tanton_engine: possible public unsound api #2286
Conversation
djc
changed the title
|
Do we have any update/plan on merging these PRs? @djc |
|
I sent an email to the maintainer just now, I'm going to wait for 2 weeks before publishing this, per discussion in #1092. |
|
Okay, we have approval from the author to publish. I think we want to substantially simplify the advisory, though:
|
I updated, let me know if the updated version is ok. |
| "tanton_engine::Stack::offset" = ["1.0.0"] | ||
| "tanton_engine::ThreadStack::get" = ["1.0.0"] | ||
| "tanton_engine::RootMoveList::insert_score_depth" = ["1.0.0"] | ||
| "tanton_engine::RootMoveList::insert_score" = ["1.0.0"] |
There was a problem hiding this comment.
Changed the version to only match the single current version, which is presumably the only one you've checked.
| unaffected = [] | ||
| ``` | ||
|
|
||
| # Unsound public API in unmaintained crate |
There was a problem hiding this comment.
Removed the use of Possible in the title, removed the crate name since it's already in the metadata and gets used in lots of places.
| - `Stack::offset()` | ||
| - `ThreadStack::get()` | ||
| - `RootMoveList::insert_score_depth()` | ||
| - `RootMoveList::insert_score()` |
There was a problem hiding this comment.
Turned affected functions into a bullet list, used :: instead of . as is idiomatic in Rust and added () suffix to make it obvious that these are functions.
The original github repo seems like got deleted, not sure how to create the PR/issue at the upstream project