-
Notifications
You must be signed in to change notification settings - Fork 253
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add audits and bump some exemptions.
Signed-off-by: Daira-Emma Hopwood <[email protected]>
- Loading branch information
Showing
3 changed files
with
1,313 additions
and
182 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -7,7 +7,354 @@ description = "The cryptographic code in this crate has been reviewed for correc | |
| [criteria.license-reviewed] | ||
| description = "The license of this crate has been reviewed for compatibility with its usage in this repository." | ||
|
|
||
| [audits] | ||
| [[audits.anyhow]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.0.82 -> 1.0.83" | ||
|
|
||
| [[audits.async-trait]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.1.78 -> 0.1.80" | ||
|
|
||
| [[audits.autocfg]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.2.0 -> 1.3.0" | ||
|
|
||
| [[audits.bytemuck]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "1.15.0 -> 1.16.0" | ||
|
|
||
| [[audits.cc]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.0.94 -> 1.0.97" | ||
|
|
||
| [[audits.ciborium]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "0.2.1 -> 0.2.2" | ||
|
|
||
| [[audits.ciborium-io]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "0.2.1 -> 0.2.2" | ||
|
|
||
| [[audits.ciborium-ll]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "0.2.1 -> 0.2.2" | ||
|
|
||
| [[audits.errno]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.3.8 -> 0.3.9" | ||
|
|
||
| [[audits.fastrand]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "2.0.2 -> 2.1.0" | ||
| notes = """ | ||
| As noted in the changelog, this version produces different output for a given seed. | ||
| The documentation did not mention stability. It is possible that some uses relying on | ||
| determinism across the update would be broken. | ||
| The new constants do appear to match WyRand v4.2 (modulo ordering issues that I have not checked): | ||
| https://github.com/wangyi-fudan/wyhash/blob/408620b6d12b7d667b3dd6ae39b7929a39e8fa05/wyhash.h#L145 | ||
| I have no way to check whether these constants are an improvement or not. | ||
| """ | ||
|
|
||
| [[audits.futures-macro]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.3.29 -> 0.3.30" | ||
|
|
||
| [[audits.futures-sink]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.3.29 -> 0.3.30" | ||
|
|
||
| [[audits.h2]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.3.21 -> 0.3.26" | ||
|
|
||
| [[audits.half]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "1.8.2 -> 2.2.1" | ||
| notes = """ | ||
| All new uses of unsafe are either just accessing bit representations, or plausibly reasonable uses of intrinsics. I have not checked safety | ||
| requirements on the latter. | ||
| """ | ||
|
|
||
| [[audits.hashbrown]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.14.2 -> 0.14.5" | ||
| notes = "I did not thoroughly check the safety argument for fold_impl, but it at least seems to be well documented." | ||
|
|
||
| [[audits.inferno]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "0.11.17 -> 0.11.19" | ||
|
|
||
| [[audits.is-terminal]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "0.4.9 -> 0.4.12" | ||
|
|
||
| [[audits.js-sys]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.3.65 -> 0.3.66" | ||
|
|
||
| [[audits.lock_api]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "0.4.11 -> 0.4.12" | ||
|
|
||
| [[audits.minreq]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "2.11.0 -> 2.11.2" | ||
|
|
||
| [[audits.num-bigint]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.4.4 -> 0.4.5" | ||
| notes = "New uses of unsafe look reasonable." | ||
|
|
||
| [[audits.parking_lot]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "0.12.1 -> 0.12.2" | ||
|
|
||
| [[audits.parking_lot_core]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "0.9.9 -> 0.9.10" | ||
|
|
||
| [[audits.pin-project-internal]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.1.3 -> 1.1.5" | ||
|
|
||
| [[audits.pkg-config]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.3.29 -> 0.3.30" | ||
|
|
||
| [[audits.prettyplease]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.2.15 -> 0.2.20" | ||
|
|
||
| [[audits.proc-macro2]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.0.81 -> 1.0.82" | ||
|
|
||
| [[audits.proptest]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.3.1 -> 1.4.0" | ||
|
|
||
| [[audits.prost]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.12.1 -> 0.12.3" | ||
|
|
||
| [[audits.prost-build]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.12.1 -> 0.12.3" | ||
|
|
||
| [[audits.prost-derive]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.12.1 -> 0.12.3" | ||
|
|
||
| [[audits.prost-types]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.12.1 -> 0.12.3" | ||
|
|
||
| [[audits.redox_syscall]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "0.4.1 -> 0.5.1" | ||
| notes = "Uses of unsafe look plausible." | ||
|
|
||
| [[audits.rustc-demangle]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.1.23 -> 0.1.24" | ||
|
|
||
| [[audits.rustls]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.21.8 -> 0.21.12" | ||
| notes = """ | ||
| A comment in get_sni_extension asks whether the behaviour of parsing an IPv4 or IPv6 address | ||
| in a host_name field of a server_name extension, but then ignoring the extension (because | ||
| 'Literal IPv4 and IPv6 addresses are not permitted in \"HostName\"'), as the server, is | ||
| compliant with RFC 6066. As an original author of RFC 3546 which has very similar wording, | ||
| I can speak to the intent: yes this is fine. The client is clearly nonconformant in this | ||
| case, but the server isn't. | ||
| RFC 3546 said \"If the server understood the client hello extension but does not recognize | ||
| the server name, it SHOULD send an \"unrecognized_name\" alert (which MAY be fatal).\" | ||
| This wording was preserved in RFC 5746, and then updated in RFC 6066 to: | ||
| If the server understood the ClientHello extension but | ||
| does not recognize the server name, the server SHOULD take one of two | ||
| actions: either abort the handshake by sending a fatal-level | ||
| unrecognized_name(112) alert or continue the handshake. It is NOT | ||
| RECOMMENDED to send a warning-level unrecognized_name(112) alert, | ||
| because the client's behavior in response to warning-level alerts is | ||
| unpredictable. If there is a mismatch between the server name used | ||
| by the client application and the server name of the credential | ||
| chosen by the server, this mismatch will become apparent when the | ||
| client application performs the server endpoint identification, at | ||
| which point the client application will have to decide whether to | ||
| proceed with the communication. | ||
| To me it's clear that it is reasonable to consider an IP address as a name that the | ||
| server does not recognize. And so the server SHOULD *either* send a fatal unrecognized_name | ||
| alert, *or* continue the handshake and let the client application decide when it \"performs | ||
| the server endpoint identification\". There's no conformance requirement for the server to | ||
| take any notice of a host_name that is \"not permitted\". (It would have been clearer to | ||
| express this by specifying the allowed client and server behaviour separately, i.e. saying | ||
| that the client MUST NOT send an IP address in host_name, and then explicitly specifying | ||
| the server behaviour if it does so anyway. That's how I would write it now. But honestly | ||
| this extension was one of the most bikeshedded parts of RFC 3546, to a much greater extent | ||
| than I'd anticipated, and I was tired.) | ||
| """ | ||
|
|
||
| [[audits.rustversion]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.0.15 -> 1.0.16" | ||
|
|
||
| [[audits.rustversion]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.0.16 -> 1.0.17" | ||
|
|
||
| [[audits.ryu]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "1.0.17 -> 1.0.18" | ||
|
|
||
| [[audits.serde]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.0.201 -> 1.0.202" | ||
|
|
||
| [[audits.serde_derive]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.0.201 -> 1.0.202" | ||
|
|
||
| [[audits.serde_json]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "1.0.116 -> 1.0.117" | ||
|
|
||
| [[audits.smallvec]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.11.1 -> 1.13.2" | ||
|
|
||
| [[audits.socket2]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.5.6 -> 0.5.7" | ||
| notes = "The new uses of unsafe to access getsockopt/setsockopt look reasonable." | ||
|
|
||
| [[audits.syn]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "2.0.60 -> 2.0.63" | ||
|
|
||
| [[audits.thiserror]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.0.58 -> 1.0.60" | ||
|
|
||
| [[audits.thiserror-impl]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.0.58 -> 1.0.60" | ||
|
|
||
| [[audits.tokio-stream]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.1.14 -> 0.1.15" | ||
|
|
||
| [[audits.tokio-util]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.7.10 -> 0.7.11" | ||
|
|
||
| [[audits.tonic]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.10.2 -> 0.11.0" | ||
|
|
||
| [[audits.tonic-build]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.10.2 -> 0.11.0" | ||
|
|
||
| [[audits.walkdir]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "2.4.0 -> 2.5.0" | ||
|
|
||
| [[audits.wasm-bindgen-backend]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.2.88 -> 0.2.89" | ||
|
|
||
| [[audits.wasm-bindgen-macro]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.2.88 -> 0.2.89" | ||
|
|
||
| [[audits.web-sys]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.3.65 -> 0.3.66" | ||
|
|
||
| [[audits.webpki-roots]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.25.2 -> 0.25.4" | ||
| notes = "I have not checked consistency with the Mozilla IncludedCACertificateReportPEMCSV report." | ||
|
|
||
| [[audits.winapi-util]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-run" | ||
| delta = "0.1.6 -> 0.1.8" | ||
|
|
||
| [[audits.zerocopy]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.7.32 -> 0.7.34" | ||
|
|
||
| [[audits.zerocopy-derive]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.7.32 -> 0.7.34" | ||
|
|
||
| [[audits.zeroize]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "1.6.0 -> 1.7.0" | ||
|
|
||
| [[trusted.equihash]] | ||
| criteria = "safe-to-deploy" | ||
|
|
@@ -111,6 +458,12 @@ user-id = 64539 # Kenny Kerr (kennykerr) | |
| start = "2021-10-28" | ||
| end = "2025-04-22" | ||
|
|
||
| [[trusted.windows_i686_gnullvm]] | ||
| criteria = "safe-to-deploy" | ||
| user-id = 64539 # Kenny Kerr (kennykerr) | ||
| start = "2024-04-02" | ||
| end = "2025-05-15" | ||
|
|
||
| [[trusted.windows_i686_msvc]] | ||
| criteria = "safe-to-deploy" | ||
| user-id = 64539 # Kenny Kerr (kennykerr) | ||
|
|
||
Oops, something went wrong.