459 1460[[audits.png]] 1461who = "Lukasz Anforowicz <lukasza@chromium.org>" 1462criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1463delta = "0.17.13 -> 0.17.14" 1464 1465[[audits.ppv-lite86]] 1466who = "danakj@chromium.org" 1467criteria = ["safe-to-run", "does-not-implement-crypto"] 1468version = "0.2.17" 1469notes = """ 1470Reviewed in https://crrev.com/c/5171063 1471 1472Previously reviewed during security review and the audit is grandparented in. 1473""" 1474 1475[[audits.ppv-lite86]] 1476who = "danakj <danakj@chromium.org>" 1477criteria = ["safe-to-run", "does-not-implement-crypto"] 1478delta = "0.2.17 -> 0.2.20" 1479notes = "Using zerocopy to reduce unsafe usage." 1480 1481[[audits.proc-macro2]] 1482who = "Lukasz Anforowicz <lukasza@chromium.org>" 1483criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1484version = "1.0.78" 1485notes = """ 1486Grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits 1487(except for a benign \"fs\" hit in a doc comment) 1488 1489Notes from the `unsafe` review can be found in https://crrev.com/c/5385745. 1490""" 1491 1492[[audits.proc-macro2]] 1493who = "Lukasz Anforowicz <lukasza@chromium.org>" 1494criteria = ["safe-to-run", "does-not-implement-crypto"] 1495delta = "1.0.69 -> 1.0.76" 1496notes = """ 14971.0.69 has been previously audited as \"safe-to-run\", 1498\"does-not-implement-crypto\" - see 1499https://github.com/google/rust-crate-audits/blob/c2d49cb6e80bb817f569debecf846161dcebd88c/audits.toml#L3939-L3979 1500The \"1.0.69 -> 1.0.76\" delta meets the same criteria. 1501 1502This is an incremental/delta audit - we don't claim any particular `ub-risk-N` 1503level for the baseline or for the final version. OTOH note that additional 1504uses of `unsafe` have been reviewed in https://crrev.com/c/5178771 and the 1505**delta** was evaluated as `ub-risk-2`. There are some new `unsafe` blocks 1506but they seem sound - additional `unsafe` audit notes can be found in 1507https://crrev.com/c/5178771/comment/32dbab4e_c7402137 and 1508https://crrev.com/c/5178771/4/third_party/rust/chromium_crates_io/vendor/proc-macro2-1.0.76/src/wrapper.rs#783 1509""" 1510 1511[[audits.proc-macro2]] 1512who = "Adrian Taylor <adetaylor@chromium.org>" 1513criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1514delta = "1.0.78 -> 1.0.79" 1515 1516[[audits.proc-macro2]] 1517who = "Adrian Taylor <adetaylor@chromium.org>" 1518criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1519delta = "1.0.79 -> 1.0.80" 1520 1521[[audits.proc-macro2]] 1522who = "Dustin J. Mitchell <djmitche@chromium.org>" 1523criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1524delta = "1.0.80 -> 1.0.81" 1525notes = "Comment changes only" 1526 1527[[audits.proc-macro2]] 1528who = "danakj <danakj@chromium.org>" 1529criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1530delta = "1.0.81 -> 1.0.82" 1531 1532[[audits.proc-macro2]] 1533who = "Dustin J. Mitchell <djmitche@chromium.org>" 1534criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1535delta = "1.0.82 -> 1.0.83" 1536notes = "Substantive change is replacing String with Box<str>, saving memory." 1537 1538[[audits.proc-macro2]] 1539who = "Lukasz Anforowicz <lukasza@chromium.org>" 1540criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1541delta = "1.0.83 -> 1.0.84" 1542notes = "Only doc comment changes in `src/lib.rs`." 1543 1544[[audits.proc-macro2]] 1545who = "danakj@chromium.org" 1546criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1547delta = "1.0.84 -> 1.0.85" 1548notes = "Test-only changes." 1549 1550[[audits.proc-macro2]] 1551who = "Lukasz Anforowicz <lukasza@chromium.org>" 1552criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1553delta = "1.0.85 -> 1.0.86" 1554notes = """ 1555Comment-only changes in `build.rs`. 1556Reordering of `Cargo.toml` entries. 1557Just bumping up the version number in `lib.rs`. 1558Config-related changes in `test_size.rs`. 1559""" 1560 1561[[audits.proc-macro2]] 1562who = "danakj <danakj@chromium.org>" 1563criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1564delta = "1.0.86 -> 1.0.87" 1565notes = "No new unsafe interactions." 1566 1567[[audits.proc-macro2]] 1568who = "Liza Burakova <liza@chromium.org" 1569criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1570delta = "1.0.87 -> 1.0.89" 1571notes = """ 1572Biggest change is adding error handling in build.rs. 1573Some config related changes in wrapper.rs. 1574""" 1575 1576[[audits.prost]] 1577who = "agl@chromium.org" 1578criteria = ["safe-to-run", "does-not-implement-crypto"] 1579version = "0.12.3" 1580 1581[[audits.prost]] 1582who = "Adrian Taylor <adetaylor@chromium.org>" 1583criteria = ["safe-to-run", "does-not-implement-crypto"] 1584delta = "0.12.3 -> 0.12.4" 1585 1586[[audits.prost]] 1587who = "Dustin J. Mitchell <djmitche@chromium.org>" 1588criteria = ["safe-to-run", "does-not-implement-crypto"] 1589delta = "0.12.4 -> 0.12.6" 1590notes = "No concerning changes for safe-to-run." 1591 1592[[audits.prost]] 1593who = "Lukasz Anforowicz <lukasza@chromium.org>" 1594criteria = ["safe-to-run", "does-not-implement-crypto"] 1595delta = "0.12.6 -> 0.13.3" 1596 1597[[audits.prost-derive]] 1598who = "agl@chromium.org" 1599criteria = ["safe-to-run", "does-not-implement-crypto", "ub-risk-0"] 1600version = "0.12.3" 1601 1602[[audits.prost-derive]] 1603who = "danakj <danakj@chromium.org>" 1604criteria = ["safe-to-run", "does-not-implement-crypto", "ub-risk-0"] 1605delta = "0.12.3 -> 0.12.5" 1606 1607[[audits.prost-derive]] 1608who = "Dustin J. Mitchell <djmitche@chromium.org>" 1609criteria = ["safe-to-run", "does-not-implement-crypto"] 1610delta = "0.12.5 -> 0.12.6" 1611notes = "No changes here; presumably a bump of the `prost` crate." 1612 1613[[audits.prost-derive]] 1614who = "Lukasz Anforowicz <lukasza@chromium.org>" 1615criteria = ["safe-to-run", "does-not-implement-crypto"] 1616delta = "0.12.6 -> 0.13.3" 1617 1618[[audits.qr_code]] 1619who = "Lukasz Anforowicz <lukasza@chromium.org>" 1620criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1621version = "2.0.0" 1622notes = """ 1623* This crate was imported into Chromium back in May 2023: 1624 - CL: https://crrev.com/c/4497329 1625 - Google-internal audit notes: go/qr-code-chromium-security-review 1626* Certification today is mostly based on the old audit. 1627 The only checks performed today are: 1628 - `grep`ped for `unsafe` and verified that the only hit comes 1629 from `#![forbid(unsafe_code)]` 1630""" 1631 1632[[audits.quote]] 1633who = "Lukasz Anforowicz <lukasza@chromium.org>" 1634criteria = "ub-risk-0" 1635version = "1.0.33" 1636notes = 'Grepped for `\bunsafe\b` - there were no hits' 1637 1638[[audits.quote]] 1639who = "Lukasz Anforowicz <lukasza@chromium.org>" 1640criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1641version = "1.0.35" 1642notes = """ 1643Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits 1644(except for benign \"net\" hit in tests and \"fs\" hit in README.md) 1645""" 1646 1647[[audits.quote]] 1648who = "Adrian Taylor <adetaylor@chromium.org>" 1649criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1650delta = "1.0.35 -> 1.0.36" 1651 1652[[audits.quote]] 1653who = "Lukasz Anforowicz <lukasza@chromium.org>" 1654criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1655delta = "1.0.36 -> 1.0.37" 1656notes = """ 1657The delta just 1) inlines/expands `impl ToTokens` that used to be handled via 1658`primitive!` macro and 2) adds `impl ToTokens` for `CStr` and `CString`. 1659""" 1660 1661[[audits.rand]] 1662who = "danakj@chromium.org" 1663criteria = ["safe-to-run", "does-not-implement-crypto"] 1664version = "0.8.5" 1665notes = """ 1666Reviewed in https://crrev.com/c/5171063 1667 1668Previously reviewed during security review and the audit is grandparented in. 1669""" 1670 1671[[audits.rand_chacha]] 1672who = "Allen Webb <allenwebb@google.com>" 1673criteria = "crypto-safe" 1674version = "0.3.1" 1675notes = """ 1676This crate doesn't actually implement ChaCha, it uses the implementation in 1677`c2-chacha`. Note that this review has been internally tracked in b/330501364. 1678""" 1679 1680[[audits.rand_pcg]] 1681who = "danakj@chromium.org" 1682criteria = ["safe-to-run", "does-not-implement-crypto"] 1683version = "0.3.1" 1684notes = """ 1685Reviewed in https://crrev.com/c/5171063 1686 1687Previously reviewed during security review and the audit is grandparented in. 1688""" 1689 1690[[audits.read-fonts]] 1691who = "Lukasz Anforowicz <lukasza@chromium.org>" 1692criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1693version = "0.19.0" 1694notes = """ 1695Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits 1696(except for a benign \"fs\" hit in a comment). 1697 1698For overall `safe-to-deploy` and `does-not-implement-crypto` I am mostly 1699relying on certification by the Chromium engineers who work on the library 1700(mostly drott@chromium.org). 1701""" 1702 1703[[audits.read-fonts]] 1704who = "danakj <danakj@chromium.org>" 1705criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1706delta = "0.19.0 -> 0.19.1" 1707 1708[[audits.read-fonts]] 1709who = "Lukasz Anforowicz <lukasza@chromium.org>" 1710criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1711delta = "0.19.1 -> 0.19.2" 1712notes = """ 1713The delta is a bug fix in `src/tables/cmap.rs`. 1714No new `unsafe` - still `ub-risk-0`. 1715""" 1716 1717[[audits.read-fonts]] 1718who = "danakj@chromium.org" 1719criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1720delta = "0.19.2 -> 0.19.3" 1721notes = "No unsafe." 1722 1723[[audits.read-fonts]] 1724who = "Dominik Röttsches <drott@chromium.org>" 1725criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1726delta = "0.19.3 -> 0.20.0" 1727notes = """ 1728Contains changes for: 1729* Adding IntSet, SparseBitSet 1730* Support for VARC 1731* Improved AAT support 1732* Fuzzer overflow fixes, and avoiding timeouts in CMAP 1733* Closure computations for subsetting of COLR 1734* large glyphId support. 1735""" 1736 1737[[audits.read-fonts]] 1738who = "Dominik Röttsches <drott@chromium.org>" 1739criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1740delta = "0.20.0 -> 0.22.0" 1741notes = "Changes for incremental font transfer, Ankr, Feat tables, and support for getting access to the SVG document from the SVG table, as well as Avar2." 1742 1743[[audits.read-fonts]] 1744who = "Lukasz Anforowicz <lukasza@chromium.org>" 1745criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1746delta = "0.22.0 -> 0.22.1" 1747 1748[[audits.read-fonts]] 1749who = "Dominik Röttsches <drott@chromium.org>" 1750criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1751delta = "0.22.1 -> 0.22.3" 1752notes = "Support for the hdmx table, inlining optimizations. Crate has no unsafe code." 1753 1754[[audits.read-fonts]] 1755who = "Dominik Röttsches <drott@chromium.org>" 1756criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1757delta = "0.22.3 -> 0.23.0" 1758notes = "More lenient parsing of CFF fonts with invalid BlueValues, incremental font transfer implementation of glyph keyed patching. No unsafe code in crate." 1759 1760[[audits.read-fonts]] 1761who = "Dominik Röttsches <drott@chromium.org>" 1762criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1763delta = "0.23.0 -> 0.23.2" 1764notes = "Some IFT changes, and better compatibility with empty PrivateDict in CFF." 1765 1766[[audits.regex]] 1767who = "danakj@chromium.org" 1768criteria = ["safe-to-run", "does-not-implement-crypto"] 1769version = "1.10.2" 1770notes = """ 1771Reviewed in https://crrev.com/c/5171063 1772 1773Previously reviewed during security review and the audit is grandparented in. 1774""" 1775 1776[[audits.regex]] 1777who = "Lukasz Anforowicz <lukasza@chromium.org>" 1778criteria = ["safe-to-run", "does-not-implement-crypto"] 1779delta = "1.10.2 -> 1.10.3" 1780 1781[[audits.regex]] 1782who = "Dustin J. Mitchell <djmitche@chromium.org>" 1783criteria = ["safe-to-run", "does-not-implement-crypto"] 1784delta = "1.10.3 -> 1.10.4" 1785notes = "Docs changes only." 1786 1787[[audits.regex]] 1788who = "Adrian Taylor <adetaylor@chromium.org>" 1789criteria = ["safe-to-run", "does-not-implement-crypto"] 1790delta = "1.10.4 -> 1.10.5" 1791 1792[[audits.regex]] 1793who = "Lukasz Anforowicz <lukasza@chromium.org>" 1794criteria = ["safe-to-run", "does-not-implement-crypto"] 1795delta = "1.10.5 -> 1.10.6" 1796notes = "The delta has minimal changes in `pattern.rs`." 1797 1798[[audits.regex]] 1799who = "Lukasz Anforowicz <lukasza@chromium.org>" 1800criteria = ["safe-to-run", "does-not-implement-crypto"] 1801delta = "1.10.6 -> 1.11.0" 1802 1803[[audits.regex]] 1804who = "Liza Burakova <liza@chromium.org>" 1805criteria = ["safe-to-run", "does-not-implement-crypto"] 1806delta = "1.11.0 -> 1.11.1" 1807 1808[[audits.regex-automata]] 1809who = "danakj@chromium.org" 1810criteria = ["safe-to-run", "does-not-implement-crypto"] 1811version = "0.4.3" 1812notes = """ 1813Reviewed in https://crrev.com/c/5171063 1814 1815Previously reviewed during security review and the audit is grandparented in. 1816""" 1817 1818[[audits.regex-automata]] 1819who = "Lukasz Anforowicz <lukasza@chromium.org>" 1820criteria = ["safe-to-run", "does-not-implement-crypto"] 1821delta = "0.4.3 -> 0.4.5" 1822 1823[[audits.regex-automata]] 1824who = "danakj <danakj@chromium.org>" 1825criteria = ["safe-to-run", "does-not-implement-crypto"] 1826delta = "0.4.5 -> 0.4.6" 1827notes = "Reviewed in https://crrev.com/c/5362200" 1828 1829[[audits.regex-automata]] 1830who = "Adrian Taylor <adetaylor@chromium.org>" 1831criteria = ["safe-to-run", "does-not-implement-crypto"] 1832delta = "0.4.6 -> 0.4.7" 1833 1834[[audits.regex-automata]] 1835who = "Lukasz Anforowicz <lukasza@chromium.org>" 1836criteria = ["safe-to-run", "does-not-implement-crypto"] 1837delta = "0.4.7 -> 0.4.8" 1838 1839[[audits.regex-automata]] 1840who = "Lukasz Anforowicz <lukasza@chromium.org>" 1841criteria = ["safe-to-run", "does-not-implement-crypto"] 1842delta = "0.4.8 -> 0.4.9" 1843notes = "New API: `BuildError.is_size_limit_exceeded`." 1844 1845[[audits.regex-syntax]] 1846who = "danakj@chromium.org" 1847criteria = ["safe-to-run", "does-not-implement-crypto"] 1848version = "0.8.2" 1849notes = """ 1850Reviewed in https://crrev.com/c/5171063 1851 1852Previously reviewed during security review and the audit is grandparented in. 1853""" 1854 1855[[audits.regex-syntax]] 1856who = "Lukasz Anforowicz <lukasza@chromium.org>" 1857criteria = ["safe-to-run", "does-not-implement-crypto"] 1858delta = "0.8.2 -> 0.8.3" 1859 1860[[audits.regex-syntax]] 1861who = "Adrian Taylor <adetaylor@chromium.org>" 1862criteria = ["safe-to-run", "does-not-implement-crypto"] 1863delta = "0.8.3 -> 0.8.4" 1864 1865[[audits.regex-syntax]] 1866who = "Lukasz Anforowicz <lukasza@chromium.org>" 1867criteria = ["safe-to-run", "does-not-implement-crypto"] 1868delta = "0.8.4 -> 0.8.5" 1869 1870[[audits.relative-path]] 1871who = "danakj <danakj@chromium.org>" 1872criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 1873version = "1.9.3" 1874notes = """ 1875There is no net or fs usage, no crypto. 1876There is unsafe to convert pointers from str to RelativePath, where the latter 1877is a transparent wrapper around str so the pointer will be to a valid 1878type/value always. 1879""" 1880 1881[[audits.rstest]] 1882who = "danakj@chromium.org" 1883criteria = ["safe-to-run", "does-not-implement-crypto", "ub-risk-0"] 1884version = "0.17.0" 1885notes = """ 1886Reviewed in https://crrev.com/c/5171063 1887 1888Previously reviewed during security review and the audit is grandparented in. 1889""" 1890 1891[[audits.rstest]] 1892who = "danakj <danakj@chromium.org>" 1893criteria = ["safe-to-run", "does-not-implement-crypto", "ub-risk-0"] 1894delta = "0.17.0 -> 0.22.0" 1895notes = "No new unsafe. fs and net usage, but only in its own tests." 1896 1897[[audits.rstest_macros]] 1898who = "danakj@chromium.org" 1899criteria = ["safe-to-run", "does-not-implement-crypto"] 1900version = "0.17.0" 1901notes = """ 1902Reviewed in https://crrev.com/c/5171063 1903 1904Previously reviewed during security review and the audit is grandparented in. 1905""" 1906 1907[[audits.rstest_macros]] 1908who = "danakj <danakj@chromium.org>" 1909criteria = ["safe-to-run", "does-not-implement-crypto", "ub-risk-0"] 1910version = "0.22.0" 1911notes = """ 1912There is no fs or net usage directly, though there is fs 1913usage through the glob crate to get lists of files if the user 1914asks for it in their macro. 1915 1916There is no unsafe. Scanned through all the code. 1917""" 1918 1919[[audits.rstest_reuse]] 1920who = "danakj@chromium.org" 1921criteria = ["safe-to-run", "does-not-implement-crypto", "ub-risk-0"] 1922version = "0.5.0" 1923notes = """ 1924Reviewed in https://crrev.com/c/5171063 1925 1926Previously reviewed during security review and the audit is grandparented in. 1927""" 1928 1929[[audits.rstest_reuse]] 1930who = "danakj <danakj@chromium.org>" 1931criteria = ["safe-to-run", "does-not-implement-crypto", "ub-risk-0"] 1932delta = "0.5.0 -> 0.7.0" 1933notes = "No new unsafe, looked through the changes which were minimal." 1934 1935[[audits.rustc-demangle]] 1936who = "danakj@chromium.org" 1937criteria = ["safe-to-run", "does-not-implement-crypto"] 1938version = "0.1.23" 1939notes = """ 1940Reviewed in https://crrev.com/c/5171063 1941 1942Previously reviewed during security review and the audit is grandparented in. 1943""" 1944 1945[[audits.rustc-demangle]] 1946who = "danakj <danakj@chromium.org>" 1947criteria = ["safe-to-run", "does-not-implement-crypto"] 1948delta = "0.1.23 -> 0.1.24" 1949 1950[[audits.rustc_version]] 1951who = "danakj@chromium.org" 1952criteria = ["safe-to-run", "does-not-implement-crypto"] 1953version = "0.4.0" 1954notes = """ 1955Reviewed in https://crrev.com/c/5171063 1956 1957Previously reviewed during security review and the audit is grandparented in. 1958""" 1959 1960[[audits.rustc_version]] 1961who = "danakj <danakj@chromium.org>" 1962criteria = ["safe-to-run", "does-not-implement-crypto"] 1963delta = "0.4.0 -> 0.4.1" 1964notes = "No unsafe, net or fs." 1965 1966[[audits.rustversion]] 1967who = "Lukasz Anforowicz <lukasza@chromium.org>" 1968criteria = ["ub-risk-0", "safe-to-deploy", "does-not-implement-crypto"] 1969version = "1.0.14" 1970notes = """ 1971Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` 1972and there were no hits except for: 1973 1974* Using trivially-safe `unsafe` in test code: 1975 1976 ``` 1977 tests/test_const.rs:unsafe fn _unsafe() {} 1978 tests/test_const.rs:const _UNSAFE: () = unsafe { _unsafe() }; 1979 ``` 1980 1981* Using `unsafe` in a string: 1982 1983 ``` 1984 src/constfn.rs: \"unsafe\" => Qualifiers::Unsafe, 1985 ``` 1986 1987* Using `std::fs` in `build/build.rs` to write `${OUT_DIR}/version.expr` 1988 which is later read back via `include!` used in `src/lib.rs`. 1989 1990Version `1.0.6` of this crate has been added to Chromium in 1991https://source.chromium.org/chromium/chromium/src/+/28841c33c77833cc30b286f9ae24c97e7a8f4057 1992""" 1993 1994[[audits.rustversion]] 1995who = "Adrian Taylor <adetaylor@chromium.org>" 1996criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 1997delta = "1.0.14 -> 1.0.15" 1998 1999[[audits.rustversion]] 2000who = "danakj <danakj@chromium.org>" 2001criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2002delta = "1.0.15 -> 1.0.16" 2003 2004[[audits.rustversion]] 2005who = "Dustin J. Mitchell <djmitche@chromium.org>" 2006criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2007delta = "1.0.16 -> 1.0.17" 2008notes = "Just updates windows compat" 2009 2010[[audits.rustversion]] 2011who = "Liza Burakova <liza@chromium.org>" 2012criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2013delta = "1.0.17 -> 1.0.18" 2014 2015[[audits.semver]] 2016who = "danakj@chromium.org" 2017criteria = ["safe-to-run", "does-not-implement-crypto"] 2018version = "1.0.20" 2019notes = """ 2020Reviewed in https://crrev.com/c/5171063 2021 2022Previously reviewed during security review and the audit is grandparented in. 2023""" 2024 2025[[audits.semver]] 2026who = "Lukasz Anforowicz <lukasza@chromium.org>" 2027criteria = ["safe-to-run", "does-not-implement-crypto"] 2028delta = "1.0.20 -> 1.0.21" 2029 2030[[audits.semver]] 2031who = "Lukasz Anforowicz <lukasza@chromium.org>" 2032criteria = ["safe-to-run", "does-not-implement-crypto"] 2033delta = "1.0.21 -> 1.0.22" 2034 2035[[audits.semver]] 2036who = "danakj <danakj@chromium.org>" 2037criteria = ["safe-to-run", "does-not-implement-crypto"] 2038delta = "1.0.22 -> 1.0.23" 2039 2040[[audits.serde]] 2041who = "Lukasz Anforowicz <lukasza@chromium.org>" 2042criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2043version = "1.0.197" 2044notes = """ 2045Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`. 2046 2047There were some hits for `net`, but they were related to serialization and 2048not actually opening any connections or anything like that. 2049 2050There were 2 hits of `unsafe` when grepping: 2051* In `fn as_str` in `impl Buf` 2052* In `fn serialize` in `impl Serialize for net::Ipv4Addr` 2053 2054Unsafe review comments can be found in https://crrev.com/c/5350573/2 (this 2055review also covered `serde_json_lenient`). 2056 2057Version 1.0.130 of the crate has been added to Chromium in 2058https://crrev.com/c/3265545. The CL description contains a link to a 2059(Google-internal, sorry) document with a mini security review. 2060""" 2061 2062[[audits.serde]] 2063who = "Dustin J. Mitchell <djmitche@chromium.org>" 2064criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2065delta = "1.0.197 -> 1.0.198" 2066 2067[[audits.serde]] 2068who = "danakj <danakj@chromium.org>" 2069criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2070delta = "1.0.198 -> 1.0.201" 2071 2072[[audits.serde]] 2073who = "Dustin J. Mitchell <djmitche@chromium.org>" 2074criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2075delta = "1.0.201 -> 1.0.202" 2076notes = "Trivial changes" 2077 2078[[audits.serde]] 2079who = "Lukasz Anforowicz <lukasza@chromium.org>" 2080criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2081delta = "1.0.202 -> 1.0.203" 2082notes = "s/doc_cfg/docsrs/ + tuple_impls/tuple_impl_body-related changes" 2083 2084[[audits.serde]] 2085who = "Adrian Taylor <adetaylor@chromium.org>" 2086criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2087delta = "1.0.203 -> 1.0.204" 2088 2089[[audits.serde]] 2090who = "Lukasz Anforowicz <lukasza@chromium.org>" 2091criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2092delta = "1.0.204 -> 1.0.207" 2093notes = "The small change in `src/private/ser.rs` should have no impact on `ub-risk-2`." 2094 2095[[audits.serde]] 2096who = "Lukasz Anforowicz <lukasza@chromium.org>" 2097criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2098delta = "1.0.207 -> 1.0.209" 2099notes = """ 2100The delta carries fairly small changes in `src/private/de.rs` and 2101`src/private/ser.rs` (see https://crrev.com/c/5812194/2..5). AFAICT the 2102delta has no impact on the `unsafe`, `from_utf8_unchecked`-related parts 2103of the crate (in `src/de/format.rs` and `src/ser/impls.rs`). 2104""" 2105 2106[[audits.serde]] 2107who = "Adrian Taylor <adetaylor@chromium.org>" 2108criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2109delta = "1.0.209 -> 1.0.210" 2110notes = "Almost no new code - just feature rearrangement" 2111 2112[[audits.serde]] 2113who = "Liza Burakova <liza@chromium.org>" 2114criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2115delta = "1.0.210 -> 1.0.213" 2116 2117[[audits.serde]] 2118who = "Dustin J. Mitchell <djmitche@chromium.org>" 2119criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2120delta = "1.0.213 -> 1.0.214" 2121notes = "No unsafe, no crypto" 2122 2123[[audits.serde]] 2124who = "Adrian Taylor <adetaylor@chromium.org>" 2125criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2126delta = "1.0.214 -> 1.0.215" 2127 2128[[audits.serde_derive]] 2129who = "Lukasz Anforowicz <lukasza@chromium.org>" 2130criteria = "ub-risk-0" 2131version = "1.0.193" 2132notes = 'Grepped for `\bunsafe\b` - there were no hits' 2133 2134[[audits.serde_derive]] 2135who = "Lukasz Anforowicz <lukasza@chromium.org>" 2136criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2137version = "1.0.195" 2138notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits" 2139 2140[[audits.serde_derive]] 2141who = "Lukasz Anforowicz <lukasza@chromium.org>" 2142criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2143version = "1.0.196" 2144notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits" 2145 2146[[audits.serde_derive]] 2147who = "Lukasz Anforowicz <lukasza@chromium.org>" 2148criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2149version = "1.0.197" 2150notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits" 2151 2152[[audits.serde_derive]] 2153who = "danakj <danakj@chromium.org>" 2154criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2155delta = "1.0.197 -> 1.0.201" 2156 2157[[audits.serde_derive]] 2158who = "Dustin J. Mitchell <djmitche@chromium.org>" 2159criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2160delta = "1.0.201 -> 1.0.202" 2161 2162[[audits.serde_derive]] 2163who = "Lukasz Anforowicz <lukasza@chromium.org>" 2164criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2165delta = "1.0.202 -> 1.0.203" 2166notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits" 2167 2168[[audits.serde_derive]] 2169who = "Adrian Taylor <adetaylor@chromium.org>" 2170criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2171delta = "1.0.203 -> 1.0.204" 2172 2173[[audits.serde_derive]] 2174who = "Lukasz Anforowicz <lukasza@chromium.org>" 2175criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2176delta = "1.0.204 -> 1.0.207" 2177notes = 'Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits' 2178 2179[[audits.serde_derive]] 2180who = "Lukasz Anforowicz <lukasza@chromium.org>" 2181criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2182delta = "1.0.207 -> 1.0.209" 2183notes = ''' 2184There are no code changes in this delta - see https://crrev.com/c/5812194/2..5 2185 2186I've neverthless also grepped for `-i cipher`, `-i crypto`, `\bfs\b`, 2187`\bnet\b`, and `\bunsafe\b`. There were no hits. 2188''' 2189 2190[[audits.serde_derive]] 2191who = "Adrian Taylor <adetaylor@chromium.org>" 2192criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2193delta = "1.0.209 -> 1.0.210" 2194notes = "Almost no new code - just feature rearrangement" 2195 2196[[audits.serde_derive]] 2197who = "Liza Burakova <liza@chromium.org>" 2198criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2199delta = "1.0.210 -> 1.0.213" 2200notes = "Grepped for 'unsafe', 'crypt', 'cipher', 'fs', 'net' - there were no hits" 2201 2202[[audits.serde_derive]] 2203who = "Dustin J. Mitchell <djmitche@chromium.org>" 2204criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2205delta = "1.0.213 -> 1.0.214" 2206notes = "No changes to unsafe, no crypto" 2207 2208[[audits.serde_derive]] 2209who = "Adrian Taylor <adetaylor@chromium.org>" 2210criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2211delta = "1.0.214 -> 1.0.215" 2212notes = "Minor changes should not impact UB risk" 2213 2214[[audits.serde_json]] 2215who = "danakj@chromium.org" 2216criteria = ["safe-to-run", "does-not-implement-crypto"] 2217version = "1.0.108" 2218notes = """ 2219Reviewed in https://crrev.com/c/5171063 2220 2221Previously reviewed during security review and the audit is grandparented in. 2222""" 2223 2224[[audits.serde_json]] 2225who = "Lukasz Anforowicz <lukasza@chromium.org>" 2226criteria = ["safe-to-run", "does-not-implement-crypto"] 2227delta = "1.0.108 -> 1.0.111" 2228 2229[[audits.serde_json]] 2230who = "Lukasz Anforowicz <lukasza@chromium.org>" 2231criteria = ["safe-to-run", "does-not-implement-crypto"] 2232delta = "1.0.111 -> 1.0.113" 2233 2234[[audits.serde_json]] 2235who = "Lukasz Anforowicz <lukasza@chromium.org>" 2236criteria = ["safe-to-run", "does-not-implement-crypto"] 2237delta = "1.0.113 -> 1.0.114" 2238 2239[[audits.serde_json]] 2240who = "Lukasz Anforowicz <lukasza@chromium.org>" 2241criteria = ["safe-to-run", "does-not-implement-crypto"] 2242delta = "1.0.114 -> 1.0.115" 2243 2244[[audits.serde_json]] 2245who = "Dustin J. Mitchell <djmitche@chromium.org>" 2246criteria = ["safe-to-run", "does-not-implement-crypto"] 2247delta = "1.0.115 -> 1.0.116" 2248notes = "No changes that affect safety to run, and no crypto" 2249 2250[[audits.serde_json]] 2251who = "danakj <danakj@chromium.org>" 2252criteria = ["safe-to-run", "does-not-implement-crypto"] 2253delta = "1.0.116 -> 1.0.117" 2254 2255[[audits.serde_json]] 2256who = "Adrian Taylor <adetaylor@chromium.org>" 2257criteria = ["safe-to-run", "does-not-implement-crypto"] 2258delta = "1.0.117 -> 1.0.120" 2259 2260[[audits.serde_json]] 2261who = "Lukasz Anforowicz <lukasza@chromium.org>" 2262criteria = ["safe-to-run", "does-not-implement-crypto"] 2263delta = "1.0.120 -> 1.0.122" 2264 2265[[audits.serde_json]] 2266who = "Lukasz Anforowicz <lukasza@chromium.org>" 2267criteria = ["safe-to-run", "does-not-implement-crypto"] 2268delta = "1.0.122 -> 1.0.124" 2269 2270[[audits.serde_json]] 2271who = "Lukasz Anforowicz <lukasza@chromium.org>" 2272criteria = ["safe-to-run", "does-not-implement-crypto"] 2273delta = "1.0.124 -> 1.0.127" 2274 2275[[audits.serde_json]] 2276who = "danakj <danakj@chromium.org>" 2277criteria = ["safe-to-run", "does-not-implement-crypto"] 2278delta = "1.0.127 -> 1.0.128" 2279 2280[[audits.serde_json]] 2281who = "Liza Burakova <liza@chromium.org>" 2282criteria = ["safe-to-run", "does-not-implement-crypto"] 2283delta = "1.0.128 -> 1.0.132" 2284notes = """ 2285Methods moved into new deserializer trait in de.rs. 2286New methods for converting Number to i128 or u128 in number.rs 2287No new unsafe changes. 2288""" 2289 2290[[audits.serde_json]] 2291who = "Adrian Taylor <adetaylor@chromium.org>" 2292criteria = ["safe-to-run", "does-not-implement-crypto"] 2293delta = "1.0.132 -> 1.0.133" 2294notes = "No changes affecting safety-to-run and still no crypto" 2295 2296[[audits.serde_json_lenient]] 2297who = "danakj@chromium.org" 2298criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2299version = "0.1.8" 2300notes = """ 2301Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`. 2302 2303There were some hits for `fs` and `net`, but they were in comments. 2304 2305Unsafe review comments can be found in https://crrev.com/c/5350573/2. 2306There were 8 hits of `unsafe` when grepping. 2307 2308Version 0.1.4 of the crate was added to Chromium in 2309https://crrev.com/c/3511416. 2310""" 2311 2312[[audits.serde_json_lenient]] 2313who = "danakj@chromium.org" 2314criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2315delta = "0.1.8 -> 0.2.0" 2316notes = """ 2317Reviewed in https://crrev.com/c/5361256 2318""" 2319 2320[[audits.serde_json_lenient]] 2321who = "djmitche@chromium.org" 2322criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2323delta = "0.2.0 -> 0.2.1" 2324notes = """ 2325Reviewed in https://crrev.com/c/5385822 2326""" 2327 2328[[audits.serde_json_lenient]] 2329who = "Dustin J. Mitchell <djmitche@chromium.org>" 2330criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2331delta = "0.2.1 -> 0.2.3" 2332 2333[[audits.simd-adler32]] 2334who = "Lukasz Anforowicz <lukasza@chromium.org>" 2335criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2336version = "0.3.7" 2337notes = """ 2338Security review of earlier versions of the crate can be found at 2339(Google-internal, sorry): go/image-crate-chromium-security-review 2340 2341Audit comments for 1.3.2 can be found at https://crrev.com/c/4723145. 2342""" 2343 2344[[audits.skrifa]] 2345who = "Lukasz Anforowicz <lukasza@chromium.org>" 2346criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2347version = "0.19.0" 2348notes = """ 2349Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits 2350(except for benign \"fs\" hit in `skrifa-0.19.0/src/color/traversal_tests/mod.rs`). 2351 2352For overall `safe-to-deploy` and `does-not-implement-crypto` I am mostly 2353relying on certification by the Chromium engineers who work on the library 2354(mostly drott@chromium.org). 2355""" 2356 2357[[audits.skrifa]] 2358who = "drott@chromium.org" 2359criteria = ["ub-risk-1", "safe-to-deploy", "does-not-implement-crypto"] 2360delta = "0.15.2 -> 0.15.4" 2361 2362[[audits.skrifa]] 2363who = "Dustin J. Mitchell <djmitche@chromium.org>" 2364criteria = ["safe-to-deploy", "crypto-safe", "ub-risk-0"] 2365delta = "0.19.0 -> 0.19.1" 2366notes = "Crate has `forbid_unsafe` and no unsafe code. Changes all appear font-related and safe." 2367 2368[[audits.skrifa]] 2369who = "Lukasz Anforowicz <lukasza@chromium.org>" 2370criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2371delta = "0.19.1 -> 0.19.2" 2372 2373[[audits.skrifa]] 2374who = "Adrian Taylor <adetaylor@chromium.org>" 2375criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2376delta = "0.19.2 -> 0.19.3" 2377 2378[[audits.skrifa]] 2379who = "Dominik Röttsches <drott@chromium.org>" 2380criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2381delta = "0.19.3 -> 0.20.0" 2382notes = "Contains mainly preparatory autohint changes and data tables." 2383 2384[[audits.skrifa]] 2385who = "Dominik Röttsches <drott@chromium.org>" 2386criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2387delta = "0.20.0 -> 0.22.0" 2388notes = "Changes for adding autohinting support. Crates forbids unsafe code." 2389 2390[[audits.skrifa]] 2391who = "Lukasz Anforowicz <lukasza@chromium.org>" 2392criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2393delta = "0.22.0 -> 0.22.1" 2394 2395[[audits.skrifa]] 2396who = "Dominik Röttsches <drott@chromium.org>" 2397criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2398delta = "0.22.1 -> 0.22.3" 2399notes = "Matching FreeType advances more closely, through usage of hdmx and other fixes. Path retrieval speedups." 2400 2401[[audits.skrifa]] 2402who = "Dominik Röttsches <drott@chromium.org>" 2403criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2404delta = "0.22.3 -> 0.23.0" 2405notes = "Incremental Font Transfer patchset implementation removed, important fixes for path retrievel from CFF fonts with empty PrivateDict." 2406 2407[[audits.skrifa]] 2408who = "Dominik Röttsches <drott@chromium.org>" 2409criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2410delta = "0.23.0 -> 0.24.0" 2411notes = "Skrifa updates for using wrapping arithmetic in CFF private dict parsing." 2412 2413[[audits.skrifa]] 2414who = "Dominik Röttsches <drott@chromium.org>" 2415criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2416delta = "0.24.0 -> 0.24.1" 2417notes = "COLRv1 bounds fix, fixes for underflows/overflows." 2418 2419[[audits.small_ctor]] 2420who = "danakj@chromium.org" 2421criteria = ["safe-to-run", "does-not-implement-crypto"] 2422version = "0.1.1" 2423notes = """ 2424Reviewed in https://crrev.com/c/5171063 2425 2426Previously reviewed during security review and the audit is grandparented in. 2427""" 2428 2429[[audits.small_ctor]] 2430who = "Lukasz Anforowicz <lukasza@chromium.org>" 2431criteria = ["safe-to-run", "does-not-implement-crypto"] 2432delta = "0.1.1 -> 0.1.2" 2433notes = "I don't fully understand the changes in `lib.rs` but they seem to meet the low bar of `safe-to-run`." 2434 2435[[audits.static_assertions]] 2436who = "Lukasz Anforowicz <lukasza@chromium.org>" 2437criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-1"] 2438version = "1.1.0" 2439notes = """ 2440Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'` 2441and there were no hits except for one `unsafe`. 2442 2443The lambda where `unsafe` is used is never invoked (e.g. the `unsafe` code 2444never runs) and is only introduced for some compile-time checks. Additional 2445unsafe review comments can be found in https://crrev.com/c/5353376. 2446 2447This crate has been added to Chromium in https://crrev.com/c/3736562. The CL 2448description contains a link to a document with an additional security review. 2449""" 2450 2451[[audits.strsim]] 2452who = "danakj@chromium.org" 2453criteria = ["does-not-implement-crypto", "safe-to-deploy", "ub-risk-0"] 2454version = "0.10.0" 2455notes = """ 2456Reviewed in https://crrev.com/c/5171063 2457 2458Previously reviewed during security review and the audit is grandparented in. 2459""" 2460 2461[[audits.strsim]] 2462who = "Lukasz Anforowicz <lukasza@chromium.org>" 2463criteria = "ub-risk-0" 2464version = "0.11.0" 2465notes = "No `unsafe`" 2466 2467[[audits.strsim]] 2468who = "Lukasz Anforowicz <lukasza@chromium.org>" 2469criteria = ["safe-to-run", "does-not-implement-crypto"] 2470delta = "0.10.0 -> 0.11.0" 2471 2472[[audits.strsim]] 2473who = "Adrian Taylor <adetaylor@chromium.org>" 2474criteria = ["safe-to-run", "does-not-implement-crypto"] 2475delta = "0.11.0 -> 0.11.1" 2476 2477[[audits.strum]] 2478who = "danakj@chromium.org" 2479criteria = ["does-not-implement-crypto", "safe-to-deploy", "ub-risk-0"] 2480version = "0.25.0" 2481notes = """ 2482Reviewed in https://crrev.com/c/5171063 2483 2484Previously reviewed during security review and the audit is grandparented in. 2485""" 2486 2487[[audits.strum_macros]] 2488who = "danakj@chromium.org" 2489criteria = ["does-not-implement-crypto", "safe-to-deploy", "ub-risk-0"] 2490version = "0.25.3" 2491notes = """ 2492Reviewed in https://crrev.com/c/5171063 2493 2494Previously reviewed during security review and the audit is grandparented in. 2495""" 2496 2497[[audits.syn]] 2498who = "danakj@chromium.org" 2499criteria = ["safe-to-run", "does-not-implement-crypto"] 2500version = "1.0.109" 2501notes = """ 2502Reviewed in https://crrev.com/c/5171063 2503 2504Previously reviewed during security review and the audit is grandparented in. 2505""" 2506 2507[[audits.termcolor]] 2508who = "danakj@chromium.org" 2509criteria = ["safe-to-run", "does-not-implement-crypto"] 2510version = "1.4.0" 2511notes = """ 2512Reviewed in https://crrev.com/c/5171063 2513 2514Previously reviewed during security review and the audit is grandparented in. 2515""" 2516 2517[[audits.termcolor]] 2518who = "Lukasz Anforowicz <lukasza@chromium.org>" 2519criteria = "ub-risk-0" 2520version = "1.4.0" 2521notes = "No `unsafe`." 2522 2523[[audits.termcolor]] 2524who = "Lukasz Anforowicz <lukasza@chromium.org>" 2525criteria = ["safe-to-run", "does-not-implement-crypto"] 2526delta = "1.4.0 -> 1.4.1" 2527 2528[[audits.tinyvec]] 2529who = "Lukasz Anforowicz <lukasza@chromium.org>" 2530criteria = ["ub-risk-0", "safe-to-deploy", "does-not-implement-crypto"] 2531version = "1.6.0" 2532notes = """ 2533Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` 2534and there were no hits except for some \"unsafe\" appearing in comments: 2535 2536``` 2537src/arrayvec.rs: // Note: This shouldn't use A::CAPACITY, because unsafe code can't rely on 2538src/lib.rs://! All of this is done with no `unsafe` code within the crate. Technically the 2539src/lib.rs://! `Vec` type from the standard library uses `unsafe` internally, but *this 2540src/lib.rs://! crate* introduces no new `unsafe` code into your project. 2541src/array.rs:/// Just a reminder: this trait is 100% safe, which means that `unsafe` code 2542``` 2543 2544This crate has been added to Chromium in 2545https://source.chromium.org/chromium/chromium/src/+/24773c33e1b7a1b5069b9399fd034375995f290b 2546""" 2547 2548[[audits.tinyvec]] 2549who = "Adrian Taylor <adetaylor@chromium.org>" 2550criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2551delta = "1.6.0 -> 1.6.1" 2552 2553[[audits.tinyvec]] 2554who = "Adrian Taylor <adetaylor@chromium.org>" 2555criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2556delta = "1.6.1 -> 1.7.0" 2557 2558[[audits.tinyvec]] 2559who = "Dustin J. Mitchell <djmitche@chromium.org>" 2560criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-0"] 2561delta = "1.7.0 -> 1.8.0" 2562 2563[[audits.unicode-ident]] 2564who = "Lukasz Anforowicz <lukasza@chromium.org>" 2565criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2566version = "1.0.12" 2567notes = ''' 2568I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits. 2569 2570All two functions from the public API of this crate use `unsafe` to avoid bound 2571checks for an array access. Cross-module analysis shows that the offsets can 2572be statically proven to be within array bounds. More details can be found in 2573the unsafe review CL at https://crrev.com/c/5350386. 2574 2575This crate has been added to Chromium in https://crrev.com/c/3891618. 2576''' 2577 2578[[audits.unicode-ident]] 2579who = "Dustin J. Mitchell <djmitche@chromium.org>" 2580criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2581delta = "1.0.12 -> 1.0.13" 2582notes = "Lots of table updates, and tables are assumed correct with unsafe `.get_unchecked()`, so ub-risk-2 is appropriate" 2583 2584[[audits.unicode-linebreak]] 2585who = "Lukasz Anforowicz <lukasza@chromium.org>" 2586criteria = ["ub-risk-0", "safe-to-deploy", "does-not-implement-crypto"] 2587version = "0.1.5" 2588notes = """ 2589Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'`` 2590and there were no hits. 2591 2592Version `0.1.2` of this crate has been added to Chromium in 2593https://source.chromium.org/chromium/chromium/src/+/591a0f30c5eac93b6a3d981c2714ffa4db28dbcb 2594The CL description contains a link to a Google-internal document with audit details. 2595""" 2596 2597[[audits.unicode-width]] 2598who = "danakj@chromium.org" 2599criteria = ["safe-to-run", "does-not-implement-crypto"] 2600version = "0.1.11" 2601notes = """ 2602Reviewed in https://crrev.com/c/5171063 2603 2604Previously reviewed during security review and the audit is grandparented in. 2605""" 2606 2607[[audits.unicode-width]] 2608who = "danakj <danakj@chromium.org>" 2609criteria = ["safe-to-run", "does-not-implement-crypto"] 2610delta = "0.1.11 -> 0.1.12" 2611 2612[[audits.unicode-width]] 2613who = "Lukasz Anforowicz <lukasza@chromium.org>" 2614criteria = ["safe-to-run", "does-not-implement-crypto"] 2615delta = "0.1.12 -> 0.1.13" 2616 2617[[audits.unicode-width]] 2618who = "Lukasz Anforowicz <lukasza@chromium.org>" 2619criteria = ["safe-to-run", "does-not-implement-crypto"] 2620delta = "0.1.13 -> 0.1.14" 2621 2622[[audits.winapi]] 2623who = "danakj@chromium.org" 2624criteria = ["safe-to-run", "does-not-implement-crypto"] 2625version = "0.3.9" 2626notes = """ 2627Reviewed in https://crrev.com/c/5171063 2628 2629Previously reviewed during security review and the audit is grandparented in. 2630""" 2631 2632[[audits.winapi-util]] 2633who = "danakj@chromium.org" 2634criteria = ["safe-to-run", "does-not-implement-crypto"] 2635version = "0.1.6" 2636notes = """ 2637Reviewed in https://crrev.com/c/5171063 2638 2639Previously reviewed during security review and the audit is grandparented in. 2640""" 2641 2642[[audits.winapi-util]] 2643who = "danakj <danakj@chromium.org>" 2644criteria = ["safe-to-run", "does-not-implement-crypto"] 2645delta = "0.1.6 -> 0.1.8" 2646 2647[[audits.winapi-util]] 2648who = "Lukasz Anforowicz <lukasza@chromium.org>" 2649criteria = ["safe-to-run", "does-not-implement-crypto"] 2650delta = "0.1.8 -> 0.1.9" 2651notes = "The delta only changes Cargo.toml." 2652 2653[[audits.wycheproof]] 2654who = "danakj@chromium.org" 2655criteria = ["safe-to-run", "does-not-implement-crypto"] 2656version = "0.4.0" 2657notes = """ 2658Reviewed in https://crrev.com/c/5171063 2659 2660Previously reviewed during security review and the audit is grandparented in. 2661""" 2662 2663[[trusted.libc]] 2664criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2665user-id = 51017 2666start = "2020-03-17" 2667end = "2025-05-23" 2668notes = """ 2669Chromium implicitly trusts the Rust toolchain (e.g. the `rustc` and 2670`cargo` binaries maintained and published by the 2671https://github.com/rust-lang organization and packaged and distributed 2672via Chromium's `tools/rust/package_rust.py` scripts). Here we extend 2673this trust to the system libraries that are maintained and published by 2674the same organization. 2675 2676user-id 51017 maps to https://crates.io/users/JohnTitor who has 2677published https://crates.io/crates/libc/0.2.154 2678""" 2679 2680[[trusted.libc]] 2681criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2682user-id = 5820 2683start = "2020-03-17" 2684end = "2025-05-23" 2685notes = """ 2686Same justification as for the other `trusted.libc` entry above. 2687 2688user-id 5820 maps to https://crates.io/users/the8472 who has published 2689https://crates.io/crates/libc/0.2.155 2690""" 2691 2692[[trusted.libc]] 2693criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2694user-id = 55123 # rust-lang-owner 2695start = "2024-08-15" 2696end = "2025-08-26" 2697notes = """ 2698Same justification as for the other `trusted.libc` entry above. 2699 2700user-id 55123 maps to https://crates.io/users/rust-lang-owner who has published 2701https://crates.io/crates/libc/0.2.158 2702""" 2703 2704[[trusted.libc]] 2705criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2706user-id = 55123 # rust-lang-owner 2707start = "2024-10-17" 2708end = "2025-10-24" 2709notes = """ 2710Same justification as for the other `trusted.libc` entry above. 2711 2712user-id 55123 maps to https://crates.io/users/rust-lang-owner who has published 2713https://crates.io/crates/libc/0.2.161 2714""" 2715 2716[[trusted.windows-sys]] 2717criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2718user-id = 64539 # Kenny Kerr (kennykerr) 2719start = "2021-11-15" 2720end = "9999-05-15" 2721notes = """ 2722This crate and its deps are published by Microsoft as the official Rust SDK for Windows APIs at https://github.com/microsoft/windows-rs 2723 2724user-id 64539 maps to https://crates.io/users/kennykerr who has published version 0.52.0. 2725""" 2726 2727[[trusted.windows-targets]] 2728criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2729user-id = 64539 # Kenny Kerr (kennykerr) 2730start = "2022-09-09" 2731end = "9999-05-15" 2732notes = """ 2733This crate is part of the official Rust SDK from Microsoft, see windows-sys. 2734""" 2735 2736[[trusted.windows_aarch64_msvc]] 2737criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2738user-id = 64539 # Kenny Kerr (kennykerr) 2739start = "2021-11-05" 2740end = "9999-05-15" 2741notes = """ 2742This crate is part of the official Rust SDK from Microsoft, see windows-sys. 2743""" 2744 2745[[trusted.windows_i686_msvc]] 2746criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2747user-id = 64539 # Kenny Kerr (kennykerr) 2748start = "2021-10-27" 2749end = "9999-05-15" 2750notes = """ 2751This crate is part of the official Rust SDK from Microsoft, see windows-sys. 2752""" 2753 2754[[trusted.windows_x86_64_msvc]] 2755criteria = ["safe-to-deploy", "does-not-implement-crypto", "ub-risk-2"] 2756user-id = 64539 # Kenny Kerr (kennykerr) 2757start = "2021-10-27" 2758end = "9999-05-15" 2759notes = """ 2760This crate is part of the official Rust SDK from Microsoft, see windows-sys. 2761""" 2762
