Cryptographically verifiable, distributed dependency reviews
Add the last reviewed version to Cargo.toml / [dependencies]:
gettext-rs = "0.7.0"
Please, use mobile in landscape.
Filter reviews clicking on the numbers in the summary.
Full column names in tooltip hints: rating Negative, rating Neutral, rating Positive, rating Strong, thoroughness, understanding, reviews count.
This is a self-review, because this release is made by me and contains only
the changes that I made.
The crate provides safe wrappers over an FFI for GNU gettext (which is
packaged separately, as a gettext-sys crate). There are no known issues with
those wrappers.
This release fixes an incorrect default for XDG_DATA_DIRS. There are no
security implications to this change, as far as I can see.
This is basically a self-review, since it's me who fixed the problems
I highlighted in my previous review.
This crate contains safe FFI bindings for gettext.
The memory issues I mentioned in the previous review are fixed, and panics
documented. There are no unwrap
s, and all errors are propagated viaResult
s.
The crate still depends on gettext returning UTF-8, but this is now
prominently documented.
Compared to 0.5.0, the API is more fleshed out and polished (even if I say so
myself).
This is basically a self-review, since it's me who fixed the problems
I highlighted in my previous review.
This crate contains safe FFI bindings for gettext.
The memory issues I mentioned in the previous review are fixed, and panics
documented. There are no unwrap
s, and all errors are propagated viaResult
s.
The crate still depends on gettext returning UTF-8, but this is now
prominently documented.
Compared to 0.5.0, the API is more fleshed out and polished (even if I say so
myself).
The crate provides safe wrappers for FFI bindings from gettext-sys crate.
The bindings are suspicious as they might use already-deallocated memory[1],
and they don't document panic conditions[2].
Furthermore, the library seems to assume that the locale charset is UTF-8[3],
which if false can lead to garbled translations as non-UTF-8 bytes would be
replaced by U+FFFD.
The UTF-8 and documentation issues would cap the rating at "positive", but
the memory issue puts this crate into "negative" territory.
The crate provides safe wrappers for FFI bindings from gettext-sys crate.
The bindings are suspicious as they might use already-deallocated memory[1],
and they don't document panic conditions[2].
Furthermore, the library seems to assume that the locale charset is UTF-8[3],
which if false can lead to garbled translations as non-UTF-8 bytes would be
replaced by U+FFFD.
The UTF-8 and documentation issues would cap the rating at "positive", but
the memory issue puts this crate into "negative" territory.
© bestia.dev 2023, MIT License, Version: 2023.608.1636
Open source repository for this web app: https://github.com/bestia-dev/cargo_crev_web/
This is a self-review, because this release is made by me and contains only
the changes that I made.
The crate provides safe wrappers over an FFI for GNU gettext (which is
packaged separately, as a gettext-sys crate). There are no known issues with
those wrappers.
This release fixes an incorrect default for XDG_DATA_DIRS. There are no
security implications to this change, as far as I can see.