Browse Source

all: update dependencies

ipv6
Denis Drakhnia 7 months ago
parent
commit
827c37b765
  1. 174
      Cargo.lock
  2. 36
      supply-chain/audits.toml
  3. 10
      supply-chain/config.toml
  4. 247
      supply-chain/imports.lock

174
Cargo.lock generated

@ -34,15 +34,15 @@ checksum = "6b4930d2cb77ce62f89ee5d5289b4ac049559b1c45539271f5ed4fdc7db34545" @@ -34,15 +34,15 @@ checksum = "6b4930d2cb77ce62f89ee5d5289b4ac049559b1c45539271f5ed4fdc7db34545"
[[package]]
name = "arrayvec"
version = "0.7.2"
version = "0.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8da52d66c7071e2e3fa2a1e5c6d088fec47b593032b254f5e980de8ea54454d6"
checksum = "96d30a06541fbafbc7f82ed10c06164cfbd2c401138f6addd8404629c4b16711"
[[package]]
name = "autocfg"
version = "1.2.0"
version = "1.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f1fdabc7756949593fe60f30ec81974b613357de856987752631dea1e3394c80"
checksum = "0c4b4d0bd25bd0b74681c0ad21497610ce1b7c91b1022cd21c80c6fbdd9476b0"
[[package]]
name = "bitflags"
@ -69,18 +69,15 @@ dependencies = [ @@ -69,18 +69,15 @@ dependencies = [
[[package]]
name = "bumpalo"
version = "3.12.0"
version = "3.15.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535"
checksum = "7ff69b9dd49fd426c69a0db9fc04dd934cdb6645ff000864d98f7e2af8830eaa"
[[package]]
name = "cc"
version = "1.0.83"
version = "1.0.98"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f1174fb0b6ec23863f8b971027804a42614e347eafb0a95bf0b12cdae21fc4d0"
dependencies = [
"libc",
]
checksum = "41c270e7540d725e65ac7f1b212ac8ce349719624d7bcff99f8e2e488e8cf03f"
[[package]]
name = "cfg-if"
@ -128,9 +125,9 @@ checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc" @@ -128,9 +125,9 @@ checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc"
[[package]]
name = "core-foundation-sys"
version = "0.8.4"
version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa"
checksum = "06ea2b9bc92be3c2baa9334a323ebca2d6f074ff852cd1d7b11064035cd3868f"
[[package]]
name = "crossterm"
@ -165,9 +162,9 @@ checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" @@ -165,9 +162,9 @@ checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7"
[[package]]
name = "fastrand"
version = "2.0.2"
version = "2.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "658bd65b1cf4c852a3cc96f18a8ce7b5640f6b703f905c7d74532294c2a63984"
checksum = "9fc0510504f03c51ada170672ac806f1f105a88aa97a5281117e1ddc3368e51a"
[[package]]
name = "getopts"
@ -180,9 +177,9 @@ dependencies = [ @@ -180,9 +177,9 @@ dependencies = [
[[package]]
name = "getrandom"
version = "0.2.12"
version = "0.2.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "190092ea657667030ac6a35e305e62fc4dd69fd98ac98631e5d3a2b1575a12b5"
checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7"
dependencies = [
"cfg-if",
"libc",
@ -220,24 +217,24 @@ checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b" @@ -220,24 +217,24 @@ checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b"
[[package]]
name = "js-sys"
version = "0.3.64"
version = "0.3.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c5f195fe497f702db0f318b07fdd68edb16955aed830df8363d837542f8f935a"
checksum = "29c15563dc2726973df627357ce0c9ddddbea194836909d655df6a75d2cf296d"
dependencies = [
"wasm-bindgen",
]
[[package]]
name = "libc"
version = "0.2.153"
version = "0.2.155"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd"
checksum = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c"
[[package]]
name = "lock_api"
version = "0.4.11"
version = "0.4.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3c168f8615b12bc01f9c17e2eb0cc07dcae1940121185446edc3744920e8ef45"
checksum = "07af8b9cdd281b7915f413fa73f29ebd5d55d0d3f0155584dade1ff18cea1b17"
dependencies = [
"autocfg",
"scopeguard",
@ -278,9 +275,9 @@ checksum = "9670a07f94779e00908f3e686eab508878ebb390ba6e604d3a284c00e8d0487b" @@ -278,9 +275,9 @@ checksum = "9670a07f94779e00908f3e686eab508878ebb390ba6e604d3a284c00e8d0487b"
[[package]]
name = "parking_lot"
version = "0.12.1"
version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f"
checksum = "f1bf18183cf54e8d6059647fc3063646a1801cf30896933ec2311622cc4b9a27"
dependencies = [
"lock_api",
"parking_lot_core",
@ -288,49 +285,49 @@ dependencies = [ @@ -288,49 +285,49 @@ dependencies = [
[[package]]
name = "parking_lot_core"
version = "0.9.9"
version = "0.9.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4c42a9226546d68acdd9c0a280d17ce19bfe27a46bf68784e4066115788d008e"
checksum = "1e401f977ab385c9e4e3ab30627d6f26d00e2c73eef317493c4ec6d468726cf8"
dependencies = [
"cfg-if",
"libc",
"redox_syscall",
"smallvec",
"windows-targets 0.48.5",
"windows-targets 0.52.5",
]
[[package]]
name = "proc-macro2"
version = "1.0.79"
version = "1.0.85"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e835ff2298f5721608eb1a980ecaee1aef2c132bf95ecc026a11b7bf3c01c02e"
checksum = "22244ce15aa966053a896d1accb3a6e68469b97c7f33f284b99f0d576879fc23"
dependencies = [
"unicode-ident",
]
[[package]]
name = "quote"
version = "1.0.35"
version = "1.0.36"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef"
checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7"
dependencies = [
"proc-macro2",
]
[[package]]
name = "redox_syscall"
version = "0.4.1"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4722d768eff46b75989dd134e5c353f0d6296e5aaa3132e776cbdb56be7731aa"
checksum = "469052894dcb553421e483e4209ee581a45100d31b4018de03e5a7ad86374a7e"
dependencies = [
"bitflags 1.3.2",
"bitflags 2.5.0",
]
[[package]]
name = "ryu"
version = "1.0.17"
version = "1.0.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e86697c916019a8588c99b5fac3cead74ec0b4b819707a682fd4d23fa0ce1ba1"
checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f"
[[package]]
name = "scopeguard"
@ -340,18 +337,18 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" @@ -340,18 +337,18 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49"
[[package]]
name = "serde"
version = "1.0.197"
version = "1.0.203"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3fb1c873e1b9b056a4dc4c0c198b24c3ffa059243875552b2bd0933b1aee4ce2"
checksum = "7253ab4de971e72fb7be983802300c30b5a7f0c2e56fab8abfc6a214307c0094"
dependencies = [
"serde_derive",
]
[[package]]
name = "serde_derive"
version = "1.0.197"
version = "1.0.203"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7eb0b34b42edc17f6b7cac84a52a1c5f0e1bb2227e997ca9011ea3dd34e8610b"
checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba"
dependencies = [
"proc-macro2",
"quote",
@ -360,9 +357,9 @@ dependencies = [ @@ -360,9 +357,9 @@ dependencies = [
[[package]]
name = "serde_json"
version = "1.0.115"
version = "1.0.117"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "12dc5c46daa8e9fdf4f5e71b6cf9a53f2487da0e86e55808e2d35539666497dd"
checksum = "455182ea6142b14f93f4bc5320a2b31c1f266b66a4a5c858b013302a5d8cbfc3"
dependencies = [
"itoa",
"ryu",
@ -392,9 +389,9 @@ dependencies = [ @@ -392,9 +389,9 @@ dependencies = [
[[package]]
name = "signal-hook-registry"
version = "1.4.1"
version = "1.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d8229b473baa5980ac72ef434c4415e70c4b5e71b423043adb4ba059f89c99a1"
checksum = "a9e9e0b4211b72e7b8b6e85c807d36c212bdb33ea8587f7569562a84df5465b1"
dependencies = [
"libc",
]
@ -418,18 +415,18 @@ dependencies = [ @@ -418,18 +415,18 @@ dependencies = [
[[package]]
name = "thiserror"
version = "1.0.58"
version = "1.0.61"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "03468839009160513471e86a034bb2c5c0e4baae3b43f79ffc55c4a5427b3297"
checksum = "c546c80d6be4bc6a00c0f01730c08df82eaa7a7a61f11d656526506112cc1709"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.58"
version = "1.0.61"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c61f3ba182994efc43764a46c018c347bc492c79f024e705f46567b418f6d4f7"
checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533"
dependencies = [
"proc-macro2",
"quote",
@ -462,9 +459,9 @@ checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" @@ -462,9 +459,9 @@ checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b"
[[package]]
name = "unicode-width"
version = "0.1.11"
version = "0.1.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e51733f11c9c4f72aa0c160008246859e340b00807569a0da0e7a1079b27ba85"
checksum = "68f5e5f3158ecfd4b8ff6fe086db7c8467a2dfdac97fe420f2b7c4aa97af66d6"
[[package]]
name = "wasi"
@ -474,9 +471,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" @@ -474,9 +471,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
[[package]]
name = "wasm-bindgen"
version = "0.2.87"
version = "0.2.92"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7706a72ab36d8cb1f80ffbf0e071533974a60d0a308d01a5d0375bf60499a342"
checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8"
dependencies = [
"cfg-if",
"wasm-bindgen-macro",
@ -484,9 +481,9 @@ dependencies = [ @@ -484,9 +481,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-backend"
version = "0.2.87"
version = "0.2.92"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5ef2b6d3c510e9625e5fe6f509ab07d66a760f0885d858736483c32ed7809abd"
checksum = "614d787b966d3989fa7bb98a654e369c762374fd3213d212cfc0251257e747da"
dependencies = [
"bumpalo",
"log",
@ -499,9 +496,9 @@ dependencies = [ @@ -499,9 +496,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro"
version = "0.2.87"
version = "0.2.92"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dee495e55982a3bd48105a7b947fd2a9b4a8ae3010041b9e0faab3f9cd028f1d"
checksum = "a1f8823de937b71b9460c0c34e25f3da88250760bec0ebac694b49997550d726"
dependencies = [
"quote",
"wasm-bindgen-macro-support",
@ -509,9 +506,9 @@ dependencies = [ @@ -509,9 +506,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro-support"
version = "0.2.87"
version = "0.2.92"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b"
checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7"
dependencies = [
"proc-macro2",
"quote",
@ -522,9 +519,9 @@ dependencies = [ @@ -522,9 +519,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-shared"
version = "0.2.87"
version = "0.2.92"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ca6ad05a4870b2bf5fe995117d3728437bd27d7cd5f06f13c17443ef369775a1"
checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96"
[[package]]
name = "winapi"
@ -554,7 +551,7 @@ version = "0.52.0" @@ -554,7 +551,7 @@ version = "0.52.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9"
dependencies = [
"windows-targets 0.52.4",
"windows-targets 0.52.5",
]
[[package]]
@ -583,17 +580,18 @@ dependencies = [ @@ -583,17 +580,18 @@ dependencies = [
[[package]]
name = "windows-targets"
version = "0.52.4"
version = "0.52.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7dd37b7e5ab9018759f893a1952c9420d060016fc19a472b4bb20d1bdd694d1b"
checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb"
dependencies = [
"windows_aarch64_gnullvm 0.52.4",
"windows_aarch64_msvc 0.52.4",
"windows_i686_gnu 0.52.4",
"windows_i686_msvc 0.52.4",
"windows_x86_64_gnu 0.52.4",
"windows_x86_64_gnullvm 0.52.4",
"windows_x86_64_msvc 0.52.4",
"windows_aarch64_gnullvm 0.52.5",
"windows_aarch64_msvc 0.52.5",
"windows_i686_gnu 0.52.5",
"windows_i686_gnullvm",
"windows_i686_msvc 0.52.5",
"windows_x86_64_gnu 0.52.5",
"windows_x86_64_gnullvm 0.52.5",
"windows_x86_64_msvc 0.52.5",
]
[[package]]
@ -604,9 +602,9 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" @@ -604,9 +602,9 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8"
[[package]]
name = "windows_aarch64_gnullvm"
version = "0.52.4"
version = "0.52.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bcf46cf4c365c6f2d1cc93ce535f2c8b244591df96ceee75d8e83deb70a9cac9"
checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263"
[[package]]
name = "windows_aarch64_msvc"
@ -616,9 +614,9 @@ checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" @@ -616,9 +614,9 @@ checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc"
[[package]]
name = "windows_aarch64_msvc"
version = "0.52.4"
version = "0.52.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "da9f259dd3bcf6990b55bffd094c4f7235817ba4ceebde8e6d11cd0c5633b675"
checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6"
[[package]]
name = "windows_i686_gnu"
@ -628,9 +626,15 @@ checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" @@ -628,9 +626,15 @@ checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e"
[[package]]
name = "windows_i686_gnu"
version = "0.52.4"
version = "0.52.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670"
[[package]]
name = "windows_i686_gnullvm"
version = "0.52.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b474d8268f99e0995f25b9f095bc7434632601028cf86590aea5c8a5cb7801d3"
checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9"
[[package]]
name = "windows_i686_msvc"
@ -640,9 +644,9 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" @@ -640,9 +644,9 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406"
[[package]]
name = "windows_i686_msvc"
version = "0.52.4"
version = "0.52.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1515e9a29e5bed743cb4415a9ecf5dfca648ce85ee42e15873c3cd8610ff8e02"
checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf"
[[package]]
name = "windows_x86_64_gnu"
@ -652,9 +656,9 @@ checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" @@ -652,9 +656,9 @@ checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e"
[[package]]
name = "windows_x86_64_gnu"
version = "0.52.4"
version = "0.52.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5eee091590e89cc02ad514ffe3ead9eb6b660aedca2183455434b93546371a03"
checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9"
[[package]]
name = "windows_x86_64_gnullvm"
@ -664,9 +668,9 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" @@ -664,9 +668,9 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc"
[[package]]
name = "windows_x86_64_gnullvm"
version = "0.52.4"
version = "0.52.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77ca79f2451b49fa9e2af39f0747fe999fcda4f5e241b2898624dca97a1f2177"
checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596"
[[package]]
name = "windows_x86_64_msvc"
@ -676,9 +680,9 @@ checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" @@ -676,9 +680,9 @@ checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538"
[[package]]
name = "windows_x86_64_msvc"
version = "0.52.4"
version = "0.52.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "32b752e52a2da0ddfbdbcc6fceadfeede4c939ed16d13e648833a61dfb611ed8"
checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0"
[[package]]
name = "xash3d-admin"

36
supply-chain/audits.toml

@ -11,6 +11,11 @@ who = "Denis Drakhnia <numas13@gmail.com>" @@ -11,6 +11,11 @@ who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.1.1"
[[audits.arrayvec]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.7.2 -> 0.7.4"
[[audits.bitflags]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
@ -21,6 +26,11 @@ who = "Denis Drakhnia <numas13@gmail.com>" @@ -21,6 +26,11 @@ who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "1.0.0"
[[audits.cc]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
delta = "1.0.97 -> 1.0.98"
[[audits.chrono]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
@ -61,6 +71,11 @@ who = "Denis Drakhnia <numas13@gmail.com>" @@ -61,6 +71,11 @@ who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.1.59 -> 0.1.60"
[[audits.libc]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.2.154 -> 0.2.155"
[[audits.mio]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-run"
@ -86,11 +101,26 @@ who = "Denis Drakhnia <numas13@gmail.com>" @@ -86,11 +101,26 @@ who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.3.17"
[[audits.signal-hook-mio]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "0.2.3"
[[audits.signal-hook-registry]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
delta = "1.4.1 -> 1.4.2"
[[audits.tiny-keccak]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
version = "2.0.2"
[[audits.wasm-bindgen]]
who = "Denis Drakhnia <numas13@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.2.91 -> 0.2.92"
[[trusted.getopts]]
criteria = "safe-to-deploy"
user-id = 1 # Alex Crichton (alexcrichton)
@ -295,6 +325,12 @@ user-id = 64539 # Kenny Kerr (kennykerr) @@ -295,6 +325,12 @@ user-id = 64539 # Kenny Kerr (kennykerr)
start = "2021-10-28"
end = "2025-04-04"
[[trusted.windows_i686_gnullvm]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)
start = "2024-04-02"
end = "2025-06-05"
[[trusted.windows_i686_msvc]]
criteria = "safe-to-deploy"
user-id = 64539 # Kenny Kerr (kennykerr)

10
supply-chain/config.toml

@ -31,8 +31,16 @@ audit-as-crates-io = true @@ -31,8 +31,16 @@ audit-as-crates-io = true
[policy.xash3d-query]
audit-as-crates-io = true
[[exemptions.crossterm_winapi]]
version = "0.9.1"
criteria = "safe-to-deploy"
[[exemptions.mio]]
version = "0.8.10"
criteria = "safe-to-deploy"
[[exemptions.redox_syscall]]
version = "0.2.16"
version = "0.5.1"
criteria = "safe-to-deploy"
[[exemptions.winapi]]

247
supply-chain/imports.lock

@ -2,8 +2,8 @@ @@ -2,8 +2,8 @@
# cargo-vet imports lock
[[publisher.bumpalo]]
version = "3.12.0"
when = "2023-01-17"
version = "3.15.4"
when = "2024-03-07"
user-id = 696
user-login = "fitzgen"
user-name = "Nick Fitzgerald"
@ -30,22 +30,22 @@ user-login = "dtolnay" @@ -30,22 +30,22 @@ user-login = "dtolnay"
user-name = "David Tolnay"
[[publisher.js-sys]]
version = "0.3.64"
when = "2023-06-12"
version = "0.3.69"
when = "2024-03-04"
user-id = 1
user-login = "alexcrichton"
user-name = "Alex Crichton"
[[publisher.libc]]
version = "0.2.153"
when = "2024-01-31"
version = "0.2.154"
when = "2024-04-29"
user-id = 51017
user-login = "JohnTitor"
user-name = "Yuki Okushi"
[[publisher.lock_api]]
version = "0.4.11"
when = "2023-10-17"
version = "0.4.12"
when = "2024-04-25"
user-id = 2915
user-login = "Amanieu"
user-name = "Amanieu d'Antras"
@ -58,29 +58,36 @@ user-login = "cuviper" @@ -58,29 +58,36 @@ user-login = "cuviper"
user-name = "Josh Stone"
[[publisher.parking_lot]]
version = "0.12.1"
when = "2022-05-31"
version = "0.12.3"
when = "2024-05-24"
user-id = 2915
user-login = "Amanieu"
user-name = "Amanieu d'Antras"
[[publisher.parking_lot_core]]
version = "0.9.9"
when = "2023-10-17"
version = "0.9.10"
when = "2024-04-25"
user-id = 2915
user-login = "Amanieu"
user-name = "Amanieu d'Antras"
[[publisher.proc-macro2]]
version = "1.0.79"
when = "2024-03-12"
version = "1.0.85"
when = "2024-06-02"
user-id = 3618
user-login = "dtolnay"
user-name = "David Tolnay"
[[publisher.quote]]
version = "1.0.36"
when = "2024-04-10"
user-id = 3618
user-login = "dtolnay"
user-name = "David Tolnay"
[[publisher.ryu]]
version = "1.0.17"
when = "2024-02-19"
version = "1.0.18"
when = "2024-05-07"
user-id = 3618
user-login = "dtolnay"
user-name = "David Tolnay"
@ -92,9 +99,23 @@ user-id = 2915 @@ -92,9 +99,23 @@ user-id = 2915
user-login = "Amanieu"
user-name = "Amanieu d'Antras"
[[publisher.serde]]
version = "1.0.203"
when = "2024-05-25"
user-id = 3618
user-login = "dtolnay"
user-name = "David Tolnay"
[[publisher.serde_derive]]
version = "1.0.203"
when = "2024-05-25"
user-id = 3618
user-login = "dtolnay"
user-name = "David Tolnay"
[[publisher.serde_json]]
version = "1.0.115"
when = "2024-03-26"
version = "1.0.117"
when = "2024-05-08"
user-id = 3618
user-login = "dtolnay"
user-name = "David Tolnay"
@ -114,15 +135,15 @@ user-login = "dtolnay" @@ -114,15 +135,15 @@ user-login = "dtolnay"
user-name = "David Tolnay"
[[publisher.thiserror]]
version = "1.0.58"
when = "2024-03-12"
version = "1.0.61"
when = "2024-05-17"
user-id = 3618
user-login = "dtolnay"
user-name = "David Tolnay"
[[publisher.thiserror-impl]]
version = "1.0.58"
when = "2024-03-12"
version = "1.0.61"
when = "2024-05-17"
user-id = 3618
user-login = "dtolnay"
user-name = "David Tolnay"
@ -135,8 +156,8 @@ user-login = "alexcrichton" @@ -135,8 +156,8 @@ user-login = "alexcrichton"
user-name = "Alex Crichton"
[[publisher.unicode-width]]
version = "0.1.11"
when = "2023-09-19"
version = "0.1.12"
when = "2024-04-26"
user-id = 1139
user-login = "Manishearth"
user-name = "Manish Goregaokar"
@ -149,36 +170,29 @@ user-login = "alexcrichton" @@ -149,36 +170,29 @@ user-login = "alexcrichton"
user-name = "Alex Crichton"
[[publisher.wasm-bindgen]]
version = "0.2.87"
when = "2023-06-12"
version = "0.2.91"
when = "2024-02-06"
user-id = 1
user-login = "alexcrichton"
user-name = "Alex Crichton"
[[publisher.wasm-bindgen-backend]]
version = "0.2.87"
when = "2023-06-12"
version = "0.2.92"
when = "2024-03-04"
user-id = 1
user-login = "alexcrichton"
user-name = "Alex Crichton"
[[publisher.wasm-bindgen-macro]]
version = "0.2.87"
when = "2023-06-12"
user-id = 1
user-login = "alexcrichton"
user-name = "Alex Crichton"
[[publisher.wasm-bindgen-macro-support]]
version = "0.2.87"
when = "2023-06-12"
version = "0.2.92"
when = "2024-03-04"
user-id = 1
user-login = "alexcrichton"
user-name = "Alex Crichton"
[[publisher.wasm-bindgen-shared]]
version = "0.2.87"
when = "2023-06-12"
version = "0.2.92"
when = "2024-03-04"
user-id = 1
user-login = "alexcrichton"
user-name = "Alex Crichton"
@ -205,8 +219,8 @@ user-login = "kennykerr" @@ -205,8 +219,8 @@ user-login = "kennykerr"
user-name = "Kenny Kerr"
[[publisher.windows-targets]]
version = "0.52.4"
when = "2024-02-28"
version = "0.52.5"
when = "2024-04-12"
user-id = 64539
user-login = "kennykerr"
user-name = "Kenny Kerr"
@ -219,8 +233,8 @@ user-login = "kennykerr" @@ -219,8 +233,8 @@ user-login = "kennykerr"
user-name = "Kenny Kerr"
[[publisher.windows_aarch64_gnullvm]]
version = "0.52.4"
when = "2024-02-28"
version = "0.52.5"
when = "2024-04-12"
user-id = 64539
user-login = "kennykerr"
user-name = "Kenny Kerr"
@ -233,8 +247,8 @@ user-login = "kennykerr" @@ -233,8 +247,8 @@ user-login = "kennykerr"
user-name = "Kenny Kerr"
[[publisher.windows_aarch64_msvc]]
version = "0.52.4"
when = "2024-02-28"
version = "0.52.5"
when = "2024-04-12"
user-id = 64539
user-login = "kennykerr"
user-name = "Kenny Kerr"
@ -247,8 +261,15 @@ user-login = "kennykerr" @@ -247,8 +261,15 @@ user-login = "kennykerr"
user-name = "Kenny Kerr"
[[publisher.windows_i686_gnu]]
version = "0.52.4"
when = "2024-02-28"
version = "0.52.5"
when = "2024-04-12"
user-id = 64539
user-login = "kennykerr"
user-name = "Kenny Kerr"
[[publisher.windows_i686_gnullvm]]
version = "0.52.5"
when = "2024-04-12"
user-id = 64539
user-login = "kennykerr"
user-name = "Kenny Kerr"
@ -261,8 +282,8 @@ user-login = "kennykerr" @@ -261,8 +282,8 @@ user-login = "kennykerr"
user-name = "Kenny Kerr"
[[publisher.windows_i686_msvc]]
version = "0.52.4"
when = "2024-02-28"
version = "0.52.5"
when = "2024-04-12"
user-id = 64539
user-login = "kennykerr"
user-name = "Kenny Kerr"
@ -275,8 +296,8 @@ user-login = "kennykerr" @@ -275,8 +296,8 @@ user-login = "kennykerr"
user-name = "Kenny Kerr"
[[publisher.windows_x86_64_gnu]]
version = "0.52.4"
when = "2024-02-28"
version = "0.52.5"
when = "2024-04-12"
user-id = 64539
user-login = "kennykerr"
user-name = "Kenny Kerr"
@ -289,8 +310,8 @@ user-login = "kennykerr" @@ -289,8 +310,8 @@ user-login = "kennykerr"
user-name = "Kenny Kerr"
[[publisher.windows_x86_64_gnullvm]]
version = "0.52.4"
when = "2024-02-28"
version = "0.52.5"
when = "2024-04-12"
user-id = 64539
user-login = "kennykerr"
user-name = "Kenny Kerr"
@ -303,8 +324,8 @@ user-login = "kennykerr" @@ -303,8 +324,8 @@ user-login = "kennykerr"
user-name = "Kenny Kerr"
[[publisher.windows_x86_64_msvc]]
version = "0.52.4"
when = "2024-02-28"
version = "0.52.5"
when = "2024-04-12"
user-id = 64539
user-login = "kennykerr"
user-name = "Kenny Kerr"
@ -368,6 +389,15 @@ criteria = "safe-to-deploy" @@ -368,6 +389,15 @@ criteria = "safe-to-deploy"
version = "1.0.73"
notes = "I am the author of this crate."
[[audits.bytecode-alliance.audits.core-foundation-sys]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
delta = "0.8.4 -> 0.8.6"
notes = """
The changes here are all typical bindings updates: new functions, types, and
constants. I have not audited all the bindings for ABI conformance.
"""
[[audits.bytecode-alliance.audits.fastrand]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
@ -468,46 +498,6 @@ delta = "0.2.2 -> 0.2.12" @@ -468,46 +498,6 @@ delta = "0.2.2 -> 0.2.12"
notes = "Audited at https://fxrev.dev/932979"
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.quote]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.35"
notes = """
Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits
(except for benign \"net\" hit in tests and \"fs\" hit in README.md)
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.197"
notes = """
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`.
There were some hits for `net`, but they were related to serialization and
not actually opening any connections or anything like that.
There were 2 hits of `unsafe` when grepping:
* In `fn as_str` in `impl Buf`
* In `fn serialize` in `impl Serialize for net::Ipv4Addr`
Unsafe review comments can be found in https://crrev.com/c/5350573/2 (this
review also covered `serde_json_lenient`).
Version 1.0.130 of the crate has been added to Chromium in
https://crrev.com/c/3265545. The CL description contains a link to a
(Google-internal, sorry) document with a mini security review.
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.serde_derive]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
version = "1.0.197"
notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.unicode-ident]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
@ -529,6 +519,16 @@ who = "David Cook <dcook@divviup.org>" @@ -529,6 +519,16 @@ who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
version = "0.2.2"
[[audits.isrg.audits.getrandom]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "0.2.12 -> 0.2.14"
[[audits.isrg.audits.getrandom]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
delta = "0.2.14 -> 0.2.15"
[[audits.isrg.audits.once_cell]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
@ -644,3 +644,60 @@ who = "Sean Bowe <ewillbefull@gmail.com>" @@ -644,3 +644,60 @@ who = "Sean Bowe <ewillbefull@gmail.com>"
criteria = "safe-to-deploy"
delta = "0.3.6 -> 0.3.7"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.autocfg]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.2.0 -> 1.3.0"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
[[audits.zcash.audits.cc]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.0.83 -> 1.0.94"
notes = """
The optimization to use `buffer.set_len(buffer.capacity())` in `command_helpers::StderrForwarder::forward_available`
doesn't look panic-safe: if `stderr.read` panics and that panic is caught by a caller of `forward_available`, then
the inner buffer of `StderrForwarder` will contain uninitialized data. This looks difficult to trigger in practice,
but I have opened an issue <https://github.com/rust-lang/cc-rs/issues/1036>.
`parallel::async_executor` contains `unsafe` pinning code but it looks reasonable. Similarly for the `unsafe`
initialization code in `parallel::job_token::JobTokenServer` and file operations in `parallel::stderr`.
This crate executes commands, and my review is likely not sufficient to detect subtle backdoors.
I did not review the use of library handles in the `com` package on Windows.
"""
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.cc]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "1.0.94 -> 1.0.97"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
[[audits.zcash.audits.fastrand]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "2.0.2 -> 2.1.0"
notes = """
As noted in the changelog, this version produces different output for a given seed.
The documentation did not mention stability. It is possible that some uses relying on
determinism across the update would be broken.
The new constants do appear to match WyRand v4.2 (modulo ordering issues that I have not checked):
https://github.com/wangyi-fudan/wyhash/blob/408620b6d12b7d667b3dd6ae39b7929a39e8fa05/wyhash.h#L145
I have no way to check whether these constants are an improvement or not.
"""
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"
[[audits.zcash.audits.mio]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.8.10 -> 0.8.11"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.wasm-bindgen-macro-support]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
version = "0.2.92"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

Loading…
Cancel
Save