diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 1a3f460c..11062ae3 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -109,7 +109,7 @@ jobs: name: Vet Dependencies runs-on: ubuntu-latest env: - CARGO_VET_VERSION: 0.8.0 + CARGO_VET_VERSION: 0.9.0 steps: - uses: actions/checkout@master - name: Install Rust diff --git a/src/database/mod.rs b/src/database/mod.rs index 762eae4d..c198a69e 100644 --- a/src/database/mod.rs +++ b/src/database/mod.rs @@ -195,6 +195,8 @@ impl Database { let mined_status = ProcessedStatus::Mined; let mut tx = self.pool.begin().await?; + tx.execute("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE;") + .await?; let root_id = tx.get_id_by_root(root).await?; diff --git a/supply-chain/config.toml b/supply-chain/config.toml index b9cf3717..45b9b2c6 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -2,7 +2,7 @@ # cargo-vet config file [cargo-vet] -version = "0.8" +version = "0.9" [imports.bytecodealliance] url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-chain/audits.toml" @@ -11,7 +11,7 @@ url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-c url = "https://raw.githubusercontent.com/EmbarkStudios/rust-ecosystem/main/audits.toml" [imports.google] -url = "https://raw.githubusercontent.com/google/supply-chain/main/audits.toml" +url = "https://raw.githubusercontent.com/google/rust-crate-audits/main/audits.toml" [imports.isrg] url = "https://raw.githubusercontent.com/divviup/libprio-rs/main/supply-chain/audits.toml" @@ -51,6 +51,10 @@ criteria = "safe-to-deploy" version = "1.0.2" criteria = "safe-to-deploy" +[[exemptions.alloy-rlp]] +version = "0.3.4" +criteria = "safe-to-deploy" + [[exemptions.android-tzdata]] version = "0.1.1" criteria = "safe-to-deploy" @@ -75,14 +79,26 @@ criteria = "safe-to-deploy" version = "0.3.0" criteria = "safe-to-deploy" +[[exemptions.ark-ff]] +version = "0.4.2" +criteria = "safe-to-deploy" + [[exemptions.ark-ff-asm]] version = "0.3.0" criteria = "safe-to-deploy" +[[exemptions.ark-ff-asm]] +version = "0.4.2" +criteria = "safe-to-deploy" + [[exemptions.ark-ff-macros]] version = "0.3.0" criteria = "safe-to-deploy" +[[exemptions.ark-ff-macros]] +version = "0.4.2" +criteria = "safe-to-deploy" + [[exemptions.ark-groth16]] version = "0.3.0@git:765817f77a6e14964c6f264d565b18676b11bd59" criteria = "safe-to-deploy" @@ -99,6 +115,10 @@ criteria = "safe-to-deploy" version = "0.3.0" criteria = "safe-to-deploy" +[[exemptions.ark-serialize]] +version = "0.4.2" +criteria = "safe-to-deploy" + [[exemptions.ark-serialize-derive]] version = "0.3.0" criteria = "safe-to-deploy" @@ -111,6 +131,10 @@ criteria = "safe-to-deploy" version = "0.3.0" criteria = "safe-to-deploy" +[[exemptions.ark-std]] +version = "0.4.0" +criteria = "safe-to-deploy" + [[exemptions.ascii-canvas]] version = "3.0.0" criteria = "safe-to-deploy" @@ -128,7 +152,7 @@ version = "0.3.3" criteria = "safe-to-deploy" [[exemptions.atoi]] -version = "1.0.0" +version = "2.0.0" criteria = "safe-to-deploy" [[exemptions.auto_impl]] @@ -475,10 +499,6 @@ criteria = "safe-to-deploy" version = "0.9.0" criteria = "safe-to-deploy" -[[exemptions.dirs]] -version = "4.0.0" -criteria = "safe-to-deploy" - [[exemptions.dirs]] version = "5.0.1" criteria = "safe-to-deploy" @@ -487,10 +507,6 @@ criteria = "safe-to-deploy" version = "2.0.0" criteria = "safe-to-deploy" -[[exemptions.dirs-sys]] -version = "0.3.7" -criteria = "safe-to-deploy" - [[exemptions.dirs-sys]] version = "0.4.1" criteria = "safe-to-deploy" @@ -555,6 +571,10 @@ criteria = "safe-to-deploy" version = "0.2.8" criteria = "safe-to-deploy" +[[exemptions.etcetera]] +version = "0.8.0" +criteria = "safe-to-deploy" + [[exemptions.eth-keystore]] version = "0.5.0" criteria = "safe-to-deploy" @@ -631,6 +651,10 @@ criteria = "safe-to-deploy" version = "0.2.0" criteria = "safe-to-deploy" +[[exemptions.fastrlp]] +version = "0.3.1" +criteria = "safe-to-deploy" + [[exemptions.ff]] version = "0.12.1" criteria = "safe-to-deploy" @@ -647,6 +671,10 @@ criteria = "safe-to-deploy" version = "1.0.25" criteria = "safe-to-deploy" +[[exemptions.flume]] +version = "0.11.0" +criteria = "safe-to-deploy" + [[exemptions.fs2]] version = "0.4.3" criteria = "safe-to-deploy" @@ -660,7 +688,7 @@ version = "0.3.26" criteria = "safe-to-deploy" [[exemptions.futures-intrusive]] -version = "0.4.2" +version = "0.5.0" criteria = "safe-to-deploy" [[exemptions.futures-locks]] @@ -835,10 +863,18 @@ criteria = "safe-to-deploy" version = "0.7.4" criteria = "safe-to-deploy" +[[exemptions.libm]] +version = "0.2.2" +criteria = "safe-to-deploy" + [[exemptions.libmimalloc-sys]] version = "0.1.28" criteria = "safe-to-deploy" +[[exemptions.libsqlite3-sys]] +version = "0.25.2" +criteria = "safe-to-deploy" + [[exemptions.linked-hash-map]] version = "0.5.6" criteria = "safe-to-deploy" @@ -931,6 +967,10 @@ criteria = "safe-to-deploy" version = "7.1.1" criteria = "safe-to-deploy" +[[exemptions.num-bigint-dig]] +version = "0.8.4" +criteria = "safe-to-deploy" + [[exemptions.object]] version = "0.28.4" criteria = "safe-to-deploy" @@ -1027,10 +1067,6 @@ criteria = "safe-to-deploy" version = "0.11.2" criteria = "safe-to-deploy" -[[exemptions.parking_lot_core]] -version = "0.8.5" -criteria = "safe-to-deploy" - [[exemptions.parking_lot_core]] version = "0.9.4" criteria = "safe-to-deploy" @@ -1059,6 +1095,10 @@ criteria = "safe-to-deploy" version = "1.1.1" criteria = "safe-to-deploy" +[[exemptions.pem-rfc7468]] +version = "0.7.0" +criteria = "safe-to-deploy" + [[exemptions.pest]] version = "2.7.6" criteria = "safe-to-deploy" @@ -1107,6 +1147,10 @@ criteria = "safe-to-deploy" version = "1.1.2" criteria = "safe-to-deploy" +[[exemptions.pkcs1]] +version = "0.7.5" +criteria = "safe-to-deploy" + [[exemptions.pkcs8]] version = "0.10.2" criteria = "safe-to-deploy" @@ -1147,6 +1191,10 @@ criteria = "safe-to-deploy" version = "0.13.3" criteria = "safe-to-deploy" +[[exemptions.proptest]] +version = "1.2.0" +criteria = "safe-to-deploy" + [[exemptions.prost]] version = "0.11.9" criteria = "safe-to-deploy" @@ -1203,6 +1251,10 @@ criteria = "safe-to-deploy" version = "0.6.28" criteria = "safe-to-deploy" +[[exemptions.regex-syntax]] +version = "0.7.2" +criteria = "safe-to-deploy" + [[exemptions.regex-syntax]] version = "0.7.4" criteria = "safe-to-deploy" @@ -1255,12 +1307,16 @@ criteria = "safe-to-deploy" version = "0.7.0" criteria = "safe-to-deploy" +[[exemptions.rsa]] +version = "0.9.1" +criteria = "safe-to-deploy" + [[exemptions.ruint]] -version = "1.7.0" +version = "1.11.1" criteria = "safe-to-deploy" [[exemptions.ruint-macro]] -version = "1.0.2" +version = "1.1.0" criteria = "safe-to-deploy" [[exemptions.rust-ini]] @@ -1428,19 +1484,31 @@ version = "0.2.0" criteria = "safe-to-deploy" [[exemptions.sqlx]] -version = "0.6.2" +version = "0.7.2" criteria = "safe-to-deploy" [[exemptions.sqlx-core]] -version = "0.6.2" +version = "0.7.2" criteria = "safe-to-deploy" [[exemptions.sqlx-macros]] -version = "0.6.2" +version = "0.7.2" criteria = "safe-to-deploy" -[[exemptions.sqlx-rt]] -version = "0.6.2" +[[exemptions.sqlx-macros-core]] +version = "0.7.2" +criteria = "safe-to-deploy" + +[[exemptions.sqlx-mysql]] +version = "0.7.2" +criteria = "safe-to-deploy" + +[[exemptions.sqlx-postgres]] +version = "0.7.2" +criteria = "safe-to-deploy" + +[[exemptions.sqlx-sqlite]] +version = "0.7.2" criteria = "safe-to-deploy" [[exemptions.stable_deref_trait]] @@ -1639,6 +1707,10 @@ criteria = "safe-to-deploy" version = "0.9.4" criteria = "safe-to-deploy" +[[exemptions.unarray]] +version = "0.1.4" +criteria = "safe-to-deploy" + [[exemptions.unicode_categories]] version = "0.1.1" criteria = "safe-to-deploy" @@ -1811,6 +1883,14 @@ criteria = "safe-to-deploy" version = "0.5.1" criteria = "safe-to-deploy" +[[exemptions.zerocopy]] +version = "0.7.31" +criteria = "safe-to-deploy" + +[[exemptions.zerocopy-derive]] +version = "0.7.31" +criteria = "safe-to-deploy" + [[exemptions.zeroize]] version = "1.6.0" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index dc5f9d52..731459f3 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -812,6 +812,20 @@ criteria = "safe-to-deploy" version = "1.0.2" notes = "This is a small crate which forbids unsafe code and is a straightforward implementation of the adler hashing algorithm." +[[audits.bytecodealliance.audits.ahash]] +who = "Chris Fallin " +criteria = "safe-to-deploy" +delta = "0.7.6 -> 0.8.2" + +[[audits.bytecodealliance.audits.ahash]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "0.8.2 -> 0.8.7" +notes = """ +Shuffling of features in this update and while there are updates to `unsafe` +code it's no different than before and the usage remains the same. +""" + [[audits.bytecodealliance.audits.arrayvec]] who = "Nick Fitzgerald " criteria = "safe-to-deploy" @@ -1008,6 +1022,25 @@ criteria = "safe-to-deploy" version = "0.2.5" notes = "I am the author of this crate." +[[audits.bytecodealliance.audits.libm]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "0.2.2 -> 0.2.4" +notes = """ +This diff primarily fixes a few issues with the `fma`-related functions, +but also contains some other minor fixes as well. Everything looks A-OK and +as expected. +""" + +[[audits.bytecodealliance.audits.libm]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "0.2.4 -> 0.2.7" +notes = """ +This is a minor update which has some testing affordances as well as some +updated math algorithms. +""" + [[audits.bytecodealliance.audits.matchers]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -1233,12 +1266,6 @@ criteria = "safe-to-deploy" version = "1.0.0" notes = "No unsafe usage or ambient capabilities" -[[audits.embark.audits.convert_case]] -who = "Johan Andersson " -criteria = "safe-to-deploy" -version = "0.4.0" -notes = "No unsafe usage or ambient capabilities" - [[audits.embark.audits.derive_more]] who = "Johan Andersson " criteria = "safe-to-deploy" @@ -1456,6 +1483,16 @@ who = "Brandon Pitman " criteria = "safe-to-deploy" delta = "0.1.2 -> 0.1.3" +[[audits.isrg.audits.num-traits]] +who = "David Cook " +criteria = "safe-to-deploy" +delta = "0.2.15 -> 0.2.16" + +[[audits.isrg.audits.num-traits]] +who = "Ameer Ghani " +criteria = "safe-to-deploy" +delta = "0.2.16 -> 0.2.17" + [[audits.isrg.audits.once_cell]] who = "Brandon Pitman " criteria = "safe-to-deploy" @@ -1778,6 +1815,12 @@ version = "1.4.0" notes = "I have read over the macros, and audited the unsafe code." aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml" +[[audits.mozilla.audits.libsqlite3-sys]] +who = "Ben Dean-Kawamura " +criteria = "safe-to-deploy" +delta = "0.25.2 -> 0.26.0" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.log]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -2183,6 +2226,13 @@ version = "0.1.3" notes = "Reviewed in full." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.libm]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.2.7 -> 0.2.8" +notes = "Forces some intermediate values to not have too much precision on the x87 FPU." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.parking_lot]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -2196,6 +2246,35 @@ criteria = "safe-to-deploy" delta = "0.2.9 -> 0.2.13" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.proptest]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "1.2.0 -> 1.4.0" +notes = """ +Adds support for generating arbitrary `PathBuf`s, but as this crate is intended +for fuzzing in test environments this is within its expected scope (and the new +API would be used intentionally by downstream tests). +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.rand_xorshift]] +who = "Sean Bowe " +criteria = "safe-to-deploy" +version = "0.3.0" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.regex-syntax]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.7.2 -> 0.7.5" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.regex-syntax]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.7.5 -> 0.8.2" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.rustc_version]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -2210,3 +2289,15 @@ execute arbitrary code. But when this crate is used within a build script, `$RUS be set correctly by `cargo`. """ aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.zerocopy]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.7.31 -> 0.7.32" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.zerocopy-derive]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.7.31 -> 0.7.32" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"