Cryptographically verifiable, distributed dependency reviews
reviewer: dpc
$ cargo crev repo fetch url https://github.com/dpc/crev-proofs$ cargo crev id trust FYlr8YoYGVvDwHQxqEIs89reKKDy-oWisoO0qXXEfHErepo: https://github.com/dpc/crev-proofs
Please, use mobile in landscape.
It looks like it's not maintained, and they are problems with it. See https://github.com/dpc/crev/pull/133
Basic review before considering using it.
I really like it:
Seems like a great crate for places where performance and features can
be sacrificed for simplicity and a small footprint (code and dependencies).
Good test coverage, good documentation. LGTM
Good test coverage, good documentation. LGTM
Good test coverage, good documentation. LGTM
LGTM
LGTM
Proxy crate.
Very rudimentary review, of a otherwise well known and reputable package.
I'm the author. And this crate is 3 lines of trivial code.
I'm the author and I AFAICT this is a decent code that works well.
Simple Either type.
Simple Either type.
OK, but slow. https://github.com/sebasmagri/env_logger/issues/123
Looks sane, but I'm not familiar with it.
Looks sane.
I have not reviewed the actual C code this calls.
Small, no unsafe, tests, good documentation.
Small, safe utility crate.
It's basically a long C library. I've skimmed through it, and there's nothing out of ordinary, but good luck reviewing it.
Some unsafe, but LGTM
There's not much to review. It's just a proxy to underlying crates.
I failed to review the whole thing. I looked at unsafes and when through ~10 random files. LGTM, but considering how important this crate it, my understanding of it is insufficient.
I see no point in this crate existing (just use rand), and considering poor quality of other crates of this author, I would advise not to use. https://github.com/stainless-steel/temporary/issues/1
LGTM, small amount of unsafe for terminal manipulation
Not really actively maintained, and pieces of functionality missing. I'm going to try termion instead.
I am confused why this crate exists, but it looks harmless.
No malicious code. The unsafe parts seems sane, but they could use a
a review by someone more confident with unsafe.
Small, but full of low-level unsafe signal handling. LGTM, but it low intensity review.
I'm the author. It's a decent, popular crate.
Strong. It's a decent, popular crate.
Quite a bit of unsafe, but I've implemented fuzzing for it https://github.com/servo/rust-smallvec/pull/168,
so hopefully unsoundness issues won't be a problem anymore.
Quite a bit of unsafe. It seems to me this crate could use some fuzzing.
Quite a bit of unsafe. It seems to me this crate could use some fuzzing.
Quite a bit of unsafe. It seems to me this crate could use some fuzzing.
Quite a bit of unsafe. It seems to me this crate could use some fuzzing.
Quite a bit of unsafe. It seems to me this crate could use some fuzzing.
The owner of this crate https://crates.io/users/IvanUkhov has plenty of low-quality, suspicious crates, that at best are name-squating, I would advise against usting this one.
Tiny proxy crate.
Surpringly small, no unsafe, lots of tests and all.
Surpringly small, no unsafe, tests and all.
No unsafe, documentation, fairly small. A lot of macro magic.
No unsafe, documentation, fairly small. A lot of macro magic.
Small, no unsafe, good documentation.
LGTM. I feel like this crate could use more in-depth review since it does have some unsafe blocks (especially for Windows).
LGTM. I feel like this crate could use more in-depth review since it does have some unsafe blocks (especially for Windows).
Reckless unsafe, buggy. https://github.com/stainless-steel/temporary/issues/1 . One of the reasons I've created cargo-crev in the first place.
LGTM
LGTM. Small and safe.
Header::new is unsound? This unsafe there seem unneccessary in the first place. There's not much performance to gain here.
Header: value - there can be more spaces preceeding the value. Header::from_str could take a HeaderName: Value "The field value MAY be preceded by any amount of LWS, though a single SP is preferred. " (https://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2)
pub fn add_header(headers: &mut Vec<Header>, header: Header) {
if !header.name().to_lowercase().starts_with("x-") {
Probably can be done faster by just comparing slice with eq_ignore_ascii_case, instead of allocating a lowercase copy.
src/lib.rs: Tests doing http calls to external network can fail on offline machines, are a potential privacy problem etc.
PoolKey::new - failing to get a port should probably be an error, since that means te scheme was neither http nor https, so why are we even handling it?
Unit indeed is a so-so name. If the comment is "unit of work" then it probably should be UnitOfWork.
// pointer to underlying stream
stream: *mut Stream,
Ouch. When I see mutable raw pointers, I already know that I will not be using this code as is. :D . From what I can see later, it seems this pointer is used just for the drop implementation? In that case, just use Option<Stream> or Option<Box<Stream>>. Option<Box<T>> even compiles down to the same data/code as nullable pointer.
I fail to see the point of Request::build...
Request::query and query_str seems silent about the matter of escaping, and I wonder if it will work correctly at all.
Request::timeout ... Deadlines are better than timeouts, and are not harder to implement.
index: (usize, usize), // index into status_line where we split: HTTP/1.1 200 OK
I see no reason, why these two would be touple, instead of being separate and named appropriatly.
Response::new works by ... parsing? I don't know how I feel about that. Seems wasteful.
/// Rather than exposing a custom error type through results, this library has opted
/// for representing potential connection/TLS/etc errors as HTTP response codes.
/// These invented codes are called "synthetic".
I don't know how I feel about this. Seems like a bad idea. :D . It will lead to confusion during debugging eg. by people who don't know about this "feature" (eg. DevOps that will be reading logs of software that is using this library). They will see "error: 535", and wonder how the hell this code happened.
let mut yolo = YoloRead { does not build confidence. :D
pub(crate) struct YoloRead {
stream: *mut Stream,
dealloc: bool, // whether we are to dealloc stream on drop
}
Oh. Here is another *mut Stream. I don't really get why it is neccessary.
fn from_str(s: &str) -> Result<Self, Self::Err> {
let bytes = s.as_bytes().to_owned();
I don't think this clone is neccessary.
Generally - negative review, since there's some unsafe code that I don't think is neccessary, and I have
no confidence that it is actually correct (quite the opposite... I suspect some stuff is wrong with it).
There were some other minor problems, potentially bugs, a lot of casual needless cloning and
stuff that looks like plain inefficiencies, and generally this crate at its current state does not look
like something I'd recommend for any serious production use. The goal seems good but it seem not there yet.
I think crates like this need either a lot of usage and pair of eyes and developers to iron out all the details,
or some extensive test suite.
No unsafe, LGTM.
© bestia.dev 2023, MIT License, Version: 2023.608.1636
Open source repository for this web app: https://github.com/bestia-dev/cargo_crev_web/
There have been numerous reports of authors ignoring
soundness issues in
actixecosystem.See example:
https://www.reddit.com/r/rust/comments/epszt7/actixnet_unsoundness_patch_is_boring/
So I'm giving a proactive negative rating, and feel free to contact me if
there are good reasons to change it - eg. if the issues have been addressed
and maintainers are commited to taking memory safety and security seriously.