Add html functions (#4155)

Co-authored-by: Gerard Guillemas Martos <gguillemas@users.noreply.github.com>
Co-authored-by: Gerard Guillemas Martos <gerard.guillemas@surrealdb.com>
This commit is contained in:
David Bottiau 2024-06-12 11:18:00 +02:00 committed by GitHub
parent 112df064fd
commit 9ffe94a02f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
13 changed files with 417 additions and 55 deletions

110
Cargo.lock generated
View file

@ -270,6 +270,19 @@ version = "0.2.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0942ffc6dcaadf03badf6e6a2d0228460359d5e34b57ccdc720b7382dfbd5ec5"
[[package]]
name = "ammonia"
version = "4.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1ab99eae5ee58501ab236beb6f20f6ca39be615267b014899c89b2f0bc18a459"
dependencies = [
"html5ever",
"maplit",
"once_cell",
"tendril",
"url",
]
[[package]]
name = "android-tzdata"
version = "0.1.1"
@ -2129,6 +2142,16 @@ version = "2.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c"
[[package]]
name = "futf"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df420e2e84819663797d1ec6544b13c5be84629e7bb00dc960d6917db2987843"
dependencies = [
"mac",
"new_debug_unreachable",
]
[[package]]
name = "futures"
version = "0.3.30"
@ -2588,6 +2611,20 @@ dependencies = [
"windows-sys 0.52.0",
]
[[package]]
name = "html5ever"
version = "0.27.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c13771afe0e6e846f1e67d038d4cb29998a6779f93c809212e4e9c32efd244d4"
dependencies = [
"log",
"mac",
"markup5ever",
"proc-macro2",
"quote",
"syn 2.0.58",
]
[[package]]
name = "http"
version = "0.2.12"
@ -3267,6 +3304,32 @@ dependencies = [
"libc",
]
[[package]]
name = "mac"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c41e0c4fef86961ac6d6f8a82609f55f31b05e4fce149ac5710e439df7619ba4"
[[package]]
name = "maplit"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3e2e65a1a2e43cfcb47a895c4c8b10d1f4a61097f9f254f183aee60cad9c651d"
[[package]]
name = "markup5ever"
version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "16ce3abbeba692c8b8441d036ef91aea6df8da2c6b6e21c7e14d3c18e526be45"
dependencies = [
"log",
"phf",
"phf_codegen",
"string_cache",
"string_cache_codegen",
"tendril",
]
[[package]]
name = "matchers"
version = "0.1.0"
@ -3992,6 +4055,26 @@ dependencies = [
"phf_shared 0.11.2",
]
[[package]]
name = "phf_codegen"
version = "0.11.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e8d39688d359e6b34654d328e262234662d16cc0f60ec8dcbe5e718709342a5a"
dependencies = [
"phf_generator 0.11.2",
"phf_shared 0.11.2",
]
[[package]]
name = "phf_generator"
version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5d5285893bb5eb82e6aaf5d59ee909a06a16737a8970984dd7746ba9283498d6"
dependencies = [
"phf_shared 0.10.0",
"rand 0.8.5",
]
[[package]]
name = "phf_generator"
version = "0.11.2"
@ -4008,7 +4091,7 @@ version = "0.11.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3444646e286606587e49f3bcf1679b8cef1dc2c5ecc29ddacaffc305180d464b"
dependencies = [
"phf_generator",
"phf_generator 0.11.2",
"phf_shared 0.11.2",
"proc-macro2",
"quote",
@ -5797,6 +5880,19 @@ dependencies = [
"parking_lot",
"phf_shared 0.10.0",
"precomputed-hash",
"serde",
]
[[package]]
name = "string_cache_codegen"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6bb30289b722be4ff74a408c3cc27edeaad656e06cb1fe8fa9231fa59c728988"
dependencies = [
"phf_generator 0.10.0",
"phf_shared 0.10.0",
"proc-macro2",
"quote",
]
[[package]]
@ -5942,6 +6038,7 @@ version = "2.0.0"
dependencies = [
"addr",
"ahash 0.8.11",
"ammonia",
"any_ascii",
"arbitrary",
"argon2",
@ -6269,6 +6366,17 @@ dependencies = [
"windows-sys 0.52.0",
]
[[package]]
name = "tendril"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d24a120c5fc464a3458240ee02c299ebcb9d67b5249c8848b09d639dca8d7bb0"
dependencies = [
"futf",
"mac",
"utf-8",
]
[[package]]
name = "term"
version = "0.7.0"

View file

@ -1332,4 +1332,24 @@ allow_unsafe = true
allow_unsafe = true
[pkg.linfa-linalg]
allow_unsafe = true
allow_unsafe = true
[pkg.mac]
allow_unsafe = true
[pkg.html5ever]
build.allow_apis = [
"fs",
]
[pkg.futf]
allow_unsafe = true
[pkg.markup5ever]
build.allow_apis = [
"fs",
]
allow_unsafe = true
[pkg.tendril]
allow_unsafe = true

View file

@ -60,6 +60,7 @@ targets = []
[dependencies]
addr = { version = "0.15.6", default-features = false, features = ["std"] }
ahash = "0.8.11"
ammonia = "4.0.0"
arbitrary = { version = "1.3.2", features = ["derive"], optional = true }
argon2 = "0.5.2"
ascii = { version = "0.3.2", package = "any_ascii" }

View file

@ -281,6 +281,8 @@ pub fn synchronous(
"string::words" => string::words,
"string::distance::hamming" => string::distance::hamming,
"string::distance::levenshtein" => string::distance::levenshtein,
"string::html::encode" => string::html::encode,
"string::html::sanitize" => string::html::sanitize,
"string::is::alphanum" => string::is::alphanum,
"string::is::alpha" => string::is::alpha,
"string::is::ascii" => string::is::ascii,

View file

@ -2,6 +2,7 @@ use super::run;
use crate::fnc::script::modules::impl_module_def;
mod distance;
mod html;
mod is;
mod semver;
mod similarity;
@ -16,6 +17,7 @@ impl_module_def!(
"contains" => run,
"distance" => (distance::Package),
"endsWith" => run,
"html" => (html::Package),
"is" => (is::Package),
"join" => run,
"len" => run,

View file

@ -0,0 +1,12 @@
use super::run;
use crate::fnc::script::modules::impl_module_def;
#[non_exhaustive]
pub struct Package;
impl_module_def!(
Package,
"string::html",
"encode" => run,
"sanitize" => run
);

View file

@ -167,6 +167,19 @@ pub mod distance {
}
}
pub mod html {
use crate::err::Error;
use crate::sql::value::Value;
pub fn encode((arg,): (String,)) -> Result<Value, Error> {
Ok(ammonia::clean_text(&arg).into())
}
pub fn sanitize((arg,): (String,)) -> Result<Value, Error> {
Ok(ammonia::clean(&arg).into())
}
}
pub mod is {
use crate::err::Error;
use crate::sql::value::Value;
@ -611,6 +624,24 @@ mod tests {
assert_eq!(value, Value::Bool(false));
}
#[test]
fn html_encode() {
let value = super::html::encode((String::from("<div>Hello world!</div>"),)).unwrap();
assert_eq!(value, Value::Strand("&lt;div&gt;Hello&#32;world!&lt;&#47;div&gt;".into()));
let value = super::html::encode((String::from("SurrealDB"),)).unwrap();
assert_eq!(value, Value::Strand("SurrealDB".into()));
}
#[test]
fn html_sanitize() {
let value = super::html::sanitize((String::from("<div>Hello world!</div>"),)).unwrap();
assert_eq!(value, Value::Strand("<div>Hello world!</div>".into()));
let value = super::html::sanitize((String::from("XSS<script>attack</script>"),)).unwrap();
assert_eq!(value, Value::Strand("XSS".into()));
}
#[test]
fn semver_compare() {
let value = super::semver::compare((String::from("1.2.3"), String::from("1.0.0"))).unwrap();

View file

@ -266,6 +266,8 @@ pub(crate) static PATHS: phf::Map<UniCase<&'static str>, PathKind> = phf_map! {
UniCase::ascii("string::words") => PathKind::Function,
UniCase::ascii("string::distance::hamming") => PathKind::Function,
UniCase::ascii("string::distance::levenshtein") => PathKind::Function,
UniCase::ascii("string::html::encode") => PathKind::Function,
UniCase::ascii("string::html::sanitize") => PathKind::Function,
UniCase::ascii("string::is::alphanum") => PathKind::Function,
UniCase::ascii("string::is::alpha") => PathKind::Function,
UniCase::ascii("string::is::ascii") => PathKind::Function,

View file

@ -294,6 +294,8 @@
"string::distance::hamming("
"string::distance::levenshtein("
"string::endsWith("
"string::html::encode("
"string::html::sanitize("
"string::is::alphanum("
"string::is::alpha("
"string::is::ascii("

View file

@ -292,6 +292,8 @@
"string::distance::hamming("
"string::distance::levenshtein("
"string::endsWith("
"string::html::encode("
"string::html::sanitize("
"string::is::alphanum("
"string::is::alpha("
"string::is::ascii("

View file

@ -3192,6 +3192,34 @@ async fn function_search_analyzer_invalid_function_name() -> Result<(), Error> {
Ok(())
}
#[tokio::test]
async fn function_encode_html() -> Result<(), Error> {
let sql = r#"
RETURN string::html::encode("<div>Hello world!</div>");
"#;
let mut test = Test::new(sql).await?;
//
let tmp = test.next()?.result?;
let val = Value::from("&lt;div&gt;Hello&#32;world!&lt;&#47;div&gt;");
assert_eq!(tmp, val);
//
Ok(())
}
#[tokio::test]
async fn function_sanitize_html() -> Result<(), Error> {
let sql = r#"
RETURN string::html::sanitize("XSS<script>attack</script>");
"#;
let mut test = Test::new(sql).await?;
//
let tmp = test.next()?.result?;
let val = Value::from("XSS");
assert_eq!(tmp, val);
//
Ok(())
}
#[tokio::test]
async fn function_parse_is_alphanum() -> Result<(), Error> {
let sql = r#"

View file

@ -99,6 +99,10 @@ criteria = "safe-to-deploy"
version = "0.2.16"
criteria = "safe-to-deploy"
[[exemptions.ammonia]]
version = "4.0.0"
criteria = "safe-to-deploy"
[[exemptions.android-tzdata]]
version = "0.1.1"
criteria = "safe-to-deploy"
@ -175,10 +179,6 @@ criteria = "safe-to-deploy"
version = "1.9.1"
criteria = "safe-to-deploy"
[[exemptions.async-lock]]
version = "2.8.0"
criteria = "safe-to-deploy"
[[exemptions.async-lock]]
version = "3.3.0"
criteria = "safe-to-deploy"
@ -503,10 +503,6 @@ criteria = "safe-to-run"
version = "0.7.9"
criteria = "safe-to-deploy"
[[exemptions.deranged]]
version = "0.3.11"
criteria = "safe-to-deploy"
[[exemptions.deunicode]]
version = "1.4.3"
criteria = "safe-to-deploy"
@ -643,6 +639,10 @@ criteria = "safe-to-deploy"
version = "2.0.0"
criteria = "safe-to-deploy"
[[exemptions.futf]]
version = "0.1.5"
criteria = "safe-to-deploy"
[[exemptions.futures]]
version = "0.3.30"
criteria = "safe-to-deploy"
@ -767,10 +767,6 @@ criteria = "safe-to-deploy"
version = "0.8.0"
criteria = "safe-to-deploy"
[[exemptions.heck]]
version = "0.5.0"
criteria = "safe-to-deploy"
[[exemptions.hermit-abi]]
version = "0.3.9"
criteria = "safe-to-deploy"
@ -779,6 +775,10 @@ criteria = "safe-to-deploy"
version = "0.5.9"
criteria = "safe-to-deploy"
[[exemptions.html5ever]]
version = "0.27.0"
criteria = "safe-to-deploy"
[[exemptions.http]]
version = "0.2.12"
criteria = "safe-to-deploy"
@ -979,6 +979,18 @@ criteria = "safe-to-deploy"
version = "1.9.4"
criteria = "safe-to-deploy"
[[exemptions.mac]]
version = "0.1.1"
criteria = "safe-to-deploy"
[[exemptions.maplit]]
version = "1.0.2"
criteria = "safe-to-deploy"
[[exemptions.markup5ever]]
version = "0.12.1"
criteria = "safe-to-deploy"
[[exemptions.matchit]]
version = "0.7.3"
criteria = "safe-to-deploy"
@ -1195,10 +1207,14 @@ criteria = "safe-to-deploy"
version = "0.11.2"
criteria = "safe-to-deploy"
[[exemptions.phf_generator]]
[[exemptions.phf_codegen]]
version = "0.11.2"
criteria = "safe-to-deploy"
[[exemptions.phf_generator]]
version = "0.10.0"
criteria = "safe-to-deploy"
[[exemptions.phf_macros]]
version = "0.11.2"
criteria = "safe-to-deploy"
@ -1227,10 +1243,6 @@ criteria = "safe-to-deploy"
version = "0.10.2"
criteria = "safe-to-deploy"
[[exemptions.pkg-config]]
version = "0.3.30"
criteria = "safe-to-deploy"
[[exemptions.plotters]]
version = "0.3.5"
criteria = "safe-to-deploy"
@ -1243,10 +1255,6 @@ criteria = "safe-to-deploy"
version = "0.3.5"
criteria = "safe-to-deploy"
[[exemptions.powerfmt]]
version = "0.2.0"
criteria = "safe-to-deploy"
[[exemptions.pprof]]
version = "0.13.0"
criteria = "safe-to-deploy"
@ -1287,10 +1295,6 @@ criteria = "safe-to-deploy"
version = "0.11.9"
criteria = "safe-to-deploy"
[[exemptions.prost]]
version = "0.12.3"
criteria = "safe-to-deploy"
[[exemptions.prost-build]]
version = "0.12.3"
criteria = "safe-to-deploy"
@ -1299,10 +1303,6 @@ criteria = "safe-to-deploy"
version = "0.11.9"
criteria = "safe-to-deploy"
[[exemptions.prost-derive]]
version = "0.12.3"
criteria = "safe-to-deploy"
[[exemptions.prost-types]]
version = "0.12.3"
criteria = "safe-to-deploy"
@ -1743,6 +1743,10 @@ criteria = "safe-to-deploy"
version = "0.8.7"
criteria = "safe-to-deploy"
[[exemptions.string_cache_codegen]]
version = "0.5.2"
criteria = "safe-to-deploy"
[[exemptions.strsim]]
version = "0.11.1"
criteria = "safe-to-deploy"
@ -1803,6 +1807,10 @@ criteria = "safe-to-run"
version = "3.10.1"
criteria = "safe-to-deploy"
[[exemptions.tendril]]
version = "0.4.3"
criteria = "safe-to-deploy"
[[exemptions.term]]
version = "0.7.0"
criteria = "safe-to-deploy"
@ -1851,10 +1859,6 @@ criteria = "safe-to-deploy"
version = "0.24.1"
criteria = "safe-to-deploy"
[[exemptions.tokio-stream]]
version = "0.1.15"
criteria = "safe-to-deploy"
[[exemptions.tokio-tungstenite]]
version = "0.20.1"
criteria = "safe-to-deploy"
@ -2047,10 +2051,6 @@ criteria = "safe-to-deploy"
version = "1.1.0"
criteria = "safe-to-deploy"
[[exemptions.webpki-roots]]
version = "0.25.4"
criteria = "safe-to-deploy"
[[exemptions.webpki-roots]]
version = "0.26.1"
criteria = "safe-to-deploy"

View file

@ -2,12 +2,12 @@
# cargo-vet imports lock
[[unpublished.surrealdb]]
version = "1.5.0"
audited_as = "1.4.2"
version = "2.0.0"
audited_as = "1.5.2"
[[unpublished.surrealdb-core]]
version = "2.0.0-1.5.0"
audited_as = "2.0.0-1.4.2"
version = "2.0.0"
audited_as = "2.0.0-alpha.2"
[[publisher.addr]]
version = "0.15.6"
@ -129,15 +129,15 @@ user-login = "tobiemh"
user-name = "Tobie Morgan Hitchcock"
[[publisher.surrealdb]]
version = "1.4.2"
when = "2024-04-19"
version = "1.5.2"
when = "2024-06-06"
user-id = 145457
user-login = "tobiemh"
user-name = "Tobie Morgan Hitchcock"
[[publisher.surrealdb-core]]
version = "2.0.0-1.4.2"
when = "2024-04-19"
version = "2.0.0-alpha.2"
when = "2024-01-31"
user-id = 145457
user-login = "tobiemh"
user-name = "Tobie Morgan Hitchcock"
@ -336,8 +336,8 @@ notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-comm
[[audits.bytecode-alliance.audits.heck]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.4.0"
notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation."
delta = "0.4.1 -> 0.5.0"
notes = "Minor changes for a `no_std` upgrade but otherwise everything looks as expected."
[[audits.bytecode-alliance.audits.http-body]]
who = "Pat Hickey <phickey@fastly.com>"
@ -435,6 +435,21 @@ who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
[[audits.bytecode-alliance.audits.pkg-config]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.25"
notes = "This crate shells out to the pkg-config executable, but it appears to sanitize inputs reasonably."
[[audits.bytecode-alliance.audits.pkg-config]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.3.26 -> 0.3.29"
notes = """
No `unsafe` additions or anything outside of the purview of the crate in this
change.
"""
[[audits.bytecode-alliance.audits.quote]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
@ -531,6 +546,16 @@ who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.0"
[[audits.bytecode-alliance.audits.webpki-roots]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.22.4 -> 0.23.0"
[[audits.bytecode-alliance.audits.webpki-roots]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.23.0 -> 0.25.2"
[[audits.embark-studios.audits.assert-json-diff]]
who = "Johan Andersson <opensource@embark-studios.com>"
criteria = "safe-to-run"
@ -609,6 +634,12 @@ criteria = "safe-to-deploy"
version = "0.1.0"
notes = "No unsafe usage or ambient capabilities, sane build script"
[[audits.embark-studios.audits.webpki-roots]]
who = "Johan Andersson <opensource@embark-studios.com>"
criteria = "safe-to-deploy"
version = "0.22.4"
notes = "Inspected it to confirm that it only contains data definitions and no runtime code"
[audits.fermyon.audits]
[[audits.google.audits.async-stream]]
@ -742,6 +773,19 @@ criteria = "safe-to-deploy"
version = "0.3.1"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.heck]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "0.4.1"
notes = """
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'``
and there were no hits.
`heck` (version `0.3.3`) has been added to Chromium in
https://source.chromium.org/chromium/chromium/src/+/28841c33c77833cc30b286f9ae24c97e7a8f4057
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.http-range-header]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
@ -947,6 +991,20 @@ criteria = "safe-to-run"
version = "0.4.1"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.tokio-stream]]
who = "David Koloski <dkoloski@google.com>"
criteria = "safe-to-deploy"
version = "0.1.11"
notes = "Reviewed on https://fxrev.dev/804724"
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.tokio-stream]]
who = "David Koloski <dkoloski@google.com>"
criteria = "safe-to-deploy"
delta = "0.1.11 -> 0.1.14"
notes = "Reviewed on https://fxrev.dev/907732."
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.unicode-xid]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
@ -1188,6 +1246,30 @@ criteria = "safe-to-deploy"
delta = "0.64.0 -> 0.66.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.bindgen]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.66.1 -> 0.68.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.bindgen]]
who = "Andreas Pehrson <apehrson@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.68.1 -> 0.69.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.bindgen]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.69.1 -> 0.69.2"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.bindgen]]
who = "Emilio Cobos Álvarez <emilio@crisal.io>"
criteria = "safe-to-deploy"
delta = "0.69.2 -> 0.69.4"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.bit-set]]
who = "Aria Beingessner <a.beingessner@gmail.com>"
criteria = "safe-to-deploy"
@ -1241,6 +1323,17 @@ version = "0.8.0"
notes = "This crates was written by Sentry and I've fully audited it as Firefox crash reporting machinery relies on it."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.deranged]]
who = "Alex Franchuk <afranchuk@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.3.11"
notes = """
This crate contains a decent bit of `unsafe` code, however all internal
unsafety is verified with copious assertions (many are compile-time), and
otherwise the unsafety is documented and left to the caller to verify.
"""
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.doc-comment]]
who = "Nika Layzell <nika@thelayzells.com>"
criteria = "safe-to-deploy"
@ -1315,12 +1408,6 @@ version = "0.2.0"
notes = "Trivial crate, no unsafe code."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.heck]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.4.0 -> 0.4.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.hex]]
who = "Simon Friedberger <simon@mozilla.com>"
criteria = "safe-to-deploy"
@ -1413,12 +1500,34 @@ criteria = "safe-to-deploy"
delta = "2.3.0 -> 2.3.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.phf_generator]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.10.0 -> 0.11.2"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.phf_shared]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.10.0 -> 0.11.2"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.pkg-config]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.25 -> 0.3.26"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.powerfmt]]
who = "Alex Franchuk <afranchuk@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.2.0"
notes = """
A tiny bit of unsafe code to implement functionality that isn't in stable rust
yet, but it's all valid. Otherwise it's a pretty simple crate.
"""
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.precomputed-hash]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
@ -1426,6 +1535,18 @@ version = "0.1.1"
notes = "This is a trivial crate."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.prost]]
who = "Drew Willcoxon <adw@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.11.9 -> 0.12.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.prost-derive]]
who = "Drew Willcoxon <adw@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.11.9 -> 0.12.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.quote]]
who = "Nika Layzell <nika@thelayzells.com>"
criteria = "safe-to-deploy"
@ -1690,6 +1811,24 @@ criteria = "safe-to-deploy"
delta = "0.2.13 -> 0.2.14"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.pkg-config]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.3.29 -> 0.3.30"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
[[audits.zcash.audits.prost]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.12.1 -> 0.12.3"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
[[audits.zcash.audits.prost-derive]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.12.1 -> 0.12.3"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
[[audits.zcash.audits.quote]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
@ -1876,6 +2015,12 @@ delta = "0.1.0 -> 0.1.1"
notes = "Adds `#![forbid(unsafe_code)]` and license files."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.tokio-stream]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.1.14 -> 0.1.15"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
[[audits.zcash.audits.tracing-subscriber]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
@ -1935,3 +2080,10 @@ who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.2.89 -> 0.2.92"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.webpki-roots]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.25.2 -> 0.25.4"
notes = "I have not checked consistency with the Mozilla IncludedCACertificateReportPEMCSV report."
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"