Tony Arcieri
Tony Arcieri
Yeah, those are the sorts of failures we get during prereleases which lead us to shut these checks off until we're off prerelease versions. Here's an example of the checks...
If you're unhappy with the number of dependencies `rand` pulls in, you can always use `getrandom` directly, although it does have dependencies on `cfg-if` and `libc` as well (on *IX...
I think the old warning was kind of bad (point decompression ensures a valid curve point), but it might be good to replace that note with one that it's using...
Note: closes #108 There's a branch here that also mitigates it, and includes some descriptive comments about how the approach works: https://github.com/bwesterb/argyle-kyber/commit/b5c6ad13f4eece80e59c6ebeafd787ba1519f5f6
We have a request to file a RUSTSEC advisory for this vulnerability, although we'll wait to hear back on a potential fix before publishing it: https://github.com/rustsec/advisory-db/pull/1872/files
FWIW we often disable the `needless_range_loop` lint in @RustCrypto: ```rust #![allow(clippy::needless_range_loop)] ``` Indeed it can be unhelpful at times where its suggestions don't improve code clarity.
If you place the above attribute in lib.rs, it will apply to the whole crate. I wasn't aware clippy.toml could be used for this purpose. If so that's a semi-recent...
@mberry MIPS was demoted to a Tier 3 target: https://github.com/rust-lang/rust/issues/115218 I would suggest using `powerpc-unknown-linux-gnu` if you'd like to test against a 32-bit big endian Tier 2 target.
FYI, there is an open PR (https://github.com/RustSec/advisory-db/pull/827) to include this vulnerability in the [RustSec Security Advisory Database](https://rustsec.org). It'd be great to hear back from @zeta12ti before we merge it (and...
Aah, good to know @zeta12ti Is it okay if we publish the security advisory for this issue to the RustSec database? We can also publish a notice that this crate...