diff --git a/Cargo.lock b/Cargo.lock index 05a1797..e2e4113 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -133,9 +133,9 @@ dependencies = [ [[package]] name = "ahash" -version = "0.8.0" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57e6e951cfbb2db8de1828d49073a113a29fd7117b1596caa781a258c7e38d72" +checksum = "2c99f64d1e06488f620f932677e24bc6e2897582980441ae90a671415bd7ec2f" dependencies = [ "cfg-if", "getrandom 0.2.10", @@ -145,9 +145,9 @@ dependencies = [ [[package]] name = "aho-corasick" -version = "0.7.20" +version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac" +checksum = "43f6cb1bf222025340178f382c426f13757b2960e89779dfcb319c32542a5a41" dependencies = [ "memchr", ] @@ -175,9 +175,9 @@ checksum = "bddcadddf5e9015d310179a59bb28c4d4b9920ad0f11e8e14dbadf654890c9a6" [[package]] name = "arrayvec" -version = "0.7.2" +version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8da52d66c7071e2e3fa2a1e5c6d088fec47b593032b254f5e980de8ea54454d6" +checksum = "8868f09ff8cea88b079da74ae569d9b8c62a23c68c746240b704ee6f7525c89c" [[package]] name = "atty" @@ -219,9 +219,9 @@ checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" [[package]] name = "base64ct" -version = "1.5.3" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b645a089122eccb6111b4f81cbc1a49f5900ac4666bb93ac027feaecf15607bf" +checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" [[package]] name = "bcrypt-pbkdf" @@ -280,23 +280,11 @@ dependencies = [ "cipher", ] -[[package]] -name = "bstr" -version = "0.2.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba3569f383e8f1598449f1a423e72e99569137b47740b1da11ef19af3d5c3223" -dependencies = [ - "lazy_static", - "memchr", - "regex-automata", - "serde", -] - [[package]] name = "bumpalo" -version = "3.12.0" +version = "3.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535" +checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1" [[package]] name = "bytemuck" @@ -586,9 +574,9 @@ dependencies = [ [[package]] name = "crossbeam-epoch" -version = "0.9.14" +version = "0.9.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46bd5f3f85273295a9d14aedfb86f6aadbff6d8f5295c4a9edb08e819dcf5695" +checksum = "ae211234986c545741a7dc064309f67ee1e5ad243d0e48335adc0484d960bcc7" dependencies = [ "autocfg", "cfg-if", @@ -599,9 +587,9 @@ dependencies = [ [[package]] name = "crossbeam-utils" -version = "0.8.15" +version = "0.8.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c063cd8cc95f5c377ed0d4b49a4b21f632396ff690e8470c29b3359b346984b" +checksum = "5a22b2d63d4d1dc0b7f1b6b2747dd0088008a9be28b6ddf0b1e7d335e3037294" dependencies = [ "cfg-if", ] @@ -619,13 +607,12 @@ dependencies = [ [[package]] name = "csv" -version = "1.1.6" +version = "1.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22813a6dc45b335f9bade10bf7271dc477e81113e89eb251a0bc2a8a81c536e1" +checksum = "626ae34994d3d8d668f4269922248239db4ae42d538b14c398b74a52208e8086" dependencies = [ - "bstr", "csv-core", - "itoa 0.4.8", + "itoa", "ryu", "serde", ] @@ -650,9 +637,9 @@ dependencies = [ [[package]] name = "ctrlc" -version = "3.3.1" +version = "3.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7394a21d012ce5c850497fb774b167d81b99f060025fbf06ee92b9848bd97eb2" +checksum = "2a011bbe2c35ce9c1f143b7af6f94f29a167beb4cd1d29e6740ce836f723120e" dependencies = [ "nix 0.26.2", "windows-sys 0.48.0", @@ -818,7 +805,7 @@ version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "59a98bbaacea1c0eb6a0876280051b892eb73594fd90cf3b20e9c817029c57d2" dependencies = [ - "toml", + "toml 0.5.11", ] [[package]] @@ -1157,23 +1144,23 @@ checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" [[package]] name = "i18n-config" -version = "0.4.3" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d9f93ceee6543011739bc81699b5e0cf1f23f3a80364649b6d80de8636bc8df" +checksum = "b987084cadad6e2f2b1e6ea62c44123591a3c044793a1beabf71a8356ea768d5" dependencies = [ "log", "serde", "serde_derive", "thiserror", - "toml", + "toml 0.7.4", "unic-langid", ] [[package]] name = "i18n-embed" -version = "0.13.8" +version = "0.13.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2653dd1a8be0726315603f1c180b29f90e5b2a58f8b943d949d5170d9ad81101" +checksum = "92a86226a7a16632de6723449ee5fe70bac5af718bc642ee9ca2f0f6e14fa1fa" dependencies = [ "arc-swap", "fluent", @@ -1214,9 +1201,9 @@ dependencies = [ [[package]] name = "i18n-embed-impl" -version = "0.8.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0db2330e035808eb064afb67e6743ddce353763af3e0f2bdfc2476e00ce76136" +checksum = "e9a95d065e6be4499e50159172395559a388d20cf13c84c77e4a1e341786f219" dependencies = [ "find-crate", "i18n-config", @@ -1260,14 +1247,14 @@ dependencies = [ [[package]] name = "inferno" -version = "0.11.14" +version = "0.11.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6e66fa9bb3c52f40d05c11b78919ff2f18993c2305bd8a62556d20cb3e9606f" +checksum = "2fb7c1b80a1dfa604bb4a649a5c5aeef3d913f7c520cb42b40e534e8a61bcdfc" dependencies = [ "ahash", - "atty", "indexmap", - "itoa 1.0.6", + "is-terminal", + "itoa", "log", "num-format", "once_cell", @@ -1331,6 +1318,18 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4b3f7cef34251886990511df1c61443aa928499d598a9473929ab5a90a527304" +[[package]] +name = "is-terminal" +version = "0.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "adcf93614601c8129ddf72e2d5633df827ba6551541c6d8c59520a371475be1f" +dependencies = [ + "hermit-abi 0.3.1", + "io-lifetimes", + "rustix", + "windows-sys 0.48.0", +] + [[package]] name = "itertools" version = "0.10.5" @@ -1340,12 +1339,6 @@ dependencies = [ "either", ] -[[package]] -name = "itoa" -version = "0.4.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b71991ff56294aa922b450139ee08b3bfc70982c6b2c7562771375cf73542dd4" - [[package]] name = "itoa" version = "1.0.6" @@ -1363,9 +1356,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.63" +version = "0.3.64" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f37a4a5928311ac501dee68b3c7613a1037d0edb30c8e5427bd832d55d1b790" +checksum = "c5f195fe497f702db0f318b07fdd68edb16955aed830df8363d837542f8f935a" dependencies = [ "wasm-bindgen", ] @@ -1422,12 +1415,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.17" +version = "0.4.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" -dependencies = [ - "cfg-if", -] +checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4" [[package]] name = "malloc_buf" @@ -1464,9 +1454,9 @@ dependencies = [ [[package]] name = "memoffset" -version = "0.8.0" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d61c719bcfbcf5d62b3a09efa6088de8c54bc0bfcd3ea7ae39fcc186108b8de1" +checksum = "5a634b1c61a95585bd15607c6ab0c4e5b226e695ff2800ba0cdccddf208c406c" dependencies = [ "autocfg", ] @@ -1552,7 +1542,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a652d9771a63711fd3c3deb670acfbe5c30a4072e664d7a3bf5a9e1056ac72c3" dependencies = [ "arrayvec", - "itoa 1.0.6", + "itoa", ] [[package]] @@ -1596,15 +1586,6 @@ dependencies = [ "libc", ] -[[package]] -name = "num_threads" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" -dependencies = [ - "libc", -] - [[package]] name = "objc" version = "0.2.7" @@ -1645,9 +1626,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.17.2" +version = "1.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9670a07f94779e00908f3e686eab508878ebb390ba6e604d3a284c00e8d0487b" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" [[package]] name = "oorandom" @@ -1979,7 +1960,7 @@ dependencies = [ "pinentry", "rust-embed", "tar", - "time 0.3.15", + "time 0.3.22", "zip", ] @@ -2096,26 +2077,20 @@ dependencies = [ [[package]] name = "regex" -version = "1.7.3" +version = "1.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b1f693b24f6ac912f4893ef08244d70b6067480d2f1a46e950c9691e6749d1d" +checksum = "d0ab3ca65655bb1e41f2a8c8cd662eb4fb035e67c3f78da1d61dffe89d07300f" dependencies = [ "aho-corasick", "memchr", "regex-syntax", ] -[[package]] -name = "regex-automata" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" - [[package]] name = "regex-syntax" -version = "0.6.29" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" +checksum = "436b050e76ed2903236f032a59761c1eb99e1b0aead2c257922771dab1fc8c78" [[package]] name = "rgb" @@ -2318,11 +2293,20 @@ version = "1.0.96" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "057d394a50403bcac12672b2b18fb387ab6d289d957dab67dd201875391e52f1" dependencies = [ - "itoa 1.0.6", + "itoa", "ryu", "serde", ] +[[package]] +name = "serde_spanned" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93107647184f6027e3b7dcb2e11034cf95ffa1e3a682c67951963ac69c1c007d" +dependencies = [ + "serde", +] + [[package]] name = "sha1" version = "0.10.5" @@ -2574,14 +2558,20 @@ dependencies = [ [[package]] name = "time" -version = "0.3.15" +version = "0.3.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d634a985c4d4238ec39cacaed2e7ae552fbd3c476b552c1deac3021b7d7eaf0c" +checksum = "ea9e1b3cf1243ae005d9e74085d4d542f3125458f3a81af210d901dcd7411efd" dependencies = [ - "libc", - "num_threads", + "serde", + "time-core", ] +[[package]] +name = "time-core" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb" + [[package]] name = "tinystr" version = "0.7.1" @@ -2634,6 +2624,40 @@ dependencies = [ "serde", ] +[[package]] +name = "toml" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6135d499e69981f9ff0ef2167955a5333c35e36f6937d382974566b3d5b94ec" +dependencies = [ + "serde", + "serde_spanned", + "toml_datetime", + "toml_edit", +] + +[[package]] +name = "toml_datetime" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a76a9312f5ba4c2dec6b9161fdf25d87ad8a09256ccea5a556fef03c706a10f" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_edit" +version = "0.19.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2380d56e8670370eee6566b0bfd4265f65b3f432e8c6d85623f728d4fa31f739" +dependencies = [ + "indexmap", + "serde", + "serde_spanned", + "toml_datetime", + "winnow", +] + [[package]] name = "type-map" version = "0.4.0" @@ -2702,9 +2726,9 @@ dependencies = [ [[package]] name = "uuid" -version = "1.3.3" +version = "1.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "345444e32442451b267fc254ae85a209c64be56d2890e601a0c37ff0c3c5ecd2" +checksum = "0fa2982af2eec27de306107c027578ff7f423d65f7250e40ce0fea8f45248b81" [[package]] name = "version_check" @@ -2742,9 +2766,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.86" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5bba0e8cb82ba49ff4e229459ff22a191bbe9a1cb3a341610c9c33efc27ddf73" +checksum = "7706a72ab36d8cb1f80ffbf0e071533974a60d0a308d01a5d0375bf60499a342" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -2752,9 +2776,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.86" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19b04bc93f9d6bdee709f6bd2118f57dd6679cf1176a1af464fca3ab0d66d8fb" +checksum = "5ef2b6d3c510e9625e5fe6f509ab07d66a760f0885d858736483c32ed7809abd" dependencies = [ "bumpalo", "log", @@ -2767,9 +2791,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.86" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14d6b024f1a526bb0234f52840389927257beb670610081360e5a03c5df9c258" +checksum = "dee495e55982a3bd48105a7b947fd2a9b4a8ae3010041b9e0faab3f9cd028f1d" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -2777,9 +2801,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.86" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e128beba882dd1eb6200e1dc92ae6c5dbaa4311aa7bb211ca035779e5efc39f8" +checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b" dependencies = [ "proc-macro2", "quote", @@ -2790,15 +2814,15 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.86" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed9d5b4305409d1fc9482fee2d7f9bcbf24b3972bf59817ef757e23982242a93" +checksum = "ca6ad05a4870b2bf5fe995117d3728437bd27d7cd5f06f13c17443ef369775a1" [[package]] name = "web-sys" -version = "0.3.63" +version = "0.3.64" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3bdd9ef4e984da1187bf8110c5cf5b845fbc87a23602cdf912386a76fcd3a7c2" +checksum = "9b85cbef8c220a6abc02aefd892dfc0fc23afb1c6a426316ec33253a3877249b" dependencies = [ "js-sys", "wasm-bindgen", @@ -2987,6 +3011,15 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" +[[package]] +name = "winnow" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61de7bac303dc551fe038e2b3cef0f571087a47571ea6e79a87692ac99b99699" +dependencies = [ + "memchr", +] + [[package]] name = "wsl" version = "0.1.0" @@ -3070,7 +3103,7 @@ dependencies = [ "hmac", "pbkdf2", "sha1", - "time 0.3.15", + "time 0.3.22", "zstd", ] @@ -3095,10 +3128,11 @@ dependencies = [ [[package]] name = "zstd-sys" -version = "2.0.4+zstd.1.5.2" +version = "2.0.8+zstd.1.5.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4fa202f2ef00074143e219d15b62ffc317d17cc33909feac471c044087cad7b0" +checksum = "5556e6ee25d32df2586c098bbfa278803692a20d0ab9565e049480d52707ec8c" dependencies = [ "cc", "libc", + "pkg-config", ] diff --git a/fuzz-afl/Cargo.lock b/fuzz-afl/Cargo.lock index 916972a..fef71c2 100644 --- a/fuzz-afl/Cargo.lock +++ b/fuzz-afl/Cargo.lock @@ -288,7 +288,7 @@ version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "59a98bbaacea1c0eb6a0876280051b892eb73594fd90cf3b20e9c817029c57d2" dependencies = [ - "toml", + "toml 0.5.11", ] [[package]] @@ -411,23 +411,23 @@ dependencies = [ [[package]] name = "i18n-config" -version = "0.4.3" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d9f93ceee6543011739bc81699b5e0cf1f23f3a80364649b6d80de8636bc8df" +checksum = "b987084cadad6e2f2b1e6ea62c44123591a3c044793a1beabf71a8356ea768d5" dependencies = [ "log", "serde", "serde_derive", "thiserror", - "toml", + "toml 0.7.4", "unic-langid", ] [[package]] name = "i18n-embed" -version = "0.13.8" +version = "0.13.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2653dd1a8be0726315603f1c180b29f90e5b2a58f8b943d949d5170d9ad81101" +checksum = "92a86226a7a16632de6723449ee5fe70bac5af718bc642ee9ca2f0f6e14fa1fa" dependencies = [ "arc-swap", "fluent", @@ -467,9 +467,9 @@ dependencies = [ [[package]] name = "i18n-embed-impl" -version = "0.8.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0db2330e035808eb064afb67e6743ddce353763af3e0f2bdfc2476e00ce76136" +checksum = "e9a95d065e6be4499e50159172395559a388d20cf13c84c77e4a1e341786f219" dependencies = [ "find-crate", "i18n-config", @@ -478,6 +478,16 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "indexmap" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +dependencies = [ + "autocfg", + "hashbrown", +] + [[package]] name = "inout" version = "0.1.3" @@ -536,12 +546,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.17" +version = "0.4.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" -dependencies = [ - "cfg-if", -] +checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4" [[package]] name = "memchr" @@ -567,9 +574,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.17.2" +version = "1.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9670a07f94779e00908f3e686eab508878ebb390ba6e604d3a284c00e8d0487b" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" [[package]] name = "opaque-debug" @@ -903,6 +910,15 @@ dependencies = [ "syn 2.0.18", ] +[[package]] +name = "serde_spanned" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93107647184f6027e3b7dcb2e11034cf95ffa1e3a682c67951963ac69c1c007d" +dependencies = [ + "serde", +] + [[package]] name = "sha2" version = "0.10.6" @@ -1007,6 +1023,40 @@ dependencies = [ "serde", ] +[[package]] +name = "toml" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6135d499e69981f9ff0ef2167955a5333c35e36f6937d382974566b3d5b94ec" +dependencies = [ + "serde", + "serde_spanned", + "toml_datetime", + "toml_edit", +] + +[[package]] +name = "toml_datetime" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a76a9312f5ba4c2dec6b9161fdf25d87ad8a09256ccea5a556fef03c706a10f" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_edit" +version = "0.19.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2380d56e8670370eee6566b0bfd4265f65b3f432e8c6d85623f728d4fa31f739" +dependencies = [ + "indexmap", + "serde", + "serde_spanned", + "toml_datetime", + "winnow", +] + [[package]] name = "type-map" version = "0.4.0" @@ -1194,6 +1244,15 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" +[[package]] +name = "winnow" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61de7bac303dc551fe038e2b3cef0f571087a47571ea6e79a87692ac99b99699" +dependencies = [ + "memchr", +] + [[package]] name = "x25519-dalek" version = "1.1.1" diff --git a/fuzz/Cargo.lock b/fuzz/Cargo.lock index 5d122dd..9e8ad18 100644 --- a/fuzz/Cargo.lock +++ b/fuzz/Cargo.lock @@ -248,7 +248,7 @@ version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "59a98bbaacea1c0eb6a0876280051b892eb73594fd90cf3b20e9c817029c57d2" dependencies = [ - "toml", + "toml 0.5.11", ] [[package]] @@ -353,23 +353,23 @@ dependencies = [ [[package]] name = "i18n-config" -version = "0.4.3" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d9f93ceee6543011739bc81699b5e0cf1f23f3a80364649b6d80de8636bc8df" +checksum = "b987084cadad6e2f2b1e6ea62c44123591a3c044793a1beabf71a8356ea768d5" dependencies = [ "log", "serde", "serde_derive", "thiserror", - "toml", + "toml 0.7.4", "unic-langid", ] [[package]] name = "i18n-embed" -version = "0.13.8" +version = "0.13.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2653dd1a8be0726315603f1c180b29f90e5b2a58f8b943d949d5170d9ad81101" +checksum = "92a86226a7a16632de6723449ee5fe70bac5af718bc642ee9ca2f0f6e14fa1fa" dependencies = [ "arc-swap", "fluent", @@ -409,9 +409,9 @@ dependencies = [ [[package]] name = "i18n-embed-impl" -version = "0.8.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0db2330e035808eb064afb67e6743ddce353763af3e0f2bdfc2476e00ce76136" +checksum = "e9a95d065e6be4499e50159172395559a388d20cf13c84c77e4a1e341786f219" dependencies = [ "find-crate", "i18n-config", @@ -420,6 +420,16 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "indexmap" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +dependencies = [ + "autocfg", + "hashbrown", +] + [[package]] name = "inout" version = "0.1.3" @@ -487,12 +497,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.17" +version = "0.4.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" -dependencies = [ - "cfg-if", -] +checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4" [[package]] name = "memchr" @@ -518,9 +525,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.17.2" +version = "1.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9670a07f94779e00908f3e686eab508878ebb390ba6e604d3a284c00e8d0487b" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" [[package]] name = "opaque-debug" @@ -830,6 +837,15 @@ dependencies = [ "syn 2.0.18", ] +[[package]] +name = "serde_spanned" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93107647184f6027e3b7dcb2e11034cf95ffa1e3a682c67951963ac69c1c007d" +dependencies = [ + "serde", +] + [[package]] name = "sha2" version = "0.10.6" @@ -919,6 +935,40 @@ dependencies = [ "serde", ] +[[package]] +name = "toml" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6135d499e69981f9ff0ef2167955a5333c35e36f6937d382974566b3d5b94ec" +dependencies = [ + "serde", + "serde_spanned", + "toml_datetime", + "toml_edit", +] + +[[package]] +name = "toml_datetime" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a76a9312f5ba4c2dec6b9161fdf25d87ad8a09256ccea5a556fef03c706a10f" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_edit" +version = "0.19.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2380d56e8670370eee6566b0bfd4265f65b3f432e8c6d85623f728d4fa31f739" +dependencies = [ + "indexmap", + "serde", + "serde_spanned", + "toml_datetime", + "winnow", +] + [[package]] name = "type-map" version = "0.4.0" @@ -1085,6 +1135,15 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" +[[package]] +name = "winnow" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61de7bac303dc551fe038e2b3cef0f571087a47571ea6e79a87692ac99b99699" +dependencies = [ + "memchr", +] + [[package]] name = "x25519-dalek" version = "1.1.1" diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index a9b8162..bd8ca6f 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -5,3 +5,57 @@ description = "The cryptographic code in this crate has been reviewed for correctness by a member of a designated set of cryptography experts within the project." [audits] + +[[trusted.windows-sys]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-11-15" +end = "2024-08-06" + +[[trusted.windows-targets]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2022-09-09" +end = "2024-08-06" + +[[trusted.windows_aarch64_gnullvm]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2022-09-01" +end = "2024-08-06" + +[[trusted.windows_aarch64_msvc]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-11-05" +end = "2024-08-06" + +[[trusted.windows_i686_gnu]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-28" +end = "2024-08-06" + +[[trusted.windows_i686_msvc]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-27" +end = "2024-08-06" + +[[trusted.windows_x86_64_gnu]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-28" +end = "2024-08-06" + +[[trusted.windows_x86_64_gnullvm]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2022-09-01" +end = "2024-08-06" + +[[trusted.windows_x86_64_msvc]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-27" +end = "2024-08-06" diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 2f2c405..28eb693 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -2,7 +2,7 @@ # cargo-vet config file [cargo-vet] -version = "0.7" +version = "0.8" [imports.bytecode-alliance] url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-chain/audits.toml" @@ -39,10 +39,6 @@ audit-as-crates-io = false version = "0.17.0" criteria = "safe-to-run" -[[exemptions.adler]] -version = "1.0.2" -criteria = "safe-to-deploy" - [[exemptions.aead]] version = "0.5.1" criteria = "safe-to-deploy" @@ -56,11 +52,11 @@ version = "0.10.1" criteria = "safe-to-deploy" [[exemptions.ahash]] -version = "0.8.0" +version = "0.8.3" criteria = "safe-to-run" [[exemptions.aho-corasick]] -version = "0.7.18" +version = "1.0.2" criteria = "safe-to-deploy" [[exemptions.android-tzdata]] @@ -71,12 +67,16 @@ criteria = "safe-to-deploy" version = "1.6.0" criteria = "safe-to-deploy" +[[exemptions.arrayvec]] +version = "0.7.3" +criteria = "safe-to-run" + [[exemptions.base64]] version = "0.13.1" criteria = "safe-to-deploy" [[exemptions.base64ct]] -version = "1.5.3" +version = "1.6.0" criteria = "safe-to-deploy" [[exemptions.bcrypt-pbkdf]] @@ -103,10 +103,6 @@ criteria = "safe-to-deploy" version = "0.9.1" criteria = "safe-to-deploy" -[[exemptions.bstr]] -version = "0.2.17" -criteria = "safe-to-run" - [[exemptions.bytemuck]] version = "1.13.1" criteria = "safe-to-run" @@ -216,15 +212,15 @@ version = "0.8.3" criteria = "safe-to-run" [[exemptions.crossbeam-epoch]] -version = "0.9.14" +version = "0.9.15" criteria = "safe-to-run" [[exemptions.crossbeam-utils]] -version = "0.8.15" +version = "0.8.16" criteria = "safe-to-deploy" [[exemptions.csv]] -version = "1.1.6" +version = "1.2.2" criteria = "safe-to-run" [[exemptions.csv-core]] @@ -236,7 +232,7 @@ version = "0.9.2" criteria = "safe-to-deploy" [[exemptions.ctrlc]] -version = "3.3.1" +version = "3.4.0" criteria = "safe-to-deploy" [[exemptions.curve25519-dalek]] @@ -351,20 +347,16 @@ criteria = "safe-to-deploy" version = "0.12.3" criteria = "safe-to-deploy" -[[exemptions.hmac]] -version = "0.12.1" -criteria = "safe-to-deploy" - [[exemptions.humantime]] version = "2.1.0" criteria = "safe-to-deploy" [[exemptions.i18n-config]] -version = "0.4.3" +version = "0.4.4" criteria = "safe-to-deploy" [[exemptions.i18n-embed]] -version = "0.13.8" +version = "0.13.9" criteria = "safe-to-deploy" [[exemptions.i18n-embed-fl]] @@ -372,7 +364,7 @@ version = "0.6.7" criteria = "safe-to-deploy" [[exemptions.i18n-embed-impl]] -version = "0.8.0" +version = "0.8.1" criteria = "safe-to-deploy" [[exemptions.iana-time-zone]] @@ -385,20 +377,16 @@ criteria = "safe-to-deploy" [[exemptions.indexmap]] version = "1.9.1" -criteria = "safe-to-run" +criteria = "safe-to-deploy" [[exemptions.inferno]] -version = "0.11.14" +version = "0.11.15" criteria = "safe-to-run" [[exemptions.instant]] version = "0.1.12" criteria = "safe-to-deploy" -[[exemptions.io-lifetimes]] -version = "1.0.11" -criteria = "safe-to-deploy" - [[exemptions.io_tee]] version = "0.1.1" criteria = "safe-to-deploy" @@ -407,10 +395,6 @@ criteria = "safe-to-deploy" version = "0.10.5" criteria = "safe-to-run" -[[exemptions.itoa]] -version = "0.4.8" -criteria = "safe-to-run" - [[exemptions.itoa]] version = "1.0.6" criteria = "safe-to-deploy" @@ -420,7 +404,7 @@ version = "0.1.26" criteria = "safe-to-deploy" [[exemptions.js-sys]] -version = "0.3.63" +version = "0.3.64" criteria = "safe-to-deploy" [[exemptions.libc]] @@ -456,7 +440,7 @@ version = "0.5.10" criteria = "safe-to-run" [[exemptions.memoffset]] -version = "0.6.5" +version = "0.9.0" criteria = "safe-to-run" [[exemptions.minimal-lexical]] @@ -467,10 +451,6 @@ criteria = "safe-to-deploy" version = "0.5.3" criteria = "safe-to-run" -[[exemptions.miniz_oxide]] -version = "0.7.1" -criteria = "safe-to-deploy" - [[exemptions.nix]] version = "0.24.3" criteria = "safe-to-run" @@ -495,10 +475,6 @@ criteria = "safe-to-run" version = "1.13.1" criteria = "safe-to-deploy" -[[exemptions.num_threads]] -version = "0.1.6" -criteria = "safe-to-deploy" - [[exemptions.objc]] version = "0.2.7" criteria = "safe-to-deploy" @@ -615,10 +591,6 @@ criteria = "safe-to-deploy" version = "1.0.4" criteria = "safe-to-deploy" -[[exemptions.proc-macro2]] -version = "1.0.60" -criteria = "safe-to-deploy" - [[exemptions.quick-xml]] version = "0.26.0" criteria = "safe-to-run" @@ -647,10 +619,6 @@ criteria = "safe-to-deploy" version = "0.5.1" criteria = "safe-to-deploy" -[[exemptions.rand_core]] -version = "0.6.4" -criteria = "safe-to-deploy" - [[exemptions.rand_hc]] version = "0.2.0" criteria = "safe-to-deploy" @@ -664,15 +632,11 @@ version = "0.3.5" criteria = "safe-to-deploy" [[exemptions.regex]] -version = "1.5.6" +version = "1.8.4" criteria = "safe-to-deploy" -[[exemptions.regex-automata]] -version = "0.1.10" -criteria = "safe-to-run" - [[exemptions.regex-syntax]] -version = "0.6.26" +version = "0.7.2" criteria = "safe-to-deploy" [[exemptions.rgb]] @@ -747,8 +711,8 @@ criteria = "safe-to-deploy" version = "1.0.81" criteria = "safe-to-deploy" -[[exemptions.sha2]] -version = "0.10.6" +[[exemptions.serde_spanned]] +version = "0.6.2" criteria = "safe-to-deploy" [[exemptions.signature]] @@ -783,10 +747,6 @@ criteria = "safe-to-run" version = "0.10.0" criteria = "safe-to-deploy" -[[exemptions.subtle]] -version = "2.4.1" -criteria = "safe-to-deploy" - [[exemptions.symbolic-common]] version = "9.2.1" criteria = "safe-to-run" @@ -840,7 +800,7 @@ version = "0.1.44" criteria = "safe-to-deploy" [[exemptions.time]] -version = "0.3.15" +version = "0.3.22" criteria = "safe-to-deploy" [[exemptions.tinytemplate]] @@ -859,6 +819,10 @@ criteria = "safe-to-run" version = "0.5.9" criteria = "safe-to-deploy" +[[exemptions.toml_edit]] +version = "0.19.10" +criteria = "safe-to-deploy" + [[exemptions.type-map]] version = "0.4.0" criteria = "safe-to-deploy" @@ -872,7 +836,7 @@ version = "0.11.0" criteria = "safe-to-deploy" [[exemptions.uuid]] -version = "1.3.3" +version = "1.3.4" criteria = "safe-to-run" [[exemptions.version_check]] @@ -896,27 +860,23 @@ version = "0.11.0+wasi-snapshot-preview1" criteria = "safe-to-deploy" [[exemptions.wasm-bindgen]] -version = "0.2.86" +version = "0.2.87" criteria = "safe-to-deploy" [[exemptions.wasm-bindgen-backend]] -version = "0.2.86" +version = "0.2.87" criteria = "safe-to-deploy" [[exemptions.wasm-bindgen-macro]] -version = "0.2.86" +version = "0.2.87" criteria = "safe-to-deploy" [[exemptions.wasm-bindgen-macro-support]] -version = "0.2.86" -criteria = "safe-to-deploy" - -[[exemptions.wasm-bindgen-shared]] -version = "0.2.86" +version = "0.2.87" criteria = "safe-to-deploy" [[exemptions.web-sys]] -version = "0.3.63" +version = "0.3.64" criteria = "safe-to-deploy" [[exemptions.which]] @@ -943,6 +903,10 @@ criteria = "safe-to-deploy" version = "0.48.0" criteria = "safe-to-deploy" +[[exemptions.winnow]] +version = "0.4.6" +criteria = "safe-to-deploy" + [[exemptions.wsl]] version = "0.1.0" criteria = "safe-to-deploy" @@ -984,5 +948,5 @@ version = "5.0.2+zstd.1.5.2" criteria = "safe-to-deploy" [[exemptions.zstd-sys]] -version = "2.0.4+zstd.1.5.2" +version = "2.0.8+zstd.1.5.5" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 0aabe28..0c523e8 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -2,8 +2,8 @@ # cargo-vet imports lock [[publisher.bumpalo]] -version = "3.12.0" -when = "2023-01-17" +version = "3.13.0" +when = "2023-05-22" user-id = 696 user-login = "fitzgen" user-name = "Nick Fitzgerald" @@ -22,6 +22,132 @@ user-id = 1139 user-login = "Manishearth" user-name = "Manish Goregaokar" +[[publisher.windows-sys]] +version = "0.45.0" +when = "2023-01-21" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows-sys]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows-targets]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows-targets]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_aarch64_gnullvm]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_aarch64_gnullvm]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_aarch64_msvc]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_aarch64_msvc]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_i686_gnu]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_i686_gnu]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_i686_msvc]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_i686_msvc]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_gnu]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_gnu]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_gnullvm]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_gnullvm]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_msvc]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_msvc]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + [[audits.bytecode-alliance.wildcard-audits.bumpalo]] who = "Nick Fitzgerald " criteria = "safe-to-deploy" @@ -38,14 +164,11 @@ This is a minor update for addr2line which looks to mainly update its dependencies and refactor existing code to expose more functionality and such. """ -[[audits.bytecode-alliance.audits.arrayvec]] -who = "Nick Fitzgerald " +[[audits.bytecode-alliance.audits.adler]] +who = "Alex Crichton " criteria = "safe-to-deploy" -version = "0.7.2" -notes = """ -Well documented invariants, good assertions for those invariants in unsafe code, -and tested with MIRI to boot. LGTM. -""" +version = "1.0.2" +notes = "This is a small crate which forbids unsafe code and is a straightforward implementation of the adler hashing algorithm." [[audits.bytecode-alliance.audits.atty]] who = "Alex Crichton " @@ -159,6 +282,33 @@ more features, etc. Some minor `unsafe` code was added that does not appear incorrect. Otherwise looks like someone probably ran clippy and/or rustfmt. """ +[[audits.bytecode-alliance.audits.io-lifetimes]] +who = "Dan Gohman " +criteria = "safe-to-deploy" +version = "1.0.3" +notes = "I am the author of this crate." + +[[audits.bytecode-alliance.audits.io-lifetimes]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "1.0.3 -> 1.0.5" +notes = "The Bytecode Alliance is the author of this crate." + +[[audits.bytecode-alliance.audits.io-lifetimes]] +who = "Dan Gohman " +criteria = "safe-to-deploy" +delta = "1.0.5 -> 1.0.10" +notes = "I am the maintainer of this crate." + +[[audits.bytecode-alliance.audits.is-terminal]] +who = "Dan Gohman " +criteria = "safe-to-deploy" +version = "0.4.7" +notes = """ +The is-terminal implementation code is now sync'd up with the prototype +implementation in the Rust standard library. +""" + [[audits.bytecode-alliance.audits.libm]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -178,17 +328,30 @@ This is a minor update which has some testing affordances as well as some updated math algorithms. """ -[[audits.bytecode-alliance.audits.memoffset]] +[[audits.bytecode-alliance.audits.miniz_oxide]] who = "Alex Crichton " criteria = "safe-to-deploy" -delta = "0.7.1 -> 0.8.0" -notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes." +version = "0.7.1" +notes = """ +This crate is a Rust implementation of zlib compression/decompression and has +been used by default by the Rust standard library for quite some time. It's also +a default dependency of the popular `backtrace` crate for decompressing debug +information. This crate forbids unsafe code and does not otherwise access system +resources. It's originally a port of the `miniz.c` library as well, and given +its own longevity should be relatively hardened against some of the more common +compression-related issues. +""" [[audits.bytecode-alliance.audits.pin-utils]] who = "Pat Hickey " criteria = "safe-to-deploy" version = "0.1.0" +[[audits.bytecode-alliance.audits.proc-macro2]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "1.0.51 -> 1.0.57" + [[audits.bytecode-alliance.audits.quote]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -211,168 +374,6 @@ who = "Pat Hickey " criteria = "safe-to-deploy" version = "1.0.8" -[[audits.bytecode-alliance.audits.windows-sys]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows-sys]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows-sys]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.45.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows-targets]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -version = "0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. Additionally, this particular crate is empty and just collects a bunch of dependencies, which are not exported, so I don't understand why it exists at all." - -[[audits.bytecode-alliance.audits.windows-targets]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. It just provides the import libs needed by windows-sys." - -[[audits.bytecode-alliance.audits.windows_aarch64_gnullvm]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_aarch64_gnullvm]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_aarch64_gnullvm]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_aarch64_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_aarch64_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_aarch64_msvc]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_i686_gnu]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_i686_gnu]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_i686_gnu]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_i686_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_i686_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_i686_msvc]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnu]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnu]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnu]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnullvm]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnullvm]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnullvm]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_x86_64_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_msvc]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.embark-studios.audits.epaint]] -who = "Johan Andersson " -criteria = "safe-to-deploy" -violation = "<0.20.0" -notes = "Specified crate license does not include licenses of embedded fonts if using default features or the `default_fonts` feature. Tracked in: https://github.com/emilk/egui/issues/2321" - [[audits.embark-studios.audits.quickcheck_macros]] who = "Johan Andersson " criteria = "safe-to-deploy" @@ -391,6 +392,18 @@ criteria = "safe-to-deploy" version = "1.0.40" notes = "Found no unsafe or ambient capabilities used" +[[audits.embark-studios.audits.toml]] +who = "Johan Andersson " +criteria = "safe-to-deploy" +version = "0.7.4" +notes = "No unsafe usage or ambient capabilities" + +[[audits.embark-studios.audits.toml_datetime]] +who = "Johan Andersson " +criteria = "safe-to-deploy" +delta = "0.6.1 -> 0.6.2" +notes = "No notable changes" + [[audits.isrg.audits.aes-gcm]] who = "Tim Geoghegan " criteria = "safe-to-deploy" @@ -416,6 +429,11 @@ who = "David Cook " criteria = "safe-to-deploy" version = "0.5.0" +[[audits.isrg.audits.hmac]] +who = "David Cook " +criteria = "safe-to-deploy" +version = "0.12.1" + [[audits.isrg.audits.once_cell]] who = "David Cook " criteria = "safe-to-deploy" @@ -431,11 +449,21 @@ who = "Brandon Pitman " criteria = "safe-to-deploy" delta = "1.17.1 -> 1.17.2" +[[audits.isrg.audits.once_cell]] +who = "David Cook " +criteria = "safe-to-deploy" +delta = "1.17.2 -> 1.18.0" + [[audits.isrg.audits.opaque-debug]] who = "David Cook " criteria = "safe-to-deploy" version = "0.3.0" +[[audits.isrg.audits.rand_core]] +who = "David Cook " +criteria = "safe-to-deploy" +version = "0.6.3" + [[audits.isrg.audits.rayon]] who = "Brandon Pitman " criteria = "safe-to-deploy" @@ -456,10 +484,10 @@ who = "Brandon Pitman " criteria = "safe-to-deploy" delta = "1.0.94 -> 1.0.95" -[[audits.isrg.audits.subtle]] +[[audits.isrg.audits.sha2]] who = "David Cook " criteria = "safe-to-deploy" -delta = "2.4.1 -> 2.5.0" +version = "0.10.2" [[audits.isrg.audits.universal-hash]] who = "David Cook " @@ -471,6 +499,11 @@ who = "David Cook " criteria = "safe-to-deploy" delta = "0.5.0 -> 0.5.1" +[[audits.isrg.audits.wasm-bindgen-shared]] +who = "David Cook " +criteria = "safe-to-deploy" +version = "0.2.83" + [[audits.mozilla.wildcard-audits.core-foundation-sys]] who = "Bobby Holley " criteria = "safe-to-deploy" @@ -490,12 +523,6 @@ end = "2024-05-03" notes = "All code written or reviewed by Manish" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.aho-corasick]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.7.18 -> 0.7.20" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.android_system_properties]] who = "Nicolas Silva " criteria = "safe-to-deploy" @@ -806,6 +833,13 @@ criteria = "safe-to-deploy" version = "0.4.17" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.log]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "0.4.17 -> 0.4.18" +notes = "One dependency removed, others updated (which we don't rely on), some APIs (which we don't use) changed." +aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" + [[audits.mozilla.audits.malloc_buf]] who = "Bobby Holley " criteria = "safe-to-deploy" @@ -818,12 +852,6 @@ it's not exploitable. """ aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.memoffset]] -who = "Gabriele Svelto " -criteria = "safe-to-deploy" -delta = "0.6.5 -> 0.7.1" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.miniz_oxide]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -881,6 +909,61 @@ criteria = "safe-to-deploy" delta = "0.2.16 -> 0.2.17" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.proc-macro2]] +who = "Nika Layzell " +criteria = "safe-to-deploy" +version = "1.0.39" +notes = """ +`proc-macro2` acts as either a thin(-ish) wrapper around the std-provided +`proc_macro` crate, or as a fallback implementation of the crate, depending on +where it is used. + +If using this crate on older versions of rustc (1.56 and earlier), it will +temporarily replace the panic handler while initializing in order to detect if +it is running within a `proc_macro`, which could lead to surprising behaviour. +This should not be an issue for more recent compiler versions, which support +`proc_macro::is_available()`. + +The `proc-macro2` crate's fallback behaviour is not identical to the complex +behaviour of the rustc compiler (e.g. it does not perform unicode normalization +for identifiers), however it behaves well enough for its intended use-case +(tests and scripts processing rust code). + +`proc-macro2` does not use unsafe code, however exposes one `unsafe` API to +allow bypassing checks in the fallback implementation when constructing +`Literal` using `from_str_unchecked`. This was intended to only be used by the +`quote!` macro, however it has been removed +(https://github.com/dtolnay/quote/commit/f621fe64a8a501cae8e95ebd6848e637bbc79078), +and is likely completely unused. Even when used, this API shouldn't be able to +cause unsoundness. +""" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.proc-macro2]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "1.0.39 -> 1.0.43" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.proc-macro2]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "1.0.43 -> 1.0.49" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.proc-macro2]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "1.0.49 -> 1.0.51" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.proc-macro2]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "1.0.57 -> 1.0.59" +notes = "Enabled on Wasm" +aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" + [[audits.mozilla.audits.quote]] who = "Nika Layzell " criteria = "safe-to-deploy" @@ -916,6 +999,12 @@ delta = "1.0.27 -> 1.0.28" notes = "Enabled on wasm targets" aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" +[[audits.mozilla.audits.rand_core]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.6.3 -> 0.6.4" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.rayon]] who = "Josh Stone " criteria = "safe-to-deploy" @@ -948,36 +1037,6 @@ criteria = "safe-to-deploy" delta = "1.10.1 -> 1.10.2" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.regex]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.5.6 -> 1.6.0" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.regex]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.6.0 -> 1.7.0" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.regex]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.7.0 -> 1.7.1" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.regex-syntax]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.6.26 -> 0.6.27" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.regex-syntax]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.6.27 -> 0.6.28" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.rustc-hash]] who = "Bobby Holley " criteria = "safe-to-deploy" @@ -1027,6 +1086,12 @@ criteria = "safe-to-deploy" version = "0.10.5" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.sha2]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.10.2 -> 0.10.6" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.slab]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -1039,6 +1104,13 @@ criteria = "safe-to-deploy" delta = "0.4.7 -> 0.4.8" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.subtle]] +who = "Simon Friedberger " +criteria = "safe-to-deploy" +version = "2.5.0" +notes = "The goal is to provide some constant-time correctness for cryptographic implementations. The approach is reasonable, it is known to be insufficient but this is pointed out in the documentation." +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.termcolor]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -1051,6 +1123,12 @@ criteria = "safe-to-deploy" delta = "0.1.44 -> 0.1.45" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.time-core]] +who = "Kershaw Chang " +criteria = "safe-to-deploy" +version = "0.1.0" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.tinystr]] who = "Makoto Kato " criteria = "safe-to-deploy" @@ -1165,6 +1243,18 @@ version = "0.1.3" notes = "Reviewed in full." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.io-lifetimes]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.10 -> 1.0.11" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.log]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.4.18 -> 0.4.19" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.nix]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1172,16 +1262,10 @@ delta = "0.26.1 -> 0.26.2" notes = "Fixes `SockaddrIn6` endianness bug." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" -[[audits.zcash.audits.regex]] -who = "Sean Bowe " +[[audits.zcash.audits.proc-macro2]] +who = "Jack Grigg " criteria = "safe-to-deploy" -delta = "1.7.1 -> 1.7.3" -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.regex-syntax]] -who = "Sean Bowe " -criteria = "safe-to-deploy" -delta = "0.6.28 -> 0.6.29" +delta = "1.0.59 -> 1.0.60" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.rustc-demangle]] @@ -1202,6 +1286,26 @@ criteria = "safe-to-deploy" delta = "1.0.95 -> 1.0.96" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.time-core]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.1.0 -> 0.1.1" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.toml_datetime]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +version = "0.5.1" +notes = "Crate has `#![forbid(unsafe_code)]`, no `unwrap / expect / panic`, no ambient capabilities." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.toml_datetime]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.5.1 -> 0.6.1" +notes = "Fixes a bug in parsing negative minutes in datetime string offsets." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.universal-hash]] who = "Daira Hopwood " criteria = "safe-to-deploy" @@ -1209,6 +1313,19 @@ delta = "0.4.1 -> 0.5.0" notes = "I checked correctness of to_blocks which uses unsafe code in a safe function." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.wasm-bindgen-shared]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.2.83 -> 0.2.84" +notes = "Bumps the schema version to add `linked_modules`." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.wasm-bindgen-shared]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.2.84 -> 0.2.87" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.which]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1216,61 +1333,6 @@ delta = "4.3.0 -> 4.4.0" notes = "New APIs are remixes of existing code." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" -[[audits.zcash.audits.windows-targets]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_aarch64_gnullvm]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_aarch64_msvc]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_i686_gnu]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_i686_msvc]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_x86_64_gnu]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_x86_64_gnullvm]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_x86_64_msvc]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - [[audits.zcash.audits.zeroize]] who = "Sean Bowe " criteria = "safe-to-deploy"