Code reviews of the gettext-rs crate // Lib.rs

These reviews are from Crev, a distributed system for code reviews. To add your review, set up cargo-crev.

0.7.0 (current) Rating: Strong Positive Thoroughness: High Understanding: High

by Minoru on 2021-04-26

This is a self-review, because this release is made by me and contains only the changes that I made.

The crate provides safe wrappers over an FFI for GNU gettext (which is packaged separately, as a gettext-sys crate). There are no known issues with those wrappers.

This release fixes an incorrect default for XDG_DATA_DIRS. There are no security implications to this change, as far as I can see.

The current version of gettext-rs is 0.7.0.

0.6.0 (older version) Rating: Strong Positive Thoroughness: High Understanding: High

by Minoru on 2021-03-03

Show review…

This is basically a self-review, since it's me who fixed the problems I highlighted in my previous review.

This crate contains safe FFI bindings for gettext.

The memory issues I mentioned in the previous review are fixed, and panics documented. There are no unwraps, and all errors are propagated via Results.

The crate still depends on gettext returning UTF-8, but this is now prominently documented.

Compared to 0.5.0, the API is more fleshed out and polished (even if I say so myself).

These reviews are from cargo-vet. To add your review, set up cargo-vet and submit your URL to its registry.

0.7.0 (current) safe-to-run

From kornelski/crev-proofs copy of salsa.debian.org.

Packaged for Debian (stable). Changelog:

Team upload.
Package gettext-rs 0.7.0 from crates.io using debcargo 2.6.0
Update copryright file.
Update dep.patch to allow both 0.2 and 0.3 versions of locale-config.

[ Alexander Kjäll ]

Add 'collapse_features = true' to reduce unnecessary packages

0.7.0 (current) unknown

From kornelski/crev-proofs copy of git.savannah.gnu.org.

Packaged for Guix (crates-io)

cargo-vet does not verify reviewers' identity. You have to fully trust the source the audits are from.

safe-to-run

This crate can be compiled, run, and tested on a local workstation or in controlled automation without surprising consequences. More…

unknown

May have been packaged automatically without a review

Crates in the crates.io registry are tarball snapshots uploaded by crates' publishers. The registry is not using crates' git repositories. There is absolutely no guarantee that the repository URL declared by the crate belongs to the crate, or that the code in the repository is the code inside the published tarball.

To review the actual code of the crate, it's best to use cargo crev open gettext-rs. Alternatively, you can download the tarball of gettext-rs v0.7.0 or view the source online.