Browse Source

all: audit some dependencies

ipv6
Denis Drakhnia 7 months ago
parent
commit
0d87f0c8d0
  1. 1
      Cargo.lock
  2. 2
      master/Cargo.toml
  3. 55
      supply-chain/audits.toml
  4. 44
      supply-chain/config.toml
  5. 34
      supply-chain/imports.lock

1
Cargo.lock generated

@ -578,7 +578,6 @@ dependencies = [
"fastrand", "fastrand",
"getopts", "getopts",
"log", "log",
"once_cell",
"serde", "serde",
"signal-hook", "signal-hook",
"thiserror", "thiserror",

2
master/Cargo.toml

@ -35,5 +35,3 @@ version = "<0.4.27"
optional = true optional = true
default-features = false default-features = false
features = ["clock"] features = ["clock"]
[target.wasm32-unknown-emscripten.dependencies]
once_cell = { version = "<1.18", optional = true }

55
supply-chain/audits.toml

@ -1,16 +1,71 @@
# cargo-vet audits file # cargo-vet audits file
[[audits.android-tzdata]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.1"
[[audits.bitflags]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "1.3.2"
[[audits.const-random]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.18"
[[audits.const-random-macro]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.16"
[[audits.constant_time_eq]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.5"
[[audits.fastrand]] [[audits.fastrand]]
who = "Denis Drakhnia <numas13@gmail.com>" who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
delta = "2.0.1 -> 2.0.2" delta = "2.0.1 -> 2.0.2"
[[audits.getrandom]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.2.2"
[[audits.iana-time-zone]] [[audits.iana-time-zone]]
who = "Denis Drakhnia <numas13@gmail.com>" who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
delta = "0.1.59 -> 0.1.60" delta = "0.1.59 -> 0.1.60"
[[audits.numtoa]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
[[audits.once_cell]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "1.12.0"
[[audits.redox_termios]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.3"
[[audits.signal-hook]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.3.17"
[[audits.tiny-keccak]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "2.0.2"
[[trusted.getopts]] [[trusted.getopts]]
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton) user-id = 1 # Alex Crichton (alexcrichton)

44
supply-chain/config.toml

@ -35,14 +35,6 @@ audit-as-crates-io = true
version = "0.4.8" version = "0.4.8"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
[[exemptions.android-tzdata]]
version = "0.1.1"
criteria = "safe-to-deploy"
[[exemptions.bitflags]]
version = "1.3.2"
criteria = "safe-to-deploy"
[[exemptions.blake2b_simd]] [[exemptions.blake2b_simd]]
version = "0.5.11" version = "0.5.11"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
@ -51,50 +43,14 @@ criteria = "safe-to-deploy"
version = "0.4.26" version = "0.4.26"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
[[exemptions.const-random]]
version = "0.1.17"
criteria = "safe-to-deploy"
[[exemptions.const-random-macro]]
version = "0.1.16"
criteria = "safe-to-deploy"
[[exemptions.constant_time_eq]]
version = "0.1.5"
criteria = "safe-to-deploy"
[[exemptions.getrandom]]
version = "0.2.10"
criteria = "safe-to-deploy"
[[exemptions.numtoa]]
version = "0.1.0"
criteria = "safe-to-deploy"
[[exemptions.once_cell]]
version = "1.17.2"
criteria = "safe-to-deploy"
[[exemptions.redox_syscall]] [[exemptions.redox_syscall]]
version = "0.2.16" version = "0.2.16"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
[[exemptions.redox_termios]]
version = "0.1.2"
criteria = "safe-to-deploy"
[[exemptions.signal-hook]]
version = "0.3.17"
criteria = "safe-to-deploy"
[[exemptions.termion]] [[exemptions.termion]]
version = "2.0.1" version = "2.0.1"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
[[exemptions.tiny-keccak]]
version = "2.0.2"
criteria = "safe-to-deploy"
[[exemptions.winapi]] [[exemptions.winapi]]
version = "0.3.9" version = "0.3.9"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"

34
supply-chain/imports.lock

@ -363,6 +363,13 @@ that the RNG here is not cryptographically secure.
""" """
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.getrandom]]
who = "David Koloski <dkoloski@google.com>"
criteria = "safe-to-deploy"
delta = "0.2.2 -> 0.2.12"
notes = "Audited at https://fxrev.dev/932979"
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.quote]] [[audits.google.audits.quote]]
who = "Lukasz Anforowicz <lukasza@chromium.org>" who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
@ -424,15 +431,10 @@ who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
version = "0.2.2" version = "0.2.2"
[[audits.isrg.audits.getrandom]] [[audits.isrg.audits.once_cell]]
who = "Brandon Pitman <bran@bran.land>" who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
delta = "0.2.10 -> 0.2.11" delta = "1.17.1 -> 1.17.2"
[[audits.isrg.audits.getrandom]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "0.2.11 -> 0.2.12"
[[audits.mozilla.wildcard-audits.core-foundation-sys]] [[audits.mozilla.wildcard-audits.core-foundation-sys]]
who = "Bobby Holley <bobbyholley@gmail.com>" who = "Bobby Holley <bobbyholley@gmail.com>"
@ -503,6 +505,24 @@ delta = "0.4.17 -> 0.4.18"
notes = "One dependency removed, others updated (which we don't rely on), some APIs (which we don't use) changed." notes = "One dependency removed, others updated (which we don't rely on), some APIs (which we don't use) changed."
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
[[audits.mozilla.audits.once_cell]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.12.0 -> 1.13.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.once_cell]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.13.1 -> 1.16.0"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.once_cell]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "1.16.0 -> 1.17.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.toml]] [[audits.mozilla.audits.toml]]
who = "Bobby Holley <bobbyholley@gmail.com>" who = "Bobby Holley <bobbyholley@gmail.com>"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"

Loading…
Cancel
Save