From 66df0ff72a026ea32d642cdb5448b59d35186a7c Mon Sep 17 00:00:00 2001 From: TheMenko Date: Tue, 26 Sep 2023 00:40:06 +0200 Subject: [PATCH] vet --- supply-chain/config.toml | 48 +++++++++++++++++++++++++++++--- supply-chain/imports.lock | 58 ++++++++++++++++++++++----------------- 2 files changed, 77 insertions(+), 29 deletions(-) diff --git a/supply-chain/config.toml b/supply-chain/config.toml index c759e9b2..2e1840b4 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -30,7 +30,7 @@ audit-as-crates-io = true [policy."ethers-core:1.0.1"] -[policy."ethers-core:2.0.3@git:80eac3819c33599c3074eef6bd173024cf747863"] +[policy."ethers-core:2.0.10@git:08bcb67c36d9a2869950e51ecf76124c9febe035"] audit-as-crates-io = true [[exemptions.Inflector]] @@ -449,6 +449,10 @@ criteria = "safe-to-deploy" version = "0.2.0" criteria = "safe-to-deploy" +[[exemptions.combine]] +version = "4.6.6" +criteria = "safe-to-deploy" + [[exemptions.console]] version = "0.14.1" criteria = "safe-to-deploy" @@ -457,6 +461,10 @@ criteria = "safe-to-deploy" version = "0.15.2" criteria = "safe-to-deploy" +[[exemptions.const-hex]] +version = "1.9.0" +criteria = "safe-to-deploy" + [[exemptions.const-oid]] version = "0.9.2" criteria = "safe-to-deploy" @@ -638,7 +646,7 @@ version = "0.12.3" criteria = "safe-to-deploy" [[exemptions.elliptic-curve]] -version = "0.13.4" +version = "0.13.5" criteria = "safe-to-deploy" [[exemptions.ena]] @@ -649,6 +657,10 @@ criteria = "safe-to-deploy" version = "0.3.6" criteria = "safe-to-deploy" +[[exemptions.enum-as-inner]] +version = "0.5.1" +criteria = "safe-to-deploy" + [[exemptions.enum-iterator]] version = "0.7.0" criteria = "safe-to-deploy" @@ -714,7 +726,7 @@ version = "1.0.1" criteria = "safe-to-deploy" [[exemptions.ethers-core]] -version = "2.0.3@git:80eac3819c33599c3074eef6bd173024cf747863" +version = "2.0.10@git:08bcb67c36d9a2869950e51ecf76124c9febe035" criteria = "safe-to-deploy" [[exemptions.ethers-etherscan]] @@ -1093,10 +1105,18 @@ criteria = "safe-to-deploy" version = "0.8.8" criteria = "safe-to-deploy" +[[exemptions.mmap-rs]] +version = "0.5.0" +criteria = "safe-to-deploy" + [[exemptions.more-asserts]] version = "0.2.2" criteria = "safe-to-deploy" +[[exemptions.nix]] +version = "0.26.4" +criteria = "safe-to-deploy" + [[exemptions.nom]] version = "7.1.1" criteria = "safe-to-deploy" @@ -1689,6 +1709,14 @@ criteria = "safe-to-deploy" version = "0.4.18" criteria = "safe-to-deploy" +[[exemptions.strum]] +version = "0.25.0" +criteria = "safe-to-deploy" + +[[exemptions.strum_macros]] +version = "0.25.2" +criteria = "safe-to-deploy" + [[exemptions.subtle]] version = "2.4.1" criteria = "safe-to-deploy" @@ -1709,6 +1737,10 @@ criteria = "safe-to-deploy" version = "0.1.1" criteria = "safe-to-deploy" +[[exemptions.sysctl]] +version = "0.5.4" +criteria = "safe-to-deploy" + [[exemptions.target-lexicon]] version = "0.12.5" criteria = "safe-to-deploy" @@ -2037,6 +2069,10 @@ criteria = "safe-to-deploy" version = "1.2.3" criteria = "safe-to-deploy" +[[exemptions.widestring]] +version = "1.0.2" +criteria = "safe-to-deploy" + [[exemptions.winapi]] version = "0.3.9" criteria = "safe-to-deploy" @@ -2053,6 +2089,10 @@ criteria = "safe-to-deploy" version = "0.4.0" criteria = "safe-to-deploy" +[[exemptions.windows]] +version = "0.44.0" +criteria = "safe-to-deploy" + [[exemptions.winreg]] version = "0.10.1" criteria = "safe-to-deploy" @@ -2074,7 +2114,7 @@ version = "0.5.1" criteria = "safe-to-deploy" [[exemptions.zeroize]] -version = "1.5.7" +version = "1.6.0" criteria = "safe-to-deploy" [[exemptions.zeroize_derive]] diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index b6e92a7b..2e07fc00 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -72,13 +72,6 @@ user-id = 1139 user-login = "Manishearth" user-name = "Manish Goregaokar" -[[publisher.unicode-xid]] -version = "0.2.4" -when = "2022-09-15" -user-id = 1139 -user-login = "Manishearth" -user-name = "Manish Goregaokar" - [[publisher.windows-sys]] version = "0.33.0" when = "2022-02-24" @@ -764,6 +757,11 @@ criteria = "safe-to-deploy" delta = "0.5.11 -> 0.6.1" notes = "Minor changes" +[[audits.embark.audits.num_enum]] +who = "Johan Andersson " +criteria = "safe-to-deploy" +delta = "0.6.1 -> 0.7.0" + [[audits.embark.audits.num_enum_derive]] who = "Johan Andersson " criteria = "safe-to-deploy" @@ -776,6 +774,11 @@ criteria = "safe-to-deploy" delta = "0.5.11 -> 0.6.1" notes = "Minor changes" +[[audits.embark.audits.num_enum_derive]] +who = "Johan Andersson " +criteria = "safe-to-deploy" +delta = "0.6.1 -> 0.7.0" + [[audits.embark.audits.stringprep]] who = "Johan Andersson " criteria = "safe-to-deploy" @@ -834,6 +837,13 @@ criteria = "safe-to-deploy" version = "0.3.1" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" +[[audits.google.audits.md-5]] +who = "David Koloski " +criteria = "safe-to-deploy" +version = "0.10.5" +notes = "Reviewed on https://fxrev.dev/712372." +aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.pin-project-lite]] who = "David Koloski " criteria = "safe-to-deploy" @@ -847,6 +857,13 @@ criteria = "safe-to-deploy" version = "1.0.4" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" +[[audits.google.audits.sha1]] +who = "David Koloski " +criteria = "safe-to-deploy" +version = "0.10.5" +notes = "Reviewed on https://fxrev.dev/712371." +aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.take_mut]] who = "David Koloski " criteria = "safe-to-deploy" @@ -861,6 +878,12 @@ version = "0.1.11" notes = "Reviewed on https://fxrev.dev/804724" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" +[[audits.google.audits.unicode-xid]] +who = "George Burgess IV " +criteria = "safe-to-deploy" +version = "0.2.4" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + [[audits.google.audits.version_check]] who = "George Burgess IV " criteria = "safe-to-deploy" @@ -994,15 +1017,6 @@ end = "2024-05-03" notes = "All code written or reviewed by Manish" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.wildcard-audits.unicode-xid]] -who = "Manish Goregaokar " -criteria = "safe-to-deploy" -user-id = 1139 # Manish Goregaokar (Manishearth) -start = "2019-07-25" -end = "2024-05-03" -notes = "All code written or reviewed by Manish" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.android_system_properties]] who = "Nicolas Silva " criteria = "safe-to-deploy" @@ -1217,10 +1231,10 @@ criteria = "safe-to-deploy" version = "0.4.17" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.md-5]] -who = "Dana Keeler " +[[audits.mozilla.audits.mach2]] +who = "Gabriele Svelto " criteria = "safe-to-deploy" -version = "0.10.5" +version = "0.4.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.memoffset]] @@ -1471,12 +1485,6 @@ criteria = "safe-to-deploy" delta = "0.11.1 -> 0.11.2" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.sha1]] -who = "Dana Keeler " -criteria = "safe-to-deploy" -version = "0.10.5" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.sha2]] who = "Mike Hommey " criteria = "safe-to-deploy"