# cargo-vet audits file
[[wildcard-audits.arbitrary]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2020-01-14"
end = "2026-08-21"
notes = "I am an author of this crate."
[[wildcard-audits.bumpalo]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2019-03-16"
end = "2026-08-21"
[[wildcard-audits.cranelift]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-assembler-x64]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-assembler-x64]]
who = "Saúl Cabrera <saulecabrera@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-02-20"
end = "2027-04-14"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-assembler-x64-meta]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-assembler-x64-meta]]
who = "Saúl Cabrera <saulecabrera@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-02-20"
end = "2027-04-14"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-bforest]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-bforest]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-bitset]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-04-21"
end = "2027-04-14"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-bitset]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-codegen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-codegen]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-codegen-meta]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-codegen-meta]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-codegen-shared]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-codegen-shared]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-control]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-control]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-05-22"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-entity]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-entity]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-frontend]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-frontend]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-interpreter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-interpreter]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-isle]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-isle]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-12-13"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-jit]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-jit]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-module]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-module]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-native]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-native]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-object]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-object]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-reader]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-reader]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-serde]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-serde]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-srcgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-04-21"
end = "2027-04-14"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.cranelift-srcgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.cranelift-wasm]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.derive_arbitrary]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2020-01-14"
end = "2026-08-21"
notes = "I am an author of this crate"
[[wildcard-audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-28"
end = "2026-07-28"
notes = """
The Bytecode Alliance is the author of this crate.
"""
[[wildcard-audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.mutatis]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2019-03-16"
end = "2026-08-21"
notes = """
I am the author of this crate.
"""
[[wildcard-audits.pulley-interpreter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-09-20"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.pulley-interpreter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.pulley-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-06-20"
end = "2026-08-21"
[[wildcard-audits.pulley-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-06-20"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.pulley-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-06-20"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.pulley-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.regalloc2]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
user-id = 3726 # Chris Fallin (cfallin)
start = "2021-12-03"
end = "2026-08-21"
notes = "We (Bytecode Alliance) are the primary authors of regalloc2 and co-develop it with Cranelift/Wasmtime, with the same code-review, testing/fuzzing, and security standards."
[[wildcard-audits.regalloc2]]
who = "Trevor Elliott <telliott@fastly.com>"
criteria = "safe-to-deploy"
user-id = 187138
start = "2022-11-29"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `regalloc2`
repository of which I'm one of the maintainers and publishers for. I am employed
by a member of the Bytecode Alliance and plan to continue doing so and will
actively maintain this crate over time.
"""
[[wildcard-audits.wasi]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2025-08-10"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate.
"""
[[wildcard-audits.wasi-cap-std-sync]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasi-common]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasi-common]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasi-tokio]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasip1]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2025-08-10"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate.
"""
[[wildcard-audits.wasip2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2025-08-10"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate.
"""
[[wildcard-audits.wasip3]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2025-09-10"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate.
"""
[[wildcard-audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-28"
end = "2026-07-28"
notes = """
The Bytecode Alliance is the author of this crate
"""
[[wildcard-audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-12-11"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-12-11"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2026-02-10"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2022-01-05"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasm-mutate]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2022-02-17"
end = "2026-08-21"
[[wildcard-audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-09-03"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-06-19"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-07-13"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-11-18"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmprinter]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2021-04-28"
end = "2026-08-21"
[[wildcard-audits.wasmtime]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-asm-macros]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2022-08-22"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-c-api-impl]]
who = "Trevor Elliott <telliott@fastly.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-20"
end = "2027-04-14"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-c-api-macros]]
who = "Trevor Elliott <telliott@fastly.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-20"
end = "2027-04-14"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-cache]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-cli]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-cli]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-cli-flags]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-cli-flags]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2022-05-20"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-component-macro]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2022-07-20"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-component-util]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2022-08-22"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-cranelift]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-cranelift-shared]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-04-20"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-environ]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-environ]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-explorer]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-04-20"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-fiber]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-asm-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-c-api-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-c-api-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-c-api-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-cache]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-cache]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-cache]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-component-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-component-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-component-util]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-component-util]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-cranelift]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-cranelift]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-cranelift]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-debugger]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-error]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2025-12-16"
end = "2027-01-09"
notes = "This crate is authored by the Bytecode Alliance."
[[wildcard-audits.wasmtime-internal-error]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2025-12-16"
end = "2027-01-09"
notes = "This crate is authored by the Bytecode Alliance."
[[wildcard-audits.wasmtime-internal-explorer]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-explorer]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-explorer]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-fiber]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-fiber]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-gdbstub-component-artifact]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-04-20"
end = "2027-04-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-jit-debug]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-jit-debug]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-jit-icache-coherence]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-jit-icache-coherence]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-math]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-math]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-slab]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-slab]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-unwinder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-unwinder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-versioned-export-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-versioned-export-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-winch]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-winch]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-winch]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-wit-bindgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-wit-bindgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-internal-wmemcheck]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-internal-wmemcheck]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-jit]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-jit-debug]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2022-03-07"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-jit-icache-coherence]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2022-11-21"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-math]]
who = "Saúl Cabrera <saulecabrera@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-01-20"
end = "2027-04-14"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-runtime]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-slab]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wasmtime-types]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wasi]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-config]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-config]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wasi-crypto]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-http]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wasi-http]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-05-22"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-io]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wasi-io]]
who = "Saúl Cabrera <saulecabrera@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-02-20"
end = "2027-04-14"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-keyvalue]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-keyvalue]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wasi-nn]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wasi-nn]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-runtime-config]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-threads]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wasi-threads]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-03-20"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-tls]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-04-21"
end = "2027-04-14"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-tls]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wasi-tls-nativetls]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-tls-nativetls]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-07-20"
end = "2026-07-20"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wasi-tls-nativetls]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wasi-tls-openssl]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wast]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-winch]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2022-11-21"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wit-bindgen]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-20"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wizer]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-11-19"
end = "2026-11-19"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wasmtime-wizer]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wasmtime-wmemcheck]]
who = "Pat Hickey <pat@moreproductive.org>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2022-11-27"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-10-16"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-10-18"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wiggle]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wiggle]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wiggle-generate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wiggle-generate]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wiggle-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wiggle-macro]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2021-10-29"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wiggle-test]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 18162 # Pat Hickey (pchickey)
start = "2020-03-12"
end = "2025-07-30"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.winch-codegen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasmtime"
start = "2026-01-07"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.winch-codegen]]
who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2022-11-21"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wit-bindgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-12-11"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wit-bindgen`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wit-bindgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wit-bindgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wit-bindgen"
start = "2025-08-13"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wit-bindgen-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-12-11"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wit-bindgen`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wit-bindgen-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wit-bindgen-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wit-bindgen"
start = "2025-08-13"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wit-bindgen-rt]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wit-bindgen-rust]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-12-11"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wit-bindgen`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wit-bindgen-rust]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wit-bindgen-rust]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wit-bindgen"
start = "2025-08-13"
end = "2027-01-12"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wit-bindgen-rust-lib]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-12-11"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wit-bindgen`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wit-bindgen-rust-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-12-11"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wit-bindgen`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wit-bindgen-rust-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wit-bindgen-rust-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wit-bindgen"
start = "2025-08-13"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-12-11"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[wildcard-audits.wit-component]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2019-03-16"
end = "2026-08-21"
[[wildcard-audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-12-02"
end = "2026-08-21"
notes = """
This is a Bytecode Alliance authored crate maintained in the `wasm-tools`
repository of which I'm one of the primary maintainers and publishers for.
I am employed by a member of the Bytecode Alliance and plan to continue doing
so and will actively maintain this crate over time.
"""
[[wildcard-audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2023-01-01"
end = "2026-06-03"
notes = """
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
publication of this crate from CI. This repository requires all PRs are reviewed
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
"""
[[wildcard-audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-08-21"
notes = "The Bytecode Alliance is the author of this crate."
[[wildcard-audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
trusted-publisher = "github:bytecodealliance/wasm-tools"
start = "2025-08-14"
end = "2027-01-08"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.addr2line]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.17.0 -> 0.19.0"
notes = """
This is a minor update for addr2line which looks to mainly update its
dependencies and refactor existing code to expose more functionality and such.
"""
[[audits.addr2line]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.19.0 -> 0.20.0"
notes = "This version brings support for split-dwarf which while it uses the filesystem is always done at the behest of the caller, so everything is as expected for this update."
[[audits.addr2line]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.20.0 -> 0.21.0"
notes = "This version bump updated some dependencies and optimized some internals. All looks good."
[[audits.addr2line]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.21.0 -> 0.22.0"
[[audits.addr2line]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.22.0 -> 0.24.1"
notes = "Lots of internal code refactorings and code movement. Nothing out of place however."
[[audits.addr2line]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.24.1 -> 0.25.0"
notes = "All minor changes, even a net reduction of `unsafe`."
[[audits.addr2line]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.25.0 -> 0.25.1"
notes = "Minor updates, looks like a minor bug fix, nothing awry."
[[audits.addr2line]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.25.1 -> 0.26.0"
notes = "Nothing out of the ordinary for this update, all DWARF all the time."
[[audits.adler]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.2"
notes = "This is a small crate which forbids unsafe code and is a straightforward implementation of the adler hashing algorithm."
[[audits.adler2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "2.0.0"
notes = "Fork of the original `adler` crate, zero unsfae code, works in `no_std`, does what it says on th tin."
[[audits.ahash]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.7.6 -> 0.8.2"
[[audits.ahash]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.8.2 -> 0.8.7"
notes = """
Shuffling of features in this update and while there are updates to `unsafe`
code it's no different than before and the usage remains the same.
"""
[[audits.allocator-api2]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.2.18 -> 0.2.20"
notes = """
The changes appear to be reasonable updates from Rust's stdlib imported into
`allocator-api2`'s copy of this code.
"""
[[audits.ambient-authority]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.0.2"
notes = "Contains no unsafe code, no IO, no build.rs."
[[audits.anes]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.6"
notes = "Contains no unsafe code, no IO, no build.rs."
[[audits.ansi_term]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.12.1"
notes = "Only unsafe code is to access the console on Windows."
[[audits.anyhow]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.0.62 -> 1.0.66"
notes = """
This update looks to be related to minor fixes and mostly integrating with a
nightly feature in the standard library for backtrace integration. No undue
`unsafe` is added and nothing unsurprising for the `anyhow` crate is happening
here.
"""
[[audits.anyhow]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.0.69 -> 1.0.71"
[[audits.arbitrary]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = "I am the author of this crate."
[[audits.arbitrary]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "1.1.4"
notes = "I am the author of this crate."
[[audits.arbitrary]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "1.4.1"
[[audits.arbtest]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-run"
version = "0.3.1"
notes = "Nothing unusual; the most notable bit was a terminal escape sequence to make a random seed bold."
[[audits.arbtest]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.3.1 -> 0.3.2"
notes = "Minor new feature, nothing out of the ordinary."
[[audits.arrayref]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "0.3.6"
notes = """
Unsafe code, but its logic looks good to me. Necessary given what it is
doing. Well tested, has quickchecks.
"""
[[audits.arrayvec]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "0.7.2"
notes = """
Well documented invariants, good assertions for those invariants in unsafe code,
and tested with MIRI to boot. LGTM.
"""
[[audits.async-task]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "4.7.1"
notes = "Fairly significant chunk of unsafe code in the async executor core, but seems isolated to well-understood patterns, e.g. a manual vtable and some manual layout code."
[[audits.atomic-waker]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.1.2"
notes = "Contains `unsafe` code but it's well-documented and scoped to what it's intended to be doing. Otherwise a well-focused and straightforward crate."
[[audits.atty]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.14"
notes = """
Contains only unsafe code for what this crate's purpose is and only accesses
the environment's terminal information when asked. Does its stated purpose and
no more.
"""
[[audits.auditable-serde]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.8.0"
notes = "No `unsafe` code in this crate, small crate, only working with JSON and some serde data structures."
[[audits.backtrace]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.3.66"
notes = "I am the author of this crate."
[[audits.backtrace]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.3.66 -> 0.3.67"
notes = """
This change introduced a new means of learning the current exe by parsing
Linux-specific constructs and does not constitute any major changes to the
crate.
"""
[[audits.base64]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.21.0"
notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
[[audits.base64]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-run"
version = "0.21.0"
notes = "This crate has no dependencies, no build.rs, and contains no unsafe code."
[[audits.base64]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.21.3 -> 0.22.1"
[[audits.beef]]
who = "Pat Hickey <pat@moreproductive.org>"
criteria = "safe-to-deploy"
version = "0.5.2"
notes = "This is a more compact implementation of std's Cow. It uses lots of unsafe, but appears sound in my audit."
[[audits.bitflags]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
delta = "2.1.0 -> 2.2.1"
notes = """
This version adds unsafe impls of traits from the bytemuck crate when built
with that library enabled, but I believe the impls satisfy the documented
safety requirements for bytemuck. The other changes are minor.
"""
[[audits.bitflags]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "2.3.2 -> 2.3.3"
notes = """
Nothing outside the realm of what one would expect from a bitflags generator,
all as expected.
"""
[[audits.bitflags]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "2.4.1 -> 2.6.0"
notes = """
Changes in how macros are invoked and various bits and pieces of macro-fu.
Otherwise no major changes and nothing dealing with `unsafe`.
"""
[[audits.bitflags]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "2.7.0 -> 2.9.4"
notes = "Tweaks to the macro, nothing out of order."
[[audits.bitflags]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "2.10.0 -> 2.11.1"
notes = "Minor updates, nothing awry here."
[[audits.bitmaps]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "2.1.0"
notes = """
No ambient I/O. Minimal unsafe, purely related to simd ISA extensions and
obviously correct with only local reasoning.
"""
[[audits.block-buffer]]
who = "Benjamin Bouvier <public@benj.me>"
criteria = "safe-to-deploy"
delta = "0.9.0 -> 0.10.2"
[[audits.bumpalo]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "3.9.1"
notes = "I am the author of this crate."
[[audits.bumpalo]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "3.11.1"
notes = "I am the author of this crate."
[[audits.bytes]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.10.0 -> 1.10.1"
notes = "Minor bugfix release."
[[audits.bytesize]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "1.3.0"
[[audits.bytesize]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "1.3.0 -> 2.0.1"
notes = "New functionality, but no new unsafe, and no other suspicious changes."
[[audits.camino]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "1.1.4"
[[audits.cap-fs-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.26.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.cap-fs-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "1.0.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.cap-fs-ext]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.0.1 -> 1.0.5"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-fs-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "1.0.5 -> 1.0.14"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-fs-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.2.0 -> 3.3.0"
[[audits.cap-fs-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.3.0 -> 3.4.0"
[[audits.cap-fs-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.0 -> 3.4.1"
[[audits.cap-fs-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.1 -> 3.4.4"
[[audits.cap-fs-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.4 -> 3.4.5"
[[audits.cap-net-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.2.0 -> 3.3.0"
[[audits.cap-net-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.3.0 -> 3.4.0"
[[audits.cap-net-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.0 -> 3.4.1"
[[audits.cap-net-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.1 -> 3.4.4"
[[audits.cap-net-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.4 -> 3.4.5"
[[audits.cap-primitives]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.26.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.cap-primitives]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "1.0.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.cap-primitives]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.0.1 -> 1.0.5"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-primitives]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "1.0.5 -> 1.0.14"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-primitives]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.2.0 -> 3.3.0"
[[audits.cap-primitives]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.3.0 -> 3.4.0"
[[audits.cap-primitives]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.0 -> 3.4.1"
[[audits.cap-primitives]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.1 -> 3.4.4"
[[audits.cap-primitives]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.4 -> 3.4.5"
[[audits.cap-rand]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.26.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.cap-rand]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "1.0.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.cap-rand]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "1.0.1 -> 1.0.14"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-rand]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.2.0 -> 3.3.0"
[[audits.cap-rand]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.3.0 -> 3.4.0"
[[audits.cap-rand]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.0 -> 3.4.1"
[[audits.cap-rand]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.1 -> 3.4.4"
[[audits.cap-rand]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.4 -> 3.4.5"
[[audits.cap-std]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.26.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.cap-std]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "1.0.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.cap-std]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.0.1 -> 1.0.5"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-std]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "1.0.5 -> 1.0.14"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-std]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.2.0 -> 3.3.0"
[[audits.cap-std]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.3.0 -> 3.4.0"
[[audits.cap-std]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.0 -> 3.4.1"
[[audits.cap-std]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.1 -> 3.4.4"
[[audits.cap-std]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.4 -> 3.4.5"
[[audits.cap-tempfile]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-run"
version = "0.26.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.cap-tempfile]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-run"
version = "1.0.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.cap-tempfile]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "1.0.1 -> 1.0.14"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-time-ext]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.26.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-time-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "1.0.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-time-ext]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.0.1 -> 1.0.5"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-time-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "1.0.5 -> 1.0.14"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.cap-time-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.2.0 -> 3.3.0"
[[audits.cap-time-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.3.0 -> 3.4.0"
[[audits.cap-time-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.0 -> 3.4.1"
[[audits.cap-time-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.1 -> 3.4.4"
[[audits.cap-time-ext]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.4.4 -> 3.4.5"
[[audits.capstone]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.12.0 -> 0.13.0"
notes = "No new major features added here, mostly new architectures from a capstone update. No fundamental new `unsafe` code or anything suspicious"
[[audits.capstone]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.13.0 -> 0.14.0"
notes = "More features, more architectures, minor Rust idiom changes, nothing major."
[[audits.capstone-sys]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.16.0 -> 0.17.0"
notes = "Updates to the build process of capstone and adding some new architectures. Nothing major."
[[audits.capstone-sys]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.17.0 -> 0.18.0"
notes = "Huge number of changes, but verified to be an expected update to the capstone library."
[[audits.cargo-platform]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = "no build, no ambient capabilities, no unsafe"
[[audits.cargo_metadata]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.15.3"
notes = "no build, no unsafe, inputs to cargo command are reasonably sanitized"
[[audits.cargo_metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.17.0 -> 0.18.1"
notes = "No major changes, no unsafe code here."
[[audits.cargo_metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.18.1 -> 0.19.2"
notes = "Dependency updates and minor changes, nothing suspicious."
[[audits.cast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.2.7 -> 0.3.0"
notes = """
This release appears to have brought support for 128-bit integers and removed a
`transmute` around converting between float bits and the float itself.
Otherwise no major changes except what was presumably minor API breaking changes
due to the major version bump.
"""
[[audits.castaway]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.2.2"
notes = "Very unsafe `transmute_unchecked` is used internally for downcasting; the crate is carefully written to maintain the necessary invariants."
[[audits.cc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.73"
notes = "I am the author of this crate."
[[audits.cc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.0.83 -> 1.1.6"
[[audits.cc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.1.6 -> 1.2.5"
notes = "Lots of minor updates here and there along with refactorings and such. Everything in line with what `cc` is expected to do."
[[audits.cc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.2.12 -> 1.2.19"
notes = "Trusted crate from rust-lang/rust, diff skimmed and generally looks ok as well."
[[audits.cc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.2.19 -> 1.2.22"
notes = "Minor changes, nothing related to `unsafe`"
[[audits.cc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.2.30 -> 1.2.41"
notes = "This is a trusted rust-lang/rust crate"
[[audits.cfg-if]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.0"
notes = "I am the author of this crate."
[[audits.ciborium]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.2.0"
[[audits.ciborium-io]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.2.0"
[[audits.ciborium-ll]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.2.0"
[[audits.cipher]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.4.4"
notes = "Most unsafe is hidden by `inout` dependency; only remaining unsafe is raw-splitting a slice and an unreachable hint. Older versions of this regularly reach ~150k daily downloads."
[[audits.clap]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "2.34.0"
[[audits.cobs]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.3"
notes = "No `unsafe` code in the crate and no usage of `std`"
[[audits.cobs]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.3 -> 0.3.0"
notes = "Nothing out of the ordinary, virtually no unsafe code."
[[audits.codespan-reporting]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
version = "0.11.1"
notes = "This library uses `forbid(unsafe_code)` and has no filesystem or network I/O."
[[audits.compact_str]]
who = "David Justice <david@justice.dev"
criteria = "safe-to-deploy"
version = "0.7.1"
notes = "This library has many uses of unsafe, but contains extensive fuzzing and miri testing."
[[audits.console]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.15.0 -> 0.15.8"
notes = "Lots of internal refactorings for new features and such, nothing major out of place."
[[audits.console]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.15.8 -> 0.16.1"
notes = "Nothing out of the ordinary. Minor `unsafe` code to work with libc and raw system APIs, otherwise as expected."
[[audits.constant_time_eq]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "0.2.4"
notes = "A few tiny blocks of `unsafe` but each of them is very obviously correct."
[[audits.core-foundation-sys]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.8.4 -> 0.8.6"
notes = """
The changes here are all typical bindings updates: new functions, types, and
constants. I have not audited all the bindings for ABI conformance.
"""
[[audits.cpp_demangle]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.3.5 -> 0.4.3"
notes = "No substantive changes to `unsafe` code and otherwise all looks good."
[[audits.cpufeatures]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.2 -> 0.2.7"
notes = """
This is a minor update that looks to add some more detected CPU features and
various other minor portability fixes such as MIRI support.
"""
[[audits.cpufeatures]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.8 -> 0.2.14"
notes = "Minor updates, nothing awry. Mostly portability updates."
[[audits.criterion]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.3.5 -> 0.3.6"
notes = """
There were no major changes to code in this update, mostly just stylistic and
updating some version dependency requirements.
"""
[[audits.criterion]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.3.6 -> 0.4.0"
notes = """
criterion v0.3.6..v0.4.0 is mostly re-arranging the crate features and bumping dependencies. all changes
to code seem to be confined to benchmarks.
"""
[[audits.criterion-plot]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.4.4 -> 0.4.5"
notes = """
No major changes in this update, it was almost entirely stylistic with what
appears to be a few clippy fixes here and there.
"""
[[audits.criterion-plot]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.4.5 -> 0.5.0"
notes = "Just a version bump, only change to code is to remove an allow(deprecated)"
[[audits.crossbeam-channel]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.5.4 -> 0.5.8"
notes = """
This diff does what it says on the tin for this version range, notably fixing a
race condition, improving handling of durations, and additionally swapping out a
spin lock with a lock from the standard library. Minor bits of `unsafe` code
are modified but that's expected given the nature of this crate.
"""
[[audits.crossbeam-epoch]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.9.9 -> 0.9.15"
notes = """
In general crossbeam has quite a lot of unsafe code as it's a primitive tool for
concurrency but this update isn't adding any extra unsafe than there already
was and all the updates here are related to odds-and-ends maintenance. In
other words everything is as one would expect from a minor update for this
crate.
"""
[[audits.crossbeam-epoch]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.9.15 -> 0.9.18"
notes = "Nontrivial update but mostly around dependencies and how `unsafe` code is managed. Everything looks the same shape as before."
[[audits.crossbeam-utils]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.8.10 -> 0.8.11"
notes = "No changes of substance, only minor updates around how `unsafe` code is managed but it's all trivially the same as before"
[[audits.crypto-common]]
who = "Benjamin Bouvier <public@benj.me>"
criteria = "safe-to-deploy"
version = "0.1.3"
[[audits.der]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.7.10"
notes = "No unsafe code aside from transmutes for transparent newtypes."
[[audits.derive_arbitrary]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = "I am the author of this crate."
[[audits.derive_arbitrary]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "1.1.4"
notes = "I am the author of this crate."
[[audits.derive_arbitrary]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.3.0 -> 1.3.1"
notes = "This updates `syn` to 2.x.x, nothing else in this diff."
[[audits.digest]]
who = "Benjamin Bouvier <public@benj.me>"
criteria = "safe-to-deploy"
delta = "0.9.0 -> 0.10.3"
[[audits.displaydoc]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.2.4 -> 0.2.5"
[[audits.easy-smt]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.2"
notes = "This crate is authored by trusted Bytecode Alliance members."
[[audits.ed25519]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.4.1 -> 1.5.3"
notes = """
This diff brings in a number of minor updates of which none are related to
`unsafe` code or anything system-related like filesystems.
"""
[[audits.either]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.8.1 -> 1.13.0"
notes = "More utilities and such for the `Either` type, no `unsafe` code."
[[audits.embedded-io]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.4.0"
notes = "No `unsafe` code and only uses `std` in ways one would expect the crate to do so."
[[audits.embedded-io]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.0 -> 0.6.1"
notes = "Major updates, but almost all safe code. Lots of pruning/deletions, nothing out of the ordrinary."
[[audits.encode_unicode]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.3.6 -> 1.0.0"
notes = "Lots of updates, small edits to `unsafe` code, but all as expected."
[[audits.errno]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.3.0"
notes = "This crate uses libc and windows-sys APIs to get and set the raw OS error value."
[[audits.errno]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.3.0 -> 0.3.1"
notes = "Just a dependency version bump and a bug fix for redox"
[[audits.errno]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.3.9 -> 0.3.10"
[[audits.errno-dragonfly]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = "This should be portable to any POSIX system and seems like it should be part of the libc crate, but at any rate it's safe as is."
[[audits.escape8259]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.5.2"
notes = "No unsafe code, crate does what it says on the tin, small crate."
[[audits.fallible-iterator]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.0 -> 0.3.0"
notes = """
This major version update has a few minor breaking changes but everything
this crate has to do with iterators and `Result` and such. No `unsafe` or
anything like that, all looks good.
"""
[[audits.fastrand]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "2.0.0 -> 2.0.1"
notes = """
This update had a few doc updates but no otherwise-substantial source code
updates.
"""
[[audits.fastrand]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "2.1.1 -> 2.3.0"
notes = "Minor refactoring, nothing new."
[[audits.fd-lock]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "3.0.9"
notes = "This crate uses unsafe to make Windows syscalls, to borrow an Fd with an appropriate lifetime, and to zero a windows API structure that appears to have a valid representation with zeroed memory."
[[audits.fd-lock]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "3.0.9 -> 3.0.10"
notes = "Just a dependency version bump"
[[audits.fd-lock]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "3.0.10 -> 3.0.12"
notes = "Just a dependency version bump"
[[audits.file-per-thread-logger]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.5"
notes = """
Contains no unsafe code but does write log files to the filesystem. Log files
are only created when requested by the application, however, and otherwise
only does its stated purpose.
"""
[[audits.file-per-thread-logger]]
who = "Benjamin Bouvier <public@benj.me>"
criteria = "safe-to-deploy"
version = "0.2.0"
notes = "Simple version bump."
[[audits.file-per-thread-logger]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.1.5 -> 0.1.6"
notes = "Just a dependency version bump"
[[audits.find-msvc-tools]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.0 -> 0.1.4"
notes = "Nothing out of the ordinary for a crate finding MSVC tooling."
[[audits.fixedbitset]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "0.4.2"
notes = """
No ambient I/O. Uses some `unsafe`, but the uses look good and are guarded by
relevant assertions, although could use some comments and some slight
refactoring into helpers to dedupe unsafe blocks in my personal opinion.
"""
[[audits.flate2]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "1.0.26 -> 1.0.28"
notes = "No new `unsafe` and no large changes in function. This diff is mostly refactoring with a lot of docs, CI, test changes. Adds some defensive clearing out of certain variables as a safeguard."
[[audits.flate2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.0.30 -> 1.1.0"
notes = """
Minor updates, mostly a new changelog with many lines. No new `unsafe` code and
mostly just updating Rust idioms.
"""
[[audits.flate2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.1.0 -> 1.1.4"
notes = "Minor amounts of unsafe code but what you would expect from interfacing with FFI libraries. Otherwise nothing major."
[[audits.foldhash]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.3"
notes = """
Only a minor amount of `unsafe` code in this crate related to global per-process
initialization which looks correct to me.
"""
[[audits.foreign-types]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.2"
notes = "This crate defined a macro-rules which creates wrappers working with FFI types. The implementation of this crate appears to be safe, but each use of this macro would need to be vetted for correctness as well."
[[audits.foreign-types-shared]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.1"
[[audits.form_urlencoded]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = """
This is a small crate for working with url-encoded forms which doesn't have any
more than what it says on the tin. Contains one `unsafe` block related to
performance around utf-8 validation which is fairly easy to verify as correct.
"""
[[audits.fs-set-times]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.18.0"
notes = "I am the author of this crate."
[[audits.fs-set-times]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.18.0 -> 0.18.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.fs-set-times]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.18.1 -> 0.19.1"
notes = "Just a dependency version bump"
[[audits.fslock]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.1.8 -> 0.2.1"
notes = "Internal and external refactorings plus `unsafe` where one would expect."
[[audits.futures]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.27"
notes = "There are no definitions in this crate, just exports of definitions from child crates."
[[audits.futures]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-deploy"
version = "0.3.31"
[[audits.futures-channel]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.27"
notes = "build.rs is just detecting the target and setting cfg. unsafety is for implementing a concurrency primitives using atomics and unsafecell, and is not obviously incorrect (this is the sort of thing I wouldn't certify as correct without formal methods)"
[[audits.futures-channel]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-deploy"
version = "0.3.31"
[[audits.futures-core]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.27"
notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
[[audits.futures-core]]
who = "Pat Hickey <pat@moreproductive.org>"
criteria = "safe-to-deploy"
delta = "0.3.28 -> 0.3.31"
[[audits.futures-executor]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.27"
notes = "Unsafe used to implement the unpark mutex, which is well commented and not obviously incorrect. Like with futures-channel I wouldn't be able to certify it as correct without formal methods."
[[audits.futures-executor]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-deploy"
version = "0.3.31"
[[audits.futures-io]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.27"
[[audits.futures-io]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-deploy"
version = "0.3.31"
[[audits.futures-lite]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "1.13.0"
notes = "No unsafe code and fairly straightforward/expected imports for async IO primitives."
[[audits.futures-macro]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-deploy"
version = "0.3.31"
[[audits.futures-sink]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.27"
[[audits.futures-sink]]
who = "Pat Hickey <pat@moreproductive.org>"
criteria = "safe-to-deploy"
delta = "0.3.28 -> 0.3.31"
[[audits.futures-task]]
who = "Pat Hickey <pat@moreproductive.org>"
criteria = "safe-to-deploy"
delta = "0.3.27 -> 0.3.31"
[[audits.futures-util]]
who = "Pat Hickey <pat@moreproductive.org>"
criteria = "safe-to-deploy"
delta = "0.3.27 -> 0.3.31"
notes = 'New waker_ref module contains "FIXME: panics on Arc::clone / refcount changes could wreak havoc..." comment, but this corner case feels low risk.'
[[audits.fxprof-processed-profile]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
version = "0.6.0"
notes = """
No unsafe code, I/O, or powerful imports. This is a straightforward set of data
structures representing the Firefox "processed" profile format, with serde
serialization support. All logic is trivial: either unit conversion, or
hash-consing to support de-duplication required by the format.
"""
[[audits.fxprof-processed-profile]]
who = "Pat Hickey <p.hickey@f5.com>"
criteria = "safe-to-deploy"
delta = "0.6.0 -> 0.8.1"
[[audits.gdbstub]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.7.10"
[[audits.gdbstub_arch]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.3.3"
[[audits.getrandom]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.1 -> 0.4.2"
notes = "Nothing awry in this update, standard updates for some platforms and other misc things."
[[audits.gimli]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.26.1 -> 0.27.0"
notes = """
This is a standard update to gimli for more DWARF support for more platforms,
more features, etc. Some minor `unsafe` code was added that does not appear
incorrect. Otherwise looks like someone probably ran clippy and/or rustfmt.
"""
[[audits.gimli]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.27.0 -> 0.27.3"
notes = "More support for more DWARF, nothing major in this update. Some small refactorings and updates to publication of the package but otherwise everything's in order."
[[audits.gimli]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.27.3 -> 0.28.0"
notes = """
Still looks like a good DWARF-parsing crate, nothing major was added or deleted
and no `unsafe` code to review here.
"""
[[audits.gimli]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.28.0 -> 0.29.0"
[[audits.gimli]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.29.0 -> 0.31.0"
notes = "Various updates here and there, nothing too major, what you'd expect from a DWARF parsing crate."
[[audits.gimli]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.31.0 -> 0.31.1"
notes = "No fundmanetally new `unsafe` code, some small refactoring of existing code. Lots of changes in tests, not as many changes in the rest of the crate. More dwarf!"
[[audits.gimli]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.31.1 -> 0.32.0"
notes = "Ever more DWARF to parse, but also no new `unsafe` and everything looks like gimli."
[[audits.gimli]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.32.0 -> 0.32.3"
notes = "Ever more dwarf, it never ends! (nothing out of the ordinary)"
[[audits.glob]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.3.1 -> 0.3.0"
[[audits.h2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.3.19 -> 0.4.0"
notes = "A number of changes but nothing adding new `unsafe` or anything outside the purview of what this crate already manages."
[[audits.h2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.0 -> 0.4.2"
notes = "Minor updates and fixes in this version bump, nothing major."
[[audits.hashbrown]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.12.3 -> 0.13.1"
notes = "The diff looks plausible. Much of it is low-level memory-layout code and I can't be 100% certain without a deeper dive into the implementation logic, but nothing looks actively malicious."
[[audits.hashbrown]]
who = "Trevor Elliott <telliott@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.13.1 -> 0.13.2"
notes = "I read through the diff between v0.13.1 and v0.13.2, and verified that the changes made matched up with the changelog entries. There were very few changes between these two releases, and it was easy to verify what they did."
[[audits.hashbrown]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.14.5 -> 0.15.2"
[[audits.heck]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.4.0"
notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation."
[[audits.heck]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.4.0 -> 0.3.3"
[[audits.heck]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.1 -> 0.5.0"
notes = "Minor changes for a `no_std` upgrade but otherwise everything looks as expected."
[[audits.hermit-abi]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.1.19"
[[audits.hermit-abi]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.2.0 -> 0.3.0"
[[audits.hermit-abi]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.3.9 -> 0.5.2"
notes = "API updates and looks like libc, nothing new here."
[[audits.home]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.5.3 -> 0.5.9"
notes = "No major changes, just some internal refactorings."
[[audits.http]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.9 -> 1.0.0"
notes = "Minor changes leading up to the 1.0.0 release and nothing fundamentally new here."
[[audits.http-body]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "1.0.0-rc.2"
[[audits.http-body]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.0.0-rc.2 -> 1.0.0"
notes = "Only minor changes made for a stable release."
[[audits.http-body-util]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.0-rc.2"
notes = "only one use of unsafe related to pin projection. unclear to me why pin_project! is used in many modules of the project, but the expanded output of that macro is inlined in either.rs"
[[audits.http-body-util]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.0-rc.2 -> 0.1.0"
notes = "Minor documentation updates an additions, nothing major."
[[audits.httpdate]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "1.0.2"
notes = "No unsafety, no io"
[[audits.hyper]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.0.0-rc.3 -> 1.0.1"
notes = """
Quite a few changes here relative to the last RC but everything is related to
refactorings and such. No new fundamental addition of functionality or
substantially new unsafe code.
"""
[[audits.iana-time-zone]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.1.59"
notes = """
I also manually ran windows-bindgen and confirmed that the output matches
the bindings checked into the repo.
"""
[[audits.iana-time-zone]]
who = "Pat Hickey <pat@moreproductive.org>"
criteria = "safe-to-deploy"
delta = "0.1.59 -> 0.1.61"
[[audits.iana-time-zone-haiku]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.1.2"
[[audits.icu_properties]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "1.5.0 -> 1.5.1"
[[audits.id-arena]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "2.2.1"
notes = "I am the author of this crate."
[[audits.idna]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.3.0"
notes = """
This is a crate without unsafe code or usage of the standard library. The large
size of this crate comes from the large generated unicode tables file. This
crate is broadly used throughout the ecosystem and does not contain anything
suspicious.
"""
[[audits.im-rc]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-run"
version = "15.1.0"
notes = """
This library has a few `unsafe` blocks for performance reasons, but most of them
are unreachable from `wasm-compose` because it only uses the `HashMap` type.
The `unsafe` blocks reachable from the `HashMap` type are narrowly scoped, well
commented, and easy to reason about.
"""
[[audits.indexmap-nostd]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.4.0"
notes = """
I've verified that this is a sliced-down version of the `indexmap` crate which
is otherwise certified. This doesn't contain unnecessary `unsafe` and
additionally doesn't reach for ambient capabilities.
"""
[[audits.inout]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.1.3"
notes = "A part of RustCrypto/utils, this crate is designed to handle unsafe buffers and carefully documents the safety concerns throughout. Older versions of this tally up to ~130k daily downloads."
[[audits.instant]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.1.12"
notes = "Small crate wrapping platform primitives for time that uses `unsafe` only for FFI."
[[audits.instant]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.12 -> 0.1.13"
notes = "Nothing major changed in this update"
[[audits.io-extras]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.17.0"
notes = "I am the author of this crate."
[[audits.io-extras]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.17.0 -> 0.17.2"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.io-extras]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.17.2 -> 0.17.4"
notes = "Just a dependency version bump"
[[audits.io-extras]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.18.2 -> 0.18.3"
[[audits.io-lifetimes]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "1.0.3"
notes = "I am the author of this crate."
[[audits.io-lifetimes]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.0.3 -> 1.0.5"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.io-lifetimes]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "1.0.5 -> 1.0.10"
notes = "I am the maintainer of this crate."
[[audits.is-terminal]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.3.0"
notes = "Contains only unsafe code for interacting with the crate's intended purpose."
[[audits.is-terminal]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.4.1"
notes = "Contains only unsafe code for interacting with the crate's intended purpose."
[[audits.is-terminal]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.4.7"
notes = """
The is-terminal implementation code is now sync'd up with the prototype
implementation in the Rust standard library.
"""
[[audits.is-terminal]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.4.1 -> 0.4.3"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.itertools]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.10.5 -> 0.12.1"
notes = """
Minimal `unsafe` usage. Few blocks that existed looked reasonable. Does what it
says on the tin: lots of iterators.
"""
[[audits.itertools]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.12.1 -> 0.14.0"
notes = """
Lots of new iterators and shuffling some things around. Some new unsafe code but
it's well-documented and well-tested. Nothing suspicious.
"""
[[audits.itoa]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "1.0.11 -> 1.0.14"
[[audits.ittapi]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.3.4"
[[audits.ittapi]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.3.1 -> 0.3.3"
notes = "I am the author of this crate."
[[audits.ittapi]]
who = "rahulchaphalkar <rahul.s.chaphalkar@intel.com>"
criteria = "safe-to-deploy"
delta = "0.3.4 -> 0.4.0"
[[audits.ittapi-sys]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.3.4"
[[audits.ittapi-sys]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.3.1 -> 0.3.3"
notes = "Unsafe code is due to auto-generated bindings to a widely-deployed C library."
[[audits.ittapi-sys]]
who = "rahulchaphalkar <rahul.s.chaphalkar@intel.com>"
criteria = "safe-to-deploy"
delta = "0.3.4 -> 0.4.0"
[[audits.jobserver]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.25 -> 0.1.32"
[[audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.236.0 -> 0.237.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.238.1 -> 0.239.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.239.0 -> 0.240.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.240.0 -> 0.241.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.241.2 -> 0.242.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.242.0 -> 0.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.json-from-wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.243.0 -> 0.244.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.leb128]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "0.2.5"
notes = "I am the author of this crate."
[[audits.leb128fmt]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
notes = "Well-scoped crate do doing LEB encoding with no `unsafe` code and does what it says on the tin."
[[audits.libc]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.2.133 -> 0.2.141"
notes = """
I have performed a very rough survey of the changes and didn't see anything
obviously out of place, or that looks like a silent ABI break on a platform
Wasmtime supports. I didn't check all the new struct layouts, constants,
function signatures, and so on for ABI conformance though.
This crate is maintained by the Rust project and is a dependency of the Rust
standard library itself. It contains tests that generate C source files to
ensure that the ABI it describes matches the ABI described by the C header
files in the correspond to match.
"""
[[audits.libc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.146 -> 0.2.147"
notes = "Only new type definitions and updating others for some platforms, no major changes"
[[audits.libc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.148 -> 0.2.149"
notes = "Lots of new functions and constants for new platforms and nothing out of the ordinary for what one would expect of the `libc` crate."
[[audits.libc]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.2.149 -> 0.2.151"
notes = "More new functions, types, and constants, as is usual for the `libc` crate, as well as various minor code cleanups."
[[audits.libc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.151 -> 0.2.153"
notes = "More bindings for more platforms. I have not verified that everything is exactly as-is on the platform as specified but nothing major is otherwise introduced as part of this bump."
[[audits.libc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.153 -> 0.2.158"
notes = "More platforms, more definitions, more headers, it's still just `libc`"
[[audits.libc]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.2.158 -> 0.2.161"
[[audits.libc]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.161 -> 0.2.171"
notes = """
Lots of unsafe, but that's par for the course with libc, it's all FFI type
definitions updates/adjustments/etc.
"""
[[audits.libfuzzer-sys]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-run"
delta = "0.4.3 -> 0.4.4"
notes = "I am the author of this crate."
[[audits.libfuzzer-sys]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-run"
delta = "0.4.4 -> 0.4.5"
notes = "I am the author of this crate."
[[audits.libloading]]
who = "Iceber Gu <caiwei95@hotmail.com>"
criteria = "safe-to-deploy"
delta = "0.7.3 -> 0.8.1"
[[audits.libm]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.2 -> 0.2.4"
notes = """
This diff primarily fixes a few issues with the `fma`-related functions,
but also contains some other minor fixes as well. Everything looks A-OK and
as expected.
"""
[[audits.libm]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.4 -> 0.2.7"
notes = """
This is a minor update which has some testing affordances as well as some
updated math algorithms.
"""
[[audits.libm]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.8 -> 0.2.11"
notes = "Mostly formatting-related changes, nothing major."
[[audits.libtest-mimic]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.6.1 -> 0.7.0"
notes = "Only minor changes with new flags and such, no major updates to `unsafe` or anything outside of a test framework."
[[audits.libtest-mimic]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.7.0 -> 0.8.1"
notes = "Nothing major that's new in this update, mostly just updating a few things here and there. Nothing suspicious."
[[audits.linux-raw-sys]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.1.3"
notes = "I am the author of this crate."
[[audits.linux-raw-sys]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.3.3"
notes = "I am the author of this crate."
[[audits.litemap]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.7.3 -> 0.7.4"
[[audits.log]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.20 -> 0.4.22"
notes = "Mostly updates around the key-value implementation of this crate, but nothing out of place."
[[audits.log]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.22 -> 0.4.27"
notes = "Lots of minor updates to macros and such, nothing touching `unsafe`"
[[audits.log]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.27 -> 0.4.28"
notes = "Minor doc updates and lots new tests, nothing out of the ordinary."
[[audits.mach2]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.4.1 -> 0.4.2"
notes = "It does unsafe FFI bindings, as expected. I didn't check the FFI bindings against the C headers."
[[audits.managed]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.8.0"
notes = "No unsafe code."
[[audits.matchers]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
[[audits.matchers]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.0 -> 0.2.0"
notes = "Some unsafe code, but not more than before. Nothing awry."
[[audits.memfd]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.6.1"
notes = """
Does not interact with the system in any way than otherwise instructed to.
Contains unsafe blocks but are encapsulated and required for the operation at
hand.
"""
[[audits.memfd]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.6.2"
notes = """
The only changes from 0.6.1 were from my own PR which updated memfd to newer
dependencies.
"""
[[audits.memfd]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.6.2 -> 0.6.3"
notes = "Just a dependency version bump and documentation update"
[[audits.memfd]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.6.3 -> 0.6.4"
notes = "This commit only updated the dependency `rustix`, so same as before."
[[audits.memfd]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.6.4 -> 0.6.5"
notes = "Just updating dependencies"
[[audits.memoffset]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.7.1 -> 0.8.0"
notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes."
[[audits.memoffset]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.8.0 -> 0.9.0"
notes = "No major changes in the crate, mostly updates to use new nightly Rust features."
[[audits.memory_units]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.3.0 -> 0.4.0"
notes = """
This bump only changed from a function to an associated `const` and trivially
contains no significant changes.
"""
[[audits.miniz_oxide]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.7.1"
notes = """
This crate is a Rust implementation of zlib compression/decompression and has
been used by default by the Rust standard library for quite some time. It's also
a default dependency of the popular `backtrace` crate for decompressing debug
information. This crate forbids unsafe code and does not otherwise access system
resources. It's originally a port of the `miniz.c` library as well, and given
its own longevity should be relatively hardened against some of the more common
compression-related issues.
"""
[[audits.miniz_oxide]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.5.1 -> 0.5.3"
notes = """
This looks to be a minor update to the crate to remove some `unsafe` code,
update Rust stylistic conventions, and perhaps some clippy lints. No major
changes.
"""
[[audits.miniz_oxide]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.7.1 -> 0.8.0"
notes = "Minor updates, using new Rust features like `const`, no major changes."
[[audits.miniz_oxide]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.8.0 -> 0.7.4"
notes = "Very few changes here, only minor updates here and there."
[[audits.miniz_oxide]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.8.0 -> 0.8.5"
notes = """
Lots of small updates here and there, for example around modernizing Rust
idioms. No new `unsafe` code and everything looks like what you'd expect a
compression library to be doing.
"""
[[audits.miniz_oxide]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.8.5 -> 0.8.9"
notes = "No new unsafe code, just refactorings."
[[audits.mio]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.8.6 -> 0.8.8"
notes = "Mostly OS portability updates along with some minor bugfixes."
[[audits.mio]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.0.3 -> 1.1.0"
notes = "Minor updates, refactors, Rust updates, portability, etc. Some minor `unsafe` code changes, but nothing out of the ordinary for mio."
[[audits.native-tls]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.2.11"
notes = "build is only looking for environment variables to set cfg. only two minor uses of unsafe,on macos, with ffi bindings to digest primitives and libc atexit. otherwise, this is an abstraction over three very complex systems (schannel, security-framework, and openssl) which may end up having subtle differences, but none of those are apparent from the implementation of this crate"
[[audits.native-tls]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.11 -> 0.2.14"
notes = "Minor changes, mostly around updating some dependencies, directives, etc."
[[audits.nu-ansi-term]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.46.0"
notes = "one use of unsafe to call windows specific api to get console handle."
[[audits.nu-ansi-term]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.46.0 -> 0.50.1"
notes = "Lots of stylistic/rust-related changes, plus new features, but nothing out of the ordrinary."
[[audits.nu-ansi-term]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.50.1 -> 0.50.3"
notes = "CI changes, Rust changes, nothing out of the ordinary."
[[audits.num-conv]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.0 -> 0.2.1"
notes = "Minor update, nothing major"
[[audits.num-traits]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.2.19"
notes = "As advertised: a numeric library. The only `unsafe` is from some float-to-int conversions, which seems expected."
[[audits.num_cpus]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.15.0 -> 1.16.0"
notes = "Some minor platform updates but no major change to any code."
[[audits.object]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.29.0 -> 0.30.1"
[[audits.object]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.30.1 -> 0.30.3"
notes = """
No unsafe blocks or I/O in the diff. The only changes clearly implement what
the changelog says is new in these versions.
"""
[[audits.object]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.30.3 -> 0.31.1"
notes = "A large-ish update to the crate but nothing out of the ordering. Support for new formats like xcoff, new constants, minor refactorings, etc. Nothing out of the ordinary."
[[audits.object]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.31.1 -> 0.32.0"
notes = "Various new features and refactorings as one would expect from an object parsing crate, all looks good."
[[audits.object]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.32.0 -> 0.33.0"
notes = """
No `unsafe` code in this update. Lots of changes but all
object-file-format-related, everything looks good.
"""
[[audits.object]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.36.0 -> 0.36.5"
notes = "No new unsafe code, lots of new relocations/objects support, everything looks nominal"
[[audits.object]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.36.5 -> 0.37.1"
notes = "New object file formats, new formatting, new other minor changes, no new `unsafe`."
[[audits.object]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.37.1 -> 0.37.3"
notes = "Lots of new support for new object features, no new unsafe or anything suspicious."
[[audits.object]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.37.3 -> 0.38.1"
[[audits.once_cell]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "1.16.0 -> 1.17.0"
[[audits.openssl]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.10.78 -> 0.10.79"
notes = "Fixing known holes and binding minor new APIs."
[[audits.openssl]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.10.79 -> 0.10.80"
notes = "Minor updates, no unsafe changes"
[[audits.openssl-macros]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
[[audits.openssl-probe]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.5"
notes = "IO is only checking for the existence of paths in the filesystem"
[[audits.openssl-sys]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.9.114 -> 0.9.115"
notes = "MSRV updates and other minor changes, all normal."
[[audits.openssl-sys]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.9.115 -> 0.9.116"
notes = "Minor build system updates and versions"
[[audits.openvino]]
who = "Matthew Tamayo-Rios <matthew@geekbeast.com>"
criteria = "safe-to-deploy"
version = "0.4.2"
notes = """
I am the author of most of these changes.
"""
[[audits.openvino]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.4.2 -> 0.5.0"
[[audits.openvino]]
who = "Iceber Gu <caiwei95@hotmail.com>"
criteria = "safe-to-deploy"
delta = "0.5.0 -> 0.6.0"
[[audits.openvino]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.6.0 -> 0.7.2"
[[audits.openvino]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.7.2 -> 0.8.0"
notes = "No new unsafe functionality, just brings in openvino-sys changes and other minor improvements."
[[audits.openvino]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.8.0 -> 0.9.0"
[[audits.openvino-finder]]
who = "Matthew Tamayo-Rios <matthew@geekbeast.com>"
criteria = "safe-to-deploy"
delta = "0.4.1 -> 0.4.2"
notes = """
Only updates to Cargo file for versioning.
"""
[[audits.openvino-finder]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.4.2 -> 0.5.0"
[[audits.openvino-finder]]
who = "Iceber Gu <caiwei95@hotmail.com>"
criteria = "safe-to-deploy"
delta = "0.5.0 -> 0.6.0"
[[audits.openvino-finder]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.6.0 -> 0.7.2"
[[audits.openvino-finder]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.7.2 -> 0.8.0"
notes = "No logic changes in version bump."
[[audits.openvino-finder]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.8.0 -> 0.9.0"
[[audits.openvino-sys]]
who = "Matthew Tamayo-Rios <matthew@geekbeast.com>"
criteria = "safe-to-deploy"
delta = "0.4.1 -> 0.4.2"
notes = """
Only updates to tests to use new rust functions for mut pointers.
"""
[[audits.openvino-sys]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.4.2 -> 0.5.0"
[[audits.openvino-sys]]
who = "Iceber Gu <caiwei95@hotmail.com>"
criteria = "safe-to-deploy"
delta = "0.5.0 -> 0.6.0"
[[audits.openvino-sys]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.6.0 -> 0.7.2"
[[audits.openvino-sys]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.7.2 -> 0.8.0"
notes = "This diff simply re-generates slightly newer C headers with a slightly newer version of bindgen."
[[audits.openvino-sys]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.8.0 -> 0.9.0"
[[audits.ort]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "2.0.0-rc.0"
notes = "As expected, this crate uses `unsafe` to access the `unsafe` `ort-sys` FFI functions; it also includes several `unsafe` implementations of `Send` for several structures. With the `load-dynamic` feature enabled, this crate will be `libloading` external libraries to call FFI functions. With the `fetch-models` feature enabled, this crate can also download arbitrary models to the local filesystem."
[[audits.ort]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "2.0.0-rc.0 -> 2.0.0-rc.2"
notes = "Same as previous audit: the crate inherently uses `unsafe` FFI calls for using ONNX through `ort-sys` (e.g., logging C error strings). The changes are relatively uninteresting: a lot of documentation, some `must_use`, and general refactoring due to changes in the underlying API."
[[audits.ort]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "2.0.0-rc.2 -> 2.0.0-rc.10"
notes = "A bunch of unsafe code inherent to FFI, but nothing that looks malicious."
[[audits.ort-sys]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "2.0.0-rc.0"
notes = "As expected, this crate contains a significant number of `unsafe` definitions to expose the FFI surface of the ONNX libraries. Perhaps surprisingly, it also contains some `unsafe` system calls to locate the user's home directory. Another interesting bit is the `build.rs` script: with the `download-binaries` feature enabled, this script will retrieve and link various ONNX libraries from https://parcel.pyke.io. This seems par for the course with this kind of library, though; the alternative--attempting to find the library on an arbitrary system--can be quite complex."
[[audits.ort-sys]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "2.0.0-rc.0 -> 2.0.0-rc.2"
notes = "This crate still downloads the ONNX libraries as a part of the `build.rs` script; now with more platform options for pre-built binaries stored in a `dist.txt` file. Otherwise largely unchanged since the previous audit."
[[audits.ort-sys]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "2.0.0-rc.2 -> 2.0.0-rc.10"
notes = "Large build.rs script that downloads a binary distribution, so inherently somewhat dangerous; but it appears that the URLs are from the distributor of this library (`ort` at `pyke.io`). The file contents are verified by hash, so could not be swapped out later without a version bump."
[[audits.overload]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.1"
notes = "small crate, only defines macro-rules!, nicely documented as well"
[[audits.parking]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "2.2.1"
notes = "forbid-unsafe crate with straightforward imports."
[[audits.pastey]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.2.1"
notes = "No unsafe code."
[[audits.peeking_take_while]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
version = "1.0.0"
notes = "I am the author of this crate."
[[audits.pem-rfc7468]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.7.0"
notes = "Only `unsafe` around a `from_utf8_unchecked`, and no IO."
[[audits.percent-encoding]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "2.2.0"
notes = """
This crate is a single-file crate that does what it says on the tin. There are
a few `unsafe` blocks related to utf-8 validation which are locally verifiable
as correct and otherwise this crate is good to go.
"""
[[audits.pin-project-lite]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.13 -> 0.2.14"
notes = "No substantive changes in this update"
[[audits.pin-utils]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
[[audits.pkg-config]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.25"
notes = "This crate shells out to the pkg-config executable, but it appears to sanitize inputs reasonably."
[[audits.pkg-config]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.3.26 -> 0.3.29"
notes = """
No `unsafe` additions or anything outside of the purview of the crate in this
change.
"""
[[audits.pkg-config]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.3.29 -> 0.3.32"
[[audits.postcard]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.8"
notes = """
I've audited the unsafe code to do what it looks like it's doing. Otherwise the
crate is a standard serializer/deserializer crate.
"""
[[audits.postcard]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.0.8 -> 1.1.3"
notes = "Substantial updates, but nothing out of the ordinary one would expect from a serialization crate. Minor `unsafe` updates, but nothing major from what was already there."
[[audits.pretty_env_logger]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.0 -> 0.5.0"
notes = "This is a minor update which bumps the `env_logger` dependency and has other formatting, no major changes."
[[audits.proc-macro-error]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "1.0.4"
[[audits.proc-macro2]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.0.51 -> 1.0.57"
[[audits.proc-macro2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.0.59 -> 1.0.63"
notes = """
This is a routine update for new nightly features and new syntax popping up on
nightly, nothing out of the ordinary.
"""
[[audits.pulldown-cmark]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.8.0"
notes = """
This crate has `unsafe` blocks and they're all related to SIMD-acceleration and
are otherwise not doing other `unsafe` operations. Additionally the crate does
not do anything other than markdown rendering as is expected.
"""
[[audits.pulldown-cmark]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.8.0 -> 0.9.3"
notes = """
This is a large change to the `pulldown-cmark` crate but it tightens
restrictions on `unsafe` code to forbid it in non-SIMD mode and additionally
many changes look to be related to refactoring, improving, and restructuring.
This crate is not fundamentally different from before, which was trusted, but
looks to be receiving new assistance for maintainership as well.
"""
[[audits.quote]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.0.23 -> 1.0.27"
[[audits.rand]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.9.2 -> 0.9.4"
notes = "Minor bugfix release"
[[audits.rand]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.10.0 -> 0.10.1"
notes = "Minor logging-based updated fixing a recent advisory for the crate."
[[audits.rand_xorshift]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.3.0 -> 0.4.0"
notes = "Minor updates for a new `rand` crate version, nothing awry."
[[audits.raw-cpuid]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "11.5.0"
notes = """
Very little `unsafe` usage, what is there is well-documented. Otherwise it's a
big library but that's more Intel's fault than anyone else's.
"""
[[audits.regalloc2]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.3.1 -> 0.3.2"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.regalloc2]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.3.2 -> 0.4.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.regalloc2]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.4.0 -> 0.4.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.regalloc2]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.4.1 -> 0.4.2"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.regalloc2]]
who = "Trevor Elliott <telliott@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.4.2 -> 0.5.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.regalloc2]]
who = "Trevor Elliott <telliott@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.5.0 -> 0.5.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.regalloc2]]
who = "Trevor Elliott <telliott@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.5.1 -> 0.6.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.regalloc2]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.6.0 -> 0.6.1"
notes = "Bytecode Alliance is the author of this crate."
[[audits.regalloc2]]
who = "Trevor Elliott <telliott@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.6.1 -> 0.7.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.region]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "2.2.0 -> 3.0.2"
notes = """
This release brings a number of refactorings and new platforms to be supported
in the crate. Lots of `unsafe` code because that's what the crate is
fundamentally doing, managing virtual memory. That being said it's all largely
the same as before where it's all as expected and the `unsafe` has to do with
managing OS APIs.
"""
[[audits.rustc-demangle]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.21"
notes = "I am the author of this crate."
[[audits.rustc-demangle]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.21 -> 0.1.24"
[[audits.rustc-hash]]
who = "Trevor Elliott <telliott@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.1.0 -> 2.0.0"
notes = "Chris Fallin reviewed this update with me, and we didn't find anything surprising. We did verify that the new constants did originate in the paper referenced."
[[audits.rustix]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.36.4"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.rustix]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.36.7"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.rustix]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.37.13"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.rustix]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.36.7 -> 0.36.8"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.rustix]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.38.34 -> 0.38.37"
[[audits.rustix]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.38.34 -> 0.38.39"
[[audits.rustix]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.38.37 -> 0.38.38"
[[audits.rustix]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.38.39 -> 0.38.43"
[[audits.rustix-linux-procfs]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.1.1"
[[audits.rustls]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.21.0"
notes = "no unsafe code, ambient capabilities only used in tests"
[[audits.rustls]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.21.0 -> 0.21.6"
[[audits.rustls]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.22.4 -> 0.23.7"
notes = "No new unsafe code."
[[audits.rustls-pki-types]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "1.3.1 -> 1.13.1"
[[audits.rustls-webpki]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.100.1"
[[audits.rustls-webpki]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.100.1 -> 0.101.4"
[[audits.rustls-webpki]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.103.10 -> 0.103.12"
notes = "Minor updates to address recent vulnerabilities, nothing awry."
[[audits.rustls-webpki]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.103.12 -> 0.103.13"
notes = "Minor fixes for the bug being fixed in this release, nothing awry."
[[audits.safetensors]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.3.3"
notes = "No unsafe, just a serialization library for tensors."
[[audits.schannel]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.27 -> 0.1.28"
notes = "Rust/CI/dependency updates, nothing out of the ordinary."
[[audits.sct]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.7.0"
notes = "no unsafe, no build, no ambient capabilities"
[[audits.semver]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "1.0.17"
notes = "plenty of unsafe pointer and vec tricks, but in well-structured and commented code that appears to be correct"
[[audits.sha1]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "0.10.5 -> 0.10.6"
notes = "Only new code is some loongarch64 additions which include assembly code for that platform."
[[audits.sha1_smol]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.1"
[[audits.sha2]]
who = "Benjamin Bouvier <public@benj.me>"
criteria = "safe-to-deploy"
delta = "0.9.9 -> 0.10.2"
notes = "This upgrade is mostly a code refactor, as far as I can tell. No new uses of unsafe nor any new ambient capabilities usage."
[[audits.sharded-slab]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.4"
notes = "I always really enjoy reading eliza's code, she left perfect comments at every use of unsafe."
[[audits.shlex]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = "Only minor `unsafe` code blocks which look valid and otherwise does what it says on the tin."
[[audits.signal-hook-registry]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "1.4.1"
[[audits.sized-chunks]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.6.5 -> 0.7.0"
[[audits.slab]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.4.6"
notes = "provides a datastructure implemented using std's Vec. all uses of unsafe are just delegating to the underlying unsafe Vec methods."
[[audits.slice-group-by]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.3.0 -> 0.3.1"
notes = """
This update runs `rustfmt` for the first time in awhile and additionally fixes a
few minor issues related to Stacked Borrows and running in MIRI. No fundamental
change to any preexisting unsafe code is happening here.
"""
[[audits.smallvec]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "1.8.0 -> 1.11.0"
notes = """
The main change is the switch to use `NonNull<T>` internally instead of
`*mut T`. This seems reasonable, as `Vec` also never stores a null pointer,
and in particular the new `NonNull::new_unchecked`s look ok.
Most of the rest of the changes are adding some new unstable features which
aren't enabled by default.
"""
[[audits.smallvec]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.11.0 -> 1.13.2"
notes = "Mostly minor updates, the one semi-substantial update looks good."
[[audits.smallvec]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.13.2 -> 1.14.0"
notes = "Minor new feature, nothing out of the ordinary."
[[audits.smallvec]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "1.15.1 -> 2.0.0-alpha.10"
notes = "Nothing obviously malicious in the (large) diff. There is a lot of unsafe code, as expected for an optimized core data structure library; I didn't internalize all the invariants or review the code in detail for correctness line-by-line. The library is widely used in the ecosystem and well-tested/fuzzed so I trust that basic data structure invariant violations will be found."
[[audits.socket2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.7 -> 0.4.9"
notes = "Minor OS compat updates but otherwise nothing major here."
[[audits.socket2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.9 -> 0.4.4"
[[audits.socket2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.5.7 -> 0.6.0"
notes = "Lots of cfg changes and such but nothing out of the ordinary."
[[audits.socket2]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.6.0 -> 0.6.1"
notes = "Minor new changes and windows updates, all looks reasonable."
[[audits.socks]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.3.4"
notes = "SOCKS protocol library with `unsafe` only inside a custom readv/writev wrapper, and no IO aside from network IO to the specified endpoint. Unit tests ping Google on the Internet to test functionality."
[[audits.spin]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.9.4"
notes = """
I've verified the contents of this crate and that while they contain `unsafe`
it's exclusively around implementing atomic primitive where some `unsafe` is to
be expected. Otherwise this crate does not unduly access ambient capabilities
and does what it says on the tin, providing spin-based synchronization
primitives.
"""
[[audits.spin]]
who = "Pat Hickey <pat@moreproductive.org>"
criteria = "safe-to-deploy"
delta = "0.9.4 -> 0.9.8"
[[audits.sptr]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.3.2"
notes = """
This crate is 90% documentation and does contain a good deal of `unsafe` code,
but it's all doing what it says on the tin: being a stable polyfill for strict
provenance APIs in the standard library while they're on Nightly.
"""
[[audits.static_assertions]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "1.1.0"
notes = "No dependencies and completely a compile-time crate as advertised. Uses `unsafe` in one module as a compile-time check only: `mem::transmute` and `ptr::write` are wrapped in an impossible-to-run closure."
[[audits.strsim]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.10.0 -> 0.8.0"
[[audits.structopt]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.3.26"
[[audits.structopt-derive]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.4.18"
[[audits.syn]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "1.0.92 -> 2.0.16"
[[audits.system-interface]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.23.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.system-interface]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.25.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.system-interface]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.25.0 -> 0.25.4"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.system-interface]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.25.4 -> 0.25.6"
notes = "Just a dependency version bump"
[[audits.system-interface]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.25.6 -> 0.25.7"
notes = "This is a minor bug-fix update."
[[audits.tar]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.45 -> 0.4.46"
notes = "Nothing awry, no changes to unsafe or such."
[[audits.tch]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.17.0"
notes = "Since this uses the generated functions from torch-sys, it has many (~3k) instances of unsafe; this is expected."
[[audits.tempfile]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "3.3.0 -> 3.5.0"
[[audits.tempfile]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "3.5.0 -> 3.6.0"
notes = "Dependency updates and new optimized trait implementations, but otherwise everything looks normal."
[[audits.tempfile]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "3.16.0 -> 3.19.1"
notes = "Idiom and platform updates, but nothing major and nothing out of line."
[[audits.tempfile]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "3.20.0 -> 3.21.0"
notes = "Only minor manifest/CI changes."
[[audits.tempfile]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "3.21.0 -> 3.23.0"
notes = "Doc/test/platform updates, nothing out of the ordinary."
[[audits.terminal_size]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.17 -> 0.2.6"
notes = "Minor updates around using some utilities from the standard library, nothing major."
[[audits.terminal_size]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.2.6 -> 0.3.0"
notes = "Minor updates here, nothing major."
[[audits.terminal_size]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.3.0 -> 0.4.2"
notes = "Doc/etc updates, along with some Rust updates for new types in libstd, nothing out of line"
[[audits.terminal_size]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.2 -> 0.4.3"
notes = "Just a dependency bump"
[[audits.terminal_size]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.4.3 -> 0.4.4"
notes = "Minor dependency updates"
[[audits.test-log]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.2.11"
[[audits.test-log]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.2.11 -> 0.2.16"
notes = "Crate implementation was moved to a `*-macros` crate, crate is very small as a result."
[[audits.test-log]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.2.16 -> 0.2.18"
notes = "Minor updates, nothing changing unsafe"
[[audits.test-log-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.2.16"
notes = "Simple procedural macro copied from its previous source."
[[audits.test-log-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.2.16 -> 0.2.18"
notes = "Standard macro changes, nothing out of place"
[[audits.textwrap]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.11.0"
notes = "No unsafe code."
[[audits.thread_local]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "1.1.4"
notes = "uses unsafe to implement thread local storage of objects"
[[audits.tinyvec]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.6.0"
notes = """
This crate, while it implements collections, does so without `std::*` APIs and
without `unsafe`. Skimming the crate everything looks reasonable and what one
would expect from idiomatic safe collections in Rust.
"""
[[audits.tinyvec_macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
notes = """
This is a trivial crate which only contains a singular macro definition which is
intended to multiplex across the internal representation of a tinyvec,
presumably. This trivially doesn't contain anything bad.
"""
[[audits.tokio]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.18.1 -> 1.18.4"
notes = """
This looks to be a minor release primarily to fix a security-related Windows
issue plus some reorganization around lazy initialization. Altogether nothing
amiss here.
"""
[[audits.tokio-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.7.0 -> 2.1.0"
notes = "A number of updates to parsed syntax and such but nothing unexpected and entirely what one would expect a Rust procedural macro to do."
[[audits.tokio-macros]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "2.5.0 -> 2.6.0"
notes = "Rust-related changes as well as minor new features, all reasonable."
[[audits.tokio-native-tls]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.1"
notes = "unsafety is used for smuggling std::task::Context as a raw pointer. Lifetime and type safety appears to be taken care of correctly."
[[audits.tokio-openssl]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.6.5"
notes = "Minor usage of `unsafe` but not obviously incorrect or problematic. Does not use any undue ambient state or anything like that, does what it says on the tin."
[[audits.tokio-rustls]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.24.0"
notes = "no unsafe, no build, no ambient capabilities"
[[audits.tokio-util]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.7.4"
notes = "Alex Crichton audited the safety of src/sync/reusable_box.rs, I audited the remainder of the crate."
[[audits.topological-sort]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.0 -> 0.2.2"
notes = """
No major changes, mostly CI changes in this update. A new `Default` impl
and a new test.
"""
[[audits.torch-sys]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.17.0"
notes = "Intrinsically unsafe since it wraps the FFI to the libtorch library; it also has a complex `build.rs` to download and link the binaries for the system. This crate seems to be the accepted solution for interfacing with PyTorch from Rust (1m+ crate downloads all time)."
[[audits.tracing]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.34 -> 0.1.37"
notes = """
A routine set of updates for the tracing crate this includes minor refactorings,
addition of benchmarks, some test updates, but overall nothing out of the
ordinary.
"""
[[audits.tracing-attributes]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.21 -> 0.1.26"
notes = "This range notably updated `syn` to 2.x.x and otherwise adds a few features here and there but nothing out of the ordering for a procedural macro."
[[audits.tracing-attributes]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.28 -> 0.1.30"
notes = "Few code changes, a pretty minor update."
[[audits.tracing-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.28 -> 0.1.31"
notes = """
This is a relatively minor set of releases with minor refactorings and bug
fixes. Nothing fundamental was added in these changes.
"""
[[audits.tracing-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.33 -> 0.1.34"
notes = "Mostly just an update with Rust stylistic conventions changing. Nothing awry."
[[audits.tracing-log]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.3"
notes = """
This is a standard adapter between the `log` ecosystem and the `tracing`
ecosystem. There's one `unsafe` block in this crate and it's well-scoped.
"""
[[audits.tracing-log]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.3 -> 0.2.0"
notes = "Nothing out of the ordinary, a typical major version update and nothing awry."
[[audits.tracing-subscriber]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.17"
[[audits.tracing-subscriber]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.3.11 -> 0.3.17"
notes = """
Largely documentation changes in this update but there was additionally a crop
of other miscellaneous updates to APIs all covered in the changelog without,
business as usual for minor updates in this crate.
"""
[[audits.try-lock]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.2.4"
notes = "Implements a concurrency primitive with atomics, and is not obviously incorrect"
[[audits.unarray]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.4"
notes = """
Crate is sound, albeit leaky, and not actively malicious. Probably not the best
crate to use in practice but it's suitable for testing dependencies.
"""
[[audits.unicase]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "2.6.0"
notes = """
This crate contains no `unsafe` code and no unnecessary use of the standard
library.
"""
[[audits.unicode-bidi]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.3.8"
notes = """
This crate has no unsafe code and does not use `std::*`. Skimming the crate it
does not attempt to out of the bounds of what it's already supposed to be doing.
"""
[[audits.unicode-ident]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "1.0.8"
[[audits.unicode-normalization]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.19"
notes = """
This crate contains one usage of `unsafe` which I have manually checked to see
it as correct. This crate's size comes in large part due to the generated
unicode tables that it contains. This crate is additionally widely used
throughout the ecosystem and skimming the crate shows no usage of `std::*` APIs
and nothing suspicious.
"""
[[audits.unicode-width]]
who = "Pat Hickey <pat@moreproductive.org>"
criteria = "safe-to-deploy"
delta = "0.1.12 -> 0.2.0"
notes = "large changes to an auto-generated table file, which contains no unsafe code. code generator is checked-in and looks sensible."
[[audits.ureq]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "2.9.1"
notes = "As advertised, the crate is a blocking HTTP client library; it uses no `unsafe`. Security-conscious users might want to audit its dependencies for crypto-related functionality (e.g., TLS)."
[[audits.ureq]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "2.9.6 -> 2.10.0"
notes = "No `unsafe` changes; this audit observed mainly license and documentation changes."
[[audits.ureq]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "2.10.0 -> 3.1.4"
notes = "Network protocol library with no unsafe code."
[[audits.ureq-proto]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.5.3"
notes = "Network protocol library with no unsafe code."
[[audits.url]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "2.3.1"
notes = """
This crate contains no `unsafe` code and otherwise doesn't use any functionality
it's not supposed to from `std` or such. This crate is the defacto standard for
URL parsing in the Rust community with widespread usage to battle-test, harden,
and suss out bugs. I've historically reviewed this crate in the past and it
is similar to what it once was back then. Skimming over the crate there is
nothing suspicious and it's everything you'd expect a Rust URL parser to be.
"""
[[audits.utf-8]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.7.6"
notes = "Small library that uses `unsafe` only around `str::from_utf8_unchecked` after explicitly verifying UTF-8."
[[audits.vcpkg]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.2.15"
notes = "no build.rs, no macros, no unsafe. It reads the filesystem and makes copies of DLLs into OUT_DIR."
[[audits.waker-fn]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "1.2.0"
notes = "Trivial crate with no unsafe code or use of any unsafe or risky APIs."
[[audits.walkdir]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "2.3.2 -> 2.3.3"
notes = "No significant changes: minor refactoring and removes the need to use `winapi`."
[[audits.want]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.0"
[[audits.wasi-nn]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.6.0"
notes = "This crate contains `unsafe` code due to its purpose: it wraps up `witx-bindgen`-generated code that calls the raw wasi-nn API."
[[audits.wasm-bindgen-shared]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.2.83 -> 0.2.80"
[[audits.wasm-compose]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-run"
version = "0.235.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.236.0 -> 0.237.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-compose]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.236.0 -> 0.238.1"
notes = "Don't know why I have to do this certification even though we have a wildcard audit for this crate because it is authored by the Bytecode Alliance..."
[[audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.238.1 -> 0.239.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.239.0 -> 0.240.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.240.0 -> 0.241.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.241.2 -> 0.242.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.242.0 -> 0.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-compose]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.243.0 -> 0.244.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-coredump-builder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.10"
notes = """
This is a small crate which doesn't deviate outside of its intended purpose and
additionally contains no `unsafe` code.
"""
[[audits.wasm-coredump-builder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.10 -> 0.1.11"
notes = "This is a minor update which only adds a small bit of functionality."
[[audits.wasm-coredump-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.10"
notes = """
This small crate contains no `unsafe` code and does no more than what it says on
the tin.
"""
[[audits.wasm-coredump-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.10 -> 0.1.11"
notes = """
This is a small update which accounts for a function offset in frames and
doesn't add in too much extra.
"""
[[audits.wasm-coredump-types]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.1.10"
notes = """
This small crate contains no `unsafe` code and only contains type definitions
used for wasm core dumps and trivially stays within its bounds.
"""
[[audits.wasm-coredump-types]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.1.10 -> 0.1.11"
notes = "This is quite a small update which only adds a small bit of offset-related functionality."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.14.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.15.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.16.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.17.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.18.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.19.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.20.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.21.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.22.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.23.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.25.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.19.0 -> 0.19.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.236.0 -> 0.237.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.238.1 -> 0.239.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.239.0 -> 0.240.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.240.0 -> 0.241.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.241.2 -> 0.242.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.242.0 -> 0.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-encoder]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.243.0 -> 0.244.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.236.0 -> 0.237.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.238.1 -> 0.239.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.239.0 -> 0.240.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.240.0 -> 0.241.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.241.2 -> 0.242.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.242.0 -> 0.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-metadata]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.243.0 -> 0.244.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.5"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.6"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.7"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.8"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.9"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.2.10"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.2.11"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.2.12"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.2.13"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.2.14"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.2.16"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.2.18"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-mutate]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.2.21"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.11.2"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.11.3"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.11.4"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.11.5"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.11.6"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.11.7"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.11.8"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.11.9"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.11.10"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.11.11"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.12.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.12.2"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-smith]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.12.5"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.236.0 -> 0.237.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.238.1 -> 0.239.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.239.0 -> 0.240.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.240.0 -> 0.241.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.241.2 -> 0.242.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.242.0 -> 0.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasm-wave]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.243.0 -> 0.244.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmi]]
who = "Robin Freyler <robin.freyler@gmail.com>"
criteria = "safe-to-run"
version = "0.20.0"
notes = """
I am the author of this crate. It contains unsafe Rust code.
However, the crate does not read or write data from any parts of the filesystem,
it does not install software upon compilation e.g. via build scripts,
it does not connect to network endpoints and does not misuse system resources.
If any of the above happens it is either by the user explicitly telling the
crate to do so (it is an interpreter) or due to a bug or other unintended
behavior.
"""
[[audits.wasmi_arena]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.1.0"
notes = """
This crate contains no `unsafe` code and doesn't reach in unnecessarily to the
standard library or anything like that. This only contains a few data structures
used by `wasmi` and various idiomatic Rust trait implementations.
"""
[[audits.wasmi_core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.4.0"
notes = """
This crate contains no `unsafe` code and otherwise is only the bits and bobs for
the internals of a wasm implementation. Reading over this crate there is no
unexpected usage of the filesystem or things like that and otherwise is mostly
plumbing for all the integer operations in core wasm.
"""
[[audits.wasmi_core]]
who = "Robin Freyler <robin.freyler@gmail.com>"
criteria = "safe-to-run"
version = "0.5.0"
notes = "See notes for version 0.4.0"
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.87.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.88.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.89.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.89.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.91.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.92.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.93.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.94.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.95.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.96.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.97.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.99.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.100.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.102.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.236.0 -> 0.237.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.238.1 -> 0.239.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.239.0 -> 0.240.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.240.0 -> 0.241.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.241.2 -> 0.242.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.242.0 -> 0.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmparser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.243.0 -> 0.244.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmparser-nostd]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
version = "0.91.0"
notes = """
I have certified that this crate is a one-to-one fork of `wasmparser` with
updates exclusively for the usage on targets without the standard library.
This crate is otherwise primarily authored by the Bytecode Alliance and
otherwise certified.
"""
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.37"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.38"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.39"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.40"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.41"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.42"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.43"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.44"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.45"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.46"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.49"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.50"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.2.53"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.236.0 -> 0.237.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.238.1 -> 0.239.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.239.0 -> 0.240.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.240.0 -> 0.241.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.241.2 -> 0.242.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.242.0 -> 0.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmprinter]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.243.0 -> 0.244.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wasmtime-internal-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.0.0"
notes = "Empty crate"
[[audits.wasmtime-wasi-tls-openssl]]
who = "Dave Bakker <github@davebakker.io>"
criteria = "safe-to-deploy"
version = "0.0.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "35.0.2"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "44.0.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "45.0.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "46.0.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "47.0.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "47.0.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "48.0.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "49.0.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "50.0.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "51.0.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "52.0.2"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "53.0.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "55.0.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "236.0.0 -> 237.0.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "237.0.0 -> 238.0.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "237.0.0 -> 238.0.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "238.0.1 -> 239.0.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "239.0.0 -> 240.0.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "240.0.0 -> 241.0.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "241.0.2 -> 242.0.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "242.0.0 -> 243.0.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wast]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "243.0.0 -> 244.0.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.46"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.47"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.48"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.50"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.51"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.52"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.53"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.56"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.58"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "1.0.61"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.0.48 -> 1.0.49"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.236.0 -> 1.237.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.237.0 -> 1.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "1.237.0 -> 1.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.238.1 -> 1.239.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.239.0 -> 1.240.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.240.0 -> 1.241.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.241.2 -> 1.242.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.242.0 -> 1.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.242.2 -> 1.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wat]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.243.0 -> 1.244.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.webpki-root-certs]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "1.0.4"
notes = "Purely a data crate."
[[audits.webpki-roots]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.22.4 -> 0.23.0"
[[audits.webpki-roots]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.23.0 -> 0.25.2"
[[audits.which]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "4.4.0 -> 5.0.0"
notes = "Only one `unsafe` block, it's what a `which` crate is expected to be."
[[audits.windows-implement]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "0.52.0"
notes = "Procedural macros for accessing COM interfaces; necessarily `unsafe` but safety rationale is clearly documented."
[[audits.winx]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
version = "0.34.0"
notes = "I am the author of this crate."
[[audits.winx]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.34.0 -> 0.35.0"
notes = "Dan Gohman, a Bytecode Alliance core contributor, is the author of this crate."
[[audits.winx]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.35.0 -> 0.35.1"
notes = "Just a dependency version bump"
[[audits.wit-bindgen]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-run"
version = "0.37.0"
[[audits.wit-bindgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.43.0 -> 0.45.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.45.0 -> 0.45.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.45.1 -> 0.46.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.46.0 -> 0.48.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.48.0 -> 0.49.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.49.0 -> 0.50.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-core]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-run"
version = "0.37.0"
[[audits.wit-bindgen-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.43.0 -> 0.45.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.45.0 -> 0.45.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.45.1 -> 0.46.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.46.0 -> 0.48.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-core]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.48.0 -> 0.49.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-core]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.49.0 -> 0.50.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rt]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-run"
version = "0.37.0"
[[audits.wit-bindgen-rust]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-run"
version = "0.37.0"
[[audits.wit-bindgen-rust]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.43.0 -> 0.45.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.45.0 -> 0.45.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.45.1 -> 0.46.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.46.0 -> 0.48.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.48.0 -> 0.49.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.49.0 -> 0.50.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust-macro]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-run"
version = "0.37.0"
[[audits.wit-bindgen-rust-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.43.0 -> 0.45.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.45.0 -> 0.45.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.45.1 -> 0.46.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.46.0 -> 0.48.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust-macro]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.48.0 -> 0.49.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-bindgen-rust-macro]]
who = "Joel Dice <joel.dice@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.49.0 -> 0.50.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.236.0 -> 0.237.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.238.1 -> 0.239.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.239.0 -> 0.240.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.240.0 -> 0.241.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.241.2 -> 0.242.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.242.0 -> 0.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-component]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.243.0 -> 0.244.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.3.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.3.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.4.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.4.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.5.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.6.0"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.6.1"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.6.4"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.236.0 -> 0.237.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-run"
delta = "0.237.0 -> 0.238.1"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.238.1 -> 0.239.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.239.0 -> 0.240.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.240.0 -> 0.241.2"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.241.2 -> 0.242.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.242.0 -> 0.243.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wit-parser]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.243.0 -> 0.244.0"
notes = "The Bytecode Alliance is the author of this crate"
[[audits.wstd]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.6.6"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.wstd-macro]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
version = "0.6.6"
notes = "The Bytecode Alliance is the author of this crate."
[[audits.xattr]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
version = "1.2.0"
notes = "This crate contains `unsafe` calls to libc `extattr_*` functions as one would expect from the crate's purpose."
[[audits.xattr]]
who = "Andrew Brown <andrew.brown@intel.com>"
criteria = "safe-to-deploy"
delta = "1.2.0 -> 1.3.1"
notes = "Minor changes to MacOS-specific code."
[[audits.xattr]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.3.1 -> 1.6.1"
notes = "Refactorings and minor updates, nothing out of place."
[[audits.yoke]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.7.4 -> 0.7.5"
notes = "Good safety comments."
[[audits.yoke-derive]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.7.4 -> 0.7.5"
[[audits.zerofrom]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.1.4 -> 0.1.5"
[[audits.zerofrom-derive]]
who = "Nick Fitzgerald <fitzgen@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.1.3 -> 0.1.5"
[[audits.zeroize]]
who = "Pat Hickey <p.hickey@f5.com>"
criteria = "safe-to-deploy"
delta = "1.8.1 -> 1.8.2"
[[audits.zstd]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.11.1+zstd.1.5.2 -> 0.13.0"
notes = """
No major updates to the crate here. Small updates to `unsafe` code which are
refactorings of what was there prior.
"""
[[audits.zstd-safe]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "5.0.1+zstd.1.5.2 -> 7.0.0"
notes = """
Lots of new comments around methods and refactorings for updates in zstd itself.
Does contain new unsafe code, notably an implementation of an internal trait for
the standard library `io::Cursor` type.
"""
[[trusted.aho-corasick]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2019-03-28"
end = "2024-07-15"
[[trusted.anstream]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2023-03-16"
end = "2026-10-08"
[[trusted.anstyle]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2022-05-18"
end = "2026-10-08"
[[trusted.anstyle-parse]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2023-03-08"
end = "2026-10-08"
[[trusted.anstyle-query]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2023-04-13"
end = "2026-04-16"
[[trusted.anstyle-wincon]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2023-03-08"
end = "2026-11-17"
[[trusted.anyhow]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-10-05"
end = "2027-04-17"
[[trusted.async-trait]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-07-23"
end = "2026-10-10"
[[trusted.backtrace]]
criteria = "safe-to-deploy"
user-id = 539 # Josh Stone (cuviper)
start = "2024-03-21"
end = "2025-09-20"
[[trusted.backtrace]]
criteria = "safe-to-deploy"
user-id = 2915 # Amanieu d'Antras (Amanieu)
start = "2023-06-29"
end = "2024-07-14"
[[trusted.backtrace]]
criteria = "safe-to-deploy"
user-id = 55123 # rust-lang-owner
start = "2025-05-06"
end = "2026-07-08"
[[trusted.bstr]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2019-04-02"
end = "2024-07-15"
[[trusted.byteorder]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2019-06-09"
end = "2024-07-15"
[[trusted.bytes]]
criteria = "safe-to-deploy"
user-id = 359 # Sean McArthur (seanmonstar)
start = "2019-11-27"
end = "2026-10-10"
[[trusted.bytes]]
criteria = "safe-to-deploy"
user-id = 6741 # Alice Ryhl (Darksonn)
start = "2021-01-11"
end = "2027-02-14"
[[trusted.bzip2]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-07-06"
end = "2025-12-05"
[[trusted.bzip2-sys]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-02-24"
end = "2025-12-05"
[[trusted.cap-fs-ext]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2020-12-11"
end = "2024-07-14"
[[trusted.cap-net-ext]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2020-12-11"
end = "2024-07-14"
[[trusted.cap-primitives]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2020-08-07"
end = "2024-07-14"
[[trusted.cap-rand]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2020-09-24"
end = "2024-07-14"
[[trusted.cap-std]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2020-06-25"
end = "2024-07-14"
[[trusted.cap-tempfile]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2020-08-07"
end = "2024-07-14"
[[trusted.cap-time-ext]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2020-09-21"
end = "2024-07-14"
[[trusted.cc]]
criteria = "safe-to-deploy"
user-id = 2915 # Amanieu d'Antras (Amanieu)
start = "2024-02-20"
end = "2026-04-16"
[[trusted.clap]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2021-12-08"
end = "2025-09-20"
[[trusted.clap_builder]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2023-03-28"
end = "2025-09-20"
[[trusted.clap_complete]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2021-12-31"
end = "2025-09-25"
[[trusted.clap_derive]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2021-12-08"
end = "2025-09-20"
[[trusted.clap_lex]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2022-04-15"
end = "2025-09-20"
[[trusted.colorchoice]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2023-04-13"
end = "2026-10-08"
[[trusted.cpp_demangle]]
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2019-07-30"
end = "2025-02-12"
[[trusted.cranelift-bitset]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-07-22"
end = "2025-07-30"
[[trusted.dlmalloc]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-05-19"
end = "2025-02-23"
[[trusted.env_filter]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2024-01-19"
end = "2025-09-20"
[[trusted.env_logger]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2022-11-24"
end = "2025-09-20"
[[trusted.equivalent]]
criteria = "safe-to-deploy"
user-id = 539 # Josh Stone (cuviper)
start = "2023-02-05"
end = "2024-07-11"
[[trusted.errno]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2023-08-29"
end = "2026-10-08"
[[trusted.fd-lock]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2022-01-21"
end = "2026-10-10"
[[trusted.filecheck]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2020-03-17"
end = "2024-07-14"
[[trusted.filetime]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-04-23"
end = "2025-02-15"
[[trusted.find-msvc-tools]]
criteria = "safe-to-deploy"
user-id = 539 # Josh Stone (cuviper)
start = "2025-08-29"
end = "2026-10-10"
[[trusted.flate2]]
criteria = "safe-to-deploy"
user-id = 4333 # Josh Triplett (joshtriplett)
start = "2020-09-30"
end = "2025-02-15"
[[trusted.fs-set-times]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2020-09-15"
end = "2026-10-10"
[[trusted.gimli]]
criteria = "safe-to-deploy"
user-id = 4415 # Philip Craig (philipc)
start = "2019-04-25"
end = "2027-01-24"
[[trusted.h2]]
criteria = "safe-to-deploy"
user-id = 359 # Sean McArthur (seanmonstar)
start = "2019-03-13"
end = "2026-10-10"
[[trusted.hashbrown]]
criteria = "safe-to-deploy"
user-id = 2915 # Amanieu d'Antras (Amanieu)
start = "2019-04-02"
end = "2025-12-02"
[[trusted.hashbrown]]
criteria = "safe-to-deploy"
user-id = 55123 # rust-lang-owner
start = "2025-04-30"
end = "2027-01-24"
[[trusted.http]]
criteria = "safe-to-deploy"
user-id = 359 # Sean McArthur (seanmonstar)
start = "2019-04-05"
end = "2026-10-10"
[[trusted.http-body]]
criteria = "safe-to-deploy"
user-id = 359 # Sean McArthur (seanmonstar)
start = "2019-10-01"
end = "2026-10-10"
[[trusted.http-body-util]]
criteria = "safe-to-deploy"
user-id = 359 # Sean McArthur (seanmonstar)
start = "2022-10-25"
end = "2026-10-10"
[[trusted.httparse]]
criteria = "safe-to-deploy"
user-id = 359 # Sean McArthur (seanmonstar)
start = "2019-07-03"
end = "2026-10-10"
[[trusted.hyper]]
criteria = "safe-to-deploy"
user-id = 359 # Sean McArthur (seanmonstar)
start = "2019-03-01"
end = "2026-10-10"
[[trusted.id-arena]]
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2026-01-14"
end = "2027-02-11"
[[trusted.indexmap]]
criteria = "safe-to-deploy"
user-id = 539 # Josh Stone (cuviper)
start = "2020-01-15"
end = "2027-04-14"
[[trusted.io-extras]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2021-11-09"
end = "2026-11-17"
[[trusted.io-lifetimes]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2021-06-12"
end = "2024-07-14"
[[trusted.is-terminal]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2022-01-22"
end = "2026-10-10"
[[trusted.is_terminal_polyfill]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2024-05-02"
end = "2025-09-20"
[[trusted.itoa]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-05-02"
end = "2024-07-06"
[[trusted.jiff]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2024-02-17"
end = "2026-10-10"
[[trusted.jiff-static]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2025-03-06"
end = "2026-10-10"
[[trusted.jobserver]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-03-15"
end = "2025-12-05"
[[trusted.js-sys]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-03-04"
end = "2025-12-05"
[[trusted.libc]]
criteria = "safe-to-deploy"
user-id = 2915 # Amanieu d'Antras (Amanieu)
start = "2021-01-27"
end = "2024-07-06"
[[trusted.libc]]
criteria = "safe-to-deploy"
user-id = 55123 # rust-lang-owner
start = "2024-08-15"
end = "2026-10-10"
[[trusted.libm]]
criteria = "safe-to-deploy"
user-id = 2915 # Amanieu d'Antras (Amanieu)
start = "2022-02-06"
end = "2024-07-06"
[[trusted.libm]]
criteria = "safe-to-deploy"
user-id = 55123 # rust-lang-owner
start = "2024-10-26"
end = "2026-10-10"
[[trusted.linux-raw-sys]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2021-06-12"
end = "2026-03-19"
[[trusted.lock_api]]
criteria = "safe-to-deploy"
user-id = 2915 # Amanieu d'Antras (Amanieu)
start = "2019-05-04"
end = "2024-07-06"
[[trusted.mach2]]
criteria = "safe-to-deploy"
user-id = 51017 # Yuki Okushi (JohnTitor)
start = "2021-11-15"
end = "2027-05-04"
[[trusted.mach2]]
criteria = "safe-to-deploy"
trusted-publisher = "github:JohnTitor/mach2"
start = "2025-11-16"
end = "2027-05-04"
[[trusted.macro-string]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2025-02-02"
end = "2027-04-04"
[[trusted.memchr]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2019-07-07"
end = "2026-10-10"
[[trusted.mio]]
criteria = "safe-to-deploy"
user-id = 6025 # Thomas de Zeeuw (Thomasdezeeuw)
start = "2019-12-17"
end = "2027-04-15"
[[trusted.num_cpus]]
criteria = "safe-to-deploy"
user-id = 359 # Sean McArthur (seanmonstar)
start = "2019-06-10"
end = "2026-10-10"
[[trusted.object]]
criteria = "safe-to-deploy"
user-id = 4415 # Philip Craig (philipc)
start = "2019-04-26"
end = "2027-03-30"
[[trusted.once_cell_polyfill]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2025-05-22"
end = "2026-10-08"
[[trusted.openssl-probe]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-08-04"
end = "2026-06-18"
[[trusted.parking_lot]]
criteria = "safe-to-deploy"
user-id = 2915 # Amanieu d'Antras (Amanieu)
start = "2019-05-04"
end = "2024-07-06"
[[trusted.parking_lot_core]]
criteria = "safe-to-deploy"
user-id = 2915 # Amanieu d'Antras (Amanieu)
start = "2019-05-04"
end = "2024-07-06"
[[trusted.paste]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-03-19"
end = "2024-07-06"
[[trusted.prettyplease]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2022-01-04"
end = "2025-05-06"
[[trusted.proc-macro2]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-04-23"
end = "2026-10-08"
[[trusted.pulley-interpreter]]
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2024-07-30"
end = "2025-08-08"
[[trusted.pulley-macros]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2025-06-20"
end = "2026-06-20"
[[trusted.quote]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-04-09"
end = "2026-10-08"
[[trusted.regex]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2019-02-27"
end = "2024-07-15"
[[trusted.regex-automata]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2019-02-25"
end = "2026-10-10"
[[trusted.regex-syntax]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2019-03-30"
end = "2025-11-13"
[[trusted.rustix]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2021-10-29"
end = "2026-03-19"
[[trusted.ryu]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-05-02"
end = "2024-07-06"
[[trusted.same-file]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2019-07-16"
end = "2024-07-15"
[[trusted.scopeguard]]
criteria = "safe-to-deploy"
user-id = 2915 # Amanieu d'Antras (Amanieu)
start = "2020-02-16"
end = "2024-07-06"
[[trusted.semver]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2021-05-25"
end = "2026-10-10"
[[trusted.serde]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-03-01"
end = "2025-12-02"
[[trusted.serde_core]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2025-09-13"
end = "2026-10-10"
[[trusted.serde_derive]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-03-01"
end = "2025-12-02"
[[trusted.serde_json]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-02-28"
end = "2026-03-19"
[[trusted.serde_spanned]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2023-01-20"
end = "2026-10-10"
[[trusted.serde_yaml]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-05-02"
end = "2026-10-08"
[[trusted.slab]]
criteria = "safe-to-deploy"
user-id = 6741 # Alice Ryhl (Darksonn)
start = "2021-10-13"
end = "2026-10-10"
[[trusted.socket2]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-05-06"
end = "2025-12-05"
[[trusted.socket2]]
criteria = "safe-to-deploy"
user-id = 6025 # Thomas de Zeeuw (Thomasdezeeuw)
start = "2020-09-09"
end = "2027-04-15"
[[trusted.syn]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-03-01"
end = "2025-12-02"
[[trusted.system-interface]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2020-10-27"
end = "2026-10-10"
[[trusted.tar]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-03-04"
end = "2027-03-24"
[[trusted.target-lexicon]]
criteria = "safe-to-deploy"
user-id = 696 # Nick Fitzgerald (fitzgen)
start = "2024-07-30"
end = "2025-07-30"
[[trusted.target-lexicon]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2019-03-06"
end = "2025-12-06"
[[trusted.termcolor]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2019-06-04"
end = "2024-07-15"
[[trusted.thiserror]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-10-09"
end = "2025-11-13"
[[trusted.thiserror-impl]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2019-10-09"
end = "2025-11-13"
[[trusted.tokio]]
criteria = "safe-to-deploy"
user-id = 6741 # Alice Ryhl (Darksonn)
start = "2020-12-25"
end = "2026-10-10"
[[trusted.tokio-macros]]
criteria = "safe-to-deploy"
user-id = 6741 # Alice Ryhl (Darksonn)
start = "2020-10-26"
end = "2027-04-15"
[[trusted.tokio-util]]
criteria = "safe-to-deploy"
user-id = 6741 # Alice Ryhl (Darksonn)
start = "2021-01-12"
end = "2026-10-10"
[[trusted.toml]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-05-16"
end = "2024-07-06"
[[trusted.toml]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2022-12-14"
end = "2026-10-10"
[[trusted.toml_datetime]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2022-10-21"
end = "2026-10-10"
[[trusted.toml_edit]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2021-09-13"
end = "2025-02-12"
[[trusted.toml_parser]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2025-07-08"
end = "2026-10-10"
[[trusted.toml_writer]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2025-07-08"
end = "2026-10-10"
[[trusted.unicode-ident]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2021-10-02"
end = "2026-10-08"
[[trusted.unsafe-libyaml]]
criteria = "safe-to-deploy"
user-id = 3618 # David Tolnay (dtolnay)
start = "2022-07-03"
end = "2026-10-08"
[[trusted.walkdir]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2019-06-09"
end = "2024-07-15"
[[trusted.wasi]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2020-06-03"
end = "2025-12-05"
[[trusted.wasi]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2019-07-22"
end = "2026-01-21"
[[trusted.wasm-bindgen]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-03-04"
end = "2025-12-05"
[[trusted.wasm-bindgen-backend]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-03-04"
end = "2025-12-05"
[[trusted.wasm-bindgen-macro]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-03-04"
end = "2025-12-05"
[[trusted.wasm-bindgen-macro-support]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-03-04"
end = "2025-12-05"
[[trusted.wasm-bindgen-shared]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-03-04"
end = "2025-12-05"
[[trusted.wasm-compose]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-07-28"
[[trusted.wasm-encoder]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-06-03"
[[trusted.wasm-metadata]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-06-03"
[[trusted.wasm-wave]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-06-19"
end = "2025-11-13"
[[trusted.wasmparser]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-06-03"
[[trusted.wasmprinter]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-06-03"
[[trusted.wast]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-06-03"
[[trusted.wat]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-06-03"
[[trusted.web-sys]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2019-03-04"
end = "2025-12-05"
[[trusted.winapi-util]]
criteria = "safe-to-deploy"
user-id = 189 # Andrew Gallant (BurntSushi)
start = "2020-01-11"
end = "2024-07-15"
[[trusted.windows]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2021-01-15"
end = "2025-01-30"
[[trusted.windows-core]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2021-11-15"
end = "2025-01-02"
[[trusted.windows-interface]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2022-02-18"
end = "2025-08-07"
[[trusted.windows-link]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2024-07-17"
end = "2026-10-08"
[[trusted.windows-sys]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2021-11-15"
end = "2026-11-17"
[[trusted.windows-targets]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2022-09-09"
end = "2026-10-08"
[[trusted.windows_aarch64_gnullvm]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2022-09-01"
end = "2026-10-08"
[[trusted.windows_aarch64_msvc]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2021-11-05"
end = "2026-10-08"
[[trusted.windows_i686_gnu]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2021-10-28"
end = "2026-10-08"
[[trusted.windows_i686_gnullvm]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2024-04-02"
end = "2026-10-08"
[[trusted.windows_i686_msvc]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2021-10-27"
end = "2026-10-08"
[[trusted.windows_x86_64_gnu]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2021-10-28"
end = "2026-10-08"
[[trusted.windows_x86_64_gnullvm]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2022-09-01"
end = "2026-10-08"
[[trusted.windows_x86_64_msvc]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2021-10-27"
end = "2026-10-08"
[[trusted.winnow]]
criteria = "safe-to-deploy"
user-id = 6743 # Ed Page (epage)
start = "2023-02-22"
end = "2026-10-10"
[[trusted.winx]]
criteria = "safe-to-deploy"
user-id = 6825 # Dan Gohman (sunfishcode)
start = "2019-08-20"
end = "2026-11-17"
[[trusted.wit-component]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-06-03"
[[trusted.wit-parser]]
criteria = "safe-to-deploy"
user-id = 73222 # wasmtime-publish
start = "2024-02-15"
end = "2026-06-03"
[[trusted.witx]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
start = "2021-06-22"
end = "2025-02-22"