From cfc1cb3738938284cd77a6f085b695dd420743ee Mon Sep 17 00:00:00 2001 From: Daira-Emma Hopwood Date: Tue, 4 Jun 2024 12:19:40 +0100 Subject: [PATCH] Add and prune audits. Signed-off-by: Daira-Emma Hopwood --- supply-chain/audits.toml | 5 +++++ supply-chain/imports.lock | 33 ++++----------------------------- 2 files changed, 9 insertions(+), 29 deletions(-) diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 94217bccf4..de7914380c 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -275,6 +275,11 @@ criteria = "safe-to-deploy" delta = "0.5.6 -> 0.5.7" notes = "The new uses of unsafe to access getsockopt/setsockopt look reasonable." +[[audits.syn]] +who = "Daira-Emma Hopwood " +criteria = "safe-to-deploy" +delta = "2.0.53 -> 2.0.60" + [[audits.syn]] who = "Daira-Emma Hopwood " criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 19b51b94a0..a59c653bea 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -251,8 +251,8 @@ user-login = "nuttycom" user-name = "Kris Nuttycombe" [[publisher.zcash_primitives]] -version = "0.15.0" -when = "2024-03-25" +version = "0.15.1" +when = "2024-05-24" user-id = 6289 user-login = "str4d" @@ -888,9 +888,9 @@ notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] -who = "Dustin J. Mitchell " +who = "danakj " criteria = "safe-to-deploy" -delta = "1.0.197 -> 1.0.198" +delta = "1.0.197 -> 1.0.201" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_json]] @@ -938,25 +938,6 @@ Previously reviewed during security review and the audit is grandparented in. """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" -[[audits.google.audits.syn]] -who = "Dustin J. Mitchell " -criteria = "safe-to-deploy" -delta = "2.0.53 -> 2.0.55" -notes = "Mostly clippy, test changes - no changed unsafe." -aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" - -[[audits.google.audits.syn]] -who = "Adrian Taylor " -criteria = "safe-to-deploy" -delta = "2.0.55 -> 2.0.59" -aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" - -[[audits.google.audits.syn]] -who = "Dustin J. Mitchell " -criteria = "safe-to-deploy" -delta = "2.0.59 -> 2.0.60" -aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" - [[audits.google.audits.textwrap]] who = "George Burgess IV " criteria = "safe-to-run" @@ -1485,12 +1466,6 @@ criteria = "safe-to-deploy" delta = "1.0.198 -> 1.0.201" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.serde_derive]] -who = "Erich Gubler " -criteria = "safe-to-deploy" -delta = "1.0.198 -> 1.0.201" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.subtle]] who = "Simon Friedberger " criteria = "safe-to-deploy"