Skip to content

Commit

Permalink
vet import
Browse files Browse the repository at this point in the history
  • Loading branch information
@badboy
badboy committed Jun 21, 2023
1 parent e71f7d0 commit 147c64f
Show file tree
Hide file tree
Showing 2 changed files with 38 additions and 264 deletions.
26 changes: 3 additions & 23 deletions supply-chain/config.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,12 @@ version = "0.6"
[imports.bytecode-alliance]
url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-chain/audits.toml"

[imports.chromeos]
url = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/main/cargo-vet/audits.toml?format=TEXT"

[imports.embark-studios]
url = "https://raw.githubusercontent.com/EmbarkStudios/rust-ecosystem/main/audits.toml"

[imports.google]
url = "https://raw.githubusercontent.com/google/supply-chain/main/audits.toml"

[imports.isrg]
url = "https://raw.githubusercontent.com/divviup/libprio-rs/main/supply-chain/audits.toml"

Expand Down Expand Up @@ -44,10 +44,6 @@ criteria = "safe-to-deploy"
version = "0.10.3"
criteria = "safe-to-deploy"

[[exemptions.askama_shared]]
version = "0.12.2"
criteria = "safe-to-deploy"

[[exemptions.bincode]]
version = "1.3.3"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -96,10 +92,6 @@ criteria = "safe-to-deploy"
version = "0.2.8"
criteria = "safe-to-deploy"

[[exemptions.errno-dragonfly]]
version = "0.1.2"
criteria = "safe-to-deploy"

[[exemptions.fastrand]]
version = "1.7.0"
criteria = "safe-to-deploy"
Expand All @@ -116,10 +108,6 @@ criteria = "safe-to-deploy"
version = "0.2.8"
criteria = "safe-to-deploy"

[[exemptions.glob]]
version = "0.3.0"
criteria = "safe-to-deploy"

[[exemptions.goblin]]
version = "0.6.0"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -280,10 +268,6 @@ criteria = "safe-to-deploy"
version = "1.1.0"
criteria = "safe-to-deploy"

[[exemptions.syn]]
version = "1.0.105"
criteria = "safe-to-deploy"

[[exemptions.syn]]
version = "2.0.18"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -344,10 +328,6 @@ criteria = "safe-to-deploy"
version = "0.42.1"
criteria = "safe-to-deploy"

[[exemptions.windows_aarch64_msvc]]
version = "0.42.1"
criteria = "safe-to-deploy"

[[exemptions.windows_i686_gnu]]
version = "0.42.1"
criteria = "safe-to-deploy"
Expand Down
276 changes: 35 additions & 241 deletions supply-chain/imports.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,12 @@ criteria = "safe-to-deploy"
version = "1.0.0"
notes = "I am the author of this crate."

[[audits.bytecode-alliance.audits.errno-dragonfly]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
version = "0.1.2"
notes = "This should be portable to any POSIX system and seems like it should be part of the libc crate, but at any rate it's safe as is."

[[audits.bytecode-alliance.audits.form_urlencoded]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
Expand All @@ -105,6 +111,11 @@ more than what it says on the tin. Contains one `unsafe` block related to
performance around utf-8 validation which is fairly easy to verify as correct.
"""

[[audits.bytecode-alliance.audits.glob]]
who = "Jamey Sharp <jsharp@fastly.com>"
criteria = "safe-to-deploy"
delta = "0.3.1 -> 0.3.0"

[[audits.bytecode-alliance.audits.heck]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -228,21 +239,6 @@ is similar to what it once was back then. Skimming over the crate there is
nothing suspicious and it's everything you'd expect a Rust URL parser to be.
"""

[[audits.chromeos.audits.ctor]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
version = "0.1.26"

[[audits.chromeos.audits.textwrap]]
who = "ChromeOS"
criteria = "safe-to-run"
version = "0.15.2"

[[audits.chromeos.audits.version_check]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "0.9.4"

[[audits.embark-studios.audits.anyhow]]
who = "Johan Andersson <opensource@embark-studios.com>"
criteria = "safe-to-deploy"
Expand All @@ -266,6 +262,30 @@ criteria = "safe-to-deploy"
version = "1.0.40"
notes = "Found no unsafe or ambient capabilities used"

[[audits.google.audits.ctor]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
version = "0.1.26"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"

[[audits.google.audits.glob]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "0.3.1"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"

[[audits.google.audits.textwrap]]
who = "ChromeOS"
criteria = "safe-to-run"
version = "0.15.2"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"

[[audits.google.audits.version_check]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"
version = "0.9.4"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"

[[audits.isrg.audits.once_cell]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -535,232 +555,6 @@ criteria = "safe-to-deploy"
delta = "0.1.21 -> 0.1.22"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.19.3"
notes = "Maintained by the Glean and Application Services teams"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.19.3 -> 0.19.6"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi]]
who = "Perry McManis <pmcmanis@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.19.6 -> 0.20.0"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.20.0 -> 0.21.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.21.0 -> 0.21.1"
notes = "No changes."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.21.1 -> 0.23.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_bindgen]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.19.3"
notes = "Maintained by the Glean and Application Services teams."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_bindgen]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.19.3 -> 0.19.6"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_bindgen]]
who = "Perry McManis <pmcmanis@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.19.6 -> 0.20.0"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_bindgen]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.20.0 -> 0.21.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_bindgen]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.21.0 -> 0.21.1"
notes = "I authored the changes in this version."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_bindgen]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.21.1 -> 0.23.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_build]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.19.3"
notes = "Maintained by the Glean and Application Services teams."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_build]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.19.3 -> 0.19.6"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_build]]
who = "Perry McManis <pmcmanis@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.19.6 -> 0.20.0"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_build]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.20.0 -> 0.21.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_build]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.21.0 -> 0.21.1"
notes = "No changes."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_build]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.21.1 -> 0.23.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_checksum_derive]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
version = "0.21.1"
notes = "I authored this crate."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_checksum_derive]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.21.1 -> 0.23.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_core]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.23.0"
notes = "Maintained by the Glean and Application Services teams."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_macros]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.19.3"
notes = "Maintained by the Glean and Application Services teams."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_macros]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.19.3 -> 0.19.6"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_macros]]
who = "Perry McManis <pmcmanis@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.19.6 -> 0.20.0"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_macros]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.20.0 -> 0.21.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_macros]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.21.0 -> 0.21.1"
notes = "No changes."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_macros]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.21.1 -> 0.23.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_meta]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.19.6"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_meta]]
who = "Perry McManis <pmcmanis@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.19.6 -> 0.20.0"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_meta]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.20.0 -> 0.21.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_meta]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.21.0 -> 0.21.1"
notes = "I authored the changes in this version."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_meta]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.21.1 -> 0.23.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.uniffi_testing]]
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.23.0"
notes = "Maintained by the Glean and Application Services team."
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.weedle2]]
who = "Travis Long <tlong@mozilla.com>"
criteria = "safe-to-deploy"
Expand Down

0 comments on commit 147c64f

Please sign in to comment.