Cryptographically verifiable, distributed dependency reviews
Add the last reviewed version to Cargo.toml / [dependencies]:
arrayvec = "0.7.2"Please, use mobile in landscape.
Filter reviews clicking on the numbers in the summary.
Full column names in tooltip hints: rating Negative, rating Neutral, rating Positive, rating Strong, thoroughness, understanding, reviews count.
Prefer 0.4.11 which at least starts using MaybeUninit instead of uninitialized!(), which is fundamentally unsound.
Uses a disturbing amount of unsafe, but aside from uninitialized, it all at least appears to be correct after a careful reading.
Unlike smallvec, this doesn't fall back on the heap.
Better than whatever you'll write rolling your own, at least.
0.4.7 -> 0.4.8: IntoIter implemented Clone, unconcerning
0.4.8 -> 0.4.9: ArrayString initialized to 0, ArrayVec uses nightly MaybeUninit. Unfortunately stable still uses uninitialized!() so this is still negative.
Prefer 0.4.11 which at least starts using MaybeUninit instead of uninitialized!(), which is fundamentally unsound.
Uses a disturbing amount of unsafe, but aside from uninitialized, it all at least appears to be correct after a careful reading.
Unlike smallvec, this doesn't fall back on the heap.
Better than whatever you'll write rolling your own, at least.
See 0.4.7 for base review. Diffed 0.4.7 -> 0.4.8, no concerning changes.
Prefer 0.4.11 which at least starts using MaybeUninit instead of uninitialized!(), which is fundamentally unsound.
Uses a disturbing amount of unsafe, but aside from uninitialized, it all at least appears to be correct after a careful reading.
Unlike smallvec, this doesn't fall back on the heap.
Better than whatever you'll write rolling your own, at least.
| File | Rating | Notes |
|---|---|---|
| benches/arraystring.rs | +1 | |
| benches/extend.rs | +1 | |
| src/array_string.rs | 0 | lots of unsafe, but I think sound |
| src/array.rs | 0 | fix_array_impl! hides unsafe, but not misused nor public |
| src/char.rs | +1 | Relied upon for soundness... thoroughly checked against https://en.wikipedia.org/wiki/UTF-8 |
| src/errors.rs | +1 | |
| src/lib.rs | 0 | lots of unsafe, but I think sound |
| src/range.rs | +1 | |
| tests/serde.rs | +1 | |
| tests/tests.rs | +1 | |
| .gitignore | +1 | |
| .travis.yml | +1 | |
| Cargo.toml | +1 | |
| Cargo.toml.orig | +1 | |
| custom.css | +1 | |
| LICENSE-APACHE | +1 | |
| LICENSE-MIT | +1 | |
| README.rst | +1 |
| Other | Rating | Notes |
|---|---|---|
| unsafe | -1 | Overused |
| fs | +1 | Unused |
| docs | +1 | |
| tests | 0 | Good coverage... not seeing any fuzz testing for all this unsafe though. |
| Line | Notes |
|---|---|
| 56 | unsafe - new_array ~ uninitialized, Array is an unsafe trait though so only implement it if this is sound...? |
| 95 | No CapacityError? Inconsistent vs from... |
| 160 | unsafe { ... } - looks correct |
| 213 | unsafe { ... } - looks correct |
| 216 | could be a slice copy instead |
| 245 | unsafe { ... } - looks correct |
| 271 | unsafe { ... } - looks correct |
| 307 | unsafe { ... } - looks correct |
| 318 | unsafe { ... } - looks correct |
| 331 | unsafe fn - decent docs, looks correct, should be more explicit about uninitialized though |
| 342 | unsafe fn - needs better docs, but looks correct |
| 351 | unsafe { ... } - looks correct |
| 361 | unsafe { ... } - scary transmute, but just from &mut [u8] to &mut str. stdlib from_utf8_unchecked does equivalent pointer casts |
| Line | Notes |
|---|---|
| 80 | Aieee! |
| 132 | unsafe { ... } - not sure this is sound for bools etc. |
| 214 | unsafe { ... } - looks correct |
| 246 | unsafe fn - exactly as spceified |
| 306 | unsafe { ... } - looks correct |
| 340 | unsafe { ... } - looks correct |
| 511 | unsafe fn - exactly as specified |
| 552 | unsafe { ... } - scary as heck... but Drain should keep self borrowed long enough, at least. |
| 575 | unsafe { ... } - looks correct |
| 604 | unsafe { ... } - looks correct |
| 614 | unsafe { ... } - looks correct |
| 707 | unsafe { ... } - looks correct. Size could be reduced, relies on IntoIter's custom drop not dropping copied elements due to the index increment to avoid double drops. |
| 724 | unsafe { ... } - looks correct. Size could be reduced, relies on IntoIter's custom drop not dropping copied elements due to the length decrement to avoid double drops. |
| 740 | unsafe { ... } - looks correct. Implements the aforementioned IntoIter custom drop. |
| 764 | unsafe Sync - I believe this is OK. |
| 765 | unsafe Send - I believe this is OK. |
| 775 | unsafe { ... } - looks correct. Relies on set_len already being truncated to avoid double drops. |
| 793 | unsafe { ... } - looks correct. Relies on set_len already being truncated to avoid double drops. |
| 809 | necessary to aovid memory leaks |
| 812 | unsafe { ... } - looks correct. |
| 851 | unsafe { ... } - looks correct. |
| 1008 | unsafe { ... } - looks correct. |
© bestia.dev 2023, MIT License, Version: 2023.608.1636
Open source repository for this web app: https://github.com/bestia-dev/cargo_crev_web/
Prefer 0.4.11 which at least starts using MaybeUninit instead of uninitialized!(), which is fundamentally unsound.
Uses a disturbing amount of unsafe, but aside from uninitialized, it all at least appears to be correct after a careful reading.
Unlike smallvec, this doesn't fall back on the heap.
Better than whatever you'll write rolling your own, at least.
0.4.7 -> 0.4.8: IntoIter implemented Clone, unconcerning
0.4.8 -> 0.4.9: ArrayString initialized to 0, ArrayVec uses nightly MaybeUninit. Unfortunately stable still uses uninitialized!() so this is still negative.
0.4.9 -> 0.4.10: #[repr(C)], -Clone for MaybeUninit. Apparently I missed more possible unsoundness. Unsafe is hard.