T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add cargo-vet updates for audit backlog. (#5708)

Browse Source
This commit is contained in:
Chris Fallin
2023-02-03 17:46:44 -08:00
committed by GitHub
parent 97381792ac
commit 43022c862a
2 changed files with 26 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
supply-chain/audits.toml
View File

@@ -1,6 +1,11 @@
# cargo-vet audits file
[[audits.ahash]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.7.6 -> 0.8.2"
[[audits.anyhow]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
@@ -254,6 +259,12 @@ criteria = "safe-to-deploy"
version = "0.18.0"
notes = "I am the author of this crate."
[[audits.hashbrown]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.12.3 -> 0.13.1"
notes = "The diff looks plausible. Much of it is low-level memory-layout code and I can't be 100% certain without a deeper dive into the implementation logic, but nothing looks actively malicious."
[[audits.heck]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
@@ -385,6 +396,16 @@ This bump only changed from a function to an associated `const` and trivially
contains no significant changes.
"""
[[audits.object]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "0.29.0 -> 0.30.1"
[[audits.once_cell]]
who = "Chris Fallin <chris@cfallin.org>"
criteria = "safe-to-deploy"
delta = "1.16.0 -> 1.17.0"
[[audits.openvino]]
who = "Matthew Tamayo-Rios <matthew@geekbeast.com>"
criteria = "safe-to-deploy"