str4d
commented
2 months ago The other orgs are all ones we already depend on for audits in zcash/zcash except for Fermyon, and their repo only introduces one additional audit (for oorandom 11.1.3).
Closed str4d closed 2 months ago
str4d
commented
2 months ago The other orgs are all ones we already depend on for audits in zcash/zcash except for Fermyon, and their repo only introduces one additional audit (for oorandom 11.1.3).
This starts the process of removing our dependency on
zcash/zcashfor ourcargo-vetaudits. We import audits from there and other upstreams to bootstrap audits here; once this PR merges, we'll include this repo into our aggregated audit set, and then we can use audits here (for the MSRV-compatible dependencies pinned in this repo'sCargo.lock) to augment the audits done in our end binary repos (zcashdand the mobile SDKs, which use as close to stable Rust as we can).