Add html functions (#4155)
Co-authored-by: Gerard Guillemas Martos <gguillemas@users.noreply.github.com> Co-authored-by: Gerard Guillemas Martos <gerard.guillemas@surrealdb.com>
This commit is contained in:
parent
112df064fd
commit
9ffe94a02f
13 changed files with 417 additions and 55 deletions
110
Cargo.lock
generated
110
Cargo.lock
generated
|
@ -270,6 +270,19 @@ version = "0.2.16"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "0942ffc6dcaadf03badf6e6a2d0228460359d5e34b57ccdc720b7382dfbd5ec5"
|
||||
|
||||
[[package]]
|
||||
name = "ammonia"
|
||||
version = "4.0.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "1ab99eae5ee58501ab236beb6f20f6ca39be615267b014899c89b2f0bc18a459"
|
||||
dependencies = [
|
||||
"html5ever",
|
||||
"maplit",
|
||||
"once_cell",
|
||||
"tendril",
|
||||
"url",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "android-tzdata"
|
||||
version = "0.1.1"
|
||||
|
@ -2129,6 +2142,16 @@ version = "2.0.0"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c"
|
||||
|
||||
[[package]]
|
||||
name = "futf"
|
||||
version = "0.1.5"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "df420e2e84819663797d1ec6544b13c5be84629e7bb00dc960d6917db2987843"
|
||||
dependencies = [
|
||||
"mac",
|
||||
"new_debug_unreachable",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "futures"
|
||||
version = "0.3.30"
|
||||
|
@ -2588,6 +2611,20 @@ dependencies = [
|
|||
"windows-sys 0.52.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "html5ever"
|
||||
version = "0.27.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "c13771afe0e6e846f1e67d038d4cb29998a6779f93c809212e4e9c32efd244d4"
|
||||
dependencies = [
|
||||
"log",
|
||||
"mac",
|
||||
"markup5ever",
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
"syn 2.0.58",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "http"
|
||||
version = "0.2.12"
|
||||
|
@ -3267,6 +3304,32 @@ dependencies = [
|
|||
"libc",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "mac"
|
||||
version = "0.1.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "c41e0c4fef86961ac6d6f8a82609f55f31b05e4fce149ac5710e439df7619ba4"
|
||||
|
||||
[[package]]
|
||||
name = "maplit"
|
||||
version = "1.0.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3e2e65a1a2e43cfcb47a895c4c8b10d1f4a61097f9f254f183aee60cad9c651d"
|
||||
|
||||
[[package]]
|
||||
name = "markup5ever"
|
||||
version = "0.12.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "16ce3abbeba692c8b8441d036ef91aea6df8da2c6b6e21c7e14d3c18e526be45"
|
||||
dependencies = [
|
||||
"log",
|
||||
"phf",
|
||||
"phf_codegen",
|
||||
"string_cache",
|
||||
"string_cache_codegen",
|
||||
"tendril",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "matchers"
|
||||
version = "0.1.0"
|
||||
|
@ -3992,6 +4055,26 @@ dependencies = [
|
|||
"phf_shared 0.11.2",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "phf_codegen"
|
||||
version = "0.11.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e8d39688d359e6b34654d328e262234662d16cc0f60ec8dcbe5e718709342a5a"
|
||||
dependencies = [
|
||||
"phf_generator 0.11.2",
|
||||
"phf_shared 0.11.2",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "phf_generator"
|
||||
version = "0.10.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "5d5285893bb5eb82e6aaf5d59ee909a06a16737a8970984dd7746ba9283498d6"
|
||||
dependencies = [
|
||||
"phf_shared 0.10.0",
|
||||
"rand 0.8.5",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "phf_generator"
|
||||
version = "0.11.2"
|
||||
|
@ -4008,7 +4091,7 @@ version = "0.11.2"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3444646e286606587e49f3bcf1679b8cef1dc2c5ecc29ddacaffc305180d464b"
|
||||
dependencies = [
|
||||
"phf_generator",
|
||||
"phf_generator 0.11.2",
|
||||
"phf_shared 0.11.2",
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
|
@ -5797,6 +5880,19 @@ dependencies = [
|
|||
"parking_lot",
|
||||
"phf_shared 0.10.0",
|
||||
"precomputed-hash",
|
||||
"serde",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "string_cache_codegen"
|
||||
version = "0.5.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "6bb30289b722be4ff74a408c3cc27edeaad656e06cb1fe8fa9231fa59c728988"
|
||||
dependencies = [
|
||||
"phf_generator 0.10.0",
|
||||
"phf_shared 0.10.0",
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -5942,6 +6038,7 @@ version = "2.0.0"
|
|||
dependencies = [
|
||||
"addr",
|
||||
"ahash 0.8.11",
|
||||
"ammonia",
|
||||
"any_ascii",
|
||||
"arbitrary",
|
||||
"argon2",
|
||||
|
@ -6269,6 +6366,17 @@ dependencies = [
|
|||
"windows-sys 0.52.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "tendril"
|
||||
version = "0.4.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d24a120c5fc464a3458240ee02c299ebcb9d67b5249c8848b09d639dca8d7bb0"
|
||||
dependencies = [
|
||||
"futf",
|
||||
"mac",
|
||||
"utf-8",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "term"
|
||||
version = "0.7.0"
|
||||
|
|
22
cackle.toml
22
cackle.toml
|
@ -1332,4 +1332,24 @@ allow_unsafe = true
|
|||
allow_unsafe = true
|
||||
|
||||
[pkg.linfa-linalg]
|
||||
allow_unsafe = true
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.mac]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.html5ever]
|
||||
build.allow_apis = [
|
||||
"fs",
|
||||
]
|
||||
|
||||
[pkg.futf]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.markup5ever]
|
||||
build.allow_apis = [
|
||||
"fs",
|
||||
]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.tendril]
|
||||
allow_unsafe = true
|
||||
|
|
|
@ -60,6 +60,7 @@ targets = []
|
|||
[dependencies]
|
||||
addr = { version = "0.15.6", default-features = false, features = ["std"] }
|
||||
ahash = "0.8.11"
|
||||
ammonia = "4.0.0"
|
||||
arbitrary = { version = "1.3.2", features = ["derive"], optional = true }
|
||||
argon2 = "0.5.2"
|
||||
ascii = { version = "0.3.2", package = "any_ascii" }
|
||||
|
|
|
@ -281,6 +281,8 @@ pub fn synchronous(
|
|||
"string::words" => string::words,
|
||||
"string::distance::hamming" => string::distance::hamming,
|
||||
"string::distance::levenshtein" => string::distance::levenshtein,
|
||||
"string::html::encode" => string::html::encode,
|
||||
"string::html::sanitize" => string::html::sanitize,
|
||||
"string::is::alphanum" => string::is::alphanum,
|
||||
"string::is::alpha" => string::is::alpha,
|
||||
"string::is::ascii" => string::is::ascii,
|
||||
|
|
|
@ -2,6 +2,7 @@ use super::run;
|
|||
use crate::fnc::script::modules::impl_module_def;
|
||||
|
||||
mod distance;
|
||||
mod html;
|
||||
mod is;
|
||||
mod semver;
|
||||
mod similarity;
|
||||
|
@ -16,6 +17,7 @@ impl_module_def!(
|
|||
"contains" => run,
|
||||
"distance" => (distance::Package),
|
||||
"endsWith" => run,
|
||||
"html" => (html::Package),
|
||||
"is" => (is::Package),
|
||||
"join" => run,
|
||||
"len" => run,
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
use super::run;
|
||||
use crate::fnc::script::modules::impl_module_def;
|
||||
|
||||
#[non_exhaustive]
|
||||
pub struct Package;
|
||||
|
||||
impl_module_def!(
|
||||
Package,
|
||||
"string::html",
|
||||
"encode" => run,
|
||||
"sanitize" => run
|
||||
);
|
|
@ -167,6 +167,19 @@ pub mod distance {
|
|||
}
|
||||
}
|
||||
|
||||
pub mod html {
|
||||
use crate::err::Error;
|
||||
use crate::sql::value::Value;
|
||||
|
||||
pub fn encode((arg,): (String,)) -> Result<Value, Error> {
|
||||
Ok(ammonia::clean_text(&arg).into())
|
||||
}
|
||||
|
||||
pub fn sanitize((arg,): (String,)) -> Result<Value, Error> {
|
||||
Ok(ammonia::clean(&arg).into())
|
||||
}
|
||||
}
|
||||
|
||||
pub mod is {
|
||||
use crate::err::Error;
|
||||
use crate::sql::value::Value;
|
||||
|
@ -611,6 +624,24 @@ mod tests {
|
|||
assert_eq!(value, Value::Bool(false));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn html_encode() {
|
||||
let value = super::html::encode((String::from("<div>Hello world!</div>"),)).unwrap();
|
||||
assert_eq!(value, Value::Strand("<div>Hello world!</div>".into()));
|
||||
|
||||
let value = super::html::encode((String::from("SurrealDB"),)).unwrap();
|
||||
assert_eq!(value, Value::Strand("SurrealDB".into()));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn html_sanitize() {
|
||||
let value = super::html::sanitize((String::from("<div>Hello world!</div>"),)).unwrap();
|
||||
assert_eq!(value, Value::Strand("<div>Hello world!</div>".into()));
|
||||
|
||||
let value = super::html::sanitize((String::from("XSS<script>attack</script>"),)).unwrap();
|
||||
assert_eq!(value, Value::Strand("XSS".into()));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn semver_compare() {
|
||||
let value = super::semver::compare((String::from("1.2.3"), String::from("1.0.0"))).unwrap();
|
||||
|
|
|
@ -266,6 +266,8 @@ pub(crate) static PATHS: phf::Map<UniCase<&'static str>, PathKind> = phf_map! {
|
|||
UniCase::ascii("string::words") => PathKind::Function,
|
||||
UniCase::ascii("string::distance::hamming") => PathKind::Function,
|
||||
UniCase::ascii("string::distance::levenshtein") => PathKind::Function,
|
||||
UniCase::ascii("string::html::encode") => PathKind::Function,
|
||||
UniCase::ascii("string::html::sanitize") => PathKind::Function,
|
||||
UniCase::ascii("string::is::alphanum") => PathKind::Function,
|
||||
UniCase::ascii("string::is::alpha") => PathKind::Function,
|
||||
UniCase::ascii("string::is::ascii") => PathKind::Function,
|
||||
|
|
|
@ -294,6 +294,8 @@
|
|||
"string::distance::hamming("
|
||||
"string::distance::levenshtein("
|
||||
"string::endsWith("
|
||||
"string::html::encode("
|
||||
"string::html::sanitize("
|
||||
"string::is::alphanum("
|
||||
"string::is::alpha("
|
||||
"string::is::ascii("
|
||||
|
|
|
@ -292,6 +292,8 @@
|
|||
"string::distance::hamming("
|
||||
"string::distance::levenshtein("
|
||||
"string::endsWith("
|
||||
"string::html::encode("
|
||||
"string::html::sanitize("
|
||||
"string::is::alphanum("
|
||||
"string::is::alpha("
|
||||
"string::is::ascii("
|
||||
|
|
|
@ -3192,6 +3192,34 @@ async fn function_search_analyzer_invalid_function_name() -> Result<(), Error> {
|
|||
Ok(())
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn function_encode_html() -> Result<(), Error> {
|
||||
let sql = r#"
|
||||
RETURN string::html::encode("<div>Hello world!</div>");
|
||||
"#;
|
||||
let mut test = Test::new(sql).await?;
|
||||
//
|
||||
let tmp = test.next()?.result?;
|
||||
let val = Value::from("<div>Hello world!</div>");
|
||||
assert_eq!(tmp, val);
|
||||
//
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn function_sanitize_html() -> Result<(), Error> {
|
||||
let sql = r#"
|
||||
RETURN string::html::sanitize("XSS<script>attack</script>");
|
||||
"#;
|
||||
let mut test = Test::new(sql).await?;
|
||||
//
|
||||
let tmp = test.next()?.result?;
|
||||
let val = Value::from("XSS");
|
||||
assert_eq!(tmp, val);
|
||||
//
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn function_parse_is_alphanum() -> Result<(), Error> {
|
||||
let sql = r#"
|
||||
|
|
|
@ -99,6 +99,10 @@ criteria = "safe-to-deploy"
|
|||
version = "0.2.16"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.ammonia]]
|
||||
version = "4.0.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.android-tzdata]]
|
||||
version = "0.1.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -175,10 +179,6 @@ criteria = "safe-to-deploy"
|
|||
version = "1.9.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.async-lock]]
|
||||
version = "2.8.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.async-lock]]
|
||||
version = "3.3.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -503,10 +503,6 @@ criteria = "safe-to-run"
|
|||
version = "0.7.9"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.deranged]]
|
||||
version = "0.3.11"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.deunicode]]
|
||||
version = "1.4.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -643,6 +639,10 @@ criteria = "safe-to-deploy"
|
|||
version = "2.0.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.futf]]
|
||||
version = "0.1.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.futures]]
|
||||
version = "0.3.30"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -767,10 +767,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.8.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.heck]]
|
||||
version = "0.5.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.hermit-abi]]
|
||||
version = "0.3.9"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -779,6 +775,10 @@ criteria = "safe-to-deploy"
|
|||
version = "0.5.9"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.html5ever]]
|
||||
version = "0.27.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.http]]
|
||||
version = "0.2.12"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -979,6 +979,18 @@ criteria = "safe-to-deploy"
|
|||
version = "1.9.4"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.mac]]
|
||||
version = "0.1.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.maplit]]
|
||||
version = "1.0.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.markup5ever]]
|
||||
version = "0.12.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.matchit]]
|
||||
version = "0.7.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1195,10 +1207,14 @@ criteria = "safe-to-deploy"
|
|||
version = "0.11.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.phf_generator]]
|
||||
[[exemptions.phf_codegen]]
|
||||
version = "0.11.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.phf_generator]]
|
||||
version = "0.10.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.phf_macros]]
|
||||
version = "0.11.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1227,10 +1243,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.10.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.pkg-config]]
|
||||
version = "0.3.30"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.plotters]]
|
||||
version = "0.3.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1243,10 +1255,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.3.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.powerfmt]]
|
||||
version = "0.2.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.pprof]]
|
||||
version = "0.13.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1287,10 +1295,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.11.9"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.prost]]
|
||||
version = "0.12.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.prost-build]]
|
||||
version = "0.12.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1299,10 +1303,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.11.9"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.prost-derive]]
|
||||
version = "0.12.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.prost-types]]
|
||||
version = "0.12.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1743,6 +1743,10 @@ criteria = "safe-to-deploy"
|
|||
version = "0.8.7"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.string_cache_codegen]]
|
||||
version = "0.5.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.strsim]]
|
||||
version = "0.11.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1803,6 +1807,10 @@ criteria = "safe-to-run"
|
|||
version = "3.10.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.tendril]]
|
||||
version = "0.4.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.term]]
|
||||
version = "0.7.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1851,10 +1859,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.24.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.tokio-stream]]
|
||||
version = "0.1.15"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.tokio-tungstenite]]
|
||||
version = "0.20.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2047,10 +2051,6 @@ criteria = "safe-to-deploy"
|
|||
version = "1.1.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.webpki-roots]]
|
||||
version = "0.25.4"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.webpki-roots]]
|
||||
version = "0.26.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
|
@ -2,12 +2,12 @@
|
|||
# cargo-vet imports lock
|
||||
|
||||
[[unpublished.surrealdb]]
|
||||
version = "1.5.0"
|
||||
audited_as = "1.4.2"
|
||||
version = "2.0.0"
|
||||
audited_as = "1.5.2"
|
||||
|
||||
[[unpublished.surrealdb-core]]
|
||||
version = "2.0.0-1.5.0"
|
||||
audited_as = "2.0.0-1.4.2"
|
||||
version = "2.0.0"
|
||||
audited_as = "2.0.0-alpha.2"
|
||||
|
||||
[[publisher.addr]]
|
||||
version = "0.15.6"
|
||||
|
@ -129,15 +129,15 @@ user-login = "tobiemh"
|
|||
user-name = "Tobie Morgan Hitchcock"
|
||||
|
||||
[[publisher.surrealdb]]
|
||||
version = "1.4.2"
|
||||
when = "2024-04-19"
|
||||
version = "1.5.2"
|
||||
when = "2024-06-06"
|
||||
user-id = 145457
|
||||
user-login = "tobiemh"
|
||||
user-name = "Tobie Morgan Hitchcock"
|
||||
|
||||
[[publisher.surrealdb-core]]
|
||||
version = "2.0.0-1.4.2"
|
||||
when = "2024-04-19"
|
||||
version = "2.0.0-alpha.2"
|
||||
when = "2024-01-31"
|
||||
user-id = 145457
|
||||
user-login = "tobiemh"
|
||||
user-name = "Tobie Morgan Hitchcock"
|
||||
|
@ -336,8 +336,8 @@ notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-comm
|
|||
[[audits.bytecode-alliance.audits.heck]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.4.0"
|
||||
notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation."
|
||||
delta = "0.4.1 -> 0.5.0"
|
||||
notes = "Minor changes for a `no_std` upgrade but otherwise everything looks as expected."
|
||||
|
||||
[[audits.bytecode-alliance.audits.http-body]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
|
@ -435,6 +435,21 @@ who = "Pat Hickey <phickey@fastly.com>"
|
|||
criteria = "safe-to-deploy"
|
||||
version = "0.1.0"
|
||||
|
||||
[[audits.bytecode-alliance.audits.pkg-config]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.3.25"
|
||||
notes = "This crate shells out to the pkg-config executable, but it appears to sanitize inputs reasonably."
|
||||
|
||||
[[audits.bytecode-alliance.audits.pkg-config]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.26 -> 0.3.29"
|
||||
notes = """
|
||||
No `unsafe` additions or anything outside of the purview of the crate in this
|
||||
change.
|
||||
"""
|
||||
|
||||
[[audits.bytecode-alliance.audits.quote]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -531,6 +546,16 @@ who = "Pat Hickey <phickey@fastly.com>"
|
|||
criteria = "safe-to-deploy"
|
||||
version = "0.3.0"
|
||||
|
||||
[[audits.bytecode-alliance.audits.webpki-roots]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.22.4 -> 0.23.0"
|
||||
|
||||
[[audits.bytecode-alliance.audits.webpki-roots]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.23.0 -> 0.25.2"
|
||||
|
||||
[[audits.embark-studios.audits.assert-json-diff]]
|
||||
who = "Johan Andersson <opensource@embark-studios.com>"
|
||||
criteria = "safe-to-run"
|
||||
|
@ -609,6 +634,12 @@ criteria = "safe-to-deploy"
|
|||
version = "0.1.0"
|
||||
notes = "No unsafe usage or ambient capabilities, sane build script"
|
||||
|
||||
[[audits.embark-studios.audits.webpki-roots]]
|
||||
who = "Johan Andersson <opensource@embark-studios.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.22.4"
|
||||
notes = "Inspected it to confirm that it only contains data definitions and no runtime code"
|
||||
|
||||
[audits.fermyon.audits]
|
||||
|
||||
[[audits.google.audits.async-stream]]
|
||||
|
@ -742,6 +773,19 @@ criteria = "safe-to-deploy"
|
|||
version = "0.3.1"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.heck]]
|
||||
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.4.1"
|
||||
notes = """
|
||||
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'``
|
||||
and there were no hits.
|
||||
|
||||
`heck` (version `0.3.3`) has been added to Chromium in
|
||||
https://source.chromium.org/chromium/chromium/src/+/28841c33c77833cc30b286f9ae24c97e7a8f4057
|
||||
"""
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.http-range-header]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -947,6 +991,20 @@ criteria = "safe-to-run"
|
|||
version = "0.4.1"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.tokio-stream]]
|
||||
who = "David Koloski <dkoloski@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.1.11"
|
||||
notes = "Reviewed on https://fxrev.dev/804724"
|
||||
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.tokio-stream]]
|
||||
who = "David Koloski <dkoloski@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.1.11 -> 0.1.14"
|
||||
notes = "Reviewed on https://fxrev.dev/907732."
|
||||
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.unicode-xid]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1188,6 +1246,30 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.64.0 -> 0.66.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.bindgen]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.66.1 -> 0.68.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.bindgen]]
|
||||
who = "Andreas Pehrson <apehrson@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.68.1 -> 0.69.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.bindgen]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.69.1 -> 0.69.2"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.bindgen]]
|
||||
who = "Emilio Cobos Álvarez <emilio@crisal.io>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.69.2 -> 0.69.4"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.bit-set]]
|
||||
who = "Aria Beingessner <a.beingessner@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1241,6 +1323,17 @@ version = "0.8.0"
|
|||
notes = "This crates was written by Sentry and I've fully audited it as Firefox crash reporting machinery relies on it."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.deranged]]
|
||||
who = "Alex Franchuk <afranchuk@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.3.11"
|
||||
notes = """
|
||||
This crate contains a decent bit of `unsafe` code, however all internal
|
||||
unsafety is verified with copious assertions (many are compile-time), and
|
||||
otherwise the unsafety is documented and left to the caller to verify.
|
||||
"""
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.doc-comment]]
|
||||
who = "Nika Layzell <nika@thelayzells.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1315,12 +1408,6 @@ version = "0.2.0"
|
|||
notes = "Trivial crate, no unsafe code."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.heck]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.4.0 -> 0.4.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.hex]]
|
||||
who = "Simon Friedberger <simon@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1413,12 +1500,34 @@ criteria = "safe-to-deploy"
|
|||
delta = "2.3.0 -> 2.3.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.phf_generator]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.10.0 -> 0.11.2"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.phf_shared]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.10.0 -> 0.11.2"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.pkg-config]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.25 -> 0.3.26"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.powerfmt]]
|
||||
who = "Alex Franchuk <afranchuk@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.2.0"
|
||||
notes = """
|
||||
A tiny bit of unsafe code to implement functionality that isn't in stable rust
|
||||
yet, but it's all valid. Otherwise it's a pretty simple crate.
|
||||
"""
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.precomputed-hash]]
|
||||
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1426,6 +1535,18 @@ version = "0.1.1"
|
|||
notes = "This is a trivial crate."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.prost]]
|
||||
who = "Drew Willcoxon <adw@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.11.9 -> 0.12.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.prost-derive]]
|
||||
who = "Drew Willcoxon <adw@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.11.9 -> 0.12.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.quote]]
|
||||
who = "Nika Layzell <nika@thelayzells.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1690,6 +1811,24 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.2.13 -> 0.2.14"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.pkg-config]]
|
||||
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.29 -> 0.3.30"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.prost]]
|
||||
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.12.1 -> 0.12.3"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.prost-derive]]
|
||||
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.12.1 -> 0.12.3"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.quote]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1876,6 +2015,12 @@ delta = "0.1.0 -> 0.1.1"
|
|||
notes = "Adds `#![forbid(unsafe_code)]` and license files."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.tokio-stream]]
|
||||
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.1.14 -> 0.1.15"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.tracing-subscriber]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1935,3 +2080,10 @@ who = "Daira-Emma Hopwood <daira@jacaranda.org>"
|
|||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.89 -> 0.2.92"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.webpki-roots]]
|
||||
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.25.2 -> 0.25.4"
|
||||
notes = "I have not checked consistency with the Mozilla IncludedCACertificateReportPEMCSV report."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
|
||||
|
|
Loading…
Reference in a new issue