# cargo-vet audits file [[audits.async-compression]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" version = "0.4.6" notes = "only usage of unsafe is in zstd support, via Unshared, which we're not enabling" [[audits.atomic-waker]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "1.1.0 -> 1.1.2" [[audits.clang-sys]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "1.6.1 -> 1.7.0" notes = "just adding new types for a new clang version" [[audits.crc32fast]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "1.3.2 -> 1.4.0" [[audits.gimli]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "0.28.0 -> 0.28.1" [[audits.ipnet]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" version = "2.5.0" [[audits.mime]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "0.3.16 -> 0.3.17" [[audits.minimal-lexical]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" version = "0.2.1" notes = "Didn't review stackvec.rs, which is only used in non-alloc/std contexts" [[audits.miniz_oxide]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "0.7.1 -> 0.7.2" [[audits.mio]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "0.8.8 -> 0.8.10" notes = "mostly adding more platform support, the added unsafe code was pre-existing and just relocated" [[audits.object]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "0.32.1 -> 0.32.2" [[audits.rustls-pemfile]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" version = "1.0.4" notes = "code is fine, cannot vouch for correctness though" [[audits.rustls-pemfile]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "1.0.4 -> 2.1.2" [[audits.rustls-pki-types]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" version = "1.7.0" notes = "Code is reasonable, none of the business logic related to PKI/TLS was verified" [[audits.slab]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "0.4.8 -> 0.4.9" [[audits.smallvec]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "1.11.1 -> 1.13.2" [[audits.socket2]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "0.4.9 -> 0.4.4" [[audits.sync_wrapper]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "0.1.1 -> 0.1.2" [[audits.tempfile]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "3.9.0 -> 3.10.0" [[audits.tower-layer]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "0.3.1 -> 0.3.2" [[audits.tracing]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "0.1.37 -> 0.1.40" notes = "new unsafe usages are all documented" [[audits.which]] who = "Kunal Mehta <legoktm@debian.org>" criteria = "safe-to-run" delta = "4.0.2 -> 4.3.0" notes = "Windows-specific code was not reviewed." [[trusted.atomic-waker]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2023-01-15" end = "2024-11-17" notes = "Rust Project member" [[trusted.flate2]] criteria = "safe-to-deploy" user-id = 4333 start = "2020-09-30" end = "2024-08-12" notes = "Rust Project member" [[trusted.flate2]] criteria = "safe-to-deploy" user-id = 980 # Sebastian Thiel (Byron) start = "2023-08-15" end = "2024-08-29" notes = "Rust Project member" [[trusted.futures-channel]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2020-10-05" end = "2025-04-07" notes = "Rust Project member" [[trusted.futures-core]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2020-10-05" end = "2025-04-07" notes = "Rust Project member" [[trusted.futures-io]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2020-10-05" end = "2024-08-29" notes = "Rust Project member" [[trusted.futures-io]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2020-10-05" end = "2025-04-07" notes = "Rust Project member" [[trusted.futures-macro]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2020-10-05" end = "2024-08-29" notes = "Rust Project member" [[trusted.futures-macro]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2020-10-05" end = "2025-04-07" notes = "Rust Project member" [[trusted.futures-sink]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2020-10-05" end = "2024-08-29" notes = "Rust Project member" [[trusted.futures-sink]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2020-10-05" end = "2025-04-07" notes = "Rust Project member" [[trusted.futures-task]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2019-07-29" end = "2025-04-07" notes = "Rust Project member" [[trusted.futures-util]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2020-10-05" end = "2025-04-07" notes = "Rust Project member" [[trusted.h2]] criteria = "safe-to-deploy" user-id = 359 # Sean McArthur (seanmonstar) start = "2019-03-13" end = "2024-11-17" notes = "see https://github.com/freedomofpress/securedrop-engineering/pull/87" [[trusted.home]] criteria = "safe-to-deploy" user-id = 6202 # Eric Huss (ehuss) start = "2023-04-25" end = "2024-09-12" notes = "Rust Project member" [[trusted.http]] criteria = "safe-to-deploy" user-id = 359 # Sean McArthur (seanmonstar) start = "2019-04-05" end = "2024-11-17" notes = "see https://github.com/freedomofpress/securedrop-engineering/pull/87" [[trusted.http-body-util]] criteria = "safe-to-deploy" user-id = 359 # Sean McArthur (seanmonstar) start = "2022-10-25" end = "2024-11-17" notes = "see https://github.com/freedomofpress/securedrop-engineering/pull/87" [[trusted.hyper]] criteria = "safe-to-deploy" user-id = 359 # Sean McArthur (seanmonstar) start = "2019-03-01" end = "2024-11-17" notes = "see https://github.com/freedomofpress/securedrop-engineering/pull/87" [[trusted.hyper-tls]] criteria = "safe-to-deploy" user-id = 359 # Sean McArthur (seanmonstar) start = "2019-03-19" end = "2024-09-12" notes = "per https://github.com/freedomofpress/securedrop-engineering/pull/87" [[trusted.hyper-util]] criteria = "safe-to-deploy" user-id = 359 # Sean McArthur (seanmonstar) start = "2022-01-15" end = "2024-11-17" notes = "see https://github.com/freedomofpress/securedrop-engineering/pull/87" [[trusted.indexmap]] criteria = "safe-to-deploy" user-id = 539 # Josh Stone (cuviper) start = "2020-01-15" end = "2024-08-12" notes = "Rust Project member" [[trusted.libc]] criteria = "safe-to-deploy" user-id = 51017 # Yuki Okushi (JohnTitor) start = "2020-03-17" end = "2024-08-12" notes = "Rust Project member" [[trusted.libloading]] criteria = "safe-to-deploy" user-id = 726 # Simonas Kazlauskas (nagisa) start = "2019-06-01" end = "2024-09-12" notes = "Rust Project member" [[trusted.linux-raw-sys]] criteria = "safe-to-deploy" user-id = 6825 # Dan Gohman (sunfishcode) start = "2021-06-12" end = "2024-08-12" notes = "Rust Project member" [[trusted.mio]] criteria = "safe-to-deploy" user-id = 10 # Carl Lerche (carllerche) start = "2019-05-15" end = "2024-08-12" notes = "Rust Project member" [[trusted.openssl]] criteria = "safe-to-deploy" user-id = 163 # Alex Gaynor (alex) start = "2023-03-24" end = "2024-08-12" notes = "Rust Project member" [[trusted.openssl-sys]] criteria = "safe-to-deploy" user-id = 163 # Alex Gaynor (alex) start = "2023-03-24" end = "2024-08-12" notes = "Rust Project member" [[trusted.pin-project]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2019-03-02" end = "2024-11-17" notes = "Rust Project member" [[trusted.pin-project-internal]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2019-08-11" end = "2024-11-17" notes = "Rust Project member" [[trusted.prettyplease]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) start = "2022-01-04" end = "2024-09-12" notes = "Rust Project member" [[trusted.proc-macro2]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) start = "2019-04-23" end = "2024-08-12" notes = "Rust Project member" [[trusted.reqwest]] criteria = "safe-to-deploy" user-id = 359 # Sean McArthur (seanmonstar) start = "2019-03-04" end = "2024-09-12" notes = "per https://github.com/freedomofpress/securedrop-engineering/pull/87" [[trusted.rustix]] criteria = "safe-to-deploy" user-id = 6825 # Dan Gohman (sunfishcode) start = "2021-10-29" end = "2024-08-12" notes = "Rust Project member" [[trusted.ryu]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) start = "2019-05-02" end = "2024-08-12" notes = "Rust Project member" [[trusted.serde]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) start = "2019-03-01" end = "2024-08-12" notes = "Rust Project member" [[trusted.serde_derive]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) start = "2019-03-01" end = "2024-08-12" notes = "Rust Project member" [[trusted.serde_json]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) start = "2019-02-28" end = "2024-08-12" notes = "Rust Project member" [[trusted.slab]] criteria = "safe-to-deploy" user-id = 33035 # Taiki Endo (taiki-e) start = "2021-04-20" end = "2024-08-29" notes = "Rust Project member" [[trusted.socket2]] criteria = "safe-to-deploy" user-id = 1 # Alex Crichton (alexcrichton) start = "2019-05-06" end = "2024-08-12" notes = "Rust Project member" [[trusted.syn]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) start = "2019-03-01" end = "2024-08-12" notes = "Rust Project member" [[trusted.tokio]] criteria = "safe-to-deploy" user-id = 6741 # Alice Ryhl (Darksonn) start = "2020-12-25" end = "2024-09-12" notes = "per https://github.com/freedomofpress/securedrop-engineering/pull/87" [[trusted.tokio-macros]] criteria = "safe-to-deploy" user-id = 10 # Carl Lerche (carllerche) start = "2019-04-24" end = "2024-08-12" notes = "Rust Project member" [[trusted.tokio-util]] criteria = "safe-to-deploy" user-id = 6741 # Alice Ryhl (Darksonn) start = "2021-01-12" end = "2024-09-12" notes = "per https://github.com/freedomofpress/securedrop-engineering/pull/87" [[trusted.tower-layer]] criteria = "safe-to-deploy" user-id = 10 # Carl Lerche (carllerche) start = "2019-04-27" end = "2024-11-17" notes = "Rust Project member" [[trusted.wasm-bindgen-futures]] criteria = "safe-to-deploy" user-id = 1 # Alex Crichton (alexcrichton) start = "2019-03-04" end = "2024-08-12" notes = "Rust Project member"