all: audit some dependencies
This commit is contained in:
parent
f017e8c559
commit
0d87f0c8d0
|
@ -578,7 +578,6 @@ dependencies = [
|
|||
"fastrand",
|
||||
"getopts",
|
||||
"log",
|
||||
"once_cell",
|
||||
"serde",
|
||||
"signal-hook",
|
||||
"thiserror",
|
||||
|
|
|
@ -35,5 +35,3 @@ version = "<0.4.27"
|
|||
optional = true
|
||||
default-features = false
|
||||
features = ["clock"]
|
||||
[target.wasm32-unknown-emscripten.dependencies]
|
||||
once_cell = { version = "<1.18", optional = true }
|
||||
|
|
|
@ -1,16 +1,71 @@
|
|||
|
||||
# cargo-vet audits file
|
||||
|
||||
[[audits.android-tzdata]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.1.1"
|
||||
|
||||
[[audits.bitflags]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.3.2"
|
||||
|
||||
[[audits.const-random]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.1.18"
|
||||
|
||||
[[audits.const-random-macro]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.1.16"
|
||||
|
||||
[[audits.constant_time_eq]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.1.5"
|
||||
|
||||
[[audits.fastrand]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "2.0.1 -> 2.0.2"
|
||||
|
||||
[[audits.getrandom]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.2.2"
|
||||
|
||||
[[audits.iana-time-zone]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.1.59 -> 0.1.60"
|
||||
|
||||
[[audits.numtoa]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.1.0"
|
||||
|
||||
[[audits.once_cell]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.12.0"
|
||||
|
||||
[[audits.redox_termios]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.1.3"
|
||||
|
||||
[[audits.signal-hook]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.3.17"
|
||||
|
||||
[[audits.tiny-keccak]]
|
||||
who = "Denis Drakhnia <numas13@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "2.0.2"
|
||||
|
||||
[[trusted.getopts]]
|
||||
criteria = "safe-to-deploy"
|
||||
user-id = 1 # Alex Crichton (alexcrichton)
|
||||
|
|
|
@ -35,14 +35,6 @@ audit-as-crates-io = true
|
|||
version = "0.4.8"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.android-tzdata]]
|
||||
version = "0.1.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.bitflags]]
|
||||
version = "1.3.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.blake2b_simd]]
|
||||
version = "0.5.11"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -51,50 +43,14 @@ criteria = "safe-to-deploy"
|
|||
version = "0.4.26"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.const-random]]
|
||||
version = "0.1.17"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.const-random-macro]]
|
||||
version = "0.1.16"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.constant_time_eq]]
|
||||
version = "0.1.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.getrandom]]
|
||||
version = "0.2.10"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.numtoa]]
|
||||
version = "0.1.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.once_cell]]
|
||||
version = "1.17.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.redox_syscall]]
|
||||
version = "0.2.16"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.redox_termios]]
|
||||
version = "0.1.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.signal-hook]]
|
||||
version = "0.3.17"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.termion]]
|
||||
version = "2.0.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.tiny-keccak]]
|
||||
version = "2.0.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.winapi]]
|
||||
version = "0.3.9"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
|
@ -363,6 +363,13 @@ that the RNG here is not cryptographically secure.
|
|||
"""
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.getrandom]]
|
||||
who = "David Koloski <dkoloski@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.2 -> 0.2.12"
|
||||
notes = "Audited at https://fxrev.dev/932979"
|
||||
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.quote]]
|
||||
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -424,15 +431,10 @@ who = "David Cook <dcook@divviup.org>"
|
|||
criteria = "safe-to-deploy"
|
||||
version = "0.2.2"
|
||||
|
||||
[[audits.isrg.audits.getrandom]]
|
||||
[[audits.isrg.audits.once_cell]]
|
||||
who = "Brandon Pitman <bran@bran.land>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.10 -> 0.2.11"
|
||||
|
||||
[[audits.isrg.audits.getrandom]]
|
||||
who = "David Cook <dcook@divviup.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.11 -> 0.2.12"
|
||||
delta = "1.17.1 -> 1.17.2"
|
||||
|
||||
[[audits.mozilla.wildcard-audits.core-foundation-sys]]
|
||||
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||
|
@ -503,6 +505,24 @@ delta = "0.4.17 -> 0.4.18"
|
|||
notes = "One dependency removed, others updated (which we don't rely on), some APIs (which we don't use) changed."
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.once_cell]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.12.0 -> 1.13.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.once_cell]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.13.1 -> 1.16.0"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.once_cell]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.16.0 -> 1.17.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.toml]]
|
||||
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
Loading…
Reference in New Issue