logo

Rust crates reviews

Cryptographically verifiable, distributed dependency reviews

reviewer: kornelski

https://lib.rs/kornelski

Rust links:

Rust-lang.org

lib.rs

crates.io

docs.rs

$ cargo crev repo fetch url https://github.com/kornelski/crev-proofs
$ cargo crev id trust Qf4cHJBEoho61fd5zoeweyrFCIZ7Pb5X5ggc5iw4B50

repo: https://github.com/kornelski/crev-proofs

Please, use mobile in landscape.

crate version
rating
date
reviewer
thoroughness, understanding
approx 0.3.2
positive
2019-07-08
kornelski
low, low
arrayvec 0.4.11
positive
2019-07-22
kornelski
low, medium
bytemuck 1.2.0
positive
2020-06-15
kornelski
low, low
alternative:
https://crates.io
plain
bytes 0.4.12
positive
2019-07-08
kornelski
low, low
cargo-deb 1.24.0
positive
2020-04-23
kornelski
high, high
cargo-upgrades 0.9.0
positive
2019-07-22
kornelski
high, high
cargo-xcode 1.1.1
positive
2019-01-06
kornelski
high, high
cargo-xcode 1.1.1
positive
2019-01-06
kornelski
high, high
cargo_author 1.0.0
positive
2019-01-06
kornelski
high, high
cargo_author 1.0.0
positive
2019-01-06
kornelski
high, high
cargo_toml 0.6.3
positive
2019-01-06
kornelski
high, high
cargo_toml 0.6.3
positive
2019-01-06
kornelski
high, high
cc 1.0.28
positive
2019-01-06
kornelski
low, medium
cc 1.0.28
positive
2019-01-06
kornelski
low, medium
census 0.2.0
positive
2019-07-08
kornelski
low, low
clap 2.33.0
2020-04-23
kornelski

The crate died from the Second System Syndrome

clap 2.32.0
positive
2019-01-06
kornelski
none, medium
clap 2.32.0
positive
2019-01-06
kornelski
none, medium
cloudflare-zlib-sys 0.2.0
positive
2019-07-08
kornelski
medium, high
cocoa_image 1.0.0
positive
2019-01-06
kornelski
high, high
cocoa_image 1.0.0
positive
2019-01-06
kornelski
high, high
core-foundation 0.6.4
positive
2019-07-20
kornelski
low, low
crc32fast 1.2.0
positive
2019-07-08
kornelski
low, low
ct-logs 0.4.0
positive
2019-07-08
kornelski
low, low
deunicode 1.1.1
positive
2020-04-23
kornelski
high, high
deunicode 1.0.0
strong
2019-01-06
kornelski
high, high
downcast 0.10.0
neutral
2020-09-15
kornelski
low, low

It's playing with fire by making assumptions about in-memory representation of trait objects

dunce 0.1.1
positive
2019-01-06
kornelski
high, high
dunce 0.1.1
positive
2019-01-06
kornelski
high, high
encoding_rs 0.8.17
positive
2019-07-20
kornelski
low, low

Oooof, that was big

evalchroma 0.1.1
positive
2019-01-06
kornelski
high, high
evalchroma 0.1.1
positive
2019-01-06
kornelski
high, high
exclude_from_backups 1.0.1
positive
2020-05-12
kornelski
high, high
exclude_from_backups 0.2.1
positive
2019-01-06
kornelski
high, high
exclude_from_backups 0.2.1
positive
2019-01-06
kornelski
high, high
fake-static 0.1.0
negative
2020-05-13
kornelski
none, none

This exploits a bug in the compiler. Don't even think of using it.

fast-floats 0.1.2
2020-10-05
kornelski
issues:
https://users.rust-lang.org/t/why-i-get-nan-values-when-multiply-by-0/49450/19
medium

Exposes + to safe code, which can create NaN, which can cause UB

file 1.1.2
negative
2020-04-13
kornelski
high, high
alternative:
https://crates.io
std

Use fs::read and fs::write instead

file 1.1.2
neutral
2019-01-06
kornelski
high, high

Use fs::read and fs::write instead

file 1.1.2
neutral
2019-01-06
kornelski
high, high

Use fs::read and fs::write instead

getopts 0.2.21
positive
2021-02-07
kornelski
low, medium
gh-emoji 1.0.3
positive
2020-04-23
kornelski
medium, high
gif-dispose 2.3.0
positive
2020-04-23
kornelski
high, high
gif-dispose 2.1.1
positive
2019-01-06
kornelski
high, high
gif-dispose 2.1.1
positive
2019-01-06
kornelski
high, high
gifski 0.10.4
positive
2020-04-23
kornelski
high, high
gifski 0.8.6
positive
2019-01-06
kornelski
high, high
gifski 0.8.6
positive
2019-01-06
kornelski
high, high
github-rs 0.6.1
negative
2019-03-20
kornelski
low, medium

The project is unmaintained. The implementation is incomplete, and doesn't support paging.

github-rs 0.6.1
negative
2019-03-20
kornelski
low, medium

The project is unmaintained. The implementation is incomplete, and doesn't support paging.

github_v3 0.3.2
positive
2020-04-23
kornelski
high, high
htmlescape 0.3.1
neutral
2019-07-20
kornelski
low, low
imagequant 2.11.9
positive
2019-01-06
kornelski
high, high
imagequant 2.11.9
positive
2019-01-06
kornelski
high, high
imagequant-sys 3.0.3+sys2.14.0
positive
2021-02-02
kornelski
high, high
imagequant-sys 2.12.2
positive
2019-01-06
kornelski
high, high
imagequant-sys 2.12.2
positive
2019-01-06
kornelski
high, high
imgref 1.4.3
positive
2020-04-23
kornelski
high, high
is_executable 1.0.0
positive
2021-02-07
kornelski
low, high
kamadak-exif 0.5.1
positive
2020-05-15
kornelski
low, medium
alternative:
https://crates.io
rexif
kamadak-exif 0.3.1
negative
2019-01-09
kornelski
none, low

fails to parse any big-endian markers

kamadak-exif 0.3.1
negative
2019-01-09
kornelski
none, low

fails to parse any big-endian markers

lab 0.8.2
neutral
2021-02-02
kornelski
low, medium
issues:
https://github.com/TooManyBees/lab/issues/23
low
lazyonce 1.0.0
neutral
2020-04-23
kornelski
high, high
alternative:
https://crates.io
once_cell

Obsolete

lazyonce 0.3.0
neutral
2019-01-06
kornelski
high, medium
lazyonce 0.3.0
neutral
2019-01-06
kornelski
high, medium
lcms2 5.0.1
positive
2019-01-06
kornelski
medium, high
lcms2 5.0.1
positive
2019-01-06
kornelski
medium, high
lcms2-sys 2.4.8
positive
2019-01-06
kornelski
low, medium

Depends on a ton of C code

lcms2-sys 2.4.8
positive
2019-01-06
kornelski
low, medium

Depends on a ton of C code

libpng-sys 1.1.0
neutral
2019-01-06
kornelski
low, medium

C code

libpng-sys 1.1.0
neutral
2019-01-06
kornelski
low, medium

C code

load_image 2.12.1
positive
2021-02-02
kornelski
high, high
lodepng 3.4.3
positive
2021-02-02
kornelski
high, high
lodepng 2.4.2
positive
2019-07-08
kornelski
high, high
lodepng 2.4.2
positive
2019-01-06
kornelski
high, high
lodepng 2.4.2
positive
2019-01-06
kornelski
high, high
loop9 0.1.1
positive
2019-01-06
kornelski
high, high
loop9 0.1.1
positive
2019-01-06
kornelski
high, high
lts 0.1.5
strong
2019-09-03
kornelski
high, high
memoffset 0.5.5
neutral
2020-09-15
kornelski
low, low
mime 0.3.16
positive
2021-02-05
kornelski
low, medium
mozjpeg 0.8.23
positive
2021-02-02
kornelski
medium, high
mozjpeg-sys 0.9.0
positive
2019-01-06
kornelski
low, medium

Lots of C code

mozjpeg-sys 0.9.0
positive
2019-01-06
kornelski
low, medium

Lots of C code

mss_saliency 1.0.3
positive
2019-01-06
kornelski
high, high
mss_saliency 1.0.3
positive
2019-01-06
kornelski
high, high
nasm-rs 0.1.3
positive
2019-01-06
kornelski
medium, high
nasm-rs 0.1.3
positive
2019-01-06
kornelski
medium, high
native-tls 0.2.3
positive
2019-07-08
kornelski
low, low
num-format 0.4.0
2021-02-14
kornelski
openmp-sys 0.1.6
neutral
2019-01-06
kornelski
high, high
openmp-sys 0.1.6
neutral
2019-01-06
kornelski
high, high
openssl-probe 0.1.2
positive
2019-07-22
kornelski
medium, high
parse_cfg 2.0.0
positive
2019-01-06
kornelski
high, high
parse_cfg 2.0.0
positive
2019-01-06
kornelski
high, high
percent-encoding 1.0.1
positive
2019-07-22
kornelski
low, medium
phf 0.7.24
positive
2019-01-06
kornelski
none, medium
phf 0.7.24
positive
2019-01-06
kornelski
none, medium
pkg-config 0.3.19
positive
2021-02-02
kornelski
medium, medium
plain 0.2.3
positive
2020-06-15
kornelski
medium, medium
alternative:
https://crates.io
bytemuck

Very simple. Does what it says.

plutonium 0.2.2
negative
2020-05-13
kornelski
none, none

Don't use it in production.

predicates-core 1.0.0
positive
2020-09-15
kornelski
low, medium
rake 0.1.3
positive
2019-03-10
kornelski
medium, medium
rake 0.1.3
positive
2019-03-10
kornelski
medium, medium
resize 0.4.0
positive
2020-04-23
kornelski
high, high
resize 0.3.0
positive
2019-01-06
kornelski
medium, medium
resize 0.3.0
positive
2019-01-06
kornelski
medium, medium
rexif 0.5.1
positive
2021-02-02
kornelski
medium, medium
alternative:
https://crates.io
kamadak-exif
rexif 0.3.5
positive
2019-01-09
kornelski
none, medium
rexif 0.3.5
positive
2019-01-09
kornelski
none, medium
rgb 0.8.17
positive
2020-04-23
kornelski
high, high
rgb 0.8.11
positive
2019-01-06
kornelski
high, high

it's mine!

rgb 0.8.11
positive
2019-01-06
kornelski
high, high

it's mine!

rgb 0.8.7
positive
2019-01-05
kornelski
low, medium
rgb 0.8.7
positive
2019-01-05
kornelski
high, high

my own

rgb 0.8.7
positive
2019-01-05
kornelski
low, medium
rgb 0.8.7
positive
2019-01-05
kornelski
high, high

my own

rmp-serde 0.15.4
positive
2021-02-02
kornelski
low, medium
rmpv 0.4.7
positive
2021-02-02
kornelski
low, medium
ructe 0.5.6
positive
2019-01-06
kornelski
low, medium
ructe 0.5.6
positive
2019-01-06
kornelski
low, medium
rusqlite 0.16.0
positive
2019-01-06
kornelski
none, medium
rusqlite 0.16.0
positive
2019-01-06
kornelski
none, medium
rust-crypto 0.2.36
negative
2021-02-09
kornelski
none, none
alternative:
https://crates.io
sha3

It's dead. Use something else.

rustc-serialize 0.3.24
2020-05-12
kornelski
rustls 0.16.0
strong
2020-06-15
kornelski
none, none

Positive external audit: https://github.com/ctz/rustls/blob/master/audit/TLS-01-report.pdf

ryu 1.0.0
positive
2019-07-22
kornelski
low, low
scoped-pool 1.0.0
neutral
2019-07-20
kornelski
low, low

Outdated dependencies

security-framework 1.0.0-alpha.1
positive
2020-04-23
kornelski
high, medium
security-framework 0.2.1
positive
2019-01-06
kornelski
low, medium
security-framework 0.2.1
positive
2019-01-06
kornelski
low, medium
security-framework-sys 1.0.0-alpha.1
positive
2020-04-23
kornelski
medium, medium
security-framework-sys 0.2.2
positive
2019-01-06
kornelski
low, medium
security-framework-sys 0.2.2
positive
2019-01-06
kornelski
low, medium
semver-parser 0.9.0
positive
2019-01-06
kornelski
none, medium
semver-parser 0.9.0
positive
2019-01-06
kornelski
none, medium
sha2 0.8.0
positive
2019-01-06
kornelski
none, medium
sha2 0.8.0
positive
2019-01-06
kornelski
none, medium
sized-chunks 0.6.3
positive
2021-02-14
kornelski
low, medium

Fixes reported soundness issues

sized-chunks 0.6.2
negative
2021-02-14
kornelski
none, none
issues:
https://github.com/bodil/sized-chunks/issues/11
low
subtle 2.4.0
negative
2021-02-05
kornelski
none, none
alternative:
https://crates.io
subtle-ng
issues:
https://twitter.com/hdevalence/status/1356831666124197890
medium

warning: unexplained kicking out of co-maintainers

syntect 3.0.2
positive
2019-01-06
kornelski
none, low
syntect 3.0.2
positive
2019-01-06
kornelski
none, low
tantivy 0.8.0
positive
2019-01-06
kornelski
none, medium
tantivy 0.8.0
positive
2019-01-06
kornelski
none, medium
tempdir 0.3.7
2020-05-15
kornelski
alternative:
https://crates.io
tempfile

You should use tempfile instead (it makes temp dirs, too)

try_future 0.1.3
positive
2019-07-08
kornelski
low, medium
undither 1.0.2
positive
2020-04-23
kornelski
high, high
undither 1.0.1
positive
2019-01-06
kornelski
high, high
undither 1.0.1
positive
2019-01-06
kornelski
high, high
unicase 2.4.0
positive
2019-07-08
kornelski
low, low
unzip3 1.0.0
positive
2019-01-06
kornelski
low, medium
unzip3 1.0.0
positive
2019-01-06
kornelski
low, medium
vergen 3.1.0
positive
2021-02-09
kornelski
low, medium
vpsearch 2.0.0
positive
2020-04-23
kornelski
high, high

It's robust and well-optimized

vpsearch 1.3.5
positive
2019-01-06
kornelski
high, high
vpsearch 1.3.5
positive
2019-01-06
kornelski
high, high
wild 2.0.2
positive
2020-04-23
kornelski
high, high
wild 2.0.1
positive
2019-01-06
kornelski
high, high
wild 2.0.1
positive
2019-01-06
kornelski
high, high
wild 2.0.1
positive
2019-01-06
kornelski
high, high
wild 2.0.1
positive
2019-01-06
kornelski
high, high
xattr 0.2.2
positive
2019-07-08
kornelski
low, low

© bestia.dev 2023, MIT License, Version: 2023.608.1636

Open source repository for this web app: https://github.com/bestia-dev/cargo_crev_web/