Import cargo-vet audits from Mozilla (#4792)

* Bump cargo-vet to 0.3.

* Add Mozilla as a trusted import for audits.

supply-chain/config.toml

@@ -1,6 +1,9 @@
 
 # cargo-vet config file
 
+[imports.mozilla]
+url = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
+
 [policy.wasi-crypto]
 audit-as-crates-io = false
 
@@ -79,14 +82,6 @@ criteria = "safe-to-deploy"
 version = "1.3.3"
 criteria = "safe-to-deploy"
 
-[[exemptions.bit-set]]
-version = "0.5.2"
-criteria = "safe-to-deploy"
-
-[[exemptions.bit-vec]]
-version = "0.6.3"
-criteria = "safe-to-deploy"
-
 [[exemptions.bitflags]]
 version = "1.3.2"
 criteria = "safe-to-deploy"
@@ -99,10 +94,6 @@ criteria = "safe-to-deploy"
 version = "0.2.17"
 criteria = "safe-to-run"
 
-[[exemptions.bumpalo]]
-version = "3.9.1"
-criteria = "safe-to-run"
-
 [[exemptions.byteorder]]
 version = "1.4.3"
 criteria = "safe-to-deploy"
@@ -311,10 +302,6 @@ criteria = "safe-to-deploy"
 version = "0.3.6"
 criteria = "safe-to-deploy"
 
-[[exemptions.encoding_rs]]
-version = "0.8.31"
-criteria = "safe-to-deploy"
-
 [[exemptions.env_logger]]
 version = "0.7.1"
 criteria = "safe-to-deploy"
@@ -355,14 +342,6 @@ criteria = "safe-to-deploy"
 version = "0.2.16"
 criteria = "safe-to-run"
 
-[[exemptions.flagset]]
-version = "0.4.3"
-criteria = "safe-to-deploy"
-
-[[exemptions.fnv]]
-version = "1.0.7"
-criteria = "safe-to-deploy"
-
 [[exemptions.fs-set-times]]
 version = "0.17.0"
 criteria = "safe-to-deploy"
@@ -371,10 +350,6 @@ criteria = "safe-to-deploy"
 version = "0.1.8"
 criteria = "safe-to-deploy"
 
-[[exemptions.fxhash]]
-version = "0.2.1"
-criteria = "safe-to-deploy"
-
 [[exemptions.generic-array]]
 version = "0.14.5"
 criteria = "safe-to-deploy"
@@ -543,10 +518,6 @@ criteria = "safe-to-deploy"
 version = "0.4.7"
 criteria = "safe-to-deploy"
 
-[[exemptions.log]]
-version = "0.4.17"
-criteria = "safe-to-deploy"
-
 [[exemptions.mach]]
 version = "0.3.2"
 criteria = "safe-to-deploy"