cfallin commented on issue #4749:
This needs a cargo-vet update; @bnjbvr would you be willing to vet the diff in
sha2
?
bnjbvr commented on issue #4749:
The changelog shows changes in SIMD implementations of sha2, so I'm not sure I'm going to find time for reviewing those changes in depth. How thorough should the vetting be, in such a case?
alexcrichton commented on issue #4749:
Vetting is mostly centered around "this won't install malware" or "doesn't unduly access capabilities it wasn't given itself" e.g. randomly reading/writing files on the filesystem. Vetting reviews aren't so much about correctness so while a lack of unsafe is good using unsafe for things like SIMD acceleration is inevitable and should be ok.
bnjbvr commented on issue #4749:
Ok, vetting was much simpler than I expected thanks to the cargo-vet tool showing the commands to see a diff. Updated!
Last updated: Dec 23 2024 at 13:07 UTC