mirror of
https://github.com/str4d/rage.git
synced 2025-04-04 11:27:43 +03:00
cargo update
This commit is contained in:
parent
488212d707
commit
69f755731a
3 changed files with 860 additions and 479 deletions
|
@ -70,14 +70,6 @@ criteria = "safe-to-run"
|
|||
version = "1.6.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.arrayvec]]
|
||||
version = "0.7.4"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.backtrace]]
|
||||
version = "0.3.68"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.base64ct]]
|
||||
version = "1.6.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -126,10 +118,6 @@ criteria = "safe-to-run"
|
|||
version = "0.1.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.cc]]
|
||||
version = "1.0.81"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.chacha20]]
|
||||
version = "0.9.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -238,10 +226,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.9.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.either]]
|
||||
version = "1.9.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.encode_unicode]]
|
||||
version = "0.3.6"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -258,10 +242,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.3.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.fastrand]]
|
||||
version = "2.0.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.filetime]]
|
||||
version = "0.2.22"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -446,10 +426,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.4.4"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.num-traits]]
|
||||
version = "0.2.16"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.num_cpus]]
|
||||
version = "1.16.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -498,10 +474,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.12.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.percent-encoding]]
|
||||
version = "2.3.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.pin-project]]
|
||||
version = "1.1.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -510,10 +482,6 @@ criteria = "safe-to-deploy"
|
|||
version = "1.1.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.pin-project-lite]]
|
||||
version = "0.2.10"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.pinentry]]
|
||||
version = "0.5.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -570,10 +538,6 @@ criteria = "safe-to-run"
|
|||
version = "1.0.3"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.quote]]
|
||||
version = "1.0.32"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rand]]
|
||||
version = "0.7.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -586,10 +550,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.2.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rand_chacha]]
|
||||
version = "0.3.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rand_core]]
|
||||
version = "0.5.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -706,10 +666,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.7.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.static_assertions]]
|
||||
version = "1.1.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.str_stack]]
|
||||
version = "0.1.0"
|
||||
criteria = "safe-to-run"
|
||||
|
@ -774,10 +730,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.1.44"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.time]]
|
||||
version = "0.3.23"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.tinytemplate]]
|
||||
version = "1.2.1"
|
||||
criteria = "safe-to-run"
|
||||
|
@ -802,10 +754,6 @@ criteria = "safe-to-deploy"
|
|||
version = "1.15.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.unicode-ident]]
|
||||
version = "1.0.11"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.users]]
|
||||
version = "0.11.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -818,10 +766,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.9.0+wasi-snapshot-preview1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.wasi]]
|
||||
version = "0.10.0+wasi-snapshot-preview1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.wasi]]
|
||||
version = "0.11.0+wasi-snapshot-preview1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -866,10 +810,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.4.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.windows]]
|
||||
version = "0.48.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.winnow]]
|
||||
version = "0.5.4"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
# cargo-vet imports lock
|
||||
|
||||
[[publisher.bumpalo]]
|
||||
version = "3.13.0"
|
||||
when = "2023-05-22"
|
||||
version = "3.14.0"
|
||||
when = "2023-09-14"
|
||||
user-id = 696
|
||||
user-login = "fitzgen"
|
||||
user-name = "Nick Fitzgerald"
|
||||
|
@ -29,6 +29,13 @@ user-id = 64539
|
|||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows-sys]]
|
||||
version = "0.52.0"
|
||||
when = "2023-11-15"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows-targets]]
|
||||
version = "0.42.2"
|
||||
when = "2023-03-13"
|
||||
|
@ -37,8 +44,15 @@ user-login = "kennykerr"
|
|||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows-targets]]
|
||||
version = "0.48.1"
|
||||
when = "2023-06-28"
|
||||
version = "0.48.5"
|
||||
when = "2023-08-18"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows-targets]]
|
||||
version = "0.52.0"
|
||||
when = "2023-11-15"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
@ -51,8 +65,15 @@ user-login = "kennykerr"
|
|||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_aarch64_gnullvm]]
|
||||
version = "0.48.0"
|
||||
when = "2023-03-31"
|
||||
version = "0.48.5"
|
||||
when = "2023-08-18"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_aarch64_gnullvm]]
|
||||
version = "0.52.0"
|
||||
when = "2023-11-15"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
@ -65,8 +86,15 @@ user-login = "kennykerr"
|
|||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_aarch64_msvc]]
|
||||
version = "0.48.0"
|
||||
when = "2023-03-31"
|
||||
version = "0.48.5"
|
||||
when = "2023-08-18"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_aarch64_msvc]]
|
||||
version = "0.52.0"
|
||||
when = "2023-11-15"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
@ -79,8 +107,15 @@ user-login = "kennykerr"
|
|||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_i686_gnu]]
|
||||
version = "0.48.0"
|
||||
when = "2023-03-31"
|
||||
version = "0.48.5"
|
||||
when = "2023-08-18"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_i686_gnu]]
|
||||
version = "0.52.0"
|
||||
when = "2023-11-15"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
@ -93,8 +128,15 @@ user-login = "kennykerr"
|
|||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_i686_msvc]]
|
||||
version = "0.48.0"
|
||||
when = "2023-03-31"
|
||||
version = "0.48.5"
|
||||
when = "2023-08-18"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_i686_msvc]]
|
||||
version = "0.52.0"
|
||||
when = "2023-11-15"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
@ -107,8 +149,15 @@ user-login = "kennykerr"
|
|||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_x86_64_gnu]]
|
||||
version = "0.48.0"
|
||||
when = "2023-03-31"
|
||||
version = "0.48.5"
|
||||
when = "2023-08-18"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_x86_64_gnu]]
|
||||
version = "0.52.0"
|
||||
when = "2023-11-15"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
@ -121,8 +170,15 @@ user-login = "kennykerr"
|
|||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_x86_64_gnullvm]]
|
||||
version = "0.48.0"
|
||||
when = "2023-03-31"
|
||||
version = "0.48.5"
|
||||
when = "2023-08-18"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_x86_64_gnullvm]]
|
||||
version = "0.52.0"
|
||||
when = "2023-11-15"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
@ -135,8 +191,15 @@ user-login = "kennykerr"
|
|||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_x86_64_msvc]]
|
||||
version = "0.48.0"
|
||||
when = "2023-03-31"
|
||||
version = "0.48.5"
|
||||
when = "2023-08-18"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
||||
[[publisher.windows_x86_64_msvc]]
|
||||
version = "0.52.0"
|
||||
when = "2023-11-15"
|
||||
user-id = 64539
|
||||
user-login = "kennykerr"
|
||||
user-name = "Kenny Kerr"
|
||||
|
@ -154,6 +217,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.19.0 -> 0.20.0"
|
||||
notes = "This version brings support for split-dwarf which while it uses the filesystem is always done at the behest of the caller, so everything is as expected for this update."
|
||||
|
||||
[[audits.bytecode-alliance.audits.addr2line]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.20.0 -> 0.21.0"
|
||||
notes = "This version bump updated some dependencies and optimized some internals. All looks good."
|
||||
|
||||
[[audits.bytecode-alliance.audits.adler]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -196,6 +265,12 @@ who = "Benjamin Bouvier <public@benj.me>"
|
|||
criteria = "safe-to-deploy"
|
||||
delta = "0.9.0 -> 0.10.2"
|
||||
|
||||
[[audits.bytecode-alliance.audits.cc]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.0.73"
|
||||
notes = "I am the author of this crate."
|
||||
|
||||
[[audits.bytecode-alliance.audits.cfg-if]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -227,11 +302,14 @@ who = "Benjamin Bouvier <public@benj.me>"
|
|||
criteria = "safe-to-deploy"
|
||||
delta = "0.9.0 -> 0.10.3"
|
||||
|
||||
[[audits.bytecode-alliance.audits.errno-dragonfly]]
|
||||
who = "Jamey Sharp <jsharp@fastly.com>"
|
||||
[[audits.bytecode-alliance.audits.fastrand]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.1.2"
|
||||
notes = "This should be portable to any POSIX system and seems like it should be part of the libc crate, but at any rate it's safe as is."
|
||||
delta = "2.0.0 -> 2.0.1"
|
||||
notes = """
|
||||
This update had a few doc updates but no otherwise-substantial source code
|
||||
updates.
|
||||
"""
|
||||
|
||||
[[audits.bytecode-alliance.audits.futures-channel]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
|
@ -318,6 +396,16 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.30.3 -> 0.31.1"
|
||||
notes = "A large-ish update to the crate but nothing out of the ordering. Support for new formats like xcoff, new constants, minor refactorings, etc. Nothing out of the ordinary."
|
||||
|
||||
[[audits.bytecode-alliance.audits.percent-encoding]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "2.2.0"
|
||||
notes = """
|
||||
This crate is a single-file crate that does what it says on the tin. There are
|
||||
a few `unsafe` blocks related to utf-8 validation which are locally verifiable
|
||||
as correct and otherwise this crate is good to go.
|
||||
"""
|
||||
|
||||
[[audits.bytecode-alliance.audits.pin-utils]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -337,6 +425,11 @@ This is a routine update for new nightly features and new syntax popping up on
|
|||
nightly, nothing out of the ordinary.
|
||||
"""
|
||||
|
||||
[[audits.bytecode-alliance.audits.quote]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.23 -> 1.0.27"
|
||||
|
||||
[[audits.bytecode-alliance.audits.rustc-demangle]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -349,6 +442,11 @@ criteria = "safe-to-deploy"
|
|||
version = "0.4.6"
|
||||
notes = "provides a datastructure implemented using std's Vec. all uses of unsafe are just delegating to the underlying unsafe Vec methods."
|
||||
|
||||
[[audits.bytecode-alliance.audits.unicode-ident]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.0.8"
|
||||
|
||||
[[audits.embark-studios.audits.quickcheck_macros]]
|
||||
who = "Johan Andersson <opensource@embark-studios.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -367,6 +465,18 @@ criteria = "safe-to-run"
|
|||
version = "0.19.0"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.arrayvec]]
|
||||
who = "Nicholas Bishop <nicholasbishop@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
version = "0.7.4"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.backtrace]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
version = "0.3.67"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.bytemuck]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
|
@ -379,12 +489,6 @@ criteria = "safe-to-run"
|
|||
version = "0.4.1"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.crossbeam-channel]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
version = "0.5.7"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.crossbeam-deque]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
|
@ -415,6 +519,16 @@ criteria = "safe-to-run"
|
|||
delta = "0.9.3 -> 0.8.4"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.fastrand]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.9.0"
|
||||
notes = """
|
||||
`does-not-implement-crypto` is certified because this crate explicitly says
|
||||
that the RNG here is not cryptographically secure.
|
||||
"""
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.futures]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -437,6 +551,26 @@ criteria = "safe-to-run"
|
|||
version = "0.10.5"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.nix]]
|
||||
who = "David Koloski <dkoloski@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
version = "0.26.2"
|
||||
notes = """
|
||||
Reviewed on https://fxrev.dev/780283
|
||||
Issues:
|
||||
- https://github.com/nix-rust/nix/issues/1975
|
||||
- https://github.com/nix-rust/nix/issues/1977
|
||||
- https://github.com/nix-rust/nix/pull/1978
|
||||
- https://github.com/nix-rust/nix/pull/1979
|
||||
- https://github.com/nix-rust/nix/issues/1980
|
||||
- https://github.com/nix-rust/nix/issues/1981
|
||||
- https://github.com/nix-rust/nix/pull/1983
|
||||
- https://github.com/nix-rust/nix/issues/1990
|
||||
- https://github.com/nix-rust/nix/pull/1992
|
||||
- https://github.com/nix-rust/nix/pull/1993
|
||||
"""
|
||||
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.object]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
|
@ -444,6 +578,19 @@ version = "0.30.3"
|
|||
notes = "I'm not counting the code related to the GNU Hash section as crypto for the sake of this review."
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.object]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
delta = "0.31.1 -> 0.32.1"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.pin-project-lite]]
|
||||
who = "David Koloski <dkoloski@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.2.9"
|
||||
notes = "Reviewed on https://fxrev.dev/824504"
|
||||
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.proc-macro-error-attr]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -521,6 +668,16 @@ who = "David Cook <dcook@divviup.org>"
|
|||
criteria = "safe-to-deploy"
|
||||
delta = "0.10.6 -> 0.10.7"
|
||||
|
||||
[[audits.isrg.audits.either]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.6.1"
|
||||
|
||||
[[audits.isrg.audits.getrandom]]
|
||||
who = "Brandon Pitman <bran@bran.land>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.10 -> 0.2.11"
|
||||
|
||||
[[audits.isrg.audits.ghash]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -531,6 +688,16 @@ who = "David Cook <dcook@divviup.org>"
|
|||
criteria = "safe-to-deploy"
|
||||
version = "0.12.1"
|
||||
|
||||
[[audits.isrg.audits.num-traits]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.15 -> 0.2.16"
|
||||
|
||||
[[audits.isrg.audits.num-traits]]
|
||||
who = "Ameer Ghani <inahga@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.16 -> 0.2.17"
|
||||
|
||||
[[audits.isrg.audits.once_cell]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -551,11 +718,21 @@ who = "David Cook <dcook@divviup.org>"
|
|||
criteria = "safe-to-deploy"
|
||||
delta = "1.17.2 -> 1.18.0"
|
||||
|
||||
[[audits.isrg.audits.once_cell]]
|
||||
who = "Brandon Pitman <bran@bran.land>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.18.0 -> 1.19.0"
|
||||
|
||||
[[audits.isrg.audits.opaque-debug]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.3.0"
|
||||
|
||||
[[audits.isrg.audits.rand_chacha]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.3.1"
|
||||
|
||||
[[audits.isrg.audits.rand_core]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -566,11 +743,21 @@ who = "Brandon Pitman <bran@bran.land>"
|
|||
criteria = "safe-to-deploy"
|
||||
delta = "1.6.1 -> 1.7.0"
|
||||
|
||||
[[audits.isrg.audits.rayon]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.7.0 -> 1.8.0"
|
||||
|
||||
[[audits.isrg.audits.rayon-core]]
|
||||
who = "Brandon Pitman <bran@bran.land>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.10.2 -> 1.11.0"
|
||||
|
||||
[[audits.isrg.audits.rayon-core]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.11.0 -> 1.12.0"
|
||||
|
||||
[[audits.isrg.audits.sha2]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -646,17 +833,35 @@ criteria = "safe-to-deploy"
|
|||
delta = "2.2.1 -> 2.3.2"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.bitflags]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "2.3.3 -> 2.4.0"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.bitflags]]
|
||||
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "2.4.0 -> 2.4.1"
|
||||
notes = "Only allowing new clippy lints"
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.block-buffer]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.10.2 -> 0.10.3"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.crossbeam-channel]]
|
||||
[[audits.mozilla.audits.cc]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.73 -> 1.0.78"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.cc]]
|
||||
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.5.7 -> 0.5.8"
|
||||
notes = "Reviewed the fix, previous versions indeed had were able to trigger a race condition"
|
||||
delta = "1.0.78 -> 1.0.83"
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.crypto-common]]
|
||||
|
@ -695,6 +900,24 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.2.3 -> 0.2.4"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.either]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.6.1 -> 1.7.0"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.either]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.7.0 -> 1.8.0"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.either]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.8.0 -> 1.8.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.env_logger]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -707,6 +930,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.9.3 -> 0.10.0"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.fastrand]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.9.0 -> 2.0.0"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.fluent]]
|
||||
who = "Zibi Braniecki <zibi@unicode.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -901,6 +1130,12 @@ it's not exploitable.
|
|||
"""
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.nix]]
|
||||
who = "Gabriele Svelto <gsvelto@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.26.2 -> 0.27.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.nom]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -921,12 +1156,31 @@ version = "0.1.43"
|
|||
notes = "All code written or reviewed by Josh Stone."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.num-traits]]
|
||||
who = "Josh Stone <jistone@redhat.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.2.15"
|
||||
notes = "All code written or reviewed by Josh Stone."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.once_cell]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.16.0 -> 1.17.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.percent-encoding]]
|
||||
who = "Valentin Gosu <valentin.gosu@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "2.2.0 -> 2.3.0"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.percent-encoding]]
|
||||
who = "Valentin Gosu <valentin.gosu@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "2.3.0 -> 2.3.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.ppv-lite86]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -995,6 +1249,48 @@ delta = "1.0.63 -> 1.0.66"
|
|||
notes = "Removed special support for some really old Rust versions"
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.quote]]
|
||||
who = "Nika Layzell <nika@thelayzells.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.0.18"
|
||||
notes = """
|
||||
`quote` is a utility crate used by proc-macros to generate TokenStreams
|
||||
conveniently from source code. The bulk of the logic is some complex
|
||||
interlocking `macro_rules!` macros which are used to parse and build the
|
||||
`TokenStream` within the proc-macro.
|
||||
|
||||
This crate contains no unsafe code, and the internal logic, while difficult to
|
||||
read, is generally straightforward. I have audited the the quote macros, ident
|
||||
formatter, and runtime logic.
|
||||
"""
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.quote]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.18 -> 1.0.21"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.quote]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.21 -> 1.0.23"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.quote]]
|
||||
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.27 -> 1.0.28"
|
||||
notes = "Enabled on wasm targets"
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.quote]]
|
||||
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.28 -> 1.0.31"
|
||||
notes = "Minimal changes and removal of the build.rs"
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.rand_core]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1083,6 +1379,18 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.1.44 -> 0.1.45"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.time]]
|
||||
who = "Kershaw Chang <kershaw@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.1.45 -> 0.3.17"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.time]]
|
||||
who = "Kershaw Chang <kershaw@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.17 -> 0.3.23"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.time-core]]
|
||||
who = "Kershaw Chang <kershaw@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1144,6 +1452,13 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.9.0 -> 0.9.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.unicode-ident]]
|
||||
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.8 -> 1.0.9"
|
||||
notes = "Dependency updates only"
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.uuid]]
|
||||
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1157,6 +1472,24 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.5.1 -> 0.5.2"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.backtrace]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.67 -> 0.3.69"
|
||||
notes = """
|
||||
Changes to `unsafe` blocks:
|
||||
- New call to `GetCurrentProcessId` on Windows, to help generate a process-unique name to
|
||||
use inside an existing `CreateMutexA` call.
|
||||
- Uses `libc::mmap64` on Linux instead of `libc::mmap`.
|
||||
- Alters `Stash` to allow caching more than one `Mmap`; the existing `unsafe` safety
|
||||
condition continues to be applicable.
|
||||
|
||||
There are also several more places where DWARF data is mmapped from a filesystem path and
|
||||
then loaded. These appear to all derive from existing paths that themselves were already
|
||||
being mmapped and loaded.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.block-buffer]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1178,6 +1511,12 @@ delta = "0.4.3 -> 0.4.4"
|
|||
notes = "Adds panics to prevent a block size of zero from causing unsoundness."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.either]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.8.1 -> 1.9.0"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.generic-array]]
|
||||
who = "Sean Bowe <ewillbefull@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1214,6 +1553,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.4.18 -> 0.4.19"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.log]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.4.19 -> 0.4.20"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.nix]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1221,6 +1566,32 @@ delta = "0.26.1 -> 0.26.2"
|
|||
notes = "Fixes `SockaddrIn6` endianness bug."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.nix]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.26.2 -> 0.26.4"
|
||||
notes = """
|
||||
Most of the `unsafe` changes are cleaning up their usage:
|
||||
- Replacing `data.len() * std::mem::size_of::<$ty>()` with `std::mem::size_of_val(data)`.
|
||||
- Removing some `mem::transmute`s.
|
||||
- Using `*mut` instead of `*const` to convey intended semantics.
|
||||
|
||||
A new unsafe trait method `SockaddrLike::set_length` is added; it's impls look fine.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.pin-project-lite]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.9 -> 0.2.13"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.quote]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.31 -> 1.0.33"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.rustc-demangle]]
|
||||
who = "Sean Bowe <ewillbefull@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1281,6 +1652,18 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.6.2 -> 0.6.3"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.typenum]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.16.0 -> 1.17.0"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.unicode-ident]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.9 -> 1.0.12"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.universal-hash]]
|
||||
who = "Daira Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1308,6 +1691,16 @@ delta = "4.3.0 -> 4.4.0"
|
|||
notes = "New APIs are remixes of existing code."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.which]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "4.4.0 -> 4.4.2"
|
||||
notes = """
|
||||
Crate now has `#![forbid(unsafe_code)]`, replacing its last `unsafe` block with a
|
||||
dependency on the `rustix` crate.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.zeroize]]
|
||||
who = "Sean Bowe <ewillbefull@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue