diff --git a/Cargo.lock b/Cargo.lock index da0fdd4..2d90729 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -132,15 +132,15 @@ dependencies = [ [[package]] name = "ahash" -version = "0.8.6" +version = "0.8.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "91429305e9f0a25f6205c5b8e0d2db09e0708a7a6df0f42212bb56c32c8ac97a" +checksum = "77c3a9648d43b9cd48db467b3f87fdd6e146bcc88ab0180006cef2179fe11d01" dependencies = [ "cfg-if", "getrandom", "once_cell", "version_check", - "zerocopy 0.7.31", + "zerocopy 0.7.32", ] [[package]] @@ -588,21 +588,20 @@ dependencies = [ [[package]] name = "crossbeam-epoch" -version = "0.9.16" +version = "0.9.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2d2fe95351b870527a5d09bf563ed3c97c0cffb87cf1c78a591bf48bb218d9aa" +checksum = "0e3681d554572a651dda4186cd47240627c3d0114d45a95f6ad27f2f22e7548d" dependencies = [ "autocfg", "cfg-if", "crossbeam-utils", - "memoffset", ] [[package]] name = "crossbeam-utils" -version = "0.8.17" +version = "0.8.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c06d96137f14f244c37f989d9fff8f95e6c18b918e71f36638f8c49112e4c78f" +checksum = "c3a430a770ebd84726f584a90ee7f020d28db52c6d02138900f22341f866d39c" dependencies = [ "cfg-if", ] @@ -629,12 +628,12 @@ dependencies = [ [[package]] name = "ctrlc" -version = "3.4.1" +version = "3.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82e95fbd621905b854affdc67943b043a0fbb6ed7385fd5a25650d19a8a6cfdf" +checksum = "b467862cc8610ca6fc9a1532d7777cee0804e678ab45410897b9396495994a0b" dependencies = [ "nix 0.27.1", - "windows-sys 0.48.0", + "windows-sys 0.52.0", ] [[package]] @@ -661,7 +660,7 @@ checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] @@ -716,7 +715,7 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] @@ -898,9 +897,9 @@ dependencies = [ [[package]] name = "futures" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da0290714b38af9b4a7b094b8a37086d1b4e61f2df9122c3cad2577669145335" +checksum = "645c6916888f6cb6350d2550b80fb63e734897a8498abe35cfb732b6487804b0" dependencies = [ "futures-channel", "futures-core", @@ -913,9 +912,9 @@ dependencies = [ [[package]] name = "futures-channel" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ff4dd66668b557604244583e3e1e1eada8c5c2e96a6d0d6653ede395b78bbacb" +checksum = "eac8f7d7865dcb88bd4373ab671c8cf4508703796caa2b1985a9ca867b3fcb78" dependencies = [ "futures-core", "futures-sink", @@ -923,15 +922,15 @@ dependencies = [ [[package]] name = "futures-core" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb1d22c66e66d9d72e1758f0bd7d4fd0bee04cad842ee34587d68c07e45d088c" +checksum = "dfc6580bb841c5a68e9ef15c77ccc837b40a7504914d52e47b8b0e9bbda25a1d" [[package]] name = "futures-executor" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f4fb8693db0cf099eadcca0efe2a5a22e4550f98ed16aba6c48700da29597bc" +checksum = "a576fc72ae164fca6b9db127eaa9a9dda0d61316034f33a0a0d4eda41f02b01d" dependencies = [ "futures-core", "futures-task", @@ -940,38 +939,38 @@ dependencies = [ [[package]] name = "futures-io" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8bf34a163b5c4c52d0478a4d757da8fb65cabef42ba90515efee0f6f9fa45aaa" +checksum = "a44623e20b9681a318efdd71c299b6b222ed6f231972bfe2f224ebad6311f0c1" [[package]] name = "futures-macro" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "53b153fd91e4b0147f4aced87be237c98248656bb01050b96bf3ee89220a8ddb" +checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] name = "futures-sink" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e36d3378ee38c2a36ad710c5d30c2911d752cb941c00c72dbabfb786a7970817" +checksum = "9fb8e00e87438d937621c1c6269e53f536c14d3fbd6a042bb24879e57d474fb5" [[package]] name = "futures-task" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "efd193069b0ddadc69c46389b740bbccdd97203899b48d09c5f7969591d6bae2" +checksum = "38d84fa142264698cdce1a9f9172cf383a0c82de1bddcf3092901442c4097004" [[package]] name = "futures-test" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "73ad78d6c79a3c76f8bc7496240d0586e069ed6797824fdd8c41d7c42b145b8d" +checksum = "ce388237b32ac42eca0df1ba55ed3bbda4eaf005d7d4b5dbc0b20ab962928ac9" dependencies = [ "futures-core", "futures-executor", @@ -986,9 +985,9 @@ dependencies = [ [[package]] name = "futures-util" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a19526d624e703a3179b3d322efec918b6246ea0fa51d41124525f00f1cc8104" +checksum = "3d6401deb83407ab3da39eba7e33987a73c3df0c82b4bb5813ee871c19c41d48" dependencies = [ "futures-channel", "futures-core", @@ -1169,7 +1168,7 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.41", + "syn 2.0.46", "unic-langid", ] @@ -1183,14 +1182,14 @@ dependencies = [ "i18n-config", "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] name = "iana-time-zone" -version = "0.1.58" +version = "0.1.59" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8326b86b6cff230b97d0d312a6c40a60726df3332e721f72a1b035f451663b20" +checksum = "b6a67363e2aa4443928ce15e57ebae94fd8949958fd1223c4cfc0cd473ad7539" dependencies = [ "android_system_properties", "core-foundation-sys", @@ -1274,13 +1273,13 @@ checksum = "4b3f7cef34251886990511df1c61443aa928499d598a9473929ab5a90a527304" [[package]] name = "is-terminal" -version = "0.4.9" +version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b" +checksum = "0bad00257d07be169d870ab665980b06cdb366d792ad690bf2e76876dc503455" dependencies = [ "hermit-abi", "rustix", - "windows-sys 0.48.0", + "windows-sys 0.52.0", ] [[package]] @@ -1392,28 +1391,19 @@ dependencies = [ [[package]] name = "memchr" -version = "2.6.4" +version = "2.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f665ee40bc4a3c5590afb1e9677db74a508659dfd71e126420da8274909a0167" +checksum = "523dc4f511e55ab87b694dc30d0f820d60906ef06413f93d4d7a1385599cc149" [[package]] name = "memmap2" -version = "0.9.2" +version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39a69c7c189ae418f83003da62820aca28d15a07725ce51fb924999335d622ff" +checksum = "45fd3a57831bf88bc63f8cebc0cf956116276e97fef3966103e96416209f7c92" dependencies = [ "libc", ] -[[package]] -name = "memoffset" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a634b1c61a95585bd15607c6ab0c4e5b226e695ff2800ba0cdccddf208c406c" -dependencies = [ - "autocfg", -] - [[package]] name = "minimal-lexical" version = "0.2.1" @@ -1560,9 +1550,9 @@ dependencies = [ [[package]] name = "object" -version = "0.32.1" +version = "0.32.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9cf5f9dd3933bd50a9e1f149ec995f39ae2c496d31fd772c1fd45ebc27e902b0" +checksum = "a6a622008b6e321afc04970976f62ee297fdbaa6f95318ca343e3eebb9648441" dependencies = [ "memchr", ] @@ -1674,7 +1664,7 @@ checksum = "4359fd9c9171ec6e8c62926d6faaf553a8dc3f64e1507e76da7911b4f6a04405" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] @@ -1726,15 +1716,15 @@ dependencies = [ [[package]] name = "pkg-config" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" +checksum = "69d3587f8a9e599cc7ec2c00e331f71c4e69a5f9a4b8a6efd5b07466b9736f9a" [[package]] name = "platforms" -version = "3.2.0" +version = "3.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" +checksum = "626dec3cac7cc0e1577a2ec3fc496277ec2baa084bebad95bb6fdbfae235f84c" [[package]] name = "plotters" @@ -1841,9 +1831,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.70" +version = "1.0.74" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39278fbbf5fb4f646ce651690877f89d1c5811a3d4acb27700c1cb3cdb78fd3b" +checksum = "2de98502f212cfcea8d0bb305bd0f49d7ebdd75b64ba0a68f937d888f4e0d6db" dependencies = [ "unicode-ident", ] @@ -1881,9 +1871,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.33" +version = "1.0.35" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" +checksum = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef" dependencies = [ "proc-macro2", ] @@ -2062,9 +2052,9 @@ dependencies = [ [[package]] name = "rust-embed" -version = "8.1.0" +version = "8.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "810294a8a4a0853d4118e3b94bb079905f2107c7fe979d8f0faae98765eb6378" +checksum = "a82c0bbc10308ed323529fd3c1dce8badda635aa319a5ff0e6466f33b8101e3f" dependencies = [ "rust-embed-impl", "rust-embed-utils", @@ -2073,22 +2063,22 @@ dependencies = [ [[package]] name = "rust-embed-impl" -version = "8.1.0" +version = "8.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfc144a1273124a67b8c1d7cd19f5695d1878b31569c0512f6086f0f4676604e" +checksum = "6227c01b1783cdfee1bcf844eb44594cd16ec71c35305bf1c9fb5aade2735e16" dependencies = [ "proc-macro2", "quote", "rust-embed-utils", - "syn 2.0.41", + "syn 2.0.46", "walkdir", ] [[package]] name = "rust-embed-utils" -version = "8.1.0" +version = "8.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "816ccd4875431253d6bb54b804bcff4369cbde9bae33defde25fdf6c2ef91d40" +checksum = "8cb0a25bfbb2d4b4402179c2cf030387d9990857ce08a32592c6238db9fa8665" dependencies = [ "sha2", "walkdir", @@ -2184,46 +2174,46 @@ version = "0.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e14e4d63b804dc0c7ec4a1e52bcb63f02c7ac94476755aa579edac21e01f915d" dependencies = [ - "self_cell 1.0.2", + "self_cell 1.0.3", ] [[package]] name = "self_cell" -version = "1.0.2" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e388332cd64eb80cd595a00941baf513caffae8dce9cfd0467fc9c66397dade6" +checksum = "58bf37232d3bb9a2c4e641ca2a11d83b5062066f88df7fed36c28772046d65ba" [[package]] name = "semver" -version = "1.0.20" +version = "1.0.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" +checksum = "b97ed7a9823b74f99c7742f5336af7be5ecd3eeafcb1507d1fa93347b1d589b0" [[package]] name = "serde" -version = "1.0.193" +version = "1.0.194" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25dd9975e68d0cb5aa1120c288333fc98731bd1dd12f561e468ea4728c042b89" +checksum = "0b114498256798c94a0689e1a15fec6005dee8ac1f41de56404b67afc2a4b773" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.193" +version = "1.0.194" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43576ca501357b9b071ac53cdc7da8ef0cbd9493d8df094cd821777ea6e894d3" +checksum = "a3385e45322e8f9931410f01b3031ec534c3947d0e94c18049af4d9f9907d4e0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] name = "serde_json" -version = "1.0.108" +version = "1.0.110" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d1c7e3eac408d115102c4c24ad393e0821bb3a5df4d506a80f85f7a742a526b" +checksum = "6fbd975230bada99c8bb618e0c365c2eefa219158d5c6c29610fd09ff1833257" dependencies = [ "itoa", "ryu", @@ -2362,9 +2352,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.41" +version = "2.0.46" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44c8b28c477cc3bf0e7966561e3460130e1255f7a1cf71931075f1c5e7a7e269" +checksum = "89456b690ff72fddcecf231caedbe615c59480c93358a93dfae7fc29e3ebbf0e" dependencies = [ "proc-macro2", "quote", @@ -2384,15 +2374,15 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.8.1" +version = "3.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ef1adac450ad7f4b3c28589471ade84f25f731a7a0fe30d71dfa9f60fd808e5" +checksum = "01ce4141aa927a6d1bd34a041795abd0db1cccba5d5f24b009f694bdf3a1f3fa" dependencies = [ "cfg-if", "fastrand", "redox_syscall", "rustix", - "windows-sys 0.48.0", + "windows-sys 0.52.0", ] [[package]] @@ -2422,7 +2412,7 @@ dependencies = [ "cfg-if", "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] @@ -2433,28 +2423,28 @@ checksum = "5c89e72a01ed4c579669add59014b9a524d609c0c88c6a585ce37485879f6ffb" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", "test-case-core", ] [[package]] name = "thiserror" -version = "1.0.51" +version = "1.0.56" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f11c217e1416d6f036b870f14e0413d480dbf28edbee1f877abaf0206af43bb7" +checksum = "d54378c645627613241d077a3a79db965db602882668f9136ac42af9ecb730ad" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.51" +version = "1.0.56" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "01742297787513b79cf8e29d1056ede1313e2420b7b3b15d0a768b4921f549df" +checksum = "fa0faa943b50f3db30a20aa7e265dbc66076993efed8463e8de414e5d06d3471" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] @@ -2503,9 +2493,9 @@ dependencies = [ [[package]] name = "tokio" -version = "1.35.0" +version = "1.35.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "841d45b238a16291a4e1584e61820b8ae57d696cc5015c459c229ccc6990cc1c" +checksum = "c89b4efa943be685f629b149f53829423f8f5531ea21249408e8e2f8671ec104" dependencies = [ "backtrace", "num_cpus", @@ -2521,7 +2511,7 @@ checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] @@ -2666,7 +2656,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", "wasm-bindgen-shared", ] @@ -2688,7 +2678,7 @@ checksum = "f0eb82fcb7930ae6219a7ecfd55b217f5f0893484b7a13022ebb2b2bf20b5283" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2754,11 +2744,11 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows-core" -version = "0.51.1" +version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1f8cf84f35d2db49a46868f947758c7a1138116f7fac3bc844f43ade1292e64" +checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" dependencies = [ - "windows-targets 0.48.5", + "windows-targets 0.52.0", ] [[package]] @@ -2961,9 +2951,9 @@ checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" [[package]] name = "winnow" -version = "0.5.28" +version = "0.5.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c830786f7720c2fd27a1a0e27a709dbd3c4d009b56d098fc742d4f4eab91fe2" +checksum = "97a4882e6b134d6c28953a387571f1acdd3496830d5e36c5e3a1075580ea641c" dependencies = [ "memchr", ] @@ -2988,9 +2978,9 @@ dependencies = [ [[package]] name = "xattr" -version = "1.1.3" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a7dae5072fe1f8db8f8d29059189ac175196e410e40ba42d5d4684ae2f750995" +checksum = "914566e6413e7fa959cc394fb30e563ba80f3541fbd40816d4c05a0fc3f2a0f1" dependencies = [ "libc", "linux-raw-sys", @@ -3009,11 +2999,11 @@ dependencies = [ [[package]] name = "zerocopy" -version = "0.7.31" +version = "0.7.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c4061bedbb353041c12f413700357bec76df2c7e2ca8e4df8bac24c6bf68e3d" +checksum = "74d4d3961e53fa4c9a25a8637fc2bfaf2595b3d3ae34875568a5cf64787716be" dependencies = [ - "zerocopy-derive 0.7.31", + "zerocopy-derive 0.7.32", ] [[package]] @@ -3024,18 +3014,18 @@ checksum = "125139de3f6b9d625c39e2efdd73d41bdac468ccd556556440e322be0e1bbd91" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] name = "zerocopy-derive" -version = "0.7.31" +version = "0.7.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b3c129550b3e6de3fd0ba67ba5c81818f9805e58b8d7fee80a3a59d2c9fc601a" +checksum = "9ce1b18ccd8e73a9321186f97e46f9f04b778851177567b1975109d26a08d2a6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] @@ -3055,7 +3045,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.41", + "syn 2.0.46", ] [[package]] diff --git a/supply-chain/config.toml b/supply-chain/config.toml index c7ab526..77d4c88 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -218,7 +218,7 @@ version = "0.9.2" criteria = "safe-to-deploy" [[exemptions.ctrlc]] -version = "3.4.1" +version = "3.4.2" criteria = "safe-to-deploy" [[exemptions.curve25519-dalek]] @@ -278,23 +278,23 @@ version = "0.13.0" criteria = "safe-to-deploy" [[exemptions.futures]] -version = "0.3.29" +version = "0.3.30" criteria = "safe-to-deploy" [[exemptions.futures-executor]] -version = "0.3.29" +version = "0.3.30" criteria = "safe-to-deploy" [[exemptions.futures-io]] -version = "0.3.29" +version = "0.3.30" criteria = "safe-to-deploy" [[exemptions.futures-macro]] -version = "0.3.29" +version = "0.3.30" criteria = "safe-to-deploy" [[exemptions.futures-sink]] -version = "0.3.29" +version = "0.3.30" criteria = "safe-to-deploy" [[exemptions.futures-task]] @@ -302,7 +302,7 @@ version = "0.3.25" criteria = "safe-to-deploy" [[exemptions.futures-test]] -version = "0.3.29" +version = "0.3.30" criteria = "safe-to-run" [[exemptions.futures-util]] @@ -366,7 +366,7 @@ version = "0.8.3" criteria = "safe-to-deploy" [[exemptions.iana-time-zone]] -version = "0.1.58" +version = "0.1.59" criteria = "safe-to-deploy" [[exemptions.iana-time-zone-haiku]] @@ -386,7 +386,7 @@ version = "0.1.1" criteria = "safe-to-deploy" [[exemptions.is-terminal]] -version = "0.4.9" +version = "0.4.10" criteria = "safe-to-deploy" [[exemptions.jobserver]] @@ -426,11 +426,7 @@ version = "2.6.3" criteria = "safe-to-deploy" [[exemptions.memmap2]] -version = "0.9.2" -criteria = "safe-to-run" - -[[exemptions.memoffset]] -version = "0.9.0" +version = "0.9.3" criteria = "safe-to-run" [[exemptions.minimal-lexical]] @@ -469,6 +465,10 @@ criteria = "safe-to-deploy" version = "0.1.1" criteria = "safe-to-deploy" +[[exemptions.object]] +version = "0.32.2" +criteria = "safe-to-run" + [[exemptions.once_cell]] version = "1.15.0" criteria = "safe-to-deploy" @@ -518,7 +518,7 @@ version = "0.10.2" criteria = "safe-to-deploy" [[exemptions.pkg-config]] -version = "0.3.27" +version = "0.3.28" criteria = "safe-to-deploy" [[exemptions.plotters]] @@ -602,15 +602,15 @@ version = "0.0.2" criteria = "safe-to-deploy" [[exemptions.rust-embed]] -version = "8.1.0" +version = "8.2.0" criteria = "safe-to-deploy" [[exemptions.rust-embed-impl]] -version = "8.1.0" +version = "8.2.0" criteria = "safe-to-deploy" [[exemptions.rust-embed-utils]] -version = "8.1.0" +version = "8.2.0" criteria = "safe-to-deploy" [[exemptions.rustix]] @@ -646,7 +646,11 @@ version = "0.10.3" criteria = "safe-to-deploy" [[exemptions.self_cell]] -version = "1.0.2" +version = "1.0.3" +criteria = "safe-to-deploy" + +[[exemptions.semver]] +version = "1.0.21" criteria = "safe-to-deploy" [[exemptions.serde]] @@ -830,11 +834,11 @@ version = "0.4.0" criteria = "safe-to-deploy" [[exemptions.windows-core]] -version = "0.51.1" +version = "0.52.0" criteria = "safe-to-deploy" [[exemptions.winnow]] -version = "0.5.28" +version = "0.5.31" criteria = "safe-to-deploy" [[exemptions.wsl]] @@ -846,25 +850,17 @@ version = "2.0.0" criteria = "safe-to-deploy" [[exemptions.xattr]] -version = "1.1.3" +version = "1.2.0" criteria = "safe-to-deploy" [[exemptions.zerocopy]] version = "0.6.6" criteria = "safe-to-deploy" -[[exemptions.zerocopy]] -version = "0.7.31" -criteria = "safe-to-run" - [[exemptions.zerocopy-derive]] version = "0.6.6" criteria = "safe-to-deploy" -[[exemptions.zerocopy-derive]] -version = "0.7.31" -criteria = "safe-to-run" - [[exemptions.zeroize]] version = "1.7.0" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 1453c8e..9049f4f 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -361,12 +361,6 @@ its own longevity should be relatively hardened against some of the more common compression-related issues. """ -[[audits.bytecode-alliance.audits.object]] -who = "Alex Crichton " -criteria = "safe-to-deploy" -delta = "0.30.3 -> 0.31.1" -notes = "A large-ish update to the crate but nothing out of the ordering. Support for new formats like xcoff, new constants, minor refactorings, etc. Nothing out of the ordinary." - [[audits.bytecode-alliance.audits.percent-encoding]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -407,12 +401,6 @@ criteria = "safe-to-deploy" version = "0.1.21" notes = "I am the author of this crate." -[[audits.bytecode-alliance.audits.semver]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -version = "1.0.17" -notes = "plenty of unsafe pointer and vec tricks, but in well-structured and commented code that appears to be correct" - [[audits.bytecode-alliance.audits.tempfile]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -566,19 +554,6 @@ Issues: """ aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" -[[audits.google.audits.object]] -who = "George Burgess IV " -criteria = "safe-to-run" -version = "0.30.3" -notes = "I'm not counting the code related to the GNU Hash section as crypto for the sake of this review." -aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" - -[[audits.google.audits.object]] -who = "George Burgess IV " -criteria = "safe-to-run" -delta = "0.31.1 -> 0.32.1" -aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" - [[audits.google.audits.pin-project-lite]] who = "David Koloski " criteria = "safe-to-deploy" @@ -610,6 +585,42 @@ criteria = "safe-to-deploy" version = "0.9.4" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" +[[audits.google.audits.zerocopy]] +who = "ChromeOS" +criteria = "safe-to-run" +version = "0.7.0-alpha.1" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.zerocopy]] +who = "Daniel Verkamp " +criteria = "safe-to-run" +delta = "0.7.0-alpha.1 -> 0.7.8" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.zerocopy]] +who = "George Burgess IV " +criteria = "safe-to-run" +delta = "0.7.8 -> 0.7.32" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.zerocopy-derive]] +who = "ChromeOS" +criteria = "safe-to-run" +version = "0.3.2" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.zerocopy-derive]] +who = "Daniel Verkamp " +criteria = "safe-to-run" +delta = "0.3.2 -> 0.7.8" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.zerocopy-derive]] +who = "George Burgess IV " +criteria = "safe-to-run" +delta = "0.7.8 -> 0.7.32" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + [[audits.isrg.audits.aes]] who = "Brandon Pitman " criteria = "safe-to-deploy" @@ -1514,6 +1525,13 @@ criteria = "safe-to-deploy" delta = "0.5.1 -> 0.5.2" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.ahash]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.8.6 -> 0.8.7" +notes = "Build-time `stdsimd` detection is replaced with a nightly-only feature flag." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.aho-corasick]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1606,6 +1624,16 @@ delta = "0.9.15 -> 0.9.16" notes = "Moved an `unsafe` block while removing `scopeguard` dependency." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.crossbeam-epoch]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.9.16 -> 0.9.17" +notes = """ +Changes to `unsafe` code are to replace manual pointer logic with equivalent +`unsafe` stdlib methods, now that MSRV is high enough to use them. +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.crossbeam-utils]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1619,6 +1647,17 @@ notes = """ """ aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.crossbeam-utils]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.8.17 -> 0.8.18" +notes = """ +Changes to `unsafe` code are to construct and drop `MaybeUninit` directly +via its methods (one of which is now usable with the new MSRV) instead of via +casting. +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.curve25519-dalek]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1649,16 +1688,37 @@ criteria = "safe-to-deploy" delta = "0.3.28 -> 0.3.29" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.futures-channel]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.3.29 -> 0.3.30" +notes = "Removes `build.rs` now that it can rely on the `target_has_atomic` attribute." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.futures-core]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.3.28 -> 0.3.29" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.futures-core]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.3.29 -> 0.3.30" +notes = "Removes `build.rs` now that it can rely on the `target_has_atomic` attribute." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.futures-task]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.3.28 -> 0.3.29" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.futures-task]] who = "Jack Grigg " criteria = "safe-to-deploy" -delta = "0.3.28 -> 0.3.29" +delta = "0.3.29 -> 0.3.30" +notes = "Removes `build.rs` now that it can rely on the `target_has_atomic` attribute." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.futures-util]] @@ -1671,6 +1731,21 @@ Only change to `unsafe` code is to add a `Fut: Send` bound to the """ aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.futures-util]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.3.29 -> 0.3.30" +notes = """ +- Removes `build.rs` now that it can rely on the `target_has_atomic` attribute. +- Almost all changes to `unsafe` blocks are to either move them around, or + replace them with safe method calls. +- One new `unsafe` block is added for a slice lifetime transmutation. The slice + reconstruction is obviously correct. AFAICT the lifetime transmutation is also + correct; the slice's lifetime logically comes from the `AsyncBufRead` reader + inside `FillBuf`, rather than the `Context`. +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.generic-array]] who = "Sean Bowe " criteria = "safe-to-deploy" @@ -1734,6 +1809,17 @@ criteria = "safe-to-deploy" delta = "2.6.3 -> 2.6.4" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.memchr]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "2.6.4 -> 2.7.1" +notes = """ +Change to an `unsafe fn` is to rework the short-tail handling of a fixed-length +comparison between `u8` pointers. The new tail code matches the existing head +code (but adapted to `u16` and `u8` reads, instead of `u32`). +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.nix]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1784,6 +1870,12 @@ criteria = "safe-to-deploy" delta = "3.1.2 -> 3.2.0" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.platforms]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "3.2.0 -> 3.3.0" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.proc-macro2]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1796,12 +1888,40 @@ criteria = "safe-to-deploy" delta = "1.0.67 -> 1.0.70" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.proc-macro2]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.70 -> 1.0.71" +notes = """ +New `unsafe` blocks are all inside `unsafe fn`s, and are added to make the +safety contracts in the code clearer (instead of using the `unsafe fn`'s +implicit `unsafe` block). +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.proc-macro2]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.71 -> 1.0.74" +notes = """ +Build script changes are to replace `RUSTFLAGS` string parsing with a probe file +that is compiled with whatever `RUSTC` is set to (but the build script already +relies on the `RUSTC` environment variable for inspecting the compiler version). +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.quote]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "1.0.31 -> 1.0.33" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.quote]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.33 -> 1.0.35" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.regex]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1863,24 +1983,6 @@ criteria = "safe-to-deploy" delta = "1.0.15 -> 1.0.16" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" -[[audits.zcash.audits.semver]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "1.0.17 -> 1.0.18" -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.semver]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "1.0.18 -> 1.0.19" -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.semver]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "1.0.19 -> 1.0.20" -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - [[audits.zcash.audits.serde]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1913,6 +2015,12 @@ criteria = "safe-to-deploy" delta = "1.0.188 -> 1.0.193" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.serde]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.193 -> 1.0.194" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.serde_derive]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1944,6 +2052,12 @@ criteria = "safe-to-deploy" delta = "1.0.188 -> 1.0.193" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.serde_derive]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.193 -> 1.0.194" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.serde_json]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1974,6 +2088,12 @@ criteria = "safe-to-deploy" delta = "1.0.107 -> 1.0.108" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.serde_json]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.108 -> 1.0.110" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.signature]] who = "Daira Emma Hopwood " criteria = "safe-to-deploy" @@ -2045,12 +2165,35 @@ criteria = "safe-to-deploy" delta = "2.0.37 -> 2.0.41" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.syn]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "2.0.41 -> 2.0.43" +notes = """ +New `unsafe` blocks are all inside `unsafe fn`s, and are added to make the +safety contracts in the code clearer (instead of using the `unsafe fn`'s +implicit `unsafe` block). +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.syn]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "2.0.43 -> 2.0.46" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.tempfile]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "3.8.0 -> 3.8.1" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.tempfile]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "3.8.1 -> 3.9.0" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.thiserror]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -2063,6 +2206,24 @@ criteria = "safe-to-deploy" delta = "1.0.48 -> 1.0.51" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.thiserror]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.51 -> 1.0.52" +notes = "Reruns the build script if the `RUSTC_BOOTSTRAP` env variable changes." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.thiserror]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.52 -> 1.0.56" +notes = """ +Build script changes are to refactor the existing probe into a separate file +(which removes a filesystem write), and adjust how it gets rerun in response to +changes in the build environment. +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.thiserror-impl]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -2075,12 +2236,30 @@ criteria = "safe-to-deploy" delta = "1.0.48 -> 1.0.51" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.thiserror-impl]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.51 -> 1.0.52" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.thiserror-impl]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.0.52 -> 1.0.56" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.time-core]] who = "Jack Grigg " criteria = "safe-to-deploy" delta = "0.1.0 -> 0.1.1" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.tokio]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.35.0 -> 1.35.1" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.toml_datetime]] who = "Jack Grigg " criteria = "safe-to-deploy"