From fb2cbec34aab6f2be1140b4d2cc34ddbbc7022fe Mon Sep 17 00:00:00 2001 From: Alex Crichton Date: Fri, 24 Feb 2023 12:26:39 -0600 Subject: [PATCH] Add vet entries for coredump support (#5878) * Update the `num_cpus` crate Audits for this update provided from our import from Mozilla. * Add vet entries for coredump support --- Cargo.lock | 15 ++++++++++++--- supply-chain/audits.toml | 27 +++++++++++++++++++++++++++ supply-chain/imports.lock | 15 +++++++++++++++ 3 files changed, 54 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d9aa04d192..5d50ac69e6 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1418,6 +1418,15 @@ dependencies = [ "libc", ] +[[package]] +name = "hermit-abi" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee512640fe35acbfb4bb779db6f0d80704c2cacfa2e39b601ef3e3f47d1ae4c7" +dependencies = [ + "libc", +] + [[package]] name = "hermit-abi" version = "0.3.0" @@ -1875,11 +1884,11 @@ dependencies = [ [[package]] name = "num_cpus" -version = "1.13.1" +version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19e64526ebdee182341572e50e9ad03965aa510cd94427a4549448f285e957a1" +checksum = "0fac9e2da13b5eb447a6ce3d392f23a29d8694bff781bf03a16cd9ac8697593b" dependencies = [ - "hermit-abi 0.1.19", + "hermit-abi 0.2.6", "libc", ] diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index e4126cf0b1..30b8ccd14d 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -762,6 +762,33 @@ is similar to what it once was back then. Skimming over the crate there is nothing suspicious and it's everything you'd expect a Rust URL parser to be. """ +[[audits.wasm-coredump-builder]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +version = "0.1.10" +notes = """ +This is a small crate which doesn't deviate outside of its intended purpose and +additionally contains no `unsafe` code. +""" + +[[audits.wasm-coredump-encoder]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +version = "0.1.10" +notes = """ +This small crate contains no `unsafe` code and does no more than what it says on +the tin. +""" + +[[audits.wasm-coredump-types]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +version = "0.1.10" +notes = """ +This small crate contains no `unsafe` code and only contains type definitions +used for wasm core dumps and trivially stays within its bounds. +""" + [[audits.wasm-encoder]] who = "Alex Crichton " criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 5d7eac22f2..e11a1d3514 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -185,6 +185,11 @@ criteria = "safe-to-deploy" version = "0.12.3" notes = "This version is used in rust's libstd, so effectively we're already trusting it" +[[audits.mozilla.audits.hermit-abi]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.1.19 -> 0.2.6" + [[audits.mozilla.audits.indexmap]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -238,6 +243,16 @@ criteria = "safe-to-deploy" version = "0.2.15" notes = "All code written or reviewed by Josh Stone." +[[audits.mozilla.audits.num_cpus]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "1.13.1 -> 1.14.0" + +[[audits.mozilla.audits.num_cpus]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "1.14.0 -> 1.15.0" + [[audits.mozilla.audits.once_cell]] who = "Mike Hommey " criteria = "safe-to-deploy"