Update aggregated cargo-vet audits
This commit is contained in:
parent
ba2022bbf1
commit
3364f2bcee
|
@ -27,6 +27,13 @@ criteria = ["safe-to-deploy", "crypto-reviewed"]
|
|||
delta = "0.5.1 -> 0.5.2"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.ahash]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.8.6 -> 0.8.7"
|
||||
notes = "Build-time `stdsimd` detection is replaced with a nightly-only feature flag."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.aho-corasick]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -88,6 +95,30 @@ nightly features are available.
|
|||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.anyhow]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.75 -> 1.0.77"
|
||||
notes = """
|
||||
- Build script changes are to rerun cargo if the `RUSTC_BOOTSTRAP` env variable
|
||||
changes, and enable a few more `rustc` config flags.
|
||||
- Some `unsafe fn`s were altered to add `unsafe` blocks, to make the safety
|
||||
contracts in the code clearer (instead of using the `unsafe fn`'s implicit
|
||||
`unsafe` block); no actual `unsafe` changes were made.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.anyhow]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.77 -> 1.0.79"
|
||||
notes = """
|
||||
Build script changes are to refactor the existing probe into a separate file
|
||||
(which removes a filesystem write), and adjust how it gets rerun in response to
|
||||
changes in the build environment.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.arrayref]]
|
||||
who = "Sean Bowe <ewillbefull@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -379,6 +410,16 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.5.8 -> 0.5.9"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.crossbeam-channel]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.5.9 -> 0.5.10"
|
||||
notes = """
|
||||
Changes to `unsafe` code are to use `MaybeUninit::assume_init_drop` (which is
|
||||
now usable with the new MSRV) instead of dropping via casting.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.crossbeam-deque]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -413,6 +454,16 @@ delta = "0.9.15 -> 0.9.16"
|
|||
notes = "Moved an `unsafe` block while removing `scopeguard` dependency."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.crossbeam-epoch]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.9.16 -> 0.9.17"
|
||||
notes = """
|
||||
Changes to `unsafe` code are to replace manual pointer logic with equivalent
|
||||
`unsafe` stdlib methods, now that MSRV is high enough to use them.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.crossbeam-utils]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -447,6 +498,17 @@ notes = """
|
|||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.crossbeam-utils]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.8.17 -> 0.8.18"
|
||||
notes = """
|
||||
Changes to `unsafe` code are to construct and drop `MaybeUninit<T>` directly
|
||||
via its methods (one of which is now usable with the new MSRV) instead of via
|
||||
casting.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.crypto-common]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = ["crypto-reviewed", "safe-to-deploy"]
|
||||
|
@ -548,6 +610,12 @@ delta = "1.0.107 -> 1.0.111"
|
|||
notes = "Build script change is to look for `src/cxx.cc` in the same folder as `include/cxx.h`."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.cxx]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.111 -> 1.0.113"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.cxxbridge-flags]]
|
||||
who = "Daira Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -615,6 +683,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "1.0.107 -> 1.0.111"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.cxxbridge-flags]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.111 -> 1.0.113"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.cxxbridge-macro]]
|
||||
who = "Daira Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -700,6 +774,22 @@ block).
|
|||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.cxxbridge-macro]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.111 -> 1.0.113"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.deranged]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.10 -> 0.3.11"
|
||||
notes = """
|
||||
Two new `unsafe` blocks to construct ranges via `T::new_unchecked`. The safety
|
||||
comments correctly document why the checks are unnecessary.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.directories]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -864,6 +954,13 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.3.28 -> 0.3.29"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.futures-channel]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.29 -> 0.3.30"
|
||||
notes = "Removes `build.rs` now that it can rely on the `target_has_atomic` attribute."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.futures-core]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -893,6 +990,13 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.3.28 -> 0.3.29"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.futures-core]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.29 -> 0.3.30"
|
||||
notes = "Removes `build.rs` now that it can rely on the `target_has_atomic` attribute."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.futures-task]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -925,6 +1029,13 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.3.28 -> 0.3.29"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.futures-task]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.29 -> 0.3.30"
|
||||
notes = "Removes `build.rs` now that it can rely on the `target_has_atomic` attribute."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.futures-util]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -958,6 +1069,21 @@ Only change to `unsafe` code is to add a `Fut: Send` bound to the
|
|||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.futures-util]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.29 -> 0.3.30"
|
||||
notes = """
|
||||
- Removes `build.rs` now that it can rely on the `target_has_atomic` attribute.
|
||||
- Almost all changes to `unsafe` blocks are to either move them around, or
|
||||
replace them with safe method calls.
|
||||
- One new `unsafe` block is added for a slice lifetime transmutation. The slice
|
||||
reconstruction is obviously correct. AFAICT the lifetime transmutation is also
|
||||
correct; the slice's lifetime logically comes from the `AsyncBufRead` reader
|
||||
inside `FillBuf`, rather than the `Context`.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.generic-array]]
|
||||
who = "Sean Bowe <ewillbefull@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1328,6 +1454,17 @@ criteria = "safe-to-deploy"
|
|||
delta = "2.6.3 -> 2.6.4"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.memchr]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "2.6.4 -> 2.7.1"
|
||||
notes = """
|
||||
Change to an `unsafe fn` is to rework the short-tail handling of a fixed-length
|
||||
comparison between `u8` pointers. The new tail code matches the existing head
|
||||
code (but adapted to `u16` and `u8` reads, instead of `u32`).
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.memoffset]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1377,6 +1514,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "0.5.1 -> 0.6.0"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.metrics-macros]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.7.0 -> 0.7.1"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.metrics-util]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1687,6 +1830,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "3.1.2 -> 3.2.0"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.platforms]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "3.2.0 -> 3.3.0"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.poly1305]]
|
||||
who = "Daira Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1764,6 +1913,28 @@ criteria = "safe-to-deploy"
|
|||
delta = "1.0.67 -> 1.0.70"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.proc-macro2]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.70 -> 1.0.71"
|
||||
notes = """
|
||||
New `unsafe` blocks are all inside `unsafe fn`s, and are added to make the
|
||||
safety contracts in the code clearer (instead of using the `unsafe fn`'s
|
||||
implicit `unsafe` block).
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.proc-macro2]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.71 -> 1.0.74"
|
||||
notes = """
|
||||
Build script changes are to replace `RUSTFLAGS` string parsing with a probe file
|
||||
that is compiled with whatever `RUSTC` is set to (but the build script already
|
||||
relies on the `RUSTC` environment variable for inspecting the compiler version).
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.proptest]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -1793,6 +1964,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "1.0.31 -> 1.0.33"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.quote]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.33 -> 1.0.35"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.rand_xorshift]]
|
||||
who = "Sean Bowe <ewillbefull@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2012,6 +2189,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "1.0.188 -> 1.0.193"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.serde]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.193 -> 1.0.194"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.serde_derive]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2055,6 +2238,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "1.0.188 -> 1.0.193"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.serde_derive]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.193 -> 1.0.194"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.serde_json]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2091,6 +2280,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "1.0.107 -> 1.0.108"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.serde_json]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.108 -> 1.0.110"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.sha2]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2226,6 +2421,23 @@ criteria = "safe-to-deploy"
|
|||
delta = "2.0.37 -> 2.0.41"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.syn]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "2.0.41 -> 2.0.43"
|
||||
notes = """
|
||||
New `unsafe` blocks are all inside `unsafe fn`s, and are added to make the
|
||||
safety contracts in the code clearer (instead of using the `unsafe fn`'s
|
||||
implicit `unsafe` block).
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.syn]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "2.0.43 -> 2.0.46"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.tempfile]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2245,6 +2457,12 @@ criteria = "safe-to-deploy"
|
|||
delta = "3.8.0 -> 3.8.1"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.tempfile]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "3.8.1 -> 3.9.0"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.terminfo]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2278,6 +2496,24 @@ criteria = "safe-to-deploy"
|
|||
delta = "1.0.48 -> 1.0.51"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.thiserror]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.51 -> 1.0.52"
|
||||
notes = "Reruns the build script if the `RUSTC_BOOTSTRAP` env variable changes."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.thiserror]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.52 -> 1.0.56"
|
||||
notes = """
|
||||
Build script changes are to refactor the existing probe into a separate file
|
||||
(which removes a filesystem write), and adjust how it gets rerun in response to
|
||||
changes in the build environment.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.thiserror-impl]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2304,6 +2540,18 @@ criteria = "safe-to-deploy"
|
|||
delta = "1.0.48 -> 1.0.51"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.thiserror-impl]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.51 -> 1.0.52"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.thiserror-impl]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.52 -> 1.0.56"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.thread_local]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2326,6 +2574,16 @@ either `UtcOffset` or `()`.
|
|||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.time]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.3.30 -> 0.3.31"
|
||||
notes = """
|
||||
Removes one `unsafe` block by repurposing a constructor containing a more
|
||||
general invocation of the same `unsafe` function.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.time-core]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2382,6 +2640,12 @@ that `ordinal` is non-zero while parsing.
|
|||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.time-macros]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.2.15 -> 0.2.16"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.tinyvec_macros]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2389,6 +2653,12 @@ delta = "0.1.0 -> 0.1.1"
|
|||
notes = "Adds `#![forbid(unsafe_code)]` and license files."
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.tokio]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.35.0 -> 1.35.1"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.toml_datetime]]
|
||||
who = "Jack Grigg <jack@z.cash>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2654,6 +2924,18 @@ criteria = "safe-to-deploy"
|
|||
delta = "2.5.0 -> 2.5.2"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zerocopy]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.7.31 -> 0.7.32"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zerocopy-derive]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.7.31 -> 0.7.32"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zeroize]]
|
||||
who = "Daira Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
Loading…
Reference in New Issue