Import Rust crate audits from Embark Studios
This commit is contained in:
parent
03627b1de5
commit
846d9860f1
|
@ -7,6 +7,9 @@ version = "0.9"
|
|||
[imports.bytecode-alliance]
|
||||
url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-chain/audits.toml"
|
||||
|
||||
[imports.embark-studios]
|
||||
url = "https://raw.githubusercontent.com/EmbarkStudios/rust-ecosystem/main/audits.toml"
|
||||
|
||||
[imports.google]
|
||||
url = "https://raw.githubusercontent.com/google/supply-chain/main/audits.toml"
|
||||
|
||||
|
@ -82,10 +85,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.2.16"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.anyhow]]
|
||||
version = "1.0.75"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.arrayvec]]
|
||||
version = "0.7.4"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -730,10 +729,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.1.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.tap]]
|
||||
version = "1.0.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.tempfile]]
|
||||
version = "3.8.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -854,10 +849,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.3.65"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.webpki-roots]]
|
||||
version = "0.25.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.which]]
|
||||
version = "4.4.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
|
@ -244,6 +244,11 @@ criteria = "safe-to-deploy"
|
|||
version = "0.1.6"
|
||||
notes = "Contains no unsafe code, no IO, no build.rs."
|
||||
|
||||
[[audits.bytecode-alliance.audits.anyhow]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.69 -> 1.0.71"
|
||||
|
||||
[[audits.bytecode-alliance.audits.arrayref]]
|
||||
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -364,6 +369,33 @@ who = "Pat Hickey <phickey@fastly.com>"
|
|||
criteria = "safe-to-deploy"
|
||||
version = "0.3.0"
|
||||
|
||||
[[audits.bytecode-alliance.audits.webpki-roots]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.22.4 -> 0.23.0"
|
||||
|
||||
[[audits.bytecode-alliance.audits.webpki-roots]]
|
||||
who = "Pat Hickey <phickey@fastly.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.23.0 -> 0.25.2"
|
||||
|
||||
[[audits.embark-studios.audits.anyhow]]
|
||||
who = "Johan Andersson <opensource@embark-studios.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.0.58"
|
||||
|
||||
[[audits.embark-studios.audits.tap]]
|
||||
who = "Johan Andersson <opensource@embark-studios.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.0.1"
|
||||
notes = "No unsafe usage or ambient capabilities"
|
||||
|
||||
[[audits.embark-studios.audits.webpki-roots]]
|
||||
who = "Johan Andersson <opensource@embark-studios.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.22.4"
|
||||
notes = "Inspected it to confirm that it only contains data definitions and no runtime code"
|
||||
|
||||
[[audits.google.audits.async-stream]]
|
||||
who = "Tyler Mandry <tmandry@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -775,6 +807,37 @@ end = "2024-05-03"
|
|||
notes = "All code written or reviewed by Manish"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.anyhow]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.57 -> 1.0.61"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.anyhow]]
|
||||
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.58 -> 1.0.57"
|
||||
notes = "No functional differences, just CI config and docs."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.anyhow]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.61 -> 1.0.62"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.anyhow]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.62 -> 1.0.68"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.anyhow]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.68 -> 1.0.69"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.autocfg]]
|
||||
who = "Josh Stone <jistone@redhat.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1107,6 +1170,16 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.2.6 -> 0.2.10"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.anyhow]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.71 -> 1.0.75"
|
||||
notes = """
|
||||
`unsafe` changes are migrating from `core::any::Demand` to `std::error::Request` when the
|
||||
nightly features are available.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.arrayref]]
|
||||
who = "Sean Bowe <ewillbefull@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
Loading…
Reference in New Issue