qa: Import Rust crate audits from Embark Studios
This commit is contained in:
parent
ea9dab68e4
commit
172ac8516f
|
@ -4,6 +4,9 @@
|
|||
[imports.bytecode-alliance]
|
||||
url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-chain/audits.toml"
|
||||
|
||||
[imports.embark-studios]
|
||||
url = "https://raw.githubusercontent.com/EmbarkStudios/rust-ecosystem/main/audits.toml"
|
||||
|
||||
[imports.firefox]
|
||||
url = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
|
@ -61,10 +64,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.7.19"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.anyhow]]
|
||||
version = "1.0.56"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.arrayref]]
|
||||
version = "0.3.6"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
|
@ -168,6 +168,23 @@ criteria = "safe-to-deploy"
|
|||
version = "0.42.0"
|
||||
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
|
||||
|
||||
[[audits.embark-studios.audits.anyhow]]
|
||||
who = "Johan Andersson <opensource@embark-studios.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.0.58"
|
||||
|
||||
[[audits.embark-studios.audits.anyhow]]
|
||||
who = "Johan Andersson <opensource@embark-studios.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.0.58 -> 1.0.66"
|
||||
notes = "New unsafe usage, looks sane. Expert maintainer"
|
||||
|
||||
[[audits.embark-studios.audits.tinyvec_macros]]
|
||||
who = "Johan Andersson <opensource@embark-studios.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "0.1.0"
|
||||
notes = "Inspected it and is a tiny crate with single safe macro"
|
||||
|
||||
[[audits.firefox.audits.aho-corasick]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
Loading…
Reference in New Issue