RE: [EXTERNAL] Re: [chromium-security] [Security Audit Request] import of a new third party llguidance Rust library
Frank Li (IE)
[- secu...@chromium.org; + rust...@chromium.org]
Hi Chromium Rust devs,
Thank you for looking into the security audits!
I have a quick question in updating the llguidance crate in this review from v0.6.31 to v0.7.8
I tried “vpython3 ./tools/crates/run_gnrt.py update llguidance” and “vpython3 ./tools/crates/run_gnrt.py update llgui...@0.7.8 -- --verbose”, they both not allowing me to do so. See details from
Chromium Rust slack channel. Any ideas to make it works as I need to resolve an
issue 9 in the
CL ?
Best regards,
Frank
From: Frank Li (IE)
Sent: Tuesday, March 18, 2025 10:52 AM
To: 'Matthew Riley' <mat...@google.com>
Cc: secu...@chromium.org; Clark Duvall <cdu...@google.com>; Etienne Noël <etien...@google.com>; Michal Moskal <Michal...@microsoft.com>; Sushanth Rajasankar <Sushanth....@microsoft.com>; Harsha Nori <han...@microsoft.com>
Subject: RE: [EXTERNAL] Re: [chromium-security] [Security Audit Request] import of a new third party llguidance Rust library
Thank you, @Matthew Riley, for your prompt response and for setting the expectations.
We look forward to hearing back from your team.
Best regards,
Frank
From: Matthew Riley <mat...@google.com>
Sent: Tuesday, March 18, 2025 10:41 AM
To: Frank Li (IE) <fra...@microsoft.com>
Cc: secu...@chromium.org; Clark Duvall <cdu...@google.com>; Etienne Noël <etien...@google.com>; Michal Moskal <Michal...@microsoft.com>;
Sushanth Rajasankar <Sushanth....@microsoft.com>; Harsha Nori <han...@microsoft.com>
Subject: [EXTERNAL] Re: [chromium-security] [Security Audit Request] import of a new third party llguidance Rust library
Hi there,
I'm the lead for the Chrome Rust team. Thanks for your work putting this review together.
To set expectations: this is a big review, and we're still filling in some of the details of how our process works with contributors outside our team. We believe we can have this review done by the end of next week (by March 28).
Please feel free to reach out to me directly or to rust...@chromium.org with any questions.
Thanks,
Matt
On Mon, Mar 17, 2025 at 4:32 PM 'Frank Li (IE)' via security <secu...@chromium.org> wrote:
Hi Chromium Security folks,
We have the ATL approval and would like to get security audits/reviews on the import of a third-party Rust crate in the CL posted here:
6272323: [ChromeML] Import of llguidance Rust crate | https://chromium-review.googlesource.com/c/chromium/src/+/6272323
One page doc is here: Security Review - import of llguidance third party Rust crate - Google Docs
Please let us know if there are any additional steps required to initiate the security audit process.
Best regards,
Frank
--
--
-----
secu...@chromium.org is for discussing vulnerabilities and fixes in Chromium code.
Please protect Chromium users: DO NOT FORWARD this email or disclose its contents to third parties.
http://groups.google.com/a/chromium.org/group/security
Łukasz Anforowicz
[- secu...@chromium.org; + rust...@chromium.org]
Hi Chromium Rust devs,
Thank you for looking into the security audits!
I have a quick question in updating the llguidance crate in this review from v0.6.31 to v0.7.8
I tried “vpython3 ./tools/crates/run_gnrt.py update llguidance” and “vpython3 ./tools/crates/run_gnrt.py update llgui...@0.7.8 -- --verbose”, they both not allowing me to do so.
See details from Chromium Rust slack channel. Any ideas to make it works as I need to resolve an issue 9 in the CL ?
--
You received this message because you are subscribed to the Google Groups "rust-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rust-dev+u...@chromium.org.
To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/rust-dev/LV3PR00MB177281E1F3167ADFCE0DE477B4A42%40LV3PR00MB1772.namprd00.prod.outlook.com.