initial cargo vet support
This commit is contained in:
parent
d938b53d83
commit
b4793ace4c
|
@ -0,0 +1,4 @@
|
|||
|
||||
# cargo-vet audits file
|
||||
|
||||
[audits]
|
|
@ -0,0 +1,703 @@
|
|||
|
||||
# cargo-vet config file
|
||||
|
||||
[cargo-vet]
|
||||
version = "0.8"
|
||||
|
||||
[imports.google]
|
||||
url = "https://raw.githubusercontent.com/google/supply-chain/main/audits.toml"
|
||||
|
||||
[imports.mozilla]
|
||||
url = "https://raw.githubusercontent.com/mozilla/supply-chain/main/audits.toml"
|
||||
|
||||
[imports.zcash]
|
||||
url = "https://raw.githubusercontent.com/zcash/rust-ecosystem/main/supply-chain/audits.toml"
|
||||
|
||||
[policy.frost-core]
|
||||
audit-as-crates-io = true
|
||||
|
||||
[policy.frost-ed25519]
|
||||
audit-as-crates-io = true
|
||||
|
||||
[policy.frost-ed448]
|
||||
audit-as-crates-io = true
|
||||
|
||||
[policy.frost-p256]
|
||||
audit-as-crates-io = true
|
||||
|
||||
[policy.frost-rerandomized]
|
||||
audit-as-crates-io = true
|
||||
|
||||
[policy.frost-ristretto255]
|
||||
audit-as-crates-io = true
|
||||
|
||||
[policy.frost-secp256k1]
|
||||
audit-as-crates-io = true
|
||||
|
||||
[[exemptions.aho-corasick]]
|
||||
version = "1.0.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.anes]]
|
||||
version = "0.1.6"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.anstyle]]
|
||||
version = "1.0.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.atomic-polyfill]]
|
||||
version = "0.1.11"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.base16ct]]
|
||||
version = "0.2.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.base64ct]]
|
||||
version = "1.6.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.bitflags]]
|
||||
version = "1.3.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.bitflags]]
|
||||
version = "2.4.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.block-buffer]]
|
||||
version = "0.10.4"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.bumpalo]]
|
||||
version = "3.14.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.byteorder]]
|
||||
version = "1.4.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.cast]]
|
||||
version = "0.3.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.cc]]
|
||||
version = "1.0.83"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.ciborium]]
|
||||
version = "0.2.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.ciborium-io]]
|
||||
version = "0.2.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.ciborium-ll]]
|
||||
version = "0.2.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.clap]]
|
||||
version = "4.4.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.clap_builder]]
|
||||
version = "4.4.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.clap_lex]]
|
||||
version = "0.5.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.cobs]]
|
||||
version = "0.2.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.const-crc32]]
|
||||
version = "1.3.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.const-oid]]
|
||||
version = "0.9.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.cpufeatures]]
|
||||
version = "0.2.9"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.criterion]]
|
||||
version = "0.5.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.criterion-plot]]
|
||||
version = "0.5.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.critical-section]]
|
||||
version = "1.1.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.crossbeam-channel]]
|
||||
version = "0.5.8"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.crossbeam-deque]]
|
||||
version = "0.8.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.crossbeam-epoch]]
|
||||
version = "0.9.15"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.crossbeam-utils]]
|
||||
version = "0.8.16"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.crypto-bigint]]
|
||||
version = "0.5.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.crypto-common]]
|
||||
version = "0.1.6"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.curve25519-dalek]]
|
||||
version = "4.1.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.curve25519-dalek-derive]]
|
||||
version = "0.1.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.debugless-unwrap]]
|
||||
version = "0.0.4"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.der]]
|
||||
version = "0.7.8"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.derive-getters]]
|
||||
version = "0.3.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.digest]]
|
||||
version = "0.10.7"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.ecdsa]]
|
||||
version = "0.16.8"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.ed25519]]
|
||||
version = "2.2.2"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.ed25519-dalek]]
|
||||
version = "2.0.0"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.ed448-goldilocks]]
|
||||
version = "0.9.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.elliptic-curve]]
|
||||
version = "0.13.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.encode_unicode]]
|
||||
version = "0.3.6"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.errno]]
|
||||
version = "0.3.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.errno-dragonfly]]
|
||||
version = "0.1.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.ff]]
|
||||
version = "0.13.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.fiat-crypto]]
|
||||
version = "0.1.20"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.fiat-crypto]]
|
||||
version = "0.2.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.frost-core]]
|
||||
version = "0.7.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.frost-ed25519]]
|
||||
version = "0.7.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.frost-ed448]]
|
||||
version = "0.7.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.frost-p256]]
|
||||
version = "0.7.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.frost-rerandomized]]
|
||||
version = "0.7.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.frost-ristretto255]]
|
||||
version = "0.7.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.frost-secp256k1]]
|
||||
version = "0.7.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.generic-array]]
|
||||
version = "0.14.7"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.getrandom]]
|
||||
version = "0.2.10"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.group]]
|
||||
version = "0.13.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.hash32]]
|
||||
version = "0.2.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.heapless]]
|
||||
version = "0.7.16"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.hermit-abi]]
|
||||
version = "0.3.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.hmac]]
|
||||
version = "0.12.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.insta]]
|
||||
version = "1.31.0"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.is-terminal]]
|
||||
version = "0.4.9"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.itertools]]
|
||||
version = "0.10.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.itertools]]
|
||||
version = "0.11.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.itoa]]
|
||||
version = "1.0.9"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.js-sys]]
|
||||
version = "0.3.64"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.k256]]
|
||||
version = "0.13.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.keccak]]
|
||||
version = "0.1.4"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.libc]]
|
||||
version = "0.2.148"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.libm]]
|
||||
version = "0.2.7"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.linux-raw-sys]]
|
||||
version = "0.4.7"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.litrs]]
|
||||
version = "0.2.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.lock_api]]
|
||||
version = "0.4.10"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.memchr]]
|
||||
version = "2.6.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.memoffset]]
|
||||
version = "0.9.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.num-traits]]
|
||||
version = "0.2.16"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.num_cpus]]
|
||||
version = "1.16.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.once_cell]]
|
||||
version = "1.18.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.oorandom]]
|
||||
version = "11.1.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.p256]]
|
||||
version = "0.13.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.pem-rfc7468]]
|
||||
version = "0.7.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.pkcs8]]
|
||||
version = "0.10.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.plotters]]
|
||||
version = "0.3.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.plotters-backend]]
|
||||
version = "0.3.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.plotters-svg]]
|
||||
version = "0.3.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.postcard]]
|
||||
version = "1.0.7"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.ppv-lite86]]
|
||||
version = "0.2.17"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.primeorder]]
|
||||
version = "0.13.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.proc-macro2]]
|
||||
version = "1.0.67"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.proptest]]
|
||||
version = "1.2.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.quick-error]]
|
||||
version = "1.2.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.quote]]
|
||||
version = "1.0.33"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rand]]
|
||||
version = "0.8.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rand_chacha]]
|
||||
version = "0.3.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rand_core]]
|
||||
version = "0.6.4"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rayon]]
|
||||
version = "1.7.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rayon-core]]
|
||||
version = "1.11.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.redox_syscall]]
|
||||
version = "0.3.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.regex]]
|
||||
version = "1.9.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.regex-automata]]
|
||||
version = "0.3.8"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.regex-syntax]]
|
||||
version = "0.6.29"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.regex-syntax]]
|
||||
version = "0.7.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rfc6979]]
|
||||
version = "0.4.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rustix]]
|
||||
version = "0.38.13"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.rusty-fork]]
|
||||
version = "0.3.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.ryu]]
|
||||
version = "1.0.15"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.same-file]]
|
||||
version = "1.0.6"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.scopeguard]]
|
||||
version = "1.2.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.sec1]]
|
||||
version = "0.7.3"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.semver]]
|
||||
version = "1.0.18"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.serde]]
|
||||
version = "1.0.188"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.serde_derive]]
|
||||
version = "1.0.188"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.serde_json]]
|
||||
version = "1.0.107"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.serdect]]
|
||||
version = "0.2.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.sha2]]
|
||||
version = "0.10.7"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.sha3]]
|
||||
version = "0.10.8"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.similar]]
|
||||
version = "2.2.1"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.spin]]
|
||||
version = "0.9.8"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.spki]]
|
||||
version = "0.7.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.stable_deref_trait]]
|
||||
version = "1.2.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.syn]]
|
||||
version = "1.0.109"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.syn]]
|
||||
version = "2.0.33"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.tempfile]]
|
||||
version = "3.8.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.thiserror]]
|
||||
version = "1.0.48"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.thiserror-impl]]
|
||||
version = "1.0.48"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.tinytemplate]]
|
||||
version = "1.2.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.typenum]]
|
||||
version = "1.16.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.unarray]]
|
||||
version = "0.1.4"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.unicode-ident]]
|
||||
version = "1.0.12"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.visibility]]
|
||||
version = "0.1.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.wait-timeout]]
|
||||
version = "0.2.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.walkdir]]
|
||||
version = "2.4.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.wasi]]
|
||||
version = "0.11.0+wasi-snapshot-preview1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.wasm-bindgen]]
|
||||
version = "0.2.87"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.wasm-bindgen-backend]]
|
||||
version = "0.2.87"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.wasm-bindgen-macro]]
|
||||
version = "0.2.87"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.wasm-bindgen-macro-support]]
|
||||
version = "0.2.87"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.wasm-bindgen-shared]]
|
||||
version = "0.2.87"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.web-sys]]
|
||||
version = "0.3.64"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.winapi]]
|
||||
version = "0.3.9"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.winapi-i686-pc-windows-gnu]]
|
||||
version = "0.4.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.winapi-util]]
|
||||
version = "0.1.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.winapi-x86_64-pc-windows-gnu]]
|
||||
version = "0.4.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.windows-sys]]
|
||||
version = "0.45.0"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.windows-sys]]
|
||||
version = "0.48.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.windows-targets]]
|
||||
version = "0.42.2"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.windows-targets]]
|
||||
version = "0.48.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.windows_aarch64_gnullvm]]
|
||||
version = "0.42.2"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.windows_aarch64_gnullvm]]
|
||||
version = "0.48.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.windows_aarch64_msvc]]
|
||||
version = "0.42.2"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.windows_aarch64_msvc]]
|
||||
version = "0.48.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.windows_i686_gnu]]
|
||||
version = "0.42.2"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.windows_i686_gnu]]
|
||||
version = "0.48.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.windows_i686_msvc]]
|
||||
version = "0.42.2"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.windows_i686_msvc]]
|
||||
version = "0.48.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.windows_x86_64_gnu]]
|
||||
version = "0.42.2"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.windows_x86_64_gnu]]
|
||||
version = "0.48.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.windows_x86_64_gnullvm]]
|
||||
version = "0.42.2"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.windows_x86_64_gnullvm]]
|
||||
version = "0.48.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.windows_x86_64_msvc]]
|
||||
version = "0.42.2"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.windows_x86_64_msvc]]
|
||||
version = "0.48.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.yaml-rust]]
|
||||
version = "0.4.5"
|
||||
criteria = "safe-to-run"
|
||||
|
||||
[[exemptions.zeroize]]
|
||||
version = "1.6.0"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.zeroize_derive]]
|
||||
version = "1.4.2"
|
||||
criteria = "safe-to-deploy"
|
|
@ -0,0 +1,233 @@
|
|||
|
||||
# cargo-vet imports lock
|
||||
|
||||
[[audits.google.audits.cfg-if]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.0.0"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.console]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
version = "0.15.5"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.console]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-run"
|
||||
delta = "0.15.5 -> 0.15.7"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.document-features]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.2.7"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.fastrand]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.9.0"
|
||||
notes = """
|
||||
`does-not-implement-crypto` is certified because this crate explicitly says
|
||||
that the RNG here is not cryptographically secure.
|
||||
"""
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.version_check]]
|
||||
who = "George Burgess IV <gbiv@google.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.9.4"
|
||||
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.mozilla.audits.autocfg]]
|
||||
who = "Josh Stone <jistone@redhat.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.1.0"
|
||||
notes = "All code written or reviewed by Josh Stone."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.bit-set]]
|
||||
who = "Aria Beingessner <a.beingessner@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.5.2"
|
||||
notes = "Another crate I own via contain-rs that is ancient and maintenance mode, no known issues."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.bit-set]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.5.2 -> 0.5.3"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.bit-vec]]
|
||||
who = "Aria Beingessner <a.beingessner@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.6.3"
|
||||
notes = "Another crate I own via contain-rs that is ancient and in maintenance mode but otherwise perfectly fine."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.either]]
|
||||
who = "Nika Layzell <nika@thelayzells.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.6.1"
|
||||
notes = """
|
||||
Straightforward crate providing the Either enum and trait implementations with
|
||||
no unsafe code.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.either]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.6.1 -> 1.7.0"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.either]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.7.0 -> 1.8.0"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.either]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.8.0 -> 1.8.1"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.fastrand]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.9.0 -> 2.0.0"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.fnv]]
|
||||
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.0.7"
|
||||
notes = "Simple hasher implementation with no unsafe code."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.half]]
|
||||
who = "John M. Schanck <jschanck@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.8.2"
|
||||
notes = """
|
||||
This crate contains unsafe code for bitwise casts to/from binary16 floating-point
|
||||
format. I've reviewed these and found no issues. There are no uses of ambient
|
||||
capabilities.
|
||||
"""
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.hex]]
|
||||
who = "Simon Friedberger <simon@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.4.3"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.lazy_static]]
|
||||
who = "Nika Layzell <nika@thelayzells.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.4.0"
|
||||
notes = "I have read over the macros, and audited the unsafe code."
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.linked-hash-map]]
|
||||
who = "Aria Beingessner <a.beingessner@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.5.4"
|
||||
notes = "I own this crate (I am contain-rs) and 0.5.4 passes miri. This code is very old and used by lots of people, so I'm pretty confident in it, even though it's in maintenance-mode and missing some nice-to-have APIs."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.linked-hash-map]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-run"
|
||||
delta = "0.5.4 -> 0.5.6"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.log]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.4.17"
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.log]]
|
||||
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.4.17 -> 0.4.18"
|
||||
notes = "One dependency removed, others updated (which we don't rely on), some APIs (which we don't use) changed."
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.subtle]]
|
||||
who = "Simon Friedberger <simon@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "2.5.0"
|
||||
notes = "The goal is to provide some constant-time correctness for cryptographic implementations. The approach is reasonable, it is known to be insufficient but this is pointed out in the documentation."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.either]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.8.1 -> 1.9.0"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.log]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.4.18 -> 0.4.19"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.log]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.4.19 -> 0.4.20"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.platforms]]
|
||||
who = "Daira Emma Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "3.0.2"
|
||||
notes = """
|
||||
This crate uses `#![forbid(unsafe_code)]` and its build script is safe. It only \"provides programmatic access to
|
||||
information about valid Rust platforms, sourced from the Rust compiler\"; it does not attempt any detection that
|
||||
would require unsafety.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.platforms]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "3.0.2 -> 3.1.2"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.rand_xorshift]]
|
||||
who = "Sean Bowe <ewillbefull@gmail.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.3.0"
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.rustc_version]]
|
||||
who = "Jack Grigg <jack@electriccoin.co>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.4.0"
|
||||
notes = """
|
||||
Most of the crate is code to parse and validate the output of `rustc -vV`. The caller can
|
||||
choose which `rustc` to use, or can use `rustc_version::{version, version_meta}` which will
|
||||
try `$RUSTC` followed by `rustc`.
|
||||
|
||||
If an adversary can arbitrarily set the `$RUSTC` environment variable then this crate will
|
||||
execute arbitrary code. But when this crate is used within a build script, `$RUSTC` should
|
||||
be set correctly by `cargo`.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
||||
|
||||
[[audits.zcash.audits.signature]]
|
||||
who = "Daira Emma Hopwood <daira@jacaranda.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "2.1.0"
|
||||
notes = """
|
||||
This crate uses `#![forbid(unsafe_code)]`, has no build script, and only provides traits with some trivial default implementations.
|
||||
I did not review whether implementing these APIs would present any undocumented cryptographic hazards.
|
||||
"""
|
||||
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
|
Loading…
Reference in New Issue