cargo vet regenerate (#202)

The changes here are the result of running `cargo vet regenerate exemptions && cargo vet regenerate imports` and should fix the CI build failures after #201.
EmbarkStudios · Apr 5, 2024 · abc184b · abc184b
1 parent db01a34
commit abc184b
Show file tree

Hide file tree

Showing 2 changed files with 103 additions and 56 deletions.
diff --git a/supply-chain/config.toml b/supply-chain/config.toml
@@ -79,10 +79,6 @@ criteria = "safe-to-deploy"
 version = "0.8.6"
 criteria = "safe-to-deploy"
 
-[[exemptions.aho-corasick]]
-version = "1.1.1"
-criteria = "safe-to-deploy"
-
 [[exemptions.android-activity]]
 version = "0.5.1"
 criteria = "safe-to-deploy"
@@ -171,10 +167,6 @@ criteria = "safe-to-run"
 version = "0.2.1"
 criteria = "safe-to-run"
 
-[[exemptions.clap_lex]]
-version = "0.6.0"
-criteria = "safe-to-run"
-
 [[exemptions.clipboard-win]]
 version = "4.5.0"
 criteria = "safe-to-deploy"
@@ -239,10 +231,6 @@ criteria = "safe-to-deploy"
 version = "2.0.0"
 criteria = "safe-to-deploy"
 
-[[exemptions.dirs-sys-next]]
-version = "0.1.2"
-criteria = "safe-to-deploy"
-
 [[exemptions.dispatch]]
 version = "0.2.0"
 criteria = "safe-to-deploy"
@@ -251,10 +239,6 @@ criteria = "safe-to-deploy"
 version = "0.5.2"
 criteria = "safe-to-deploy"
 
-[[exemptions.document-features]]
-version = "0.2.8"
-criteria = "safe-to-deploy"
-
 [[exemptions.downcast-rs]]
 version = "1.2.0"
 criteria = "safe-to-deploy"
@@ -271,10 +255,6 @@ criteria = "safe-to-deploy"
 version = "0.3.3"
 criteria = "safe-to-deploy"
 
-[[exemptions.flate2]]
-version = "1.0.28"
-criteria = "safe-to-deploy"
-
 [[exemptions.gdk-pixbuf-sys]]
 version = "0.15.10"
 criteria = "safe-to-deploy"
@@ -379,10 +359,6 @@ criteria = "safe-to-deploy"
 version = "0.1.35"
 criteria = "safe-to-deploy"
 
-[[exemptions.litrs]]
-version = "0.4.1"
-criteria = "safe-to-deploy"
-
 [[exemptions.lz4_flex]]
 version = "0.11.2"
 criteria = "safe-to-deploy"
@@ -395,6 +371,10 @@ criteria = "safe-to-deploy"
 version = "0.6.5"
 criteria = "safe-to-deploy"
 
+[[exemptions.memoffset]]
+version = "0.9.1"
+criteria = "safe-to-deploy"
+
 [[exemptions.mimalloc]]
 version = "0.1.39"
 criteria = "safe-to-deploy"
@@ -539,10 +519,6 @@ criteria = "safe-to-deploy"
 version = "0.12.13"
 criteria = "safe-to-deploy"
 
-[[exemptions.termcolor]]
-version = "1.4.1"
-criteria = "safe-to-deploy"
-
 [[exemptions.thiserror-core]]
 version = "1.0.50"
 criteria = "safe-to-deploy"
@@ -635,10 +611,6 @@ criteria = "safe-to-deploy"
 version = "0.8.12"
 criteria = "safe-to-deploy"
 
-[[exemptions.winapi]]
-version = "0.3.9"
-criteria = "safe-to-deploy"
-
 [[exemptions.winapi-i686-pc-windows-gnu]]
 version = "0.4.0"
 criteria = "safe-to-deploy"
@@ -726,7 +698,3 @@ criteria = "safe-to-deploy"
 [[exemptions.zstd-safe]]
 version = "6.0.6"
 criteria = "safe-to-deploy"
-
-[[exemptions.zstd-sys]]
-version = "2.0.9+zstd.1.5.5"
-criteria = "safe-to-deploy"
diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock
@@ -57,43 +57,43 @@ user-login = "jrmuizel"
 user-name = "Jeff Muizelaar"
 
 [[publisher.ecolor]]
-version = "0.26.1"
-when = "2024-02-11"
+version = "0.27.1"
+when = "2024-03-29"
 user-id = 5619
 user-login = "emilk"
 user-name = "Emil Ernerfeldt"
 
 [[publisher.eframe]]
-version = "0.26.0"
-when = "2024-02-05"
+version = "0.27.1"
+when = "2024-03-29"
 user-id = 5619
 user-login = "emilk"
 user-name = "Emil Ernerfeldt"
 
 [[publisher.egui]]
-version = "0.26.1"
-when = "2024-02-11"
+version = "0.27.1"
+when = "2024-03-29"
 user-id = 5619
 user-login = "emilk"
 user-name = "Emil Ernerfeldt"
 
 [[publisher.egui-winit]]
-version = "0.26.0"
-when = "2024-02-05"
+version = "0.27.1"
+when = "2024-03-29"
 user-id = 5619
 user-login = "emilk"
 user-name = "Emil Ernerfeldt"
 
 [[publisher.egui_glow]]
-version = "0.26.0"
-when = "2024-02-05"
+version = "0.27.1"
+when = "2024-03-29"
 user-id = 5619
 user-login = "emilk"
 user-name = "Emil Ernerfeldt"
 
 [[publisher.emath]]
-version = "0.26.1"
-when = "2024-02-11"
+version = "0.27.1"
+when = "2024-03-29"
 user-id = 5619
 user-login = "emilk"
 user-name = "Emil Ernerfeldt"
@@ -106,8 +106,8 @@ user-login = "dtolnay"
 user-name = "David Tolnay"
 
 [[publisher.epaint]]
-version = "0.26.1"
-when = "2024-02-11"
+version = "0.27.1"
+when = "2024-03-29"
 user-id = 5619
 user-login = "emilk"
 user-name = "Emil Ernerfeldt"
@@ -682,6 +682,11 @@ who = "Mike Hommey <[email protected]>"
 criteria = "safe-to-deploy"
 delta = "0.8.11 -> 0.8.14"
 
+[[audits.firefox.audits.document-features]]
+who = "Erich Gubler <[email protected]>"
+criteria = "safe-to-deploy"
+version = "0.2.8"
+
 [[audits.firefox.audits.errno]]
 who = "Mike Hommey <[email protected]>"
 criteria = "safe-to-deploy"
@@ -732,6 +737,11 @@ who = "Valentin Gosu <[email protected]>"
 criteria = "safe-to-deploy"
 delta = "0.4.0 -> 0.5.0"
 
+[[audits.firefox.audits.litrs]]
+who = "Erich Gubler <[email protected]>"
+criteria = "safe-to-deploy"
+version = "0.4.1"
+
 [[audits.firefox.audits.log]]
 who = "Mike Hommey <[email protected]>"
 criteria = "safe-to-deploy"
@@ -858,6 +868,17 @@ who = "Valentin Gosu <[email protected]>"
 criteria = "safe-to-deploy"
 delta = "2.4.1 -> 2.5.0"
 
+[[audits.google.audits.aho-corasick]]
+who = "[email protected]"
+criteria = "safe-to-deploy"
+version = "1.1.2"
+notes = """
+Reviewed in https://crrev.com/c/5171063
+
+Previously reviewed during security review and the audit is grandparented in.
+"""
+aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
+
 [[audits.google.audits.anstyle]]
 who = "Yu-An Wang <[email protected]>"
 criteria = "safe-to-deploy"
@@ -930,6 +951,17 @@ criteria = "safe-to-deploy"
 version = "1.0.0"
 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
 
+[[audits.google.audits.clap_lex]]
+who = "[email protected]"
+criteria = "safe-to-deploy"
+version = "0.6.0"
+notes = """
+Reviewed in https://crrev.com/c/5171063
+
+Previously reviewed during security review and the audit is grandparented in.
+"""
+aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
+
 [[audits.google.audits.color_quant]]
 who = "George Burgess IV <[email protected]>"
 criteria = "safe-to-deploy"
@@ -948,6 +980,12 @@ criteria = "safe-to-deploy"
 delta = "0.5.7 -> 0.5.8"
 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
 
+[[audits.google.audits.dirs-sys-next]]
+who = "George Burgess IV <[email protected]>"
+criteria = "safe-to-deploy"
+version = "0.1.2"
+aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
+
 [[audits.google.audits.either]]
 who = "George Burgess IV <[email protected]>"
 criteria = "safe-to-deploy"
@@ -978,6 +1016,12 @@ criteria = "safe-to-deploy"
 delta = "0.2.8 -> 0.3.1"
 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
 
+[[audits.google.audits.flate2]]
+who = "George Burgess IV <[email protected]>"
+criteria = "safe-to-deploy"
+version = "1.0.26"
+aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
+
 [[audits.google.audits.foreign-types]]
 who = "George Burgess IV <[email protected]>"
 criteria = "safe-to-deploy"
@@ -1168,6 +1212,23 @@ criteria = "safe-to-deploy"
 version = "1.1.0"
 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
 
+[[audits.google.audits.termcolor]]
+who = "[email protected]"
+criteria = "safe-to-deploy"
+version = "1.4.0"
+notes = """
+Reviewed in https://crrev.com/c/5171063
+
+Previously reviewed during security review and the audit is grandparented in.
+"""
+aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
+
+[[audits.google.audits.termcolor]]
+who = "Lukasz Anforowicz <[email protected]>"
+criteria = "safe-to-deploy"
+delta = "1.4.0 -> 1.4.1"
+aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
+
 [[audits.google.audits.tracing-core]]
 who = "David Koloski <[email protected]>"
 criteria = "safe-to-deploy"
@@ -1194,6 +1255,17 @@ criteria = "safe-to-deploy"
 version = "0.9.4"
 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
 
+[[audits.google.audits.winapi]]
+who = "[email protected]"
+criteria = "safe-to-deploy"
+version = "0.3.9"
+notes = """
+Reviewed in https://crrev.com/c/5171063
+
+Previously reviewed during security review and the audit is grandparented in.
+"""
+aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
+
 [[audits.google.audits.zerocopy]]
 who = "ChromeOS"
 criteria = "safe-to-deploy"
@@ -1230,6 +1302,13 @@ criteria = "safe-to-deploy"
 delta = "0.7.8 -> 0.7.32"
 aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
 
+[[audits.google.audits.zstd-sys]]
+who = "Matt Turner <[email protected]>"
+criteria = "safe-to-deploy"
+version = "2.0.9+zstd.1.5.5"
+notes = "Includes an implementation of xxhash (a non-cyptographic hashing function) as part of the zstd C sources"
+aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
+
 [[audits.isrg.audits.criterion]]
 who = "Brandon Pitman <[email protected]>"
 criteria = "safe-to-run"
@@ -1316,6 +1395,12 @@ The changes here are all typical bindings updates: new functions, types, and
 constants. I have not audited all the bindings for ABI conformance.
 """
 
+[[audits.wasmtime.audits.flate2]]
+who = "Andrew Brown <[email protected]>"
+criteria = "safe-to-deploy"
+delta = "1.0.26 -> 1.0.28"
+notes = "No new `unsafe` and no large changes in function. This diff is mostly refactoring with a lot of docs, CI, test changes. Adds some defensive clearing out of certain variables as a safeguard."
+
 [[audits.wasmtime.audits.libloading]]
 who = "Iceber Gu <[email protected]>"
 criteria = "safe-to-deploy"
@@ -1352,12 +1437,6 @@ delta = "0.8.6 -> 0.8.7"
 notes = "Build-time `stdsimd` detection is replaced with a nightly-only feature flag."
 aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
 
-[[audits.zcash.audits.aho-corasick]]
-who = "Jack Grigg <[email protected]>"
-criteria = "safe-to-deploy"
-delta = "1.1.1 -> 1.1.2"
-aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
-
 [[audits.zcash.audits.anyhow]]
 who = "Jack Grigg <[email protected]>"
 criteria = "safe-to-deploy"