diff --git a/Cargo.lock b/Cargo.lock index a2d61a663e..29166cbdd7 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -607,7 +607,7 @@ dependencies = [ "cranelift-isle", "criterion", "gimli", - "hashbrown 0.13.1", + "hashbrown 0.13.2", "log", "regalloc2", "serde", @@ -677,7 +677,7 @@ name = "cranelift-frontend" version = "0.96.0" dependencies = [ "cranelift-codegen", - "hashbrown 0.13.1", + "hashbrown 0.13.2", "log", "similar", "smallvec", @@ -747,7 +747,7 @@ dependencies = [ "anyhow", "cranelift-codegen", "cranelift-control", - "hashbrown 0.13.1", + "hashbrown 0.13.2", ] [[package]] @@ -837,7 +837,7 @@ dependencies = [ "cranelift-codegen", "cranelift-entity", "cranelift-frontend", - "hashbrown 0.13.1", + "hashbrown 0.13.2", "itertools", "log", "serde", @@ -1498,9 +1498,9 @@ checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" [[package]] name = "hashbrown" -version = "0.13.1" +version = "0.13.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33ff8ae62cd3a9102e5637afc8452c55acf3844001bd5374e0b0bd7b6616c038" +checksum = "43a3c133739dddd0d2990f9a4bdf8eb4b21ef50e4851ca85ab661199821d510e" dependencies = [ "ahash", ] @@ -2049,7 +2049,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ea86265d3d3dcb6a27fc51bd29a4bf387fae9d2986b823079d4986af253eb439" dependencies = [ "crc32fast", - "hashbrown 0.13.1", + "hashbrown 0.13.2", "indexmap", "memchr", ] diff --git a/Cargo.toml b/Cargo.toml index 040ad47ae5..0e3cfa7f71 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -190,7 +190,7 @@ log = { version = "0.4.8", default-features = false } object = { version = "0.30.3", default-features = false, features = ['read_core', 'elf', 'std'] } gimli = { version = "0.27.0", default-features = false, features = ['read', 'std'] } clap = { version = "3.2.0", features = ["color", "suggestions", "derive"] } -hashbrown = "0.13" +hashbrown = "0.13.2" cap-std = "1.0.0" cap-rand = "1.0.0" capstone = "0.9.0" diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 1037eabab5..35a86e4e1f 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -565,6 +565,12 @@ criteria = "safe-to-deploy" delta = "0.12.3 -> 0.13.1" notes = "The diff looks plausible. Much of it is low-level memory-layout code and I can't be 100% certain without a deeper dive into the implementation logic, but nothing looks actively malicious." +[[audits.hashbrown]] +who = "Trevor Elliott " +criteria = "safe-to-deploy" +delta = "0.13.1 -> 0.13.2" +notes = "I read through the diff between v0.13.1 and v0.13.2, and verified that the changes made matched up with the changelog entries. There were very few changes between these two releases, and it was easy to verify what they did." + [[audits.heck]] who = "Alex Crichton " criteria = "safe-to-deploy"