Google Git
Sign in
boringssl / boringssl / 290acfa3ba57121d7de56b9cf2b0755255586698
commit290acfa3ba57121d7de56b9cf2b0755255586698[log] [tgz]
authorLily Chen <chlily@google.com>Tue Jul 15 16:58:57 2025 -0400
committerBoringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>Tue Jul 15 14:14:22 2025 -0700
tree299f1e934d1b52e3ffdf659ffdb596ac1e60eaed
parent42396c54aca57e7b953eea37d73b88641e1d44ec [diff]
Update .gitignore to check in Cargo.lock files

Cargo.lock files should be checked into version control, per the FAQ.[1]
This edits .gitignore to stop ignoring these files, and checks in the
latest Cargo.lock generated for bssl-sys and bssl-crypto crates.

Unrelatedly, start ignoring /out directories which may be used for
builds.


[1] https://doc.rust-lang.org/cargo/faq.html#why-have-cargolock-in-version-control

Change-Id: I77764645cb550b60b1fc15f6c54163da5cf7cac9
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/80447
Commit-Queue: Lily Chen <chlily@google.com>
Auto-Submit: Lily Chen <chlily@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
3 files changed
tree: 299f1e934d1b52e3ffdf659ffdb596ac1e60eaed
  1. .bcr/
  2. .github/
  3. cmake/
  4. crypto/
  5. decrepit/
  6. docs/
  7. fuzz/
  8. gen/
  9. include/
  10. infra/
  11. pki/
  12. rust/
  13. ssl/
  14. third_party/
  15. tool/
  16. util/
  17. .bazelignore
  18. .bazelrc
  19. .bazelversion
  20. .clang-format
  21. .gitignore
  22. API-CONVENTIONS.md
  23. AUTHORS
  24. BREAKING-CHANGES.md
  25. BUILD.bazel
  26. build.json
  27. BUILDING.md
  28. CMakeLists.txt
  29. codereview.settings
  30. CONTRIBUTING.md
  31. FUZZING.md
  32. go.mod
  33. go.sum
  34. INCORPORATING.md
  35. LICENSE
  36. MODULE.bazel
  37. MODULE.bazel.lock
  38. PORTING.md
  39. PrivacyInfo.xcprivacy
  40. README.md
  41. SANDBOXING.md
  42. STYLE.md
README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

Project links:

To file a security issue, use the Chromium process and mention in the report this is for BoringSSL. You can ignore the parts of the process that are specific to Chromium/Chrome.

There are other files in this directory which might be helpful: