At the time of writing there are 9 unsafe blocks in rsasl code, 8 of which are in rsasl proper, with a final one in the SCRAM parser. Most of them are inherently safe casts, but the safety of them is not explicitly documented but based on tribal knowledge (e.g. #[repr(transparent)] struct A(B) meaning A(B) has the exact same representation as B and thus making a cast from &B to &A a safe no-op).
Those should be documented better.
Oh and I need to look at the more dodgy ones, like Mechname::const_new.
At the time of writing there are 9
unsafeblocks inrsaslcode, 8 of which are inrsaslproper, with a final one in the SCRAM parser. Most of them are inherently safe casts, but the safety of them is not explicitly documented but based on tribal knowledge (e.g.#[repr(transparent)] struct A(B)meaningA(B)has the exact same representation asBand thus making a cast from&Bto&Aa safe no-op).Those should be documented better.
Oh and I need to look at the more dodgy ones, like
Mechname::const_new.