Lib.rs

CloudABI › Reviews

These reviews are from cargo-vet. To add your review, set up cargo-vet and submit your URL to its registry.

The current version of CloudABI is 0.1.0.

cargo-vet does not verify reviewers' identity. You have to fully trust the source the audits are from.

safe-to-run

This crate can be compiled, run, and tested on a local workstation or in controlled automation without surprising consequences. More…

unknown

May have been packaged automatically without a review

These reviews are from Crev, a distributed system for code reviews. To add your review, set up cargo-crev.

The current version of CloudABI is 0.1.0.

0.0.3 (older version) Rating: Positive Thoroughness: Low Understanding: Medium

Approved without comment by kornelski on 2019-07-25

0.0.3 (older version) Rating: Neutral Thoroughness: Low Understanding: Medium

by MaulingMonkey on 2019-07-23

Interesting idea. Lots of unsafe! Supposedly auto-generated. I have at least read the code enough (including explicitly looking at each use of unsafe) to believe there are no obvious funny business nor proper soundness issues. That said:

Concerns (rating: neutral): Lots of concerning use of unsafe { ... } + core::mem::uninitialized()... but only in #[test] code. #[allow(improper_ctypes)] for extern "C" block. Sounds like UB-bait. Punts all safety concerns to the user.

Concerns (thoroughness: low): I have not properly vetted fn/struct/type signatures against a proper reference.

Crates in the crates.io registry are tarball snapshots uploaded by crates' publishers. The registry is not using crates' git repositories. There is absolutely no guarantee that the repository URL declared by the crate belongs to the crate, or that the code in the repository is the code inside the published tarball.

To review the actual code of the crate, it's best to use cargo crev open cloudabi. Alternatively, you can download the tarball of cloudabi v0.1.0 or view the source online.