zecfoundation
/
zcashd
mirror of https://github.com/ZcashFoundation/zcashd.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #6547 from str4d/fix-cargo-vet 

Fix `cargo vet`
This commit is contained in:
str4d 2023-04-12 21:38:30 +01:00 committed by GitHub
parent 035e21a610 c468437e31
commit 6274da265d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 147 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
doc/book/src/dev/rust.md
View File

@ -64,6 +64,40 @@ To add dependencies that are compatible with the reproducible build system, you
./zcutil/build.sh
```
## Using an unpublished Rust dependency
Occasionally we may need to depend on an unpublished git revision of a crate.
We sometimes want to prove out API changes to the `zcash_*` Rust crates by
migrating `zcashd` to them first, before making a public crate release. Or we
might need to cut a `zcashd` release before some upstream dependency has
published a fix we need. In these cases, we use patch dependencies.
For example, to use an unpublished version of the `orchard` crate that includes
a new API, add the following patch to `Cargo.toml`:
```
[dependencies]
# This dependency is listed with a version, meaning it comes from crates.io; the
# patch goes into a [patch.crates-io] section.
orchard = "0.4"
...
[patch.crates-io]
orchard = { git = "https://github.com/zcash/orchard.git", rev = "..." }
```
Note that if the git repository contains a workspace of interconnected crates
(for example, https://github.com/zcash/librustzcash), you will need to provide
patches for each of the dependencies that reference the same git revision.
You also need to update `.cargo/config.offline` to add a replacement definition
for each `(git, rev)` pair. Run `./test/lint/lint-cargo-patches.sh` to get the
lines that need to be present.
Finally, `./qa/supply-chain/config.toml` needs to be updated to ignore patched
dependencies. Run `cargo vet regenerate audit-as-crates-io`, and then ensure the
newly-added lines are of the form `audit-as-crates-io = false`.
## Using a local Rust dependency
During development, you can use a locally checked out version of a dependency

46
qa/supply-chain/audits.toml
View File

@ -19,6 +19,11 @@ criteria = "safe-to-deploy"
delta = "0.4.3 -> 0.5.1"
notes = "Adds an AeadCore::generate_nonce function to generate random nonces, given a CryptoRng."
[[audits.aead]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = ["safe-to-deploy", "crypto-reviewed"]
delta = "0.5.1 -> 0.5.2"
[[audits.anyhow]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
@ -443,6 +448,17 @@ Changes to `unsafe` usage are to split `Either::project` into `Either::as_pin_re
documentation.
"""
[[audits.futures-util]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.3.27 -> 0.3.28"
notes = """
- MSRV bumped to 1.56.
- Changes to `unsafe` code are to move a function call outside an `unsafe fn`,
and to call the `unsafe fn` earlier. The safety requirement of being in the
`POLLING` state appears to be preserved.
"""
[[audits.generic-array]]
who = "Sean Bowe <ewillbefull@gmail.com>"
criteria = "safe-to-deploy"
@ -484,6 +500,12 @@ criteria = ["crypto-reviewed", "safe-to-deploy"]
delta = "0.1.0 -> 0.2.0"
notes = "The ECC core team maintains this crate, and we have reviewed every line."
[[audits.halo2_gadgets]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = ["safe-to-deploy", "crypto-reviewed"]
delta = "0.2.0 -> 0.3.0"
notes = "The ECC core team maintains this crate, and we have reviewed every line."
[[audits.halo2_legacy_pdqsort]]
who = "Sean Bowe <ewillbefull@gmail.com>"
criteria = "safe-to-deploy"
@ -502,6 +524,15 @@ criteria = ["crypto-reviewed", "safe-to-deploy"]
delta = "0.1.0 -> 0.2.0"
notes = "The ECC core team maintains this crate, and we have reviewed every line."
[[audits.halo2_proofs]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = ["safe-to-deploy", "crypto-reviewed"]
delta = "0.2.0 -> 0.3.0"
notes = """
The ECC core team maintains this crate, and we have reviewed every line.
The crate has `deny(unsafe_code)`.
"""
[[audits.http]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
@ -843,6 +874,11 @@ who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.0.51 -> 1.0.52"
[[audits.proc-macro2]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.0.54 -> 1.0.56"
[[audits.quanta]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
@ -973,6 +1009,11 @@ criteria = "safe-to-deploy"
delta = "1.0.107 -> 1.0.109"
notes = "Fixes string literal parsing to only skip specified whitespace characters."
[[audits.syn]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "2.0.11 -> 2.0.13"
[[audits.terminfo]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
@ -1402,3 +1443,8 @@ notes = "Removes `T: Drop` bound from `impl<T: Zeroize> Drop for SomeType<T>`. I
who = "Sean Bowe <ewillbefull@gmail.com>"
criteria = "safe-to-deploy"
delta = "1.3.3 -> 1.4.1"
[[audits.zeroize_derive]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.4.1 -> 1.4.2"

63
qa/supply-chain/config.toml
View File

@ -7,18 +7,45 @@ version = "0.6"
[imports.bytecode-alliance]
url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-chain/audits.toml"
[imports.chromeos]
url = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/main/cargo-vet/audits.toml?format=TEXT"
[imports.embark-studios]
url = "https://raw.githubusercontent.com/EmbarkStudios/rust-ecosystem/main/audits.toml"
[imports.google]
url = "https://raw.githubusercontent.com/google/supply-chain/main/audits.toml"
[imports.isrg]
url = "https://raw.githubusercontent.com/divviup/libprio-rs/main/supply-chain/audits.toml"
[imports.mozilla]
url = "https://raw.githubusercontent.com/mozilla/supply-chain/main/audits.toml"
[policy.equihash]
audit-as-crates-io = false
[policy.f4jumble]
audit-as-crates-io = false
[policy.orchard]
audit-as-crates-io = false
[policy.zcash_address]
audit-as-crates-io = false
[policy.zcash_encoding]
audit-as-crates-io = false
[policy.zcash_history]
audit-as-crates-io = false
[policy.zcash_note_encryption]
audit-as-crates-io = false
[policy.zcash_primitives]
audit-as-crates-io = false
[policy.zcash_proofs]
audit-as-crates-io = false
[[exemptions.addr2line]]
version = "0.17.0"
criteria = "safe-to-deploy"
@ -112,7 +139,7 @@ version = "1.0.79"
criteria = "safe-to-deploy"
[[exemptions.chacha20]]
version = "0.8.1"
version = "0.9.1"
criteria = "safe-to-deploy"
[[exemptions.chacha20poly1305]]
@ -159,10 +186,6 @@ criteria = "safe-to-deploy"
version = "1.0.68"
criteria = "safe-to-deploy"
[[exemptions.cxxbridge-flags]]
version = "1.0.68"
criteria = "safe-to-deploy"
[[exemptions.cxxbridge-macro]]
version = "1.0.68"
criteria = "safe-to-deploy"
@ -259,10 +282,6 @@ criteria = "safe-to-deploy"
version = "1.8.0"
criteria = "safe-to-deploy"
[[exemptions.httpdate]]
version = "1.0.2"
criteria = "safe-to-deploy"
[[exemptions.hyper]]
version = "0.14.25"
criteria = "safe-to-deploy"
@ -443,10 +462,6 @@ criteria = "safe-to-deploy"
version = "0.2.9"
criteria = "safe-to-deploy"
[[exemptions.pin-utils]]
version = "0.1.0"
criteria = "safe-to-deploy"
[[exemptions.poly1305]]
version = "0.7.2"
criteria = "safe-to-deploy"
@ -636,7 +651,7 @@ version = "0.2.7"
criteria = "safe-to-deploy"
[[exemptions.tokio]]
version = "1.26.0"
version = "1.27.0"
criteria = "safe-to-deploy"
[[exemptions.toml_edit]]
@ -667,10 +682,6 @@ criteria = "safe-to-deploy"
version = "0.3.16"
criteria = "safe-to-deploy"
[[exemptions.try-lock]]
version = "0.2.3"
criteria = "safe-to-deploy"
[[exemptions.typenum]]
version = "1.15.0"
criteria = "safe-to-deploy"
@ -679,18 +690,10 @@ criteria = "safe-to-deploy"
version = "0.9.4"
criteria = "safe-to-deploy"
[[exemptions.unicode-xid]]
version = "0.2.4"
criteria = "safe-to-deploy"
[[exemptions.valuable]]
version = "0.1.0"
criteria = "safe-to-deploy"
[[exemptions.want]]
version = "0.3.0"
criteria = "safe-to-deploy"
[[exemptions.wasi]]
version = "0.10.2+wasi-snapshot-preview1"
criteria = "safe-to-deploy"
@ -736,7 +739,7 @@ version = "0.4.0"
criteria = "safe-to-deploy"
[[exemptions.winnow]]
version = "0.3.6"
version = "0.4.1"
criteria = "safe-to-deploy"
[[exemptions.wyz]]

74
qa/supply-chain/imports.lock
View File

@ -64,12 +64,23 @@ criteria = "safe-to-deploy"
version = "0.3.27"
notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
[[audits.bytecode-alliance.audits.httpdate]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "1.0.2"
notes = "No unsafety, no io"
[[audits.bytecode-alliance.audits.memoffset]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "0.7.1 -> 0.8.0"
notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes."
[[audits.bytecode-alliance.audits.pin-utils]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.0"
[[audits.bytecode-alliance.audits.rustc-demangle]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
@ -96,6 +107,12 @@ intended to multiplex across the internal representation of a tinyvec,
presumably. This trivially doesn't contain anything bad.
"""
[[audits.bytecode-alliance.audits.try-lock]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.2.4"
notes = "Implements a concurrency primitive with atomics, and is not obviously incorrect"
[[audits.bytecode-alliance.audits.unicode-normalization]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
@ -108,6 +125,11 @@ throughout the ecosystem and skimming the crate shows no usage of `std::*` APIs
and nothing suspicious.
"""
[[audits.bytecode-alliance.audits.want]]
who = "Pat Hickey <phickey@fastly.com>"
criteria = "safe-to-deploy"
version = "0.3.0"
[[audits.bytecode-alliance.audits.windows-sys]]
who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy"
@ -168,16 +190,23 @@ criteria = "safe-to-deploy"
version = "0.42.0"
notes = "This is a Windows API bindings library maintained by Microsoft themselves."
[[audits.chromeos.audits.version_check]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "0.9.4"
[[audits.embark-studios.audits.anyhow]]
who = "Johan Andersson <opensource@embark-studios.com>"
criteria = "safe-to-deploy"
version = "1.0.58"
[[audits.google.audits.cxxbridge-flags]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "1.0.92"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.version_check]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "0.9.4"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.isrg.audits.block-buffer]]
who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy"
@ -407,30 +436,6 @@ version = "1.0.7"
notes = "Simple hasher implementation with no unsafe code."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.futures-channel]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.futures-channel]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.23 -> 0.3.25"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.futures-core]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.21 -> 0.3.23"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.futures-core]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.3.23 -> 0.3.25"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.futures-task]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
@ -718,17 +723,6 @@ criteria = "safe-to-deploy"
delta = "1.0.91 -> 1.0.93"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.synstructure]]
who = "Nika Layzell <nika@thelayzells.com>"
criteria = "safe-to-deploy"
version = "0.12.6"
notes = """
I am the primary author of the `synstructure` crate, and its current
maintainer. The one use of `unsafe` is unnecessary, but documented and
harmless. It will be removed in the next version.
"""
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.thiserror]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"