mirrors/rage
1
0
Fork 0
mirror of https://github.com/str4d/rage.git synced 2025-04-03 19:07:42 +03:00
Code Issues Projects Releases Packages Wiki Activity

qa: Import cargo vet audits from Firefox and zcashd

Browse source
This commit is contained in:
Jack Grigg 2022-10-26 09:33:45 +00:00
parent 7fe704139f
commit e09d37c421
2 changed files with 763 additions and 85 deletions
Download patch file Download diff file Expand all files Collapse all files

94
supply-chain/config.toml
View file

@ -1,6 +1,16 @@
# cargo-vet config file
[imports.firefox]
url = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[imports.zcashd]
url = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[imports.zcashd.criteria-map]]
ours = "crypto-reviewed"
theirs = "crypto-reviewed"
[policy.age]
audit-as-crates-io = false
@ -53,10 +63,6 @@ criteria = "safe-to-run"
version = "0.2.14"
criteria = "safe-to-deploy"
[[exemptions.autocfg]]
version = "1.1.0"
criteria = "safe-to-deploy"
[[exemptions.backtrace]]
version = "0.3.66"
criteria = "safe-to-run"
@ -153,10 +159,6 @@ criteria = "safe-to-deploy"
version = "0.3.0"
criteria = "safe-to-deploy"
[[exemptions.cipher]]
version = "0.4.3"
criteria = "safe-to-deploy"
[[exemptions.clap]]
version = "2.34.0"
criteria = "safe-to-run"
@ -333,22 +335,6 @@ criteria = "safe-to-run"
version = "1.0.24"
criteria = "safe-to-deploy"
[[exemptions.fluent]]
version = "0.16.0"
criteria = "safe-to-deploy"
[[exemptions.fluent-bundle]]
version = "0.15.2"
criteria = "safe-to-deploy"
[[exemptions.fluent-langneg]]
version = "0.13.0"
criteria = "safe-to-deploy"
[[exemptions.fluent-syntax]]
version = "0.11.0"
criteria = "safe-to-deploy"
[[exemptions.fuse_mt]]
version = "0.6.0"
criteria = "safe-to-deploy"
@ -425,18 +411,10 @@ criteria = "safe-to-deploy"
version = "1.8.2"
criteria = "safe-to-run"
[[exemptions.hashbrown]]
version = "0.12.3"
criteria = "safe-to-deploy"
[[exemptions.hermit-abi]]
version = "0.1.19"
criteria = "safe-to-deploy"
[[exemptions.hex]]
version = "0.4.3"
criteria = "safe-to-run"
[[exemptions.hkdf]]
version = "0.12.3"
criteria = "safe-to-deploy"
@ -481,18 +459,10 @@ criteria = "safe-to-run"
version = "0.11.12"
criteria = "safe-to-run"
[[exemptions.inout]]
version = "0.1.3"
criteria = "safe-to-deploy"
[[exemptions.instant]]
version = "0.1.12"
criteria = "safe-to-deploy"
[[exemptions.intl-memoizer]]
version = "0.5.1"
criteria = "safe-to-deploy"
[[exemptions.intl_pluralrules]]
version = "7.0.2"
criteria = "safe-to-deploy"
@ -545,10 +515,6 @@ criteria = "safe-to-deploy"
version = "0.4.9"
criteria = "safe-to-deploy"
[[exemptions.log]]
version = "0.4.17"
criteria = "safe-to-deploy"
[[exemptions.malloc_buf]]
version = "0.0.6"
criteria = "safe-to-deploy"
@ -597,18 +563,6 @@ criteria = "safe-to-deploy"
version = "0.4.3"
criteria = "safe-to-run"
[[exemptions.num-integer]]
version = "0.1.45"
criteria = "safe-to-deploy"
[[exemptions.num-iter]]
version = "0.1.43"
criteria = "safe-to-deploy"
[[exemptions.num-traits]]
version = "0.2.15"
criteria = "safe-to-deploy"
[[exemptions.num_cpus]]
version = "1.13.1"
criteria = "safe-to-deploy"
@ -753,10 +707,6 @@ criteria = "safe-to-run"
version = "1.0.0"
criteria = "safe-to-run"
[[exemptions.quote]]
version = "1.0.21"
criteria = "safe-to-deploy"
[[exemptions.rand]]
version = "0.7.3"
criteria = "safe-to-deploy"
@ -785,14 +735,6 @@ criteria = "safe-to-deploy"
version = "0.2.0"
criteria = "safe-to-deploy"
[[exemptions.rayon]]
version = "1.5.3"
criteria = "safe-to-run"
[[exemptions.rayon-core]]
version = "1.9.3"
criteria = "safe-to-run"
[[exemptions.redox_syscall]]
version = "0.2.16"
criteria = "safe-to-deploy"
@ -845,10 +787,6 @@ criteria = "safe-to-deploy"
version = "0.1.21"
criteria = "safe-to-run"
[[exemptions.rustc-hash]]
version = "1.1.0"
criteria = "safe-to-deploy"
[[exemptions.ryu]]
version = "1.0.11"
criteria = "safe-to-deploy"
@ -953,10 +891,6 @@ criteria = "safe-to-run"
version = "1.0.103"
criteria = "safe-to-deploy"
[[exemptions.synstructure]]
version = "0.12.6"
criteria = "safe-to-deploy"
[[exemptions.tar]]
version = "0.4.38"
criteria = "safe-to-deploy"
@ -1013,10 +947,6 @@ criteria = "safe-to-deploy"
version = "0.2.4"
criteria = "safe-to-deploy"
[[exemptions.tinystr]]
version = "0.3.4"
criteria = "safe-to-deploy"
[[exemptions.tinytemplate]]
version = "1.2.1"
criteria = "safe-to-run"
@ -1045,10 +975,6 @@ criteria = "safe-to-deploy"
version = "0.9.1"
criteria = "safe-to-deploy"
[[exemptions.unic-langid-impl]]
version = "0.9.0"
criteria = "safe-to-deploy"
[[exemptions.unicode-ident]]
version = "1.0.5"
criteria = "safe-to-deploy"

754
supply-chain/imports.lock
View file

@ -1,5 +1,757 @@
# cargo-vet imports lock
[audits]
[[audits.firefox.audits.android_system_properties]]
who = "Nicolas Silva <nical@fastmail.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = "I wrote this crate, reviewed by jimb. It is mostly a Rust port of some C++ code we already ship."
[[audits.firefox.audits.android_system_properties]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.1.2 -> 0.1.4"
[[audits.firefox.audits.autocfg]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = "All code written or reviewed by Josh Stone."
[[audits.firefox.audits.bumpalo]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-run"
delta = "3.9.1 -> 3.10.0"
notes = """
Some nontrivial functional changes but certainly meets the no-malware bar of
safe-to-run. If we needed safe-to-deploy for this in m-c I'd ask Nick to re-
certify this version, but we don't, so this is fine for now.
"""
[[audits.firefox.audits.clap_lex]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.0 -> 0.2.2"
[[audits.firefox.audits.clap_lex]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.2 -> 0.2.4"
[[audits.firefox.audits.cpufeatures]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.2 -> 0.2.4"
[[audits.firefox.audits.crossbeam-channel]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.5.4 -> 0.5.6"
[[audits.firefox.audits.crossbeam-deque]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.8.1 -> 0.8.2"
[[audits.firefox.audits.crossbeam-epoch]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.9.8 -> 0.9.10"
[[audits.firefox.audits.crossbeam-utils]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.8.8 -> 0.8.11"
[[audits.firefox.audits.crypto-common]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.1.3 -> 0.1.6"
[[audits.firefox.audits.either]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.6.1 -> 1.7.0"
[[audits.firefox.audits.either]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.7.0 -> 1.8.0"
[[audits.firefox.audits.fastrand]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.7.0 -> 1.8.0"
[[audits.firefox.audits.fluent]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.16.0"
[[audits.firefox.audits.fluent-bundle]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.15.2"
[[audits.firefox.audits.fluent-langneg]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.13.0"
[[audits.firefox.audits.fluent-syntax]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.11.0"
[[audits.firefox.audits.futures]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
[[audits.firefox.audits.futures-channel]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
[[audits.firefox.audits.futures-core]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
[[audits.firefox.audits.futures-executor]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
[[audits.firefox.audits.futures-io]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
[[audits.firefox.audits.futures-macro]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
[[audits.firefox.audits.futures-sink]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
[[audits.firefox.audits.futures-task]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
[[audits.firefox.audits.futures-util]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
[[audits.firefox.audits.generic-array]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.14.5 -> 0.14.6"
[[audits.firefox.audits.getrandom]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.6 -> 0.2.7"
[[audits.firefox.audits.hashbrown]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
version = "0.12.3"
notes = "This version is used in rust's libstd, so effectively we're already trusting it"
[[audits.firefox.audits.hex]]
who = "Simon Friedberger <simon@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.4.3"
[[audits.firefox.audits.indexmap]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.8.2 -> 1.9.1"
[[audits.firefox.audits.intl-memoizer]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.5.1"
[[audits.firefox.audits.intl_pluralrules]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "7.0.1"
[[audits.firefox.audits.itoa]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.2 -> 1.0.3"
[[audits.firefox.audits.libc]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.126 -> 0.2.132"
[[audits.firefox.audits.log]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
version = "0.4.17"
[[audits.firefox.audits.memmap2]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.5.4 -> 0.5.7"
[[audits.firefox.audits.num-integer]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "0.1.45"
notes = "All code written or reviewed by Josh Stone."
[[audits.firefox.audits.num-iter]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "0.1.43"
notes = "All code written or reviewed by Josh Stone."
[[audits.firefox.audits.num-traits]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "0.2.15"
notes = "All code written or reviewed by Josh Stone."
[[audits.firefox.audits.once_cell]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.12.0 -> 1.13.1"
[[audits.firefox.audits.os_str_bytes]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "6.1.0 -> 6.3.0"
[[audits.firefox.audits.pin-project]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-run"
delta = "1.0.10 -> 1.0.12"
[[audits.firefox.audits.pin-project-internal]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-run"
delta = "1.0.10 -> 1.0.12"
[[audits.firefox.audits.proc-macro2]]
who = "Nika Layzell <nika@thelayzells.com>"
criteria = "safe-to-deploy"
version = "1.0.39"
notes = """
`proc-macro2` acts as either a thin(-ish) wrapper around the std-provided
`proc_macro` crate, or as a fallback implementation of the crate, depending on
where it is used.
If using this crate on older versions of rustc (1.56 and earlier), it will
temporarily replace the panic handler while initializing in order to detect if
it is running within a `proc_macro`, which could lead to surprising behaviour.
This should not be an issue for more recent compiler versions, which support
`proc_macro::is_available()`.
The `proc-macro2` crate's fallback behaviour is not identical to the complex
behaviour of the rustc compiler (e.g. it does not perform unicode normalization
for identifiers), however it behaves well enough for its intended use-case
(tests and scripts processing rust code).
`proc-macro2` does not use unsafe code, however exposes one `unsafe` API to
allow bypassing checks in the fallback implementation when constructing
`Literal` using `from_str_unchecked`. This was intended to only be used by the
`quote!` macro, however it has been removed
(https://github.com/dtolnay/quote/commit/f621fe64a8a501cae8e95ebd6848e637bbc79078),
and is likely completely unused. Even when used, this API shouldn't be able to
cause unsoundness.
"""
[[audits.firefox.audits.proc-macro2]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.39 -> 1.0.43"
[[audits.firefox.audits.quote]]
who = "Nika Layzell <nika@thelayzells.com>"
criteria = "safe-to-deploy"
version = "1.0.18"
notes = """
`quote` is a utility crate used by proc-macros to generate TokenStreams
conveniently from source code. The bulk of the logic is some complex
interlocking `macro_rules!` macros which are used to parse and build the
`TokenStream` within the proc-macro.
This crate contains no unsafe code, and the internal logic, while difficult to
read, is generally straightforward. I have audited the the quote macros, ident
formatter, and runtime logic.
"""
[[audits.firefox.audits.quote]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.18 -> 1.0.21"
[[audits.firefox.audits.rayon]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "1.5.3"
notes = "All code written or reviewed by Josh Stone or Niko Matsakis."
[[audits.firefox.audits.rayon-core]]
who = "Josh Stone <jistone@redhat.com>"
criteria = "safe-to-deploy"
version = "1.9.3"
notes = "All code written or reviewed by Josh Stone or Niko Matsakis."
[[audits.firefox.audits.redox_syscall]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.2.13 -> 0.2.16"
[[audits.firefox.audits.regex]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.5.6 -> 1.6.0"
[[audits.firefox.audits.regex-syntax]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.6.26 -> 0.6.27"
[[audits.firefox.audits.rustc-hash]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = "Straightforward crate with no unsafe code, does what it says on the tin."
[[audits.firefox.audits.ryu]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.10 -> 1.0.11"
[[audits.firefox.audits.serde]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.137 -> 1.0.143"
[[audits.firefox.audits.serde]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.143 -> 1.0.144"
[[audits.firefox.audits.serde_derive]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.137 -> 1.0.143"
[[audits.firefox.audits.serde_derive]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.143 -> 1.0.144"
[[audits.firefox.audits.serde_json]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.81 -> 1.0.83"
[[audits.firefox.audits.serde_json]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.83 -> 1.0.85"
[[audits.firefox.audits.slab]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.4.6 -> 0.4.7"
[[audits.firefox.audits.smallvec]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.8.0 -> 1.9.0"
[[audits.firefox.audits.syn]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.96 -> 1.0.99"
[[audits.firefox.audits.synstructure]]
who = "Nika Layzell <nika@thelayzells.com>"
criteria = "safe-to-deploy"
version = "0.12.6"
notes = """
I am the primary author of the `synstructure` crate, and its current
maintainer. The one use of `unsafe` is unnecessary, but documented and
harmless. It will be removed in the next version.
"""
[[audits.firefox.audits.thiserror]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.31 -> 1.0.32"
[[audits.firefox.audits.thiserror-impl]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.31 -> 1.0.32"
[[audits.firefox.audits.tinystr]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.3.4"
[[audits.firefox.audits.tinystr]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.6.0"
[[audits.firefox.audits.unic-langid]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.9.0"
[[audits.firefox.audits.unic-langid-impl]]
who = "Zibi Braniecki <zibi@unicode.org>"
criteria = "safe-to-deploy"
version = "0.9.0"
[[audits.firefox.audits.unicode-ident]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.0 -> 1.0.1"
[[audits.firefox.audits.unicode-ident]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.0.1 -> 1.0.3"
[audits.zcashd.criteria.crypto-reviewed]
description = "The cryptographic code in this crate has been reviewed for correctness by a member of a designated set of cryptography experts within the project."
[audits.zcashd.criteria.license-reviewed]
description = "The license of this crate has been reviewed for compatibility with its usage in this repository. If the crate is not available under the MIT license, `contrib/debian/copyright` has been updated with a corresponding copyright notice for files under `depends/*/vendored-sources/CRATE_NAME`."
[[audits.zcashd.audits.aead]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.4.3 -> 0.5.1"
notes = "Adds an AeadCore::generate_nonce function to generate random nonces, given a CryptoRng."
[[audits.zcashd.audits.chacha20]]
who = "Jack Grigg <jack@z.cash>"
criteria = ["crypto-reviewed", "safe-to-deploy"]
delta = "0.8.1 -> 0.8.2"
notes = "Unpins zeroize."
[[audits.zcashd.audits.chacha20]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.8.2 -> 0.9.0"
[[audits.zcashd.audits.chacha20poly1305]]
who = "Jack Grigg <jack@z.cash>"
criteria = ["crypto-reviewed", "safe-to-deploy"]
delta = "0.9.0 -> 0.9.1"
notes = "Unpins zeroize."
[[audits.zcashd.audits.chacha20poly1305]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.9.1 -> 0.10.1"
notes = "This mainly adapts to API changes between aead 0.4 and aead 0.5."
[[audits.zcashd.audits.cipher]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.3.0 -> 0.4.3"
notes = "Significant rework of (mainly RustCrypto-internal) APIs."
[[audits.zcashd.audits.cpufeatures]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.2.2 -> 0.2.5"
notes = "Unsafe changes just introduce `#[inline(never)]` wrappers."
[[audits.zcashd.audits.crypto-common]]
who = "Jack Grigg <jack@z.cash>"
criteria = ["crypto-reviewed", "safe-to-deploy"]
delta = "0.1.3 -> 0.1.6"
notes = "New trait and type alias look fine."
[[audits.zcashd.audits.cxx]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.0.68 -> 1.0.72"
[[audits.zcashd.audits.cxx]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.72 -> 1.0.76"
notes = "Impls Unpin for SharedPtr and UniquePtr. The rationale makes sense."
[[audits.zcashd.audits.cxx]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.76 -> 1.0.78"
[[audits.zcashd.audits.cxx]]
who = "Kris Nuttycombe <kris@nutty.land>"
criteria = "safe-to-deploy"
delta = "1.0.78 -> 1.0.79"
notes = """
This release changes the result of the `cxxbridge` `exception` call to return
a struct containing both the pointer to an error message and its length,
instead of just the raw `*const u8`.
"""
[[audits.zcashd.audits.cxxbridge-flags]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.0.68 -> 1.0.72"
[[audits.zcashd.audits.cxxbridge-flags]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.72 -> 1.0.76"
[[audits.zcashd.audits.cxxbridge-flags]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.76 -> 1.0.78"
[[audits.zcashd.audits.cxxbridge-flags]]
who = "Kris Nuttycombe <kris@nutty.land>"
criteria = "safe-to-deploy"
delta = "1.0.78 -> 1.0.79"
notes = "This is exclusively an update to the `cxxbridge` dependency version."
[[audits.zcashd.audits.cxxbridge-macro]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.0.68 -> 1.0.72"
[[audits.zcashd.audits.cxxbridge-macro]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.72 -> 1.0.76"
[[audits.zcashd.audits.cxxbridge-macro]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.76 -> 1.0.78"
[[audits.zcashd.audits.cxxbridge-macro]]
who = "Kris Nuttycombe <kris@nutty.land>"
criteria = "safe-to-deploy"
delta = "1.0.78 -> 1.0.79"
[[audits.zcashd.audits.cxxbridge-macro]]
who = "Kris Nuttycombe <kris@nutty.land>"
criteria = "safe-to-deploy"
delta = "1.0.78 -> 1.0.79"
notes = "This is exclusively an update to the `cxxbridge` dependency version."
[[audits.zcashd.audits.getrandom]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.2.6 -> 0.2.7"
notes = """
Checked that getrandom::wasi::getrandom_inner matches wasi::random_get.
Checked that getrandom::util_libc::Weak lock ordering matches std::sys::unix::weak::DlsymWeak.
"""
[[audits.zcashd.audits.indexmap]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.8.1 -> 1.9.1"
notes = "I'm satisfied that the assertion guarding the new unsafe block is correct."
[[audits.zcashd.audits.inout]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
version = "0.1.3"
notes = "Reviewed in full."
[[audits.zcashd.audits.itoa]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.1 -> 1.0.3"
notes = "Update makes no changes to code."
[[audits.zcashd.audits.libm]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.2.2 -> 0.2.5"
[[audits.zcashd.audits.link-cplusplus]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.6 -> 1.0.7"
[[audits.zcashd.audits.lock_api]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.4.7 -> 0.4.9"
notes = "The unsafe changes fix soundness bugs. The unsafe additions in the new ArcMutexGuard::into_arc method seem fine, but it should probably have used ManuallyDrop instead of mem::forget."
[[audits.zcashd.audits.log]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.4.16 -> 0.4.17"
notes = "I confirmed that the unsafe transmutes are fine; NonZeroU128 and NonZeroI128 are `#[repr(transparent)]` wrappers around u128 and i128 respectively."
[[audits.zcashd.audits.num-integer]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.1.44 -> 0.1.45"
notes = "Fixes some argument-handling panic bugs."
[[audits.zcashd.audits.parking_lot]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.11.2 -> 0.12.1"
notes = "Most `unsafe {}` changes were to reduce the scope of the unsafe blocks. I didn't closely review the migration to the asm! macro but it looks reasonable."
[[audits.zcashd.audits.parking_lot_core]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "0.8.5 -> 0.9.3"
[[audits.zcashd.audits.poly1305]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.7.2 -> 0.8.0"
notes = "Changes to unsafe (avx2) code look reasonable."
[[audits.zcashd.audits.proc-macro2]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.0.37 -> 1.0.41"
[[audits.zcashd.audits.serde]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.136 -> 1.0.143"
notes = "Bumps serde-derive and adds some constructors."
[[audits.zcashd.audits.serde]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.143 -> 1.0.145"
[[audits.zcashd.audits.serde_derive]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.136 -> 1.0.143"
notes = "Bumps syn, inverts some build flags."
[[audits.zcashd.audits.serde_derive]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.143 -> 1.0.145"
[[audits.zcashd.audits.syn]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.0.91 -> 1.0.98"
[[audits.zcashd.audits.thiserror]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.30 -> 1.0.32"
notes = "Bumps thiserror-impl, no code changes."
[[audits.zcashd.audits.thiserror]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.32 -> 1.0.37"
notes = "The new build script invokes rustc to determine whether it supports the Provider API. The only side-effect is it overwrites `$OUT_DIR/probe.rs`, which is fine because it is unique to the thiserror package."
[[audits.zcashd.audits.thiserror-impl]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.30 -> 1.0.32"
notes = "Only change is to refine an error message."
[[audits.zcashd.audits.thiserror-impl]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
delta = "1.0.32 -> 1.0.37"
notes = "Proc macro changes migrating to the Provider API look fine."
[[audits.zcashd.audits.unicode-ident]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
version = "1.0.2"
[[audits.zcashd.audits.universal-hash]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.4.1 -> 0.5.0"
notes = "I checked correctness of to_blocks which uses unsafe code in a safe function."
[[audits.zcashd.audits.windows_aarch64_msvc]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-run"
version = "0.36.1"
notes = """
Adds a binary blob to the library search path, that contains a subset of
the Windows SDK to avoid a direct dependency on the latter. See
https://github.com/microsoft/windows-rs/pull/1217 for context. I did not
audit the binary blob, but the build script looks fine.
"""
[[audits.zcashd.audits.windows_i686_gnu]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-run"
version = "0.36.1"
notes = """
Adds a binary blob to the library search path, that contains a subset of
the Windows SDK to avoid a direct dependency on the latter. See
https://github.com/microsoft/windows-rs/pull/1217 for context. I did not
audit the binary blob, but the build script looks fine.
"""
[[audits.zcashd.audits.windows_i686_msvc]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-run"
version = "0.36.1"
notes = """
Adds a binary blob to the library search path, that contains a subset of
the Windows SDK to avoid a direct dependency on the latter. See
https://github.com/microsoft/windows-rs/pull/1217 for context. I did not
audit the binary blob, but the build script looks fine.
"""
[[audits.zcashd.audits.windows_x86_64_gnu]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-run"
version = "0.36.1"
notes = """
Adds a binary blob to the library search path, that contains a subset of
the Windows SDK to avoid a direct dependency on the latter. See
https://github.com/microsoft/windows-rs/pull/1217 for context. I did not
audit the binary blob, but the build script looks fine.
"""
[[audits.zcashd.audits.windows_x86_64_msvc]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-run"
version = "0.36.1"
notes = """
Adds a binary blob to the library search path, that contains a subset of
the Windows SDK to avoid a direct dependency on the latter. See
https://github.com/microsoft/windows-rs/pull/1217 for context. I did not
audit the binary blob, but the build script looks fine.
"""
[[audits.zcashd.audits.zeroize]]
who = "Daira Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.4.3 -> 1.5.7"
notes = "The zeroize_c_string unit test has UB, but that's very unlikely to cause a problem in practice."