diff --git a/Cargo.lock b/Cargo.lock index d1bbda3100..36c5914e86 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -243,9 +243,9 @@ checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8" [[package]] name = "cap-fs-ext" -version = "1.0.1" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0cd43a11b76b72fd4de1d0358cc3c0a11fed09c2d67caef7c6c0ca3338245d96" +checksum = "ff40fd8a96d57a204080e5debd621342612f6d6b60901201a51f518baf72691d" dependencies = [ "cap-primitives", "cap-std", @@ -255,9 +255,9 @@ dependencies = [ [[package]] name = "cap-primitives" -version = "1.0.1" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e58ae40664c77c3dd4c0df2e5bc97743ede4b814f9970d81228e69d101702e03" +checksum = "9554a7698c8db4b7777f01b2237de111c5ecea169efb1190004d9069ceb289aa" dependencies = [ "ambient-authority", "fs-set-times", @@ -282,9 +282,9 @@ dependencies = [ [[package]] name = "cap-std" -version = "1.0.1" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b515b8f641ddea066fc2ce25f2c27b60c1f7c2f50f7b8c8c4acfe70a1a51646" +checksum = "a7b68a8ac703cc7bed0a46666a04b386cca214844897a69f599dcd82ea59422c" dependencies = [ "cap-primitives", "io-extras", @@ -307,9 +307,9 @@ dependencies = [ [[package]] name = "cap-time-ext" -version = "1.0.1" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e0056bbe8b6e11e8ff7a799258890d3f7d54d561691ac360415257b3495a6b9" +checksum = "472931750f90fbf0731c886c2937521e25772942577a182e7ace5bc561d10e3b" dependencies = [ "cap-primitives", "once_cell", @@ -1213,6 +1213,17 @@ dependencies = [ "instant", ] +[[package]] +name = "fd-lock" +version = "3.0.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ef1a30ae415c3a691a4f41afddc2dbcd6d70baf338368d85ebc1e8ed92cedb9" +dependencies = [ + "cfg-if", + "rustix", + "windows-sys", +] + [[package]] name = "ff" version = "0.10.1" @@ -1278,9 +1289,9 @@ dependencies = [ [[package]] name = "fs-set-times" -version = "0.18.0" +version = "0.18.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e25ca26b0001154679ce0901527330e6153b670d17ccd1f86bab4e45dfba1a74" +checksum = "857cf27edcb26c2a36d84b2954019573d335bb289876113aceacacdca47a4fd4" dependencies = [ "io-lifetimes", "rustix", @@ -1408,12 +1419,9 @@ dependencies = [ [[package]] name = "hermit-abi" -version = "0.2.0" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ab7905ea95c6d9af62940f9d7dd9596d54c334ae2c15300c482051292d5637f" -dependencies = [ - "libc", -] +checksum = "856b5cb0902c2b6d65d5fd97dfa30f9b70c7538e770b98eab5ed52d8db923e01" [[package]] name = "hkdf" @@ -1506,9 +1514,9 @@ dependencies = [ [[package]] name = "io-extras" -version = "0.17.0" +version = "0.17.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4ad797ac2cd70ff82f6d9246d36762b41c1db15b439fd48bcb70914269642354" +checksum = "d79107d6e60d78351e11f0a2dc9d0eaf304a7efb592e92603783afb8479c7d97" dependencies = [ "io-lifetimes", "windows-sys", @@ -1516,9 +1524,9 @@ dependencies = [ [[package]] name = "io-lifetimes" -version = "1.0.3" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46112a93252b123d31a119a8d1a1ac19deac4fac6e0e8b0df58f0d4e5870e63c" +checksum = "1abeb7a0dd0f8181267ff8adc397075586500b81b28a73e8a0208b00fc170fb3" dependencies = [ "libc", "windows-sys", @@ -1532,11 +1540,11 @@ checksum = "879d54834c8c76457ef4293a689b2a8c59b076067ad77b15efafbb05f92a592b" [[package]] name = "is-terminal" -version = "0.4.1" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "927609f78c2913a6f6ac3c27a4fe87f43e2a35367c0c4b0f8265e8f49a104330" +checksum = "22e18b0a45d56fe973d6db23972bf5bc46f988a4a2385deac9cc29572f09daef" dependencies = [ - "hermit-abi 0.2.0", + "hermit-abi 0.3.0", "io-lifetimes", "rustix", "windows-sys", @@ -2483,9 +2491,9 @@ checksum = "7ef03e0a2b150c7a90d01faf6254c9c48a41e95fb2a8c2ac1c6f0d2b9aefc342" [[package]] name = "rustix" -version = "0.36.7" +version = "0.36.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4fdebc4b395b7fbb9ab11e462e20ed9051e7b16e42d24042c776eca0ac81b03" +checksum = "f43abb88211988493c1abb44a70efa56ff0ce98f233b7b276146f1f3f7ba9644" dependencies = [ "bitflags", "errno", @@ -2751,13 +2759,14 @@ dependencies = [ [[package]] name = "system-interface" -version = "0.25.0" +version = "0.25.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77b5f685b54fe35201ca824534425d4af3562470fb67682cf20130c568b49042" +checksum = "f355df185d945435f24c51fda9bf01bea6acb6c0b753e1241e5cc05413a659d4" dependencies = [ "bitflags", "cap-fs-ext", "cap-std", + "fd-lock", "io-lifetimes", "rustix", "windows-sys", @@ -3994,9 +4003,18 @@ dependencies = [ [[package]] name = "windows-sys" -version = "0.42.0" +version = "0.45.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7" +checksum = "75283be5efb2831d37ea142365f009c02ec203cd29a3ebecbc093d52315b66d0" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-targets" +version = "0.42.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e2522491fbfcd58cc84d47aeb2958948c4b8982e9a2d8a2a35bbaed431390e7" dependencies = [ "windows_aarch64_gnullvm", "windows_aarch64_msvc", @@ -4009,51 +4027,51 @@ dependencies = [ [[package]] name = "windows_aarch64_gnullvm" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41d2aa71f6f0cbe00ae5167d90ef3cfe66527d6f613ca78ac8024c3ccab9a19e" +checksum = "8c9864e83243fdec7fc9c5444389dcbbfd258f745e7853198f365e3c4968a608" [[package]] name = "windows_aarch64_msvc" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd0f252f5a35cac83d6311b2e795981f5ee6e67eb1f9a7f64eb4500fbc4dcdb4" +checksum = "4c8b1b673ffc16c47a9ff48570a9d85e25d265735c503681332589af6253c6c7" [[package]] name = "windows_i686_gnu" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbeae19f6716841636c28d695375df17562ca208b2b7d0dc47635a50ae6c5de7" +checksum = "de3887528ad530ba7bdbb1faa8275ec7a1155a45ffa57c37993960277145d640" [[package]] name = "windows_i686_msvc" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84c12f65daa39dd2babe6e442988fc329d6243fdce47d7d2d155b8d874862246" +checksum = "bf4d1122317eddd6ff351aa852118a2418ad4214e6613a50e0191f7004372605" [[package]] name = "windows_x86_64_gnu" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf7b1b21b5362cbc318f686150e5bcea75ecedc74dd157d874d754a2ca44b0ed" +checksum = "c1040f221285e17ebccbc2591ffdc2d44ee1f9186324dd3e84e99ac68d699c45" [[package]] name = "windows_x86_64_gnullvm" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09d525d2ba30eeb3297665bd434a54297e4170c7f1a44cad4ef58095b4cd2028" +checksum = "628bfdf232daa22b0d64fdb62b09fcc36bb01f05a3939e20ab73aaf9470d0463" [[package]] name = "windows_x86_64_msvc" -version = "0.42.0" +version = "0.42.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f40009d85759725a34da6d89a94e63d7bdc50a862acf0dbc7c8e488f1edcb6f5" +checksum = "447660ad36a13288b1db4d4248e857b510e8c3a225c822ba4fb748c0aafecffd" [[package]] name = "winx" -version = "0.34.0" +version = "0.35.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9baf690e238840de84bbfad6ad72d6628c41d34c1a5e276dab7fb2c9167ca1ac" +checksum = "129cd8ee937d535e1a239d9d3c9c0525af0454bc0967d9211a251be062513520" dependencies = [ "bitflags", "io-lifetimes", diff --git a/Cargo.toml b/Cargo.toml index dde2212c2e..45cb7af61a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -168,7 +168,7 @@ wasm-encoder = "0.22.0" wasm-smith = "0.12.0" wasm-mutate = "0.2.16" wit-parser = "0.5.0" -windows-sys = "0.42.0" +windows-sys = "0.45.0" env_logger = "0.9" rustix = "0.36.7" log = { version = "0.4.8", default-features = false } diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index a5695b1794..ff6fff9bdb 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -63,6 +63,12 @@ criteria = "safe-to-deploy" version = "0.3.66" notes = "I am the author of this crate." +[[audits.base64]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +version = "0.21.0" +notes = "This crate has no dependencies, no build.rs, and contains no unsafe code." + [[audits.base64]] who = "Pat Hickey " criteria = "safe-to-run" @@ -98,6 +104,12 @@ criteria = "safe-to-deploy" version = "1.0.1" notes = "The Bytecode Alliance is the author of this crate" +[[audits.cap-fs-ext]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "1.0.1 -> 1.0.5" +notes = "The Bytecode Alliance is the author of this crate." + [[audits.cap-primitives]] who = "Dan Gohman " criteria = "safe-to-deploy" @@ -110,6 +122,12 @@ criteria = "safe-to-deploy" version = "1.0.1" notes = "The Bytecode Alliance is the author of this crate" +[[audits.cap-primitives]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "1.0.1 -> 1.0.5" +notes = "The Bytecode Alliance is the author of this crate." + [[audits.cap-rand]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -134,6 +152,12 @@ criteria = "safe-to-deploy" version = "1.0.1" notes = "The Bytecode Alliance is the author of this crate" +[[audits.cap-std]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "1.0.1 -> 1.0.5" +notes = "The Bytecode Alliance is the author of this crate." + [[audits.cap-tempfile]] who = "Dan Gohman " criteria = "safe-to-run" @@ -158,6 +182,12 @@ criteria = "safe-to-deploy" version = "1.0.1" notes = "The Bytecode Alliance is the author of this crate." +[[audits.cap-time-ext]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "1.0.1 -> 1.0.5" +notes = "The Bytecode Alliance is the author of this crate." + [[audits.cast]] who = "Alex Crichton " criteria = "safe-to-run" @@ -233,6 +263,18 @@ who = "Benjamin Bouvier " criteria = "safe-to-deploy" delta = "0.9.0 -> 0.10.3" +[[audits.fd-lock]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +version = "3.0.9" +notes = "This crate uses unsafe to make Windows syscalls, to borrow an Fd with an appropriate lifetime, and to zero a windows API structure that appears to have a valid representation with zeroed memory." + +[[audits.fd-lock]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "3.0.9 -> 3.0.10" +notes = "Just a dependency version bump" + [[audits.file-per-thread-logger]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -259,6 +301,12 @@ criteria = "safe-to-deploy" version = "0.18.0" notes = "I am the author of this crate." +[[audits.fs-set-times]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.18.0 -> 0.18.1" +notes = "The Bytecode Alliance is the author of this crate." + [[audits.hashbrown]] who = "Chris Fallin " criteria = "safe-to-deploy" @@ -271,6 +319,11 @@ criteria = "safe-to-deploy" version = "0.4.0" notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation." +[[audits.hermit-abi]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.2.0 -> 0.3.0" + [[audits.id-arena]] who = "Nick Fitzgerald " criteria = "safe-to-deploy" @@ -304,12 +357,24 @@ criteria = "safe-to-deploy" version = "0.17.0" notes = "I am the author of this crate." +[[audits.io-extras]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.17.0 -> 0.17.2" +notes = "The Bytecode Alliance is the author of this crate." + [[audits.io-lifetimes]] who = "Dan Gohman " criteria = "safe-to-deploy" version = "1.0.3" notes = "I am the author of this crate." +[[audits.io-lifetimes]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "1.0.3 -> 1.0.5" +notes = "The Bytecode Alliance is the author of this crate." + [[audits.is-terminal]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -322,6 +387,12 @@ criteria = "safe-to-deploy" version = "0.4.1" notes = "Contains only unsafe code for interacting with the crate's intended purpose." +[[audits.is-terminal]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.4.1 -> 0.4.3" +notes = "The Bytecode Alliance is the author of this crate." + [[audits.ittapi]] who = "Andrew Brown " criteria = "safe-to-deploy" @@ -510,6 +581,12 @@ criteria = "safe-to-deploy" version = "0.36.7" notes = "The Bytecode Alliance is the author of this crate." +[[audits.rustix]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.36.7 -> 0.36.8" +notes = "The Bytecode Alliance is the author of this crate." + [[audits.sha2]] who = "Benjamin Bouvier " criteria = "safe-to-deploy" @@ -540,6 +617,12 @@ criteria = "safe-to-deploy" version = "0.25.0" notes = "The Bytecode Alliance is the author of this crate." +[[audits.system-interface]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.25.0 -> 0.25.4" +notes = "The Bytecode Alliance is the author of this crate." + [[audits.tinyvec]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -1122,54 +1205,114 @@ criteria = "safe-to-deploy" version = "0.42.0" notes = "This is a Windows API bindings library maintained by Microsoft themselves." +[[audits.windows-sys]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.42.0 -> 0.45.0" +notes = "This is a Windows API bindings library maintained by Microsoft themselves." + +[[audits.windows-targets]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +version = "0.42.1" +notes = "This is a Windows API bindings library maintained by Microsoft themselves. Additionally, this particular crate is empty and just collects a bunch of dependencies, which are not exported, so I don't understand why it exists at all." + [[audits.windows_aarch64_gnullvm]] who = "Dan Gohman " criteria = "safe-to-deploy" version = "0.42.0" notes = "This is a Windows API bindings library maintained by Microsoft themselves." +[[audits.windows_aarch64_gnullvm]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.42.0 -> 0.42.1" +notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." + [[audits.windows_aarch64_msvc]] who = "Dan Gohman " criteria = "safe-to-deploy" version = "0.42.0" notes = "This is a Windows API bindings library maintained by Microsoft themselves." +[[audits.windows_aarch64_msvc]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.42.0 -> 0.42.1" +notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." + [[audits.windows_i686_gnu]] who = "Dan Gohman " criteria = "safe-to-deploy" version = "0.42.0" notes = "This is a Windows API bindings library maintained by Microsoft themselves." +[[audits.windows_i686_gnu]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.42.0 -> 0.42.1" +notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." + [[audits.windows_i686_msvc]] who = "Dan Gohman " criteria = "safe-to-deploy" version = "0.42.0" notes = "This is a Windows API bindings library maintained by Microsoft themselves." +[[audits.windows_i686_msvc]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.42.0 -> 0.42.1" +notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." + [[audits.windows_x86_64_gnu]] who = "Dan Gohman " criteria = "safe-to-deploy" version = "0.42.0" notes = "This is a Windows API bindings library maintained by Microsoft themselves." +[[audits.windows_x86_64_gnu]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.42.0 -> 0.42.1" +notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." + [[audits.windows_x86_64_gnullvm]] who = "Dan Gohman " criteria = "safe-to-deploy" version = "0.42.0" notes = "This is a Windows API bindings library maintained by Microsoft themselves." +[[audits.windows_x86_64_gnullvm]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.42.0 -> 0.42.1" +notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." + [[audits.windows_x86_64_msvc]] who = "Dan Gohman " criteria = "safe-to-deploy" version = "0.42.0" notes = "This is a Windows API bindings library maintained by Microsoft themselves." +[[audits.windows_x86_64_msvc]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.42.0 -> 0.42.1" +notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." + [[audits.winx]] who = "Dan Gohman " criteria = "safe-to-deploy" version = "0.34.0" notes = "I am the author of this crate." +[[audits.winx]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.34.0 -> 0.35.0" +notes = "Dan Gohman, a Bytecode Alliance core contributor, is the author of this crate." + [[audits.wit-parser]] who = "Alex Crichton " criteria = "safe-to-deploy"