introduce cargo vet
This commit is contained in:
@@ -0,0 +1,7 @@
|
|||||||
|
|
||||||
|
# cargo-vet audits file
|
||||||
|
|
||||||
|
[[audits.windows-link]]
|
||||||
|
who = "ddidderr <ddidderr@paul.network>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.1 -> 0.1.3"
|
||||||
@@ -0,0 +1,2184 @@
|
|||||||
|
|
||||||
|
# cargo-vet config file
|
||||||
|
|
||||||
|
[cargo-vet]
|
||||||
|
version = "0.10"
|
||||||
|
|
||||||
|
[imports.actix]
|
||||||
|
url = "https://raw.githubusercontent.com/actix/supply-chain/main/audits.toml"
|
||||||
|
|
||||||
|
[imports.bytecodealliance]
|
||||||
|
url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[imports.google]
|
||||||
|
url = "https://raw.githubusercontent.com/google/supply-chain/main/audits.toml"
|
||||||
|
|
||||||
|
[imports.mozilla]
|
||||||
|
url = "https://raw.githubusercontent.com/mozilla/supply-chain/main/audits.toml"
|
||||||
|
|
||||||
|
[imports.mozilla-cargo-vet]
|
||||||
|
url = "https://raw.githubusercontent.com/mozilla/cargo-vet/refs/heads/main/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[exemptions.addr2line]]
|
||||||
|
version = "0.24.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.adler2]]
|
||||||
|
version = "2.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ahash]]
|
||||||
|
version = "0.7.8"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.aho-corasick]]
|
||||||
|
version = "1.1.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.alloc-no-stdlib]]
|
||||||
|
version = "2.0.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.alloc-stdlib]]
|
||||||
|
version = "0.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.allocator-api2]]
|
||||||
|
version = "0.2.21"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.android_log-sys]]
|
||||||
|
version = "0.3.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.android_logger]]
|
||||||
|
version = "0.15.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.anstream]]
|
||||||
|
version = "0.6.20"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.anstyle]]
|
||||||
|
version = "1.0.11"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.anstyle-parse]]
|
||||||
|
version = "0.2.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.anstyle-query]]
|
||||||
|
version = "1.1.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.anstyle-wincon]]
|
||||||
|
version = "3.0.10"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.anyhow]]
|
||||||
|
version = "1.0.99"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ashpd]]
|
||||||
|
version = "0.9.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.async-broadcast]]
|
||||||
|
version = "0.7.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.async-channel]]
|
||||||
|
version = "2.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.async-io]]
|
||||||
|
version = "2.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.async-lock]]
|
||||||
|
version = "3.4.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.async-process]]
|
||||||
|
version = "2.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.async-recursion]]
|
||||||
|
version = "1.1.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.async-signal]]
|
||||||
|
version = "0.2.12"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.async-task]]
|
||||||
|
version = "4.7.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.async-trait]]
|
||||||
|
version = "0.1.89"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.atk]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.atk-sys]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.atoi]]
|
||||||
|
version = "2.0.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.atomic-waker]]
|
||||||
|
version = "1.1.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.autocfg]]
|
||||||
|
version = "1.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.aws-lc-rs]]
|
||||||
|
version = "1.13.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.aws-lc-sys]]
|
||||||
|
version = "0.30.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.backtrace]]
|
||||||
|
version = "0.3.75"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.base64]]
|
||||||
|
version = "0.21.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.bindgen]]
|
||||||
|
version = "0.69.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.bitflags]]
|
||||||
|
version = "2.9.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.bitvec]]
|
||||||
|
version = "1.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.block-buffer]]
|
||||||
|
version = "0.10.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.block2]]
|
||||||
|
version = "0.5.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.block2]]
|
||||||
|
version = "0.6.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.blocking]]
|
||||||
|
version = "1.6.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.borsh]]
|
||||||
|
version = "1.3.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.borsh-derive]]
|
||||||
|
version = "1.3.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.brotli]]
|
||||||
|
version = "8.0.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.brotli-decompressor]]
|
||||||
|
version = "5.0.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.byte-unit]]
|
||||||
|
version = "5.1.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.bytecheck]]
|
||||||
|
version = "0.6.12"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.bytecheck_derive]]
|
||||||
|
version = "0.6.12"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.bytemuck]]
|
||||||
|
version = "1.23.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.bytes]]
|
||||||
|
version = "1.10.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cairo-rs]]
|
||||||
|
version = "0.18.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cairo-sys-rs]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.camino]]
|
||||||
|
version = "1.1.12"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cargo-platform]]
|
||||||
|
version = "0.1.9"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cargo_metadata]]
|
||||||
|
version = "0.19.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cargo_toml]]
|
||||||
|
version = "0.22.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cc]]
|
||||||
|
version = "1.2.34"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cesu8]]
|
||||||
|
version = "1.1.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cfb]]
|
||||||
|
version = "0.7.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cfg-expr]]
|
||||||
|
version = "0.15.8"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cfg-if]]
|
||||||
|
version = "1.0.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cfg_aliases]]
|
||||||
|
version = "0.1.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.chrono]]
|
||||||
|
version = "0.4.41"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.clang-sys]]
|
||||||
|
version = "1.8.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.clap]]
|
||||||
|
version = "4.5.46"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.clap_builder]]
|
||||||
|
version = "4.5.46"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.clap_derive]]
|
||||||
|
version = "4.5.45"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.clap_lex]]
|
||||||
|
version = "0.7.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cmake]]
|
||||||
|
version = "0.1.54"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.colorchoice]]
|
||||||
|
version = "1.0.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.combine]]
|
||||||
|
version = "4.6.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.concurrent-queue]]
|
||||||
|
version = "2.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.convert_case]]
|
||||||
|
version = "0.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cookie]]
|
||||||
|
version = "0.18.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.core-foundation]]
|
||||||
|
version = "0.10.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cpufeatures]]
|
||||||
|
version = "0.2.17"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.crc]]
|
||||||
|
version = "3.3.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.crc-catalog]]
|
||||||
|
version = "2.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.crc32fast]]
|
||||||
|
version = "1.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.crossbeam-channel]]
|
||||||
|
version = "0.5.15"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.crossbeam-queue]]
|
||||||
|
version = "0.3.12"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.crossbeam-utils]]
|
||||||
|
version = "0.8.21"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ctor]]
|
||||||
|
version = "0.2.9"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.cuckoofilter]]
|
||||||
|
version = "0.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.darling]]
|
||||||
|
version = "0.20.11"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.darling_core]]
|
||||||
|
version = "0.20.11"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.darling_macro]]
|
||||||
|
version = "0.20.11"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.derivative]]
|
||||||
|
version = "2.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.derive_more]]
|
||||||
|
version = "0.99.20"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.digest]]
|
||||||
|
version = "0.10.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dirs]]
|
||||||
|
version = "6.0.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dirs-sys]]
|
||||||
|
version = "0.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dispatch]]
|
||||||
|
version = "0.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dispatch2]]
|
||||||
|
version = "0.3.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dlib]]
|
||||||
|
version = "0.5.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dlopen2]]
|
||||||
|
version = "0.8.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dlopen2_derive]]
|
||||||
|
version = "0.4.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dotenvy]]
|
||||||
|
version = "0.15.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.downcast-rs]]
|
||||||
|
version = "1.2.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dpi]]
|
||||||
|
version = "0.1.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dtoa]]
|
||||||
|
version = "1.0.10"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dtoa-short]]
|
||||||
|
version = "0.3.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dunce]]
|
||||||
|
version = "1.0.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.dyn-clone]]
|
||||||
|
version = "1.0.20"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.embed-resource]]
|
||||||
|
version = "3.0.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.embed_plist]]
|
||||||
|
version = "1.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.endi]]
|
||||||
|
version = "1.1.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.enumflags2]]
|
||||||
|
version = "0.7.12"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.enumflags2_derive]]
|
||||||
|
version = "0.7.12"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.env_filter]]
|
||||||
|
version = "0.1.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.erased-serde]]
|
||||||
|
version = "0.4.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.errno]]
|
||||||
|
version = "0.3.13"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.event-listener]]
|
||||||
|
version = "5.4.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.event-listener-strategy]]
|
||||||
|
version = "0.5.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.eyre]]
|
||||||
|
version = "0.6.12"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.fern]]
|
||||||
|
version = "0.7.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.field-offset]]
|
||||||
|
version = "0.3.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.flate2]]
|
||||||
|
version = "1.1.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.flume]]
|
||||||
|
version = "0.11.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.form_urlencoded]]
|
||||||
|
version = "1.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.fs_extra]]
|
||||||
|
version = "1.3.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.funty]]
|
||||||
|
version = "2.0.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.futf]]
|
||||||
|
version = "0.1.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.futures-intrusive]]
|
||||||
|
version = "0.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.futures-lite]]
|
||||||
|
version = "2.6.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.futures-task]]
|
||||||
|
version = "0.3.31"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.futures-util]]
|
||||||
|
version = "0.3.31"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gdk]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gdk-pixbuf]]
|
||||||
|
version = "0.18.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gdk-pixbuf-sys]]
|
||||||
|
version = "0.18.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gdk-sys]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gdkwayland-sys]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gdkx11]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gdkx11-sys]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.generic-array]]
|
||||||
|
version = "0.14.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gethostname]]
|
||||||
|
version = "1.0.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.getrandom]]
|
||||||
|
version = "0.1.16"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.getrandom]]
|
||||||
|
version = "0.2.16"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.getrandom]]
|
||||||
|
version = "0.3.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gio]]
|
||||||
|
version = "0.18.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gio-sys]]
|
||||||
|
version = "0.18.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.glib]]
|
||||||
|
version = "0.18.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.glib-macros]]
|
||||||
|
version = "0.18.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.glib-sys]]
|
||||||
|
version = "0.18.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.glob]]
|
||||||
|
version = "0.3.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gobject-sys]]
|
||||||
|
version = "0.18.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gtk]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gtk-sys]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.gtk3-macros]]
|
||||||
|
version = "0.18.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.hash_hasher]]
|
||||||
|
version = "2.0.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.hashbrown]]
|
||||||
|
version = "0.15.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.hashlink]]
|
||||||
|
version = "0.10.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.hermit-abi]]
|
||||||
|
version = "0.5.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.hex-literal]]
|
||||||
|
version = "0.4.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.html5ever]]
|
||||||
|
version = "0.29.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.http]]
|
||||||
|
version = "1.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.http-body]]
|
||||||
|
version = "1.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.http-body-util]]
|
||||||
|
version = "0.1.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.httparse]]
|
||||||
|
version = "1.10.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.hyper]]
|
||||||
|
version = "1.7.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.hyper-util]]
|
||||||
|
version = "0.1.16"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ico]]
|
||||||
|
version = "0.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ident_case]]
|
||||||
|
version = "1.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.idna]]
|
||||||
|
version = "1.1.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.if-addrs]]
|
||||||
|
version = "0.14.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.indenter]]
|
||||||
|
version = "0.3.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.indexmap]]
|
||||||
|
version = "1.9.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.indexmap]]
|
||||||
|
version = "2.11.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.infer]]
|
||||||
|
version = "0.19.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.intrusive-collections]]
|
||||||
|
version = "0.9.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.io-uring]]
|
||||||
|
version = "0.7.10"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ipnet]]
|
||||||
|
version = "2.11.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.iri-string]]
|
||||||
|
version = "0.7.8"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.is_terminal_polyfill]]
|
||||||
|
version = "1.70.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.itertools]]
|
||||||
|
version = "0.12.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.javascriptcore-rs]]
|
||||||
|
version = "1.1.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.javascriptcore-rs-sys]]
|
||||||
|
version = "1.1.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.jni]]
|
||||||
|
version = "0.21.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.jni-sys]]
|
||||||
|
version = "0.3.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.jobserver]]
|
||||||
|
version = "0.1.34"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.js-sys]]
|
||||||
|
version = "0.3.77"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.json-patch]]
|
||||||
|
version = "3.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.jsonptr]]
|
||||||
|
version = "0.6.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.keyboard-types]]
|
||||||
|
version = "0.7.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.kuchikiki]]
|
||||||
|
version = "0.8.8-speedreader"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.lazycell]]
|
||||||
|
version = "1.3.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.libappindicator]]
|
||||||
|
version = "0.9.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.libappindicator-sys]]
|
||||||
|
version = "0.9.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.libc]]
|
||||||
|
version = "0.2.175"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.libloading]]
|
||||||
|
version = "0.7.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.libloading]]
|
||||||
|
version = "0.8.8"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.libm]]
|
||||||
|
version = "0.2.15"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.libmimalloc-sys]]
|
||||||
|
version = "0.1.44"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.libredox]]
|
||||||
|
version = "0.1.9"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.libsqlite3-sys]]
|
||||||
|
version = "0.30.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.linux-raw-sys]]
|
||||||
|
version = "0.4.15"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.linux-raw-sys]]
|
||||||
|
version = "0.9.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.lock_api]]
|
||||||
|
version = "0.4.13"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.mac]]
|
||||||
|
version = "0.1.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.markup5ever]]
|
||||||
|
version = "0.14.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.match_token]]
|
||||||
|
version = "0.1.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.mdns-sd]]
|
||||||
|
version = "0.14.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.memchr]]
|
||||||
|
version = "2.7.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.memoffset]]
|
||||||
|
version = "0.9.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.mimalloc]]
|
||||||
|
version = "0.1.48"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.mime]]
|
||||||
|
version = "0.3.17"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.minimal-lexical]]
|
||||||
|
version = "0.2.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.mio]]
|
||||||
|
version = "1.0.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.muda]]
|
||||||
|
version = "0.17.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ndk]]
|
||||||
|
version = "0.9.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ndk-context]]
|
||||||
|
version = "0.1.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ndk-sys]]
|
||||||
|
version = "0.6.0+11769913"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.new_debug_unreachable]]
|
||||||
|
version = "1.0.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.nix]]
|
||||||
|
version = "0.27.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.nodrop]]
|
||||||
|
version = "0.1.14"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.num_enum]]
|
||||||
|
version = "0.7.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.num_enum_derive]]
|
||||||
|
version = "0.7.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.num_threads]]
|
||||||
|
version = "0.1.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc-sys]]
|
||||||
|
version = "0.3.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2]]
|
||||||
|
version = "0.5.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2]]
|
||||||
|
version = "0.6.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-app-kit]]
|
||||||
|
version = "0.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-app-kit]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-cloud-kit]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-core-data]]
|
||||||
|
version = "0.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-core-data]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-core-foundation]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-core-graphics]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-core-image]]
|
||||||
|
version = "0.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-core-image]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-encode]]
|
||||||
|
version = "4.1.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-exception-helper]]
|
||||||
|
version = "0.1.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-foundation]]
|
||||||
|
version = "0.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-foundation]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-io-surface]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-javascript-core]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-metal]]
|
||||||
|
version = "0.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-quartz-core]]
|
||||||
|
version = "0.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-quartz-core]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-security]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-ui-kit]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.objc2-web-kit]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.object]]
|
||||||
|
version = "0.36.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.once_cell]]
|
||||||
|
version = "1.21.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.once_cell_polyfill]]
|
||||||
|
version = "1.70.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.open]]
|
||||||
|
version = "5.3.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ordered-stream]]
|
||||||
|
version = "0.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.os_pipe]]
|
||||||
|
version = "1.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.pango]]
|
||||||
|
version = "0.18.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.pango-sys]]
|
||||||
|
version = "0.18.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.parking]]
|
||||||
|
version = "2.2.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.parking_lot]]
|
||||||
|
version = "0.12.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.parking_lot_core]]
|
||||||
|
version = "0.9.11"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.pathdiff]]
|
||||||
|
version = "0.2.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.percent-encoding]]
|
||||||
|
version = "2.3.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf]]
|
||||||
|
version = "0.8.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf]]
|
||||||
|
version = "0.10.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf]]
|
||||||
|
version = "0.11.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf_codegen]]
|
||||||
|
version = "0.8.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf_codegen]]
|
||||||
|
version = "0.11.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf_generator]]
|
||||||
|
version = "0.8.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf_generator]]
|
||||||
|
version = "0.10.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf_generator]]
|
||||||
|
version = "0.11.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf_macros]]
|
||||||
|
version = "0.10.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf_macros]]
|
||||||
|
version = "0.11.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf_shared]]
|
||||||
|
version = "0.8.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf_shared]]
|
||||||
|
version = "0.10.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.phf_shared]]
|
||||||
|
version = "0.11.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.piper]]
|
||||||
|
version = "0.2.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.pkg-config]]
|
||||||
|
version = "0.3.32"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.plist]]
|
||||||
|
version = "1.7.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.polling]]
|
||||||
|
version = "3.10.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ppv-lite86]]
|
||||||
|
version = "0.2.21"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.prettyplease]]
|
||||||
|
version = "0.2.37"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.proc-macro-crate]]
|
||||||
|
version = "1.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.proc-macro-crate]]
|
||||||
|
version = "2.0.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.proc-macro-error]]
|
||||||
|
version = "1.0.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.proc-macro-hack]]
|
||||||
|
version = "0.5.20+deprecated"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.proc-macro2]]
|
||||||
|
version = "1.0.101"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ptr_meta]]
|
||||||
|
version = "0.1.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ptr_meta_derive]]
|
||||||
|
version = "0.1.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.quick-xml]]
|
||||||
|
version = "0.37.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.quick-xml]]
|
||||||
|
version = "0.38.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.r-efi]]
|
||||||
|
version = "5.3.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.radium]]
|
||||||
|
version = "0.7.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rand]]
|
||||||
|
version = "0.7.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rand]]
|
||||||
|
version = "0.9.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rand_chacha]]
|
||||||
|
version = "0.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rand_chacha]]
|
||||||
|
version = "0.9.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rand_core]]
|
||||||
|
version = "0.5.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rand_core]]
|
||||||
|
version = "0.9.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rand_hc]]
|
||||||
|
version = "0.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rand_pcg]]
|
||||||
|
version = "0.2.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.redox_syscall]]
|
||||||
|
version = "0.5.17"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.redox_users]]
|
||||||
|
version = "0.5.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ref-cast]]
|
||||||
|
version = "1.0.24"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ref-cast-impl]]
|
||||||
|
version = "1.0.24"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.regex]]
|
||||||
|
version = "1.11.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.regex-automata]]
|
||||||
|
version = "0.1.10"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.regex-automata]]
|
||||||
|
version = "0.4.10"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.regex-syntax]]
|
||||||
|
version = "0.6.29"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.regex-syntax]]
|
||||||
|
version = "0.8.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rend]]
|
||||||
|
version = "0.4.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.reqwest]]
|
||||||
|
version = "0.12.23"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rfd]]
|
||||||
|
version = "0.15.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ring]]
|
||||||
|
version = "0.17.14"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rkyv]]
|
||||||
|
version = "0.7.45"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rkyv_derive]]
|
||||||
|
version = "0.7.45"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rust_decimal]]
|
||||||
|
version = "1.37.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rustc-demangle]]
|
||||||
|
version = "0.1.26"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rustc_version]]
|
||||||
|
version = "0.4.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rustix]]
|
||||||
|
version = "0.38.44"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rustix]]
|
||||||
|
version = "1.0.8"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rustls]]
|
||||||
|
version = "0.23.31"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rustls-pemfile]]
|
||||||
|
version = "2.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rustls-pki-types]]
|
||||||
|
version = "1.12.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rustls-webpki]]
|
||||||
|
version = "0.103.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.rustversion]]
|
||||||
|
version = "1.0.22"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.ryu]]
|
||||||
|
version = "1.0.20"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-codec]]
|
||||||
|
version = "0.64.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-quic]]
|
||||||
|
version = "1.64.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-quic-core]]
|
||||||
|
version = "0.64.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-quic-crypto]]
|
||||||
|
version = "0.64.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-quic-platform]]
|
||||||
|
version = "0.64.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-quic-rustls]]
|
||||||
|
version = "0.64.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-quic-tls]]
|
||||||
|
version = "0.64.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-quic-tls-default]]
|
||||||
|
version = "0.64.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-quic-transport]]
|
||||||
|
version = "0.64.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-tls]]
|
||||||
|
version = "0.3.25"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.s2n-tls-sys]]
|
||||||
|
version = "0.3.25"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.same-file]]
|
||||||
|
version = "1.0.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.schemars]]
|
||||||
|
version = "0.8.22"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.schemars]]
|
||||||
|
version = "0.9.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.schemars]]
|
||||||
|
version = "1.0.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.schemars_derive]]
|
||||||
|
version = "0.8.22"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.scoped-tls]]
|
||||||
|
version = "1.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.scopeguard]]
|
||||||
|
version = "1.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.seahash]]
|
||||||
|
version = "4.1.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.selectors]]
|
||||||
|
version = "0.24.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.semver]]
|
||||||
|
version = "1.0.26"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serde-untagged]]
|
||||||
|
version = "0.1.8"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serde_derive_internals]]
|
||||||
|
version = "0.29.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serde_json]]
|
||||||
|
version = "1.0.143"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serde_repr]]
|
||||||
|
version = "0.1.20"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serde_spanned]]
|
||||||
|
version = "0.6.9"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serde_spanned]]
|
||||||
|
version = "1.0.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serde_urlencoded]]
|
||||||
|
version = "0.7.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serde_with]]
|
||||||
|
version = "3.14.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serde_with_macros]]
|
||||||
|
version = "3.14.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serialize-to-javascript]]
|
||||||
|
version = "0.1.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.serialize-to-javascript-impl]]
|
||||||
|
version = "0.1.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.servo_arc]]
|
||||||
|
version = "0.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.sha2]]
|
||||||
|
version = "0.10.9"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.shared_child]]
|
||||||
|
version = "1.1.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.sigchld]]
|
||||||
|
version = "0.2.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.signal-hook]]
|
||||||
|
version = "0.3.18"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.signal-hook-registry]]
|
||||||
|
version = "1.4.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.simdutf8]]
|
||||||
|
version = "0.1.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.siphasher]]
|
||||||
|
version = "0.3.11"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.siphasher]]
|
||||||
|
version = "1.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.slab]]
|
||||||
|
version = "0.4.11"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.smallvec]]
|
||||||
|
version = "1.15.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.socket-pktinfo]]
|
||||||
|
version = "0.3.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.socket2]]
|
||||||
|
version = "0.6.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.softbuffer]]
|
||||||
|
version = "0.4.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.soup3]]
|
||||||
|
version = "0.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.soup3-sys]]
|
||||||
|
version = "0.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.spin]]
|
||||||
|
version = "0.9.8"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.sqlx]]
|
||||||
|
version = "0.8.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.sqlx-core]]
|
||||||
|
version = "0.8.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.sqlx-macros]]
|
||||||
|
version = "0.8.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.sqlx-macros-core]]
|
||||||
|
version = "0.8.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.sqlx-sqlite]]
|
||||||
|
version = "0.8.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.string_cache]]
|
||||||
|
version = "0.8.9"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.string_cache_codegen]]
|
||||||
|
version = "0.5.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.subtle]]
|
||||||
|
version = "2.6.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.swift-rs]]
|
||||||
|
version = "1.0.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.syn]]
|
||||||
|
version = "1.0.109"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.syn]]
|
||||||
|
version = "2.0.106"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.syn_derive]]
|
||||||
|
version = "0.1.8"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.sync_wrapper]]
|
||||||
|
version = "1.0.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.system-deps]]
|
||||||
|
version = "6.2.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tao]]
|
||||||
|
version = "0.34.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tao-macros]]
|
||||||
|
version = "0.1.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tap]]
|
||||||
|
version = "1.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.target-lexicon]]
|
||||||
|
version = "0.12.16"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri]]
|
||||||
|
version = "2.8.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-build]]
|
||||||
|
version = "2.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-codegen]]
|
||||||
|
version = "2.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-macros]]
|
||||||
|
version = "2.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-plugin]]
|
||||||
|
version = "2.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-plugin-dialog]]
|
||||||
|
version = "2.3.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-plugin-fs]]
|
||||||
|
version = "2.4.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-plugin-log]]
|
||||||
|
version = "2.6.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-plugin-shell]]
|
||||||
|
version = "2.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-plugin-store]]
|
||||||
|
version = "2.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-runtime]]
|
||||||
|
version = "2.8.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-runtime-wry]]
|
||||||
|
version = "2.8.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-utils]]
|
||||||
|
version = "2.7.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tauri-winres]]
|
||||||
|
version = "0.3.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tempfile]]
|
||||||
|
version = "3.21.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tendril]]
|
||||||
|
version = "0.4.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.thiserror]]
|
||||||
|
version = "1.0.69"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.thiserror]]
|
||||||
|
version = "2.0.16"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.thiserror-impl]]
|
||||||
|
version = "1.0.69"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.thiserror-impl]]
|
||||||
|
version = "2.0.16"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.thread_local]]
|
||||||
|
version = "1.1.9"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.time]]
|
||||||
|
version = "0.3.41"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tinyvec]]
|
||||||
|
version = "1.10.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tokio]]
|
||||||
|
version = "1.47.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tokio-macros]]
|
||||||
|
version = "2.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tokio-stream]]
|
||||||
|
version = "0.1.17"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tokio-util]]
|
||||||
|
version = "0.7.16"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.toml]]
|
||||||
|
version = "0.8.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.toml]]
|
||||||
|
version = "0.9.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.toml_datetime]]
|
||||||
|
version = "0.6.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.toml_datetime]]
|
||||||
|
version = "0.7.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.toml_edit]]
|
||||||
|
version = "0.19.15"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.toml_edit]]
|
||||||
|
version = "0.20.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.toml_parser]]
|
||||||
|
version = "1.0.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.toml_writer]]
|
||||||
|
version = "1.0.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tower]]
|
||||||
|
version = "0.5.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tower-http]]
|
||||||
|
version = "0.6.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tower-layer]]
|
||||||
|
version = "0.3.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tower-service]]
|
||||||
|
version = "0.3.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tracing-attributes]]
|
||||||
|
version = "0.1.30"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tracing-core]]
|
||||||
|
version = "0.1.34"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tracing-log]]
|
||||||
|
version = "0.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.tray-icon]]
|
||||||
|
version = "0.21.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.try-lock]]
|
||||||
|
version = "0.2.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.typeid]]
|
||||||
|
version = "1.0.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.typenum]]
|
||||||
|
version = "1.18.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.uds_windows]]
|
||||||
|
version = "1.1.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.unic-ucd-version]]
|
||||||
|
version = "0.9.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.untrusted]]
|
||||||
|
version = "0.7.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.untrusted]]
|
||||||
|
version = "0.9.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.url]]
|
||||||
|
version = "2.5.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.utf-8]]
|
||||||
|
version = "0.7.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.utf8-width]]
|
||||||
|
version = "0.1.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.uuid]]
|
||||||
|
version = "1.18.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.valuable]]
|
||||||
|
version = "0.1.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.value-bag]]
|
||||||
|
version = "1.11.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.version-compare]]
|
||||||
|
version = "0.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.version_check]]
|
||||||
|
version = "0.9.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.vswhom]]
|
||||||
|
version = "0.1.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.vswhom-sys]]
|
||||||
|
version = "0.1.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.walkdir]]
|
||||||
|
version = "2.5.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.want]]
|
||||||
|
version = "0.3.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wasi]]
|
||||||
|
version = "0.9.0+wasi-snapshot-preview1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wasi]]
|
||||||
|
version = "0.11.1+wasi-snapshot-preview1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wasi]]
|
||||||
|
version = "0.14.2+wasi-0.2.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wasm-bindgen]]
|
||||||
|
version = "0.2.100"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wasm-bindgen-backend]]
|
||||||
|
version = "0.2.100"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wasm-bindgen-futures]]
|
||||||
|
version = "0.4.50"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wasm-bindgen-macro]]
|
||||||
|
version = "0.2.100"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wasm-bindgen-macro-support]]
|
||||||
|
version = "0.2.100"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wasm-bindgen-shared]]
|
||||||
|
version = "0.2.100"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wasm-streams]]
|
||||||
|
version = "0.4.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wayland-backend]]
|
||||||
|
version = "0.3.11"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wayland-client]]
|
||||||
|
version = "0.31.11"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wayland-protocols]]
|
||||||
|
version = "0.32.9"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wayland-scanner]]
|
||||||
|
version = "0.31.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wayland-sys]]
|
||||||
|
version = "0.31.7"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.web-sys]]
|
||||||
|
version = "0.3.77"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.webkit2gtk]]
|
||||||
|
version = "2.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.webkit2gtk-sys]]
|
||||||
|
version = "2.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.webview2-com]]
|
||||||
|
version = "0.38.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.webview2-com-macros]]
|
||||||
|
version = "0.8.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.webview2-com-sys]]
|
||||||
|
version = "0.38.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.which]]
|
||||||
|
version = "4.4.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.winapi]]
|
||||||
|
version = "0.3.9"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.winapi-i686-pc-windows-gnu]]
|
||||||
|
version = "0.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.winapi-util]]
|
||||||
|
version = "0.1.10"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.winapi-x86_64-pc-windows-gnu]]
|
||||||
|
version = "0.4.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.window-vibrancy]]
|
||||||
|
version = "0.6.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows]]
|
||||||
|
version = "0.61.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-collections]]
|
||||||
|
version = "0.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-core]]
|
||||||
|
version = "0.61.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-future]]
|
||||||
|
version = "0.2.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-implement]]
|
||||||
|
version = "0.60.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-interface]]
|
||||||
|
version = "0.59.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-numerics]]
|
||||||
|
version = "0.2.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-result]]
|
||||||
|
version = "0.3.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-strings]]
|
||||||
|
version = "0.4.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-sys]]
|
||||||
|
version = "0.45.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-sys]]
|
||||||
|
version = "0.48.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-sys]]
|
||||||
|
version = "0.52.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-sys]]
|
||||||
|
version = "0.59.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-sys]]
|
||||||
|
version = "0.60.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-targets]]
|
||||||
|
version = "0.42.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-targets]]
|
||||||
|
version = "0.48.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-targets]]
|
||||||
|
version = "0.52.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-targets]]
|
||||||
|
version = "0.53.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-threading]]
|
||||||
|
version = "0.1.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows-version]]
|
||||||
|
version = "0.1.4"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_aarch64_gnullvm]]
|
||||||
|
version = "0.42.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_aarch64_gnullvm]]
|
||||||
|
version = "0.48.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_aarch64_gnullvm]]
|
||||||
|
version = "0.52.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_aarch64_gnullvm]]
|
||||||
|
version = "0.53.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_aarch64_msvc]]
|
||||||
|
version = "0.42.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_aarch64_msvc]]
|
||||||
|
version = "0.48.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_aarch64_msvc]]
|
||||||
|
version = "0.52.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_aarch64_msvc]]
|
||||||
|
version = "0.53.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_i686_gnu]]
|
||||||
|
version = "0.42.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_i686_gnu]]
|
||||||
|
version = "0.48.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_i686_gnu]]
|
||||||
|
version = "0.52.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_i686_gnu]]
|
||||||
|
version = "0.53.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_i686_gnullvm]]
|
||||||
|
version = "0.52.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_i686_gnullvm]]
|
||||||
|
version = "0.53.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_i686_msvc]]
|
||||||
|
version = "0.42.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_i686_msvc]]
|
||||||
|
version = "0.48.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_i686_msvc]]
|
||||||
|
version = "0.52.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_i686_msvc]]
|
||||||
|
version = "0.53.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_gnu]]
|
||||||
|
version = "0.42.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_gnu]]
|
||||||
|
version = "0.48.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_gnu]]
|
||||||
|
version = "0.52.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_gnu]]
|
||||||
|
version = "0.53.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_gnullvm]]
|
||||||
|
version = "0.42.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_gnullvm]]
|
||||||
|
version = "0.48.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_gnullvm]]
|
||||||
|
version = "0.52.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_gnullvm]]
|
||||||
|
version = "0.53.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_msvc]]
|
||||||
|
version = "0.42.2"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_msvc]]
|
||||||
|
version = "0.48.5"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_msvc]]
|
||||||
|
version = "0.52.6"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.windows_x86_64_msvc]]
|
||||||
|
version = "0.53.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.winnow]]
|
||||||
|
version = "0.5.40"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.winnow]]
|
||||||
|
version = "0.7.13"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.winreg]]
|
||||||
|
version = "0.55.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wry]]
|
||||||
|
version = "0.53.3"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.wyz]]
|
||||||
|
version = "0.5.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.x11]]
|
||||||
|
version = "2.21.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.x11-dl]]
|
||||||
|
version = "2.21.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.xdg-home]]
|
||||||
|
version = "1.3.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.zbus]]
|
||||||
|
version = "4.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.zbus_macros]]
|
||||||
|
version = "4.0.1"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.zbus_names]]
|
||||||
|
version = "3.0.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.zerocopy]]
|
||||||
|
version = "0.8.26"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.zerocopy-derive]]
|
||||||
|
version = "0.8.26"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.zvariant]]
|
||||||
|
version = "4.0.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.zvariant_derive]]
|
||||||
|
version = "4.0.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
|
||||||
|
[[exemptions.zvariant_utils]]
|
||||||
|
version = "1.1.0"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
@@ -0,0 +1,1982 @@
|
|||||||
|
|
||||||
|
# cargo-vet imports lock
|
||||||
|
|
||||||
|
[[publisher.bumpalo]]
|
||||||
|
version = "3.19.0"
|
||||||
|
when = "2025-06-24"
|
||||||
|
user-id = 696
|
||||||
|
user-login = "fitzgen"
|
||||||
|
user-name = "Nick Fitzgerald"
|
||||||
|
|
||||||
|
[[publisher.cexpr]]
|
||||||
|
version = "0.6.0"
|
||||||
|
when = "2021-10-11"
|
||||||
|
user-id = 3788
|
||||||
|
user-login = "emilio"
|
||||||
|
user-name = "Emilio Cobos Álvarez"
|
||||||
|
|
||||||
|
[[publisher.core-graphics]]
|
||||||
|
version = "0.22.3"
|
||||||
|
when = "2021-11-02"
|
||||||
|
user-id = 5946
|
||||||
|
user-login = "jrmuizel"
|
||||||
|
user-name = "Jeff Muizelaar"
|
||||||
|
|
||||||
|
[[publisher.core-graphics-types]]
|
||||||
|
version = "0.1.1"
|
||||||
|
when = "2020-09-15"
|
||||||
|
user-id = 2396
|
||||||
|
user-login = "jdm"
|
||||||
|
user-name = "Josh Matthews"
|
||||||
|
|
||||||
|
[[publisher.encoding_rs]]
|
||||||
|
version = "0.8.35"
|
||||||
|
when = "2024-10-24"
|
||||||
|
user-id = 4484
|
||||||
|
user-login = "hsivonen"
|
||||||
|
user-name = "Henri Sivonen"
|
||||||
|
|
||||||
|
[[publisher.unicode-segmentation]]
|
||||||
|
version = "1.12.0"
|
||||||
|
when = "2024-09-13"
|
||||||
|
user-id = 1139
|
||||||
|
user-login = "Manishearth"
|
||||||
|
user-name = "Manish Goregaokar"
|
||||||
|
|
||||||
|
[[publisher.utf8_iter]]
|
||||||
|
version = "1.0.4"
|
||||||
|
when = "2023-12-01"
|
||||||
|
user-id = 4484
|
||||||
|
user-login = "hsivonen"
|
||||||
|
user-name = "Henri Sivonen"
|
||||||
|
|
||||||
|
[[publisher.wit-bindgen-rt]]
|
||||||
|
version = "0.39.0"
|
||||||
|
when = "2025-02-05"
|
||||||
|
user-id = 73222
|
||||||
|
user-login = "wasmtime-publish"
|
||||||
|
|
||||||
|
[audits.actix.audits]
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.wildcard-audits.bumpalo]]
|
||||||
|
who = "Nick Fitzgerald <fitzgen@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
user-id = 696 # Nick Fitzgerald (fitzgen)
|
||||||
|
start = "2019-03-16"
|
||||||
|
end = "2026-08-21"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.wildcard-audits.wit-bindgen-rt]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
user-id = 73222 # wasmtime-publish
|
||||||
|
start = "2023-01-01"
|
||||||
|
end = "2026-06-03"
|
||||||
|
notes = """
|
||||||
|
The Bytecode Alliance uses the `wasmtime-publish` crates.io account to automate
|
||||||
|
publication of this crate from CI. This repository requires all PRs are reviewed
|
||||||
|
by a Bytecode Alliance maintainer and it owned by the Bytecode Alliance itself.
|
||||||
|
"""
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.crypto-common]]
|
||||||
|
who = "Benjamin Bouvier <public@benj.me>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.3"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.fastrand]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0 -> 2.0.1"
|
||||||
|
notes = """
|
||||||
|
This update had a few doc updates but no otherwise-substantial source code
|
||||||
|
updates.
|
||||||
|
"""
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.fastrand]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.1.1 -> 2.3.0"
|
||||||
|
notes = "Minor refactoring, nothing new."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.foreign-types]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.2"
|
||||||
|
notes = "This crate defined a macro-rules which creates wrappers working with FFI types. The implementation of this crate appears to be safe, but each use of this macro would need to be vetted for correctness as well."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.foreign-types-shared]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.1"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.futures]]
|
||||||
|
who = "Joel Dice <joel.dice@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.31"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.futures-channel]]
|
||||||
|
who = "Joel Dice <joel.dice@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.31"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.futures-core]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.27"
|
||||||
|
notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.futures-core]]
|
||||||
|
who = "Pat Hickey <pat@moreproductive.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.3.28 -> 0.3.31"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.futures-executor]]
|
||||||
|
who = "Joel Dice <joel.dice@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.31"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.futures-io]]
|
||||||
|
who = "Joel Dice <joel.dice@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.31"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.futures-macro]]
|
||||||
|
who = "Joel Dice <joel.dice@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.31"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.futures-sink]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.27"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.futures-sink]]
|
||||||
|
who = "Pat Hickey <pat@moreproductive.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.3.28 -> 0.3.31"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.gimli]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.29.0 -> 0.31.0"
|
||||||
|
notes = "Various updates here and there, nothing too major, what you'd expect from a DWARF parsing crate."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.gimli]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.31.0 -> 0.31.1"
|
||||||
|
notes = "No fundmanetally new `unsafe` code, some small refactoring of existing code. Lots of changes in tests, not as many changes in the rest of the crate. More dwarf!"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.heck]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.4.1 -> 0.5.0"
|
||||||
|
notes = "Minor changes for a `no_std` upgrade but otherwise everything looks as expected."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.iana-time-zone-haiku]]
|
||||||
|
who = "Dan Gohman <dev@sunfishcode.online>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.2"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.itertools]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.12.1 -> 0.14.0"
|
||||||
|
notes = """
|
||||||
|
Lots of new iterators and shuffling some things around. Some new unsafe code but
|
||||||
|
it's well-documented and well-tested. Nothing suspicious.
|
||||||
|
"""
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.log]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.4.22 -> 0.4.27"
|
||||||
|
notes = "Lots of minor updates to macros and such, nothing touching `unsafe`"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.matchers]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.0"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.miniz_oxide]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.7.1"
|
||||||
|
notes = """
|
||||||
|
This crate is a Rust implementation of zlib compression/decompression and has
|
||||||
|
been used by default by the Rust standard library for quite some time. It's also
|
||||||
|
a default dependency of the popular `backtrace` crate for decompressing debug
|
||||||
|
information. This crate forbids unsafe code and does not otherwise access system
|
||||||
|
resources. It's originally a port of the `miniz.c` library as well, and given
|
||||||
|
its own longevity should be relatively hardened against some of the more common
|
||||||
|
compression-related issues.
|
||||||
|
"""
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.miniz_oxide]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.7.1 -> 0.8.0"
|
||||||
|
notes = "Minor updates, using new Rust features like `const`, no major changes."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.miniz_oxide]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.8.0 -> 0.8.5"
|
||||||
|
notes = """
|
||||||
|
Lots of small updates here and there, for example around modernizing Rust
|
||||||
|
idioms. No new `unsafe` code and everything looks like what you'd expect a
|
||||||
|
compression library to be doing.
|
||||||
|
"""
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.miniz_oxide]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.8.5 -> 0.8.9"
|
||||||
|
notes = "No new unsafe code, just refactorings."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.nu-ansi-term]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.46.0"
|
||||||
|
notes = "one use of unsafe to call windows specific api to get console handle."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.overload]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.1"
|
||||||
|
notes = "small crate, only defines macro-rules!, nicely documented as well"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.pin-utils]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.0"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.sha1]]
|
||||||
|
who = "Andrew Brown <andrew.brown@intel.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.10.5 -> 0.10.6"
|
||||||
|
notes = "Only new code is some loongarch64 additions which include assembly code for that platform."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.sharded-slab]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.4"
|
||||||
|
notes = "I always really enjoy reading eliza's code, she left perfect comments at every use of unsafe."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.shlex]]
|
||||||
|
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.1.0"
|
||||||
|
notes = "Only minor `unsafe` code blocks which look valid and otherwise does what it says on the tin."
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.tracing-subscriber]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.17"
|
||||||
|
|
||||||
|
[[audits.bytecodealliance.audits.vcpkg]]
|
||||||
|
who = "Pat Hickey <phickey@fastly.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.15"
|
||||||
|
notes = "no build.rs, no macros, no unsafe. It reads the filesystem and makes copies of DLLs into OUT_DIR."
|
||||||
|
|
||||||
|
[[audits.google.audits.android_system_properties]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.5"
|
||||||
|
notes = "Android system API FFI"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.arrayvec]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.7.6"
|
||||||
|
notes = '''
|
||||||
|
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'` and there were
|
||||||
|
no hits, except for some `net` usage in tests.
|
||||||
|
|
||||||
|
The crate has quite a few bits of `unsafe` Rust. The audit comments can be
|
||||||
|
found in https://chromium-review.googlesource.com/c/chromium/src/+/6187726/2
|
||||||
|
'''
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.base64]]
|
||||||
|
who = "amarjotgill <amarjotgill@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.22.1"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.bitflags]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.3.2"
|
||||||
|
notes = """
|
||||||
|
Security review of earlier versions of the crate can be found at
|
||||||
|
(Google-internal, sorry): go/image-crate-chromium-security-review
|
||||||
|
|
||||||
|
The crate exposes a function marked as `unsafe`, but doesn't use any
|
||||||
|
`unsafe` blocks (except for tests of the single `unsafe` function). I
|
||||||
|
think this justifies marking this crate as `ub-risk-1`.
|
||||||
|
|
||||||
|
Additional review comments can be found at https://crrev.com/c/4723145/31
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.byteorder]]
|
||||||
|
who = "danakj <danakj@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.5.0"
|
||||||
|
notes = "Unsafe review in https://crrev.com/c/5838022"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.core-foundation-sys]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.8.7"
|
||||||
|
notes = "OSX system APIs"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.displaydoc]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.5"
|
||||||
|
notes = "No unsafe code"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.either]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.13.0"
|
||||||
|
notes = "Unsafe code pertaining to wrapping Pin APIs. Mostly passes invariants down."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.either]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.13.0 -> 1.14.0"
|
||||||
|
notes = """
|
||||||
|
Inheriting ub-risk-1 from the baseline review of 1.13.0. While the delta has some diffs in unsafe code, they are either:
|
||||||
|
- migrating code to use helper macros
|
||||||
|
- migrating match patterns to take advantage of default bindings mode from RFC 2005
|
||||||
|
Either way, the result is code that does exactly the same thing and does not change the risk of UB.
|
||||||
|
|
||||||
|
See https://crrev.com/c/6323164 for more audit details.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.either]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.14.0 -> 1.15.0"
|
||||||
|
notes = "The delta in `lib.rs` only tweaks doc comments and `#[cfg(feature = \"std\")]`."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.equivalent]]
|
||||||
|
who = "George Burgess IV <gbiv@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.0.1"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.equivalent]]
|
||||||
|
who = "Jonathan Hao <phao@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.1 -> 1.0.2"
|
||||||
|
notes = "No changes to any .rs files or Rust code."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.fastrand]]
|
||||||
|
who = "George Burgess IV <gbiv@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.9.0"
|
||||||
|
notes = """
|
||||||
|
`does-not-implement-crypto` is certified because this crate explicitly says
|
||||||
|
that the RNG here is not cryptographically secure.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.fdeflate]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.4"
|
||||||
|
notes = '''
|
||||||
|
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`
|
||||||
|
and there were no hits.
|
||||||
|
|
||||||
|
Note that some additional, internal notes about an older version of this crate
|
||||||
|
can be found at go/image-crate-chromium-security-review.
|
||||||
|
'''
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.fdeflate]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.3.4 -> 0.3.5"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.fdeflate]]
|
||||||
|
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.3.5 -> 0.3.6"
|
||||||
|
notes = "No unsafe, no crypto, mysterious tables replaced with const expressions"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.fdeflate]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.3.6 -> 0.3.7"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.foldhash]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.3"
|
||||||
|
notes = """
|
||||||
|
`ub-risk-2` review notes can be found in https://crrev.com/c/6071306/5/third_party/rust/chromium_crates_io/vendor/foldhash-0.1.3/src/seed.rs
|
||||||
|
|
||||||
|
`does-not-implement-crypto` based on `README.md` which explicitly says that
|
||||||
|
\"Foldhash is **not appropriate for any cryptographic purpose**.\"
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.foldhash]]
|
||||||
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.3 -> 0.1.4"
|
||||||
|
notes = "No changes to safety-relevant code"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.foldhash]]
|
||||||
|
who = "Chris Palmer <palmer@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.4 -> 0.1.5"
|
||||||
|
notes = "No new `unsafe`."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.heck]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.4.1"
|
||||||
|
notes = """
|
||||||
|
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'``, `'\bnet\b'``, `'\bunsafe\b'``
|
||||||
|
and there were no hits.
|
||||||
|
|
||||||
|
`heck` (version `0.3.3`) has been added to Chromium in
|
||||||
|
https://source.chromium.org/chromium/chromium/src/+/28841c33c77833cc30b286f9ae24c97e7a8f4057
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.iana-time-zone]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.61"
|
||||||
|
notes = "Some unsafe: interfacing with system timezone APIs"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_collections]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "2.0.0-beta1"
|
||||||
|
notes = """
|
||||||
|
Two instances of unsafe :
|
||||||
|
- Non-safety related unsafe API that imposes additional invariants
|
||||||
|
- `from_utf8` for known-UTF8 integer
|
||||||
|
|
||||||
|
Comments added/improved in https://github.com/unicode-org/icu4x/pull/6056.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_collections]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta1 -> 2.0.0-beta2"
|
||||||
|
notes = "from_utf8 unsafe removed. no new unsafe added"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_locale_core]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "2.0.0-beta2"
|
||||||
|
notes = """
|
||||||
|
All unsafe code commented (and improved from prior version):
|
||||||
|
- A checklisted ULE impl
|
||||||
|
- from-utf8 code on known-ASCII
|
||||||
|
- Some unchecked indexing around maintained invariants
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_normalizer]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "2.0.0-beta2"
|
||||||
|
notes = """
|
||||||
|
All unsafe is unchecked `char` and `str` conversion, mostly well-commented.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_normalizer_data]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "2.0.0-beta1"
|
||||||
|
notes = "Contains codegenned unsafe only, using safe Bake impls from zerovec/zerotrie"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_normalizer_data]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta1 -> 2.0.0-beta2"
|
||||||
|
notes = "Contains codegenned unsafe only, using safe Bake impls from zerovec/zerotrie"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_properties]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "2.0.0-beta2"
|
||||||
|
notes = "All unsafe was removed"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_properties_data]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "2.0.0-beta1"
|
||||||
|
notes = "Contains codegenned unsafe only, using safe Bake impls from zerovec/zerotrie"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_properties_data]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta1 -> 2.0.0-beta2"
|
||||||
|
notes = "Contains codegenned unsafe only, using safe Bake impls from zerovec/zerotrie"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_provider]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "2.0.0-beta1"
|
||||||
|
notes = """
|
||||||
|
All unsafe code commented:
|
||||||
|
- Minor unsafe transmutes between types which are identical but not type-system-provably so.
|
||||||
|
- One unsafe EqULE impl
|
||||||
|
- Some repr(transparent) transmutes
|
||||||
|
- A from_utf8_unchecked for an ascii-validated string
|
||||||
|
|
||||||
|
Comment improvements can be found in https://github.com/unicode-org/icu4x/pull/6056
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.icu_provider]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta1 -> 2.0.0-beta2"
|
||||||
|
notes = "from_utf8_unchecked unsafe remove, all other unsafe not meaningfully changed"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.itoa]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.0.10"
|
||||||
|
notes = '''
|
||||||
|
I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits.
|
||||||
|
|
||||||
|
There are a few places where `unsafe` is used. Unsafe review notes can be found
|
||||||
|
in https://crrev.com/c/5350697.
|
||||||
|
|
||||||
|
Version 1.0.1 of this crate has been added to Chromium in
|
||||||
|
https://crrev.com/c/3321896.
|
||||||
|
'''
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.itoa]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.10 -> 1.0.11"
|
||||||
|
notes = """
|
||||||
|
Straightforward diff between 1.0.10 and 1.0.11 - only 3 commits:
|
||||||
|
|
||||||
|
* Bumping up the version
|
||||||
|
* A touch up of comments
|
||||||
|
* And my own PR to make `unsafe` blocks more granular:
|
||||||
|
https://github.com/dtolnay/itoa/pull/42
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.itoa]]
|
||||||
|
who = "Liza Burakova <liza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.11 -> 1.0.14"
|
||||||
|
notes = """
|
||||||
|
Unsafe review at https://crrev.com/c/6051067
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.itoa]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.14 -> 1.0.15"
|
||||||
|
notes = "Only minor rustdoc changes."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.lazy_static]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.4.0"
|
||||||
|
notes = '''
|
||||||
|
I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits.
|
||||||
|
|
||||||
|
There are two places where `unsafe` is used. Unsafe review notes can be found
|
||||||
|
in https://crrev.com/c/5347418.
|
||||||
|
|
||||||
|
This crate has been added to Chromium in https://crrev.com/c/3321895.
|
||||||
|
'''
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.lazy_static]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.4.0 -> 1.5.0"
|
||||||
|
notes = "Unsafe review notes: https://crrev.com/c/5650836"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.litemap]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.7.4"
|
||||||
|
notes = "Contains no unsafe"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.litemap]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.7.4 -> 0.7.5"
|
||||||
|
notes = "Delta implements the entry API but doesn't add or change any unsafe code."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.log]]
|
||||||
|
who = "danakj <danakj@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.4.22"
|
||||||
|
notes = """
|
||||||
|
Unsafe review in https://docs.google.com/document/d/1IXQbD1GhTRqNHIGxq6yy7qHqxeO4CwN5noMFXnqyDIM/edit?usp=sharing
|
||||||
|
|
||||||
|
Unsafety is generally very well-documented, with one exception, which we
|
||||||
|
describe in the review doc.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.nom]]
|
||||||
|
who = "danakj@chromium.org"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "7.1.3"
|
||||||
|
notes = """
|
||||||
|
Reviewed in https://chromium-review.googlesource.com/c/chromium/src/+/5046153
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.num-integer]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.46"
|
||||||
|
notes = "Contains no unsafe"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.num-rational]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.4.2"
|
||||||
|
notes = "Contains no unsafe"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.num-traits]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.19"
|
||||||
|
notes = "Contains a single line of float-to-int unsafe with decent safety comments"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.pin-project-lite]]
|
||||||
|
who = "David Koloski <dkoloski@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.9"
|
||||||
|
notes = "Reviewed on https://fxrev.dev/824504"
|
||||||
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.pin-project-lite]]
|
||||||
|
who = "David Koloski <dkoloski@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.2.9 -> 0.2.13"
|
||||||
|
notes = "Audited at https://fxrev.dev/946396"
|
||||||
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.png]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.17.13"
|
||||||
|
notes = '''
|
||||||
|
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`
|
||||||
|
and there were no hits except for reasonable, client-controlled usage of
|
||||||
|
`std::fs::File` in tests in `src/encoder.rs`, tests in `src/decoder/stream.rs`,
|
||||||
|
and in some example code.
|
||||||
|
|
||||||
|
Note that some additional, internal notes about an older version of this crate
|
||||||
|
can be found at go/image-crate-chromium-security-review.
|
||||||
|
'''
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.png]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.17.13 -> 0.17.14"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.png]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.17.14 -> 0.17.15"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.png]]
|
||||||
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.17.15 -> 0.17.16"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.potential_utf]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.0"
|
||||||
|
notes = "Contains a handful of lines of from-UTF8 unsafety and some `repr(transparent)` casting unsafety. Reasonably well commented, could do with listing invariants explicitly."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.potential_utf]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.0 -> 0.1.2"
|
||||||
|
notes = "Addition of safe comparison APIs since last audit"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.proc-macro-error-attr]]
|
||||||
|
who = "George Burgess IV <gbiv@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.0.4"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.quote]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.0.35"
|
||||||
|
notes = """
|
||||||
|
Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits
|
||||||
|
(except for benign \"net\" hit in tests and \"fs\" hit in README.md)
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.quote]]
|
||||||
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.35 -> 1.0.36"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.quote]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.36 -> 1.0.37"
|
||||||
|
notes = """
|
||||||
|
The delta just 1) inlines/expands `impl ToTokens` that used to be handled via
|
||||||
|
`primitive!` macro and 2) adds `impl ToTokens` for `CStr` and `CString`.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.quote]]
|
||||||
|
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.37 -> 1.0.38"
|
||||||
|
notes = "Still no unsafe"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.quote]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.38 -> 1.0.39"
|
||||||
|
notes = "Only minor changes for clippy lints and documentation."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.quote]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.39 -> 1.0.40"
|
||||||
|
notes = """
|
||||||
|
The delta is just a simplification of how `tokens.extend(...)` call is made.
|
||||||
|
Still no `unsafe` anywhere.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.rand]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.8.5"
|
||||||
|
notes = """
|
||||||
|
For more detailed unsafe review notes please see https://crrev.com/c/6362797
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.rand_chacha]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.1"
|
||||||
|
notes = """
|
||||||
|
For more detailed unsafe review notes please see https://crrev.com/c/6362797
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.rand_core]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.6.4"
|
||||||
|
notes = """
|
||||||
|
For more detailed unsafe review notes please see https://crrev.com/c/6362797
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.0.197"
|
||||||
|
notes = """
|
||||||
|
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`.
|
||||||
|
|
||||||
|
There were some hits for `net`, but they were related to serialization and
|
||||||
|
not actually opening any connections or anything like that.
|
||||||
|
|
||||||
|
There were 2 hits of `unsafe` when grepping:
|
||||||
|
* In `fn as_str` in `impl Buf`
|
||||||
|
* In `fn serialize` in `impl Serialize for net::Ipv4Addr`
|
||||||
|
|
||||||
|
Unsafe review comments can be found in https://crrev.com/c/5350573/2 (this
|
||||||
|
review also covered `serde_json_lenient`).
|
||||||
|
|
||||||
|
Version 1.0.130 of the crate has been added to Chromium in
|
||||||
|
https://crrev.com/c/3265545. The CL description contains a link to a
|
||||||
|
(Google-internal, sorry) document with a mini security review.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.197 -> 1.0.198"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "danakj <danakj@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.198 -> 1.0.201"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.201 -> 1.0.202"
|
||||||
|
notes = "Trivial changes"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.202 -> 1.0.203"
|
||||||
|
notes = "s/doc_cfg/docsrs/ + tuple_impls/tuple_impl_body-related changes"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.203 -> 1.0.204"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.204 -> 1.0.207"
|
||||||
|
notes = "The small change in `src/private/ser.rs` should have no impact on `ub-risk-2`."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.207 -> 1.0.209"
|
||||||
|
notes = """
|
||||||
|
The delta carries fairly small changes in `src/private/de.rs` and
|
||||||
|
`src/private/ser.rs` (see https://crrev.com/c/5812194/2..5). AFAICT the
|
||||||
|
delta has no impact on the `unsafe`, `from_utf8_unchecked`-related parts
|
||||||
|
of the crate (in `src/de/format.rs` and `src/ser/impls.rs`).
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.209 -> 1.0.210"
|
||||||
|
notes = "Almost no new code - just feature rearrangement"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Liza Burakova <liza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.210 -> 1.0.213"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.213 -> 1.0.214"
|
||||||
|
notes = "No unsafe, no crypto"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.214 -> 1.0.215"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.215 -> 1.0.216"
|
||||||
|
notes = "The delta makes minor changes in `build.rs` - switching to the `?` syntax sugar."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.216 -> 1.0.217"
|
||||||
|
notes = "Minimal changes, nothing unsafe"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.217 -> 1.0.218"
|
||||||
|
notes = "No changes outside comments and documentation."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.218 -> 1.0.219"
|
||||||
|
notes = "Just allowing `clippy::elidable_lifetime_names`."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.0.197"
|
||||||
|
notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "danakj <danakj@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.197 -> 1.0.201"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.201 -> 1.0.202"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.202 -> 1.0.203"
|
||||||
|
notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.203 -> 1.0.204"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.204 -> 1.0.207"
|
||||||
|
notes = 'Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits'
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.207 -> 1.0.209"
|
||||||
|
notes = '''
|
||||||
|
There are no code changes in this delta - see https://crrev.com/c/5812194/2..5
|
||||||
|
|
||||||
|
I've neverthless also grepped for `-i cipher`, `-i crypto`, `\bfs\b`,
|
||||||
|
`\bnet\b`, and `\bunsafe\b`. There were no hits.
|
||||||
|
'''
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.209 -> 1.0.210"
|
||||||
|
notes = "Almost no new code - just feature rearrangement"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Liza Burakova <liza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.210 -> 1.0.213"
|
||||||
|
notes = "Grepped for 'unsafe', 'crypt', 'cipher', 'fs', 'net' - there were no hits"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.213 -> 1.0.214"
|
||||||
|
notes = "No changes to unsafe, no crypto"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.214 -> 1.0.215"
|
||||||
|
notes = "Minor changes should not impact UB risk"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.215 -> 1.0.216"
|
||||||
|
notes = "The delta adds `#[automatically_derived]` in a few places. Still no `unsafe`."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.216 -> 1.0.217"
|
||||||
|
notes = "No changes"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.217 -> 1.0.218"
|
||||||
|
notes = "No changes outside comments and documentation."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.serde_derive]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.218 -> 1.0.219"
|
||||||
|
notes = "Minor changes (clippy tweaks, using `mem::take` instead of `mem::replace`)."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.sha1]]
|
||||||
|
who = "David Koloski <dkoloski@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.10.5"
|
||||||
|
notes = "Reviewed on https://fxrev.dev/712371."
|
||||||
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.simd-adler32]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.7"
|
||||||
|
notes = """
|
||||||
|
Security review of earlier versions of the crate can be found at
|
||||||
|
(Google-internal, sorry): go/image-crate-chromium-security-review
|
||||||
|
|
||||||
|
Audit comments for 1.3.2 can be found at https://crrev.com/c/4723145.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.stable_deref_trait]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.2.0"
|
||||||
|
notes = "Purely a trait, crates using this should be carefully vetted since self-referential stuff can be super tricky around various unsafe rust edges."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.static_assertions]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.1.0"
|
||||||
|
notes = """
|
||||||
|
Grepped for `-i cipher`, `-i crypto`, `'\bfs\b'`, `'\bnet\b'`, `'\bunsafe\b'`
|
||||||
|
and there were no hits except for one `unsafe`.
|
||||||
|
|
||||||
|
The lambda where `unsafe` is used is never invoked (e.g. the `unsafe` code
|
||||||
|
never runs) and is only introduced for some compile-time checks. Additional
|
||||||
|
unsafe review comments can be found in https://crrev.com/c/5353376.
|
||||||
|
|
||||||
|
This crate has been added to Chromium in https://crrev.com/c/3736562. The CL
|
||||||
|
description contains a link to a document with an additional security review.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.strsim]]
|
||||||
|
who = "danakj@chromium.org"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.10.0"
|
||||||
|
notes = """
|
||||||
|
Reviewed in https://crrev.com/c/5171063
|
||||||
|
|
||||||
|
Previously reviewed during security review and the audit is grandparented in.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.synstructure]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.13.1"
|
||||||
|
notes = "Exposes unsafe codegen APIs but does not itself contain unsafe"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.tinyvec_macros]]
|
||||||
|
who = "George Burgess IV <gbiv@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.0"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.unicode-ident]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.0.12"
|
||||||
|
notes = '''
|
||||||
|
I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits.
|
||||||
|
|
||||||
|
All two functions from the public API of this crate use `unsafe` to avoid bound
|
||||||
|
checks for an array access. Cross-module analysis shows that the offsets can
|
||||||
|
be statically proven to be within array bounds. More details can be found in
|
||||||
|
the unsafe review CL at https://crrev.com/c/5350386.
|
||||||
|
|
||||||
|
This crate has been added to Chromium in https://crrev.com/c/3891618.
|
||||||
|
'''
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.unicode-ident]]
|
||||||
|
who = "Dustin J. Mitchell <djmitche@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.12 -> 1.0.13"
|
||||||
|
notes = "Lots of table updates, and tables are assumed correct with unsafe `.get_unchecked()`, so ub-risk-2 is appropriate"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.unicode-ident]]
|
||||||
|
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.13 -> 1.0.14"
|
||||||
|
notes = "Minimal delta in `.rs` files: new test assertions + doc changes."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.unicode-ident]]
|
||||||
|
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.14 -> 1.0.15"
|
||||||
|
notes = "No changes relevant to any of these criteria."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.unicode-ident]]
|
||||||
|
who = "Liza Burakova <liza@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.15 -> 1.0.16"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.unicode-ident]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.0.16 -> 1.0.18"
|
||||||
|
notes = "Only minor comment and documentation updates."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.utf8parse]]
|
||||||
|
who = "David Koloski <dkoloski@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.1"
|
||||||
|
notes = "Reviewed on https://fxrev.dev/904811"
|
||||||
|
aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.writeable]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.6.0"
|
||||||
|
notes = "Contains three lines of unsafe, thoroughly commented: one is for from-UTF8 on ASCII, the other two are for from-UTF8 on a datastructure that keeps track of a buffer with partial UTF8 validation. Relatively straigtforward."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.writeable]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.6.0 -> 0.6.1"
|
||||||
|
notes = "Minor comment/documentation updates and switch to a non-panicking alternative to split_at()."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.yoke]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.7.5"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.yoke]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.7.5 -> 0.8.0"
|
||||||
|
notes = """
|
||||||
|
Cleaning up a previous hack for adding trait bounds to yoke objects. Unsafe changes:
|
||||||
|
- deleting the hack itself removes a lot of unsafe use required in the hack's implementation
|
||||||
|
- changes another unsafe use to remove the use of the hack, now that it's no longer needed
|
||||||
|
|
||||||
|
|
||||||
|
See https://crrev.com/c/6323349 for more audit notes.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.yoke-derive]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.7.5"
|
||||||
|
notes = "Custom derive implementing the `Yokeable` trait. Generally generates simple code that asserts covariance."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.yoke-derive]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.7.5 -> 0.8.0"
|
||||||
|
notes = "No code changes: only incrementing the version."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.zerofrom]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.5"
|
||||||
|
notes = "Contains no unsafe"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.zerofrom]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.5 -> 0.1.6"
|
||||||
|
notes = "Only minor cfg tweaks."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.zerofrom-derive]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.5"
|
||||||
|
notes = "Contains no unsafe"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.zerofrom-derive]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.5 -> 0.1.6"
|
||||||
|
notes = "Only a minor clippy adjustment."
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.zerotrie]]
|
||||||
|
who = "Manish Goregaokar <manishearth@google.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.0"
|
||||||
|
notes = "Minor repr(transparent) unsafe code. Improved comments in https://github.com/unicode-org/icu4x/pull/6054"
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.google.audits.zerotrie]]
|
||||||
|
who = "Daniel Cheng <dcheng@chromium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.2.0 -> 0.2.1"
|
||||||
|
notes = """
|
||||||
|
Changes in unsafe blocks are wrapping direct calls to `core::mem::transmute` with the `transparent_ref_from_store` wrapper.
|
||||||
|
No safety guarantees change, but providing the `transparent_ref_from_store` as a wrapper provides a convenient marker that this transmute operation is actually sound.
|
||||||
|
|
||||||
|
See https://crrev.com/c/6323349 for more audit notes.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||||
|
|
||||||
|
[[audits.mozilla.wildcard-audits.cexpr]]
|
||||||
|
who = "Emilio Cobos Álvarez <emilio@crisal.io>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
user-id = 3788 # Emilio Cobos Álvarez (emilio)
|
||||||
|
start = "2021-06-21"
|
||||||
|
end = "2024-04-21"
|
||||||
|
notes = "No unsafe code, rather straight-forward parser."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.wildcard-audits.core-graphics]]
|
||||||
|
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
user-id = 5946 # Jeff Muizelaar (jrmuizel)
|
||||||
|
start = "2020-12-08"
|
||||||
|
end = "2023-05-04"
|
||||||
|
renew = false
|
||||||
|
notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.wildcard-audits.core-graphics-types]]
|
||||||
|
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
user-id = 2396 # Josh Matthews (jdm)
|
||||||
|
start = "2020-07-20"
|
||||||
|
end = "2023-05-04"
|
||||||
|
renew = false
|
||||||
|
notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.wildcard-audits.encoding_rs]]
|
||||||
|
who = "Henri Sivonen <hsivonen@hsivonen.fi>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
user-id = 4484 # Henri Sivonen (hsivonen)
|
||||||
|
start = "2019-02-26"
|
||||||
|
end = "2025-10-23"
|
||||||
|
notes = "I, Henri Sivonen, wrote encoding_rs for Gecko and have reviewed contributions by others. There are two caveats to the certification: 1) The crate does things that are documented to be UB but that do not appear to actually be UB due to integer types differing from the general rule; https://github.com/hsivonen/encoding_rs/issues/79 . 2) It would be prudent to re-review the code that reinterprets buffers of integers as SIMD vectors; see https://github.com/hsivonen/encoding_rs/issues/87 ."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.wildcard-audits.unicode-segmentation]]
|
||||||
|
who = "Manish Goregaokar <manishsmail@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
user-id = 1139 # Manish Goregaokar (Manishearth)
|
||||||
|
start = "2019-05-15"
|
||||||
|
end = "2026-02-01"
|
||||||
|
notes = "All code written or reviewed by Manish"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.wildcard-audits.utf8_iter]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
user-id = 4484 # Henri Sivonen (hsivonen)
|
||||||
|
start = "2022-04-19"
|
||||||
|
end = "2024-06-16"
|
||||||
|
notes = "Maintained by Henri Sivonen who works at Mozilla."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.android-tzdata]]
|
||||||
|
who = "Mark Hammond <mhammond@skippinet.com.au>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.1"
|
||||||
|
notes = "Small crate parsing a file. No unsafe code"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.cfg_aliases]]
|
||||||
|
who = "Alex Franchuk <afranchuk@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.1 -> 0.2.1"
|
||||||
|
notes = "Very minor changes."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.core-graphics]]
|
||||||
|
who = "Teodor Tanasoaia <ttanasoaia@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.22.3 -> 0.23.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.core-graphics]]
|
||||||
|
who = "Erich Gubler <erichdongubler@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.23.1 -> 0.24.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.core-graphics-types]]
|
||||||
|
who = "Teodor Tanasoaia <ttanasoaia@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.1 -> 0.1.2"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.core-graphics-types]]
|
||||||
|
who = "Teodor Tanasoaia <ttanasoaia@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.2 -> 0.1.3"
|
||||||
|
notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.core-graphics-types]]
|
||||||
|
who = "Erich Gubler <erichdongubler@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.3 -> 0.2.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.crypto-common]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.3 -> 0.1.6"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.cssparser]]
|
||||||
|
who = "Emilio Cobos Álvarez <emilio@crisal.io>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.29.6"
|
||||||
|
notes = """
|
||||||
|
I've reviewed or authored most of the recent changes to this library, and it
|
||||||
|
was developed by other mozilla folks. Unsafe code there is reasonable (utf-8
|
||||||
|
casts for serialization and parsing).
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.cssparser-macros]]
|
||||||
|
who = "Emilio Cobos Álvarez <emilio@crisal.io>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.6.0"
|
||||||
|
notes = """
|
||||||
|
Trivial crate with a single proc macro to compute the max length of the inputs
|
||||||
|
to a match expression.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.cssparser-macros]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.6.0 -> 0.6.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.deranged]]
|
||||||
|
who = "Alex Franchuk <afranchuk@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.11"
|
||||||
|
notes = """
|
||||||
|
This crate contains a decent bit of `unsafe` code, however all internal
|
||||||
|
unsafety is verified with copious assertions (many are compile-time), and
|
||||||
|
otherwise the unsafety is documented and left to the caller to verify.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.deranged]]
|
||||||
|
who = "Lars Eggert <lars@eggert.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.3.11 -> 0.4.0"
|
||||||
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.fastrand]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.9.0 -> 2.0.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.fastrand]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.1 -> 2.1.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.fastrand]]
|
||||||
|
who = "Chris Martin <cmartin@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.1.0 -> 2.1.1"
|
||||||
|
notes = "Fairly trivial changes, no chance of security regression."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.fnv]]
|
||||||
|
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.0.7"
|
||||||
|
notes = "Simple hasher implementation with no unsafe code."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.foreign-types]]
|
||||||
|
who = "Teodor Tanasoaia <ttanasoaia@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.3.2 -> 0.5.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.foreign-types-macros]]
|
||||||
|
who = "Teodor Tanasoaia <ttanasoaia@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.3"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.foreign-types-shared]]
|
||||||
|
who = "Teodor Tanasoaia <ttanasoaia@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.1 -> 0.3.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.futures-core]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.3.27 -> 0.3.28"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.futures-sink]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.3.27 -> 0.3.28"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.fxhash]]
|
||||||
|
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.1"
|
||||||
|
notes = "Straightforward crate with no unsafe code, does what it says on the tin."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.gimli]]
|
||||||
|
who = "Alex Franchuk <afranchuk@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.30.0"
|
||||||
|
notes = """
|
||||||
|
Unsafe code blocks are sound. Minimal dependencies used. No use of
|
||||||
|
side-effectful std functions.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.gimli]]
|
||||||
|
who = "Chris Martin <cmartin@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.30.0 -> 0.29.0"
|
||||||
|
notes = "No unsafe code, mostly algorithms and parsing. Very unlikely to cause security issues."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.hashbrown]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.12.3"
|
||||||
|
notes = "This version is used in rust's libstd, so effectively we're already trusting it"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.hex]]
|
||||||
|
who = "Simon Friedberger <simon@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.4.3"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.iana-time-zone]]
|
||||||
|
who = "Mark Hammond <mhammond@skippinet.com.au>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.61 -> 0.1.63"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.icu_collections]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta2 -> 2.0.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.icu_locale_core]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta2 -> 2.0.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.icu_normalizer]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta2 -> 2.0.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.icu_normalizer_data]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta2 -> 2.0.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.icu_properties]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta2 -> 2.0.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.icu_properties_data]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta2 -> 2.0.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.icu_provider]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "2.0.0-beta2 -> 2.0.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.idna_adapter]]
|
||||||
|
who = "Valentin Gosu <valentin.gosu@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.2.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.idna_adapter]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.2.0 -> 1.2.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.litemap]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.7.5 -> 0.8.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.matches]]
|
||||||
|
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.9"
|
||||||
|
notes = "This is a trivial crate."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.matches]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.9 -> 0.1.10"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.num-conv]]
|
||||||
|
who = "Alex Franchuk <afranchuk@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.0"
|
||||||
|
notes = """
|
||||||
|
Very straightforward, simple crate. No dependencies, unsafe, extern,
|
||||||
|
side-effectful std functions, etc.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.pin-project-lite]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.2.13 -> 0.2.14"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.pin-project-lite]]
|
||||||
|
who = "Nika Layzell <nika@thelayzells.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.2.14 -> 0.2.16"
|
||||||
|
notes = """
|
||||||
|
Only functional change is to work around a bug in the negative_impls feature
|
||||||
|
(https://github.com/taiki-e/pin-project/issues/340#issuecomment-2432146009)
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.powerfmt]]
|
||||||
|
who = "Alex Franchuk <afranchuk@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.0"
|
||||||
|
notes = """
|
||||||
|
A tiny bit of unsafe code to implement functionality that isn't in stable rust
|
||||||
|
yet, but it's all valid. Otherwise it's a pretty simple crate.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.precomputed-hash]]
|
||||||
|
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.1"
|
||||||
|
notes = "This is a trivial crate."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.raw-window-handle]]
|
||||||
|
who = "Jim Blandy <jimb@red-bean.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.5.0"
|
||||||
|
notes = "I looked through all the sources of the v0.5.0 crate."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.raw-window-handle]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.5.0 -> 0.5.2"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.raw-window-handle]]
|
||||||
|
who = "Nicolas Silva <nical@fastmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.5.2 -> 0.6.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.raw-window-handle]]
|
||||||
|
who = "Erich Gubler <erichdongubler@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.6.0 -> 0.6.2"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.rustc-hash]]
|
||||||
|
who = "Bobby Holley <bobbyholley@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.1.0"
|
||||||
|
notes = "Straightforward crate with no unsafe code, does what it says on the tin."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.sharded-slab]]
|
||||||
|
who = "Mark Hammond <mhammond@skippinet.com.au>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.4 -> 0.1.7"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.shlex]]
|
||||||
|
who = "Max Inden <mail@max-inden.de>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "1.1.0 -> 1.3.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.strsim]]
|
||||||
|
who = "Ben Dean-Kawamura <bdk@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.10.0 -> 0.11.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.time-core]]
|
||||||
|
who = "Kershaw Chang <kershaw@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.time-core]]
|
||||||
|
who = "Kershaw Chang <kershaw@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.0 -> 0.1.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.time-core]]
|
||||||
|
who = "Alex Franchuk <afranchuk@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.1 -> 0.1.2"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.time-core]]
|
||||||
|
who = "Lars Eggert <lars@eggert.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.2 -> 0.1.4"
|
||||||
|
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.time-macros]]
|
||||||
|
who = "Kershaw Chang <kershaw@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.6"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.time-macros]]
|
||||||
|
who = "Kershaw Chang <kershaw@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.2.6 -> 0.2.10"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.time-macros]]
|
||||||
|
who = "Alex Franchuk <afranchuk@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.2.10 -> 0.2.18"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.time-macros]]
|
||||||
|
who = "Lars Eggert <lars@eggert.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.2.18 -> 0.2.22"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.tinystr]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.7.0"
|
||||||
|
notes = "One of original auther was Zibi Braniecki who worked at Mozilla and maintained by ICU4X developers (Google and Mozilla). I've vetted the one instance of unsafe code."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.tinystr]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.7.0 -> 0.7.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.tinystr]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.7.1 -> 0.7.4"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.tinystr]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.7.4 -> 0.7.6"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.tinystr]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.7.6 -> 0.8.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.tinyvec_macros]]
|
||||||
|
who = "Drew Willcoxon <adw@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.0 -> 0.1.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.tracing]]
|
||||||
|
who = "Alex Franchuk <afranchuk@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.37"
|
||||||
|
notes = """
|
||||||
|
There's only one unsafe impl, and its purpose is to ensure correct behavior by
|
||||||
|
creating a non-Send marker type (it has nothing to do with soundness). All
|
||||||
|
dependencies make sense, and no side-effectful std functions are used.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.tracing]]
|
||||||
|
who = "Mark Hammond <mhammond@skippinet.com.au>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.1.37 -> 0.1.41"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.tracing-subscriber]]
|
||||||
|
who = "Mark Hammond <mhammond@skippinet.com.au>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.3.17 -> 0.3.19"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.unic-char-property]]
|
||||||
|
who = "edgul <ed.guloien@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.9.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.unic-char-range]]
|
||||||
|
who = "edgul <ed.guloien@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.9.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.unic-common]]
|
||||||
|
who = "edgul <ed.guloien@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.9.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.unic-ucd-ident]]
|
||||||
|
who = "edgul <ed.guloien@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.9.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.urlpattern]]
|
||||||
|
who = "edgul <ed.guloien@gmail.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.3.0"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.windows-link]]
|
||||||
|
who = "Mark Hammond <mhammond@skippinet.com.au>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.1.1"
|
||||||
|
notes = "A microsoft crate allowing unsafe calls to windows apis."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zeroize]]
|
||||||
|
who = "Benjamin Beurdouche <beurdouche@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.8.1"
|
||||||
|
notes = """
|
||||||
|
This code DOES contain unsafe code required to internally call volatiles
|
||||||
|
for deleting data. This is expected and documented behavior.
|
||||||
|
"""
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zeroize_derive]]
|
||||||
|
who = "Benjamin Beurdouche <beurdouche@mozilla.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "1.4.2"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerotrie]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.2.1 -> 0.2.2"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.9.4"
|
||||||
|
notes = "This crate is zero-copy data structure implmentation. Although this uses unsafe block in several code, it requires for zero-copy. And this has a comment in code why this uses unsafe and I audited code."
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.9.4 -> 0.10.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.10.1 -> 0.10.2"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec]]
|
||||||
|
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.10.2 -> 0.10.4"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.10.4 -> 0.11.2"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.11.2 -> 0.11.3"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.11.3 -> 0.11.4"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec-derive]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.10.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec-derive]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.10.1 -> 0.10.2"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec-derive]]
|
||||||
|
who = "Max Inden <mail@max-inden.de>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.10.2 -> 0.10.3"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla.audits.zerovec-derive]]
|
||||||
|
who = "Makoto Kato <m_kato@ga2.so-net.ne.jp>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.10.3 -> 0.11.1"
|
||||||
|
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||||
|
|
||||||
|
[[audits.mozilla-cargo-vet.audits.home]]
|
||||||
|
who = "Nika Layzell <nika@thelayzells.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.5.3"
|
||||||
|
notes = """
|
||||||
|
Crate with straightforward code for determining the user's HOME directory. Only
|
||||||
|
unsafe code is used to invoke the Windows SHGetFolderPathW API to get the
|
||||||
|
profile directory when the USERPROFILE environment variable is unavailable.
|
||||||
|
"""
|
||||||
|
|
||||||
|
[[audits.mozilla-cargo-vet.audits.home]]
|
||||||
|
who = "Nika Layzell <nika@thelayzells.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.5.3 -> 0.5.11"
|
||||||
|
|
||||||
|
[[audits.mozilla-cargo-vet.audits.is-docker]]
|
||||||
|
who = "Nika Layzell <nika@thelayzells.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.0"
|
||||||
|
notes = "Fairly straightforward checking of /.dockerenv and /proc/self/cgroup"
|
||||||
|
|
||||||
|
[[audits.mozilla-cargo-vet.audits.is-wsl]]
|
||||||
|
who = "Nika Layzell <nika@thelayzells.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.4.0"
|
||||||
|
notes = "Straightforward checking of procfs for the string \"microsoft\""
|
||||||
|
|
||||||
|
[[audits.mozilla-cargo-vet.audits.option-ext]]
|
||||||
|
who = "Nika Layzell <nika@thelayzells.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
version = "0.2.0"
|
||||||
|
|
||||||
|
[[audits.mozilla-cargo-vet.audits.synstructure]]
|
||||||
|
who = "Nika Layzell <nika@thelayzells.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.13.1 -> 0.13.2"
|
||||||
|
|
||||||
|
[[audits.mozilla-cargo-vet.audits.utf8parse]]
|
||||||
|
who = "Nika Layzell <nika@thelayzells.com>"
|
||||||
|
criteria = "safe-to-deploy"
|
||||||
|
delta = "0.2.1 -> 0.2.2"
|
||||||
Reference in New Issue
Block a user