Cryptographically verifiable, distributed dependency reviews
$ cargo crev repo fetch url https://github.com/leo60228/crev-proofs
$ cargo crev id trust 2LuQSTppPubecRKRky5i_owgDcpbZhuFE3iXyLky5w4
&'static str returned from transmuting a
&str, which may become unsound at any time. It also has much more code than simply storing an std::io::Error in an Arc.
Simple futures-based wrapper on top of other crates, primarily polling.
Code is trivial, but I feel like assuming 64-byte cache lines on non-ARM64/x64 might be overly optimistic.
only minor changes
Crate is simple enough, but I don't fully understand the low-level concurrency details.
proc-macro-hack wrapper crate
Very simple and minimal crate
Contains large amounts of UB and segfault-prone code. See https://github.com/servo/core-foundation-rs/issues/361 and https://github.com/servo/core-foundation-rs/issues/291.
adds some new features, no changes to existing code
changes imports for no_std, no changes to code
Most of what this crate does is simple, and it's very thoroughly commented.
Crate just consists of a few traits, which are all defined as you'd expect.
only minor changes
This crate is copy/pasted from core::mem::MaybeUninit for older rustc.
Simple crate. Triggers UB but there is no workaround on current Rust.
Mostly consists of types with a few simple helpers. Last commit is a year ago, but there aren't any outstanding issues or PRs and the author still seems to be active.
I reviewed this crate with default features. All code outside the sync module is simple and clearly correct, and the code in the sync module comes from std with minor changes.
Code is short and seems reasonable, but I'm not great at low-level concurrent code.
Simpler version of pin-project
Very small crate, has useful macros
I primarily reviewed the code for Linux, and quickly skimmed other OSes to make sure they weren't doing anything obviously malicious. The Linux code seems to map cleanly to epoll, though there may be subtleties in the underlying API I'm unaware of.
changes seem clear
© bestia.dev 2023, MIT License, Version: 2023.608.1636
Open source repository for this web app: https://github.com/bestia-dev/cargo_crev_web/