Merge pull request #1405 from daira/fix-audits

Add and prune audits
zcash · Jun 12, 2024 · 0c03e06 · 0c03e06
2 parents 976a4d2 + cfc1cb3
commit 0c03e06
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 29 deletions.
diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml
@@ -275,6 +275,11 @@ criteria = "safe-to-deploy"
 delta = "0.5.6 -> 0.5.7"
 notes = "The new uses of unsafe to access getsockopt/setsockopt look reasonable."
 
+[[audits.syn]]
+who = "Daira-Emma Hopwood <[email protected]>"
+criteria = "safe-to-deploy"
+delta = "2.0.53 -> 2.0.60"
+
 [[audits.syn]]
 who = "Daira-Emma Hopwood <[email protected]>"
 criteria = "safe-to-deploy"

diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock
@@ -251,8 +251,8 @@ user-login = "nuttycom"
 user-name = "Kris Nuttycombe"
 
 [[publisher.zcash_primitives]]
-version = "0.15.0"
-when = "2024-03-25"
+version = "0.15.1"
+when = "2024-05-24"
 user-id = 6289
 user-login = "str4d"
 
@@ -888,9 +888,9 @@ notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 
 [[audits.google.audits.serde_derive]]
-who = "Dustin J. Mitchell <djmitche@chromium.org>"
+who = "danakj <danakj@chromium.org>"
 criteria = "safe-to-deploy"
-delta = "1.0.197 -> 1.0.198"
+delta = "1.0.197 -> 1.0.201"
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 
 [[audits.google.audits.serde_json]]
@@ -938,25 +938,6 @@ Previously reviewed during security review and the audit is grandparented in.
 """
 aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
 
-[[audits.google.audits.syn]]
-who = "Dustin J. Mitchell <[email protected]>"
-criteria = "safe-to-deploy"
-delta = "2.0.53 -> 2.0.55"
-notes = "Mostly clippy, test changes - no changed unsafe."
-aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
-
-[[audits.google.audits.syn]]
-who = "Adrian Taylor <[email protected]>"
-criteria = "safe-to-deploy"
-delta = "2.0.55 -> 2.0.59"
-aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
-
-[[audits.google.audits.syn]]
-who = "Dustin J. Mitchell <[email protected]>"
-criteria = "safe-to-deploy"
-delta = "2.0.59 -> 2.0.60"
-aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
-
 [[audits.google.audits.textwrap]]
 who = "George Burgess IV <[email protected]>"
 criteria = "safe-to-run"
@@ -1485,12 +1466,6 @@ criteria = "safe-to-deploy"
 delta = "1.0.198 -> 1.0.201"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 
-[[audits.mozilla.audits.serde_derive]]
-who = "Erich Gubler <[email protected]>"
-criteria = "safe-to-deploy"
-delta = "1.0.198 -> 1.0.201"
-aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
-
 [[audits.mozilla.audits.subtle]]
 who = "Simon Friedberger <[email protected]>"
 criteria = "safe-to-deploy"