Wasmtime GitHub notifications bot (Aug 22 2022 at 15:11): Wasmtime GitHub notifications bot (Aug 22 2022 at 15:11):cfallin commented on issue #4749:
This needs a cargo-vet update; @bnjbvr would you be willing to vet the diff in
sha2?
Wasmtime GitHub notifications bot (Aug 22 2022 at 16:30):bnjbvr commented on issue #4749:
The changelog shows changes in SIMD implementations of sha2, so I'm not sure I'm going to find time for reviewing those changes in depth. How thorough should the vetting be, in such a case?
Wasmtime GitHub notifications bot (Aug 30 2022 at 13:47):alexcrichton commented on issue #4749:
Vetting is mostly centered around "this won't install malware" or "doesn't unduly access capabilities it wasn't given itself" e.g. randomly reading/writing files on the filesystem. Vetting reviews aren't so much about correctness so while a lack of unsafe is good using unsafe for things like SIMD acceleration is inevitable and should be ok.
Wasmtime GitHub notifications bot (Oct 10 2022 at 08:31):bnjbvr commented on issue #4749:
Ok, vetting was much simpler than I expected thanks to the cargo-vet tool showing the commands to see a diff. Updated!
Last updated: Nov 22 2024 at 17:03 UTC