Cryptographically verifiable, distributed dependency reviews
Add the last reviewed version to Cargo.toml / [dependencies]:
scratch = "1.0.1"
Please, use mobile in landscape.
Filter reviews clicking on the numbers in the summary.
Full column names in tooltip hints: rating Negative, rating Neutral, rating Positive, rating Strong, thoroughness, understanding, reviews count.
There were no material changes since 1.0.0, the main code wasn't even touched.
Trivial (but useful!) crate that creates a temporary directory which can be
seen by any crate that depends on this one.
There are just 6 lines of actual code here. They read OUT_DIR from
environment, and create/remove some directories.
A rogue crate could include this one and use it to stomp on some other
crate's scratch space. It's hard for me to see this as a vulnerability, since
the user is supposed to trust the code they're running during the build.
Trivial (but useful!) crate that creates a temporary directory which can be
seen by any crate that depends on this one.
There are just 6 lines of actual code here. They read OUT_DIR from
environment, and create/remove some directories.
A rogue crate could include this one and use it to stomp on some other
crate's scratch space. It's hard for me to see this as a vulnerability, since
the user is supposed to trust the code they're running during the build.
© bestia.dev 2023, MIT License, Version: 2023.608.1636
Open source repository for this web app: https://github.com/bestia-dev/cargo_crev_web/
There were no material changes since 1.0.0, the main code wasn't even touched.