From d7a5e47b99a98f8770fdc906e2a1e25af58461a0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Jul 2024 19:49:41 +0000 Subject: [PATCH] Bump the nonbreaking group across 1 directory with 13 updates (#693) --- Cargo.lock | 150 ++++++++++++-------------- Cargo.toml | 4 +- crates/cli/Cargo.toml | 8 +- crates/quickjs-wasm-rs/Cargo.toml | 2 +- crates/quickjs-wasm-sys/Cargo.toml | 4 +- crates/test-macros/Cargo.toml | 4 +- supply-chain/audits.toml | 66 ++++++++++++ supply-chain/config.toml | 52 ++------- supply-chain/imports.lock | 162 ++++++++++++++++++++--------- 9 files changed, 264 insertions(+), 188 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 881f675b..67540dae 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -175,7 +175,7 @@ dependencies = [ "proc-macro2", "quote", "swc_macros_common", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -186,7 +186,7 @@ checksum = "c6fa2087f2753a7da8cc1c0dbfcf89579dd57458e36769de5ac750b4671737ca" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -262,15 +262,15 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.66", + "syn 2.0.68", "which", ] [[package]] name = "bitflags" -version = "2.5.0" +version = "2.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1" +checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de" [[package]] name = "bitvec" @@ -449,9 +449,9 @@ checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5" [[package]] name = "cc" -version = "1.0.99" +version = "1.0.104" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96c51067fd44124faa7f870b4b1c969379ad32b2ba805aa959430ceaa384f695" +checksum = "74b6a57f98764a267ff415d50a25e6e166f3831a5071af4995296ea97d210490" dependencies = [ "jobserver", "libc", @@ -513,9 +513,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.7" +version = "4.5.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5db83dced34638ad474f39f250d7fea9598bdd239eaced1bdf45d597da0f433f" +checksum = "84b3edb18336f4df585bc9aa31dd99c036dfa5dc5e9a2939a722a188f3a8970d" dependencies = [ "clap_builder", "clap_derive", @@ -523,9 +523,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.7" +version = "4.5.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7e204572485eb3fbf28f871612191521df159bc3e15a9f5064c66dba3a8c05f" +checksum = "c1c09dd5ada6c6c78075d6fd0da3f90d8080651e2d6cc8eb2f1aaa4034ced708" dependencies = [ "anstream", "anstyle", @@ -535,14 +535,14 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.5.5" +version = "4.5.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c780290ccf4fb26629baa7a1081e68ced113f1d3ec302fa5948f1c381ebf06c6" +checksum = "2bac35c6dafb060fd4d275d9a4ffae97917c13a6327903a8be2153cd964f7085" dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -829,7 +829,7 @@ dependencies = [ "proc-macro2", "quote", "scratch", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -846,7 +846,7 @@ checksum = "b8cb317cb13604b4752416783bb25070381c36e844743e4146b7f8e55de7d140" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -924,7 +924,7 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -1044,7 +1044,7 @@ checksum = "fdc9cc75639b041067353b9bce2450d6847e547276c6fbe4487d7407980e07db" dependencies = [ "proc-macro2", "swc_macros_common", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -1342,9 +1342,9 @@ checksum = "9f3935c160d00ac752e09787e6e6bfc26494c2183cc922f1bc678a60d4733bc2" [[package]] name = "hyper" -version = "1.3.1" +version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe575dd17d0862a9a33781c8c4696a55c320909004a67a00fb286ba8b1bc496d" +checksum = "c4fe55fb7a772d59a5ff1dfbff4fe0258d19b89fec4b233e75d35d5d2316badc" dependencies = [ "bytes", "futures-channel", @@ -1377,9 +1377,9 @@ dependencies = [ [[package]] name = "hyper-util" -version = "0.1.5" +version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b875924a60b96e5d7b9ae7b066540b1dd1cbd90d1828f54c92e02a283351c56" +checksum = "3ab92f4f49ee4fb4f997c784b7a2e0fa70050211e0b6a287f898c3c9785ca956" dependencies = [ "bytes", "futures-channel", @@ -1533,7 +1533,7 @@ checksum = "1ec89e9337638ecdc08744df490b221a7399bf8d164eb52a665454e60e075ad6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -1618,7 +1618,7 @@ dependencies = [ "Inflector", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -1725,8 +1725,8 @@ dependencies = [ "walrus", "wasi-common", "wasm-opt", - "wasmparser 0.209.1", - "wasmprinter 0.209.1", + "wasmparser 0.212.0", + "wasmprinter 0.212.0", "wasmtime", "wasmtime-wasi", "wit-parser 0.212.0", @@ -1769,7 +1769,7 @@ dependencies = [ "anyhow", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -1792,9 +1792,9 @@ dependencies = [ [[package]] name = "lazy_static" -version = "1.4.0" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" +checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" [[package]] name = "lazycell" @@ -2128,7 +2128,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -2197,7 +2197,7 @@ dependencies = [ "phf_shared", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -2226,7 +2226,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -2288,7 +2288,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5f12335488a2f3b0a83b14edad48dca9879ce89b2edd10e80237e4e852dd645e" dependencies = [ "proc-macro2", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -2327,9 +2327,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.85" +version = "1.0.86" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22244ce15aa966053a896d1accb3a6e68469b97c7f33f284b99f0d576879fc23" +checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" dependencies = [ "unicode-ident", ] @@ -2474,7 +2474,7 @@ checksum = "bcc303e793d3734489387d205e9b186fac9c6cfacedd98cbb2e8a5943595f3e6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -2582,7 +2582,7 @@ dependencies = [ "proc-macro2", "quote", "rquickjs-core", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -2746,9 +2746,9 @@ dependencies = [ [[package]] name = "serde_bytes" -version = "0.11.14" +version = "0.11.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b8497c313fd43ab992087548117643f6fcd935cbf36f176ffda0aacf9591734" +checksum = "387cc504cb06bb40a96c8e04e951fe01854cf6bc921053c954e4a606d9675c6a" dependencies = [ "serde", ] @@ -2761,14 +2761,14 @@ checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] name = "serde_json" -version = "1.0.117" +version = "1.0.120" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "455182ea6142b14f93f4bc5320a2b31c1f266b66a4a5c858b013302a5d8cbfc3" +checksum = "4e0d21c9a8cae1235ad58a00c11cb40d4b1e5c784f1ef2c537876ed6ffd8b7c5" dependencies = [ "itoa", "ryu", @@ -2939,7 +2939,7 @@ dependencies = [ "proc-macro2", "quote", "swc_macros_common", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -3123,7 +3123,7 @@ checksum = "695a1d8b461033d32429b5befbf0ad4d7a2c4d6ba9cd5ba4e0645c615839e8e4" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -3134,7 +3134,7 @@ checksum = "91745f3561057493d2da768437c427c0e979dff7396507ae02f16c981c4a8466" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -3157,7 +3157,7 @@ dependencies = [ "proc-macro2", "quote", "swc_macros_common", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -3173,9 +3173,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.66" +version = "2.0.68" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c42f3f41a2de00b01c0aaad383c5a45241efc8b2d1eda5661812fda5f3cdcff5" +checksum = "901fa70d88b9d6c98022e23b4136f9f3e54e4662c3bc1bd1d84a42a9a0f0c1e9" dependencies = [ "proc-macro2", "quote", @@ -3190,7 +3190,7 @@ checksum = "c8af7666ab7b6390ab78131fb5b0fce11d6b7a6951602017c35fa82800708971" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -3259,7 +3259,7 @@ checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -3307,7 +3307,7 @@ checksum = "5f5ae998a069d4b5aba8ee9dad856af7d520c3699e6159b185c2acd48155d39a" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -3412,7 +3412,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -3519,9 +3519,9 @@ checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" [[package]] name = "uuid" -version = "1.8.0" +version = "1.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a183cf7feeba97b4dd1c0d46788634f6221d87fa961b305bed08c851829efcc0" +checksum = "5de17fd2f7da591098415cff336e12965a28061ddace43b59cb3c430179c9439" dependencies = [ "getrandom", ] @@ -3662,7 +3662,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", "wasm-bindgen-shared", ] @@ -3684,7 +3684,7 @@ checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -3799,20 +3799,6 @@ dependencies = [ "semver 1.0.23", ] -[[package]] -name = "wasmparser" -version = "0.209.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07035cc9a9b41e62d3bb3a3815a66ab87c993c06fe1cf6b2a3f2a18499d937db" -dependencies = [ - "ahash", - "bitflags", - "hashbrown 0.14.5", - "indexmap 2.2.6", - "semver 1.0.23", - "serde", -] - [[package]] name = "wasmparser" version = "0.212.0" @@ -3824,6 +3810,7 @@ dependencies = [ "hashbrown 0.14.5", "indexmap 2.2.6", "semver 1.0.23", + "serde", ] [[package]] @@ -3838,12 +3825,13 @@ dependencies = [ [[package]] name = "wasmprinter" -version = "0.209.1" +version = "0.212.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ceca8ae6eaa8c7c87b33c25c53bdf299f8c2a764aee1179402ff7652ef3a6859" +checksum = "dfac65326cc561112af88c3028f6dfdb140acff67ede33a8e86be2dc6b8956f7" dependencies = [ "anyhow", - "wasmparser 0.209.1", + "termcolor", + "wasmparser 0.212.0", ] [[package]] @@ -3930,7 +3918,7 @@ dependencies = [ "anyhow", "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", "wasmtime-component-util", "wasmtime-wit-bindgen", "wit-parser 0.201.0", @@ -4104,7 +4092,7 @@ checksum = "ffaafa5c12355b1a9ee068e9295d50c4ca0a400c721950cdae4f5b54391a2da5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -4252,7 +4240,7 @@ dependencies = [ "proc-macro2", "quote", "shellexpand", - "syn 2.0.66", + "syn 2.0.68", "witx", ] @@ -4264,7 +4252,7 @@ checksum = "acdb12de36507498abaa3a042f895a43ee00a2f6125b6901b9a27edf72bfdbe7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", "wiggle-generate", ] @@ -4596,7 +4584,7 @@ checksum = "28cc31741b18cb6f1d5ff12f5b7523e3d6eb0852bbbad19d73905511d9849b95" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", "synstructure", ] @@ -4617,7 +4605,7 @@ checksum = "15e934569e47891f7d9411f1a451d947a60e000ab3bd24fbb970f000387d1b3b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] @@ -4637,7 +4625,7 @@ checksum = "0ea7b4a3637ea8669cedf0f1fd5c286a17f3de97b8dd5a70a6c167a1730e63a5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", "synstructure", ] @@ -4660,7 +4648,7 @@ checksum = "97cf56601ee5052b4417d90c8755c6683473c926039908196cf35d99f893ebe7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.66", + "syn 2.0.68", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 4c287cc8..d4cefa73 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -25,11 +25,11 @@ wasmtime-wasi = "19" wasi-common = "19" anyhow = "1.0" once_cell = "1.19" -bitflags = "2.5.0" +bitflags = "2.6.0" javy-config = { path = "crates/config" } javy = { path = "crates/javy", version = "3.0.0" } tempfile = "3.10.1" -uuid = { version = "1.8", features = ["v4"] } +uuid = { version = "1.9", features = ["v4"] } [profile.release] lto = true diff --git a/crates/cli/Cargo.toml b/crates/cli/Cargo.toml index 7f921920..01d91768 100644 --- a/crates/cli/Cargo.toml +++ b/crates/cli/Cargo.toml @@ -18,7 +18,7 @@ experimental_event_loop = [] wizer = { workspace = true } anyhow = { workspace = true } brotli = "6.0.0" -wasmprinter = { version = "0.209.1", optional = true } +wasmprinter = { version = "0.212.0", optional = true } wasmtime = { workspace = true } wasmtime-wasi = { workspace = true } wasi-common = { workspace = true } @@ -32,15 +32,15 @@ wit-parser = "0.212.0" convert_case = "0.6.0" wasm-opt = "0.116.1" tempfile = { workspace = true } -clap = { version = "4.5.7", features = ["derive"] } +clap = { version = "4.5.8", features = ["derive"] } [dev-dependencies] serde_json = "1.0" -lazy_static = "1.4" +lazy_static = "1.5" serde = { version = "1.0", default-features = false, features = ["derive"] } criterion = "0.5" num-format = "0.4.4" -wasmparser = "0.209.1" +wasmparser = "0.212.0" javy-runner = { path = "../runner/" } uuid = { workspace = true } diff --git a/crates/quickjs-wasm-rs/Cargo.toml b/crates/quickjs-wasm-rs/Cargo.toml index b151abac..ebd275f7 100644 --- a/crates/quickjs-wasm-rs/Cargo.toml +++ b/crates/quickjs-wasm-rs/Cargo.toml @@ -17,7 +17,7 @@ once_cell = "1.19" [dev-dependencies] quickcheck = "1" -serde_bytes = "0.11.14" +serde_bytes = "0.11.15" [features] # Re-exports the quickjs-wasm-sys module and exposes additional, unstable APIs. diff --git a/crates/quickjs-wasm-sys/Cargo.toml b/crates/quickjs-wasm-sys/Cargo.toml index db863b02..ffb38fbe 100644 --- a/crates/quickjs-wasm-sys/Cargo.toml +++ b/crates/quickjs-wasm-sys/Cargo.toml @@ -16,9 +16,9 @@ walkdir = "2" anyhow.workspace = true tokio = { version = "1.38", default-features = false, features = ["rt", "macros"] } http-body-util = "0.1.1" -hyper = "1.3" +hyper = "1.4" hyper-tls = "0.6.0" -hyper-util = { version = "0.1.5", features = ["http1"] } +hyper-util = { version = "0.1.6", features = ["http1"] } [badges] maintenance = { status = "deprecated" } diff --git a/crates/test-macros/Cargo.toml b/crates/test-macros/Cargo.toml index e3721f3a..bb7e7df0 100644 --- a/crates/test-macros/Cargo.toml +++ b/crates/test-macros/Cargo.toml @@ -12,6 +12,6 @@ doctest = false [dependencies] anyhow = { workspace = true } -proc-macro2 = "1.0.85" +proc-macro2 = "1.0.86" quote = "1.0.36" -syn = { version = "2.0.66", features = ["full"] } +syn = { version = "2.0.68", features = ["full"] } diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 7bd9f9ee..c42fff37 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -33,12 +33,42 @@ user-id = 6825 # Dan Gohman (sunfishcode) start = "2021-04-14" end = "2024-07-25" +[[trusted.anstream]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2023-03-16" +end = "2025-07-02" + [[trusted.anstyle]] criteria = "safe-to-run" user-id = 6743 # Ed Page (epage) start = "2022-05-18" end = "2024-10-26" +[[trusted.anstyle]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2022-05-18" +end = "2025-07-02" + +[[trusted.anstyle-parse]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2023-03-08" +end = "2025-07-02" + +[[trusted.anstyle-query]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2023-04-13" +end = "2025-07-02" + +[[trusted.anstyle-wincon]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2023-03-08" +end = "2025-07-02" + [[trusted.anyhow]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) @@ -105,18 +135,48 @@ user-id = 2915 # Amanieu d'Antras (Amanieu) start = "2024-02-20" end = "2025-03-01" +[[trusted.clap]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2021-12-08" +end = "2025-07-02" + [[trusted.clap_builder]] criteria = "safe-to-run" user-id = 6743 # Ed Page (epage) start = "2023-03-28" end = "2024-10-26" +[[trusted.clap_builder]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2023-03-28" +end = "2025-07-02" + +[[trusted.clap_derive]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2021-12-08" +end = "2025-07-02" + [[trusted.clap_lex]] criteria = "safe-to-run" user-id = 6743 # Ed Page (epage) start = "2022-04-15" end = "2024-10-26" +[[trusted.clap_lex]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2022-04-15" +end = "2025-07-02" + +[[trusted.colorchoice]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2023-04-13" +end = "2025-07-02" + [[trusted.csv]] criteria = "safe-to-deploy" user-id = 189 # Andrew Gallant (BurntSushi) @@ -243,6 +303,12 @@ user-id = 6825 # Dan Gohman (sunfishcode) start = "2022-01-22" end = "2025-04-16" +[[trusted.is_terminal_polyfill]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2024-05-02" +end = "2025-07-02" + [[trusted.itoa]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 5467a460..6c60e005 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -62,26 +62,6 @@ criteria = "safe-to-deploy" version = "0.2.18" criteria = "safe-to-deploy" -[[exemptions.anstream]] -version = "0.6.14" -criteria = "safe-to-deploy" - -[[exemptions.anstyle]] -version = "1.0.7" -criteria = "safe-to-deploy" - -[[exemptions.anstyle-parse]] -version = "0.2.4" -criteria = "safe-to-deploy" - -[[exemptions.anstyle-query]] -version = "1.1.0" -criteria = "safe-to-deploy" - -[[exemptions.anstyle-wincon]] -version = "3.0.3" -criteria = "safe-to-deploy" - [[exemptions.ast_node]] version = "0.9.8" criteria = "safe-to-deploy" @@ -110,6 +90,10 @@ criteria = "safe-to-deploy" version = "1.3.3" criteria = "safe-to-deploy" +[[exemptions.bitflags]] +version = "2.6.0" +criteria = "safe-to-deploy" + [[exemptions.bitvec]] version = "1.0.1" criteria = "safe-to-deploy" @@ -143,7 +127,7 @@ version = "0.1.8" criteria = "safe-to-deploy" [[exemptions.cc]] -version = "1.0.99" +version = "1.0.104" criteria = "safe-to-deploy" [[exemptions.ciborium]] @@ -162,26 +146,6 @@ criteria = "safe-to-run" version = "1.8.1" criteria = "safe-to-deploy" -[[exemptions.clap]] -version = "4.5.7" -criteria = "safe-to-deploy" - -[[exemptions.clap_builder]] -version = "4.5.7" -criteria = "safe-to-deploy" - -[[exemptions.clap_derive]] -version = "4.5.5" -criteria = "safe-to-deploy" - -[[exemptions.clap_lex]] -version = "0.7.1" -criteria = "safe-to-deploy" - -[[exemptions.colorchoice]] -version = "1.0.1" -criteria = "safe-to-deploy" - [[exemptions.convert_case]] version = "0.6.0" criteria = "safe-to-deploy" @@ -378,10 +342,6 @@ criteria = "safe-to-deploy" version = "0.3.5" criteria = "safe-to-deploy" -[[exemptions.is_terminal_polyfill]] -version = "1.70.0" -criteria = "safe-to-deploy" - [[exemptions.itertools]] version = "0.10.3" criteria = "safe-to-deploy" @@ -827,7 +787,7 @@ version = "0.2.2" criteria = "safe-to-deploy" [[exemptions.uuid]] -version = "1.8.0" +version = "1.9.1" criteria = "safe-to-deploy" [[exemptions.value-trait]] diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 0db5698d..876716a5 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -8,6 +8,41 @@ user-id = 189 user-login = "BurntSushi" user-name = "Andrew Gallant" +[[publisher.anstream]] +version = "0.6.14" +when = "2024-05-02" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.anstyle]] +version = "1.0.7" +when = "2024-05-02" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.anstyle-parse]] +version = "0.2.4" +when = "2024-05-02" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.anstyle-query]] +version = "1.1.0" +when = "2024-06-04" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.anstyle-wincon]] +version = "3.0.3" +when = "2024-05-02" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + [[publisher.anyhow]] version = "1.0.86" when = "2024-05-18" @@ -85,6 +120,41 @@ user-id = 3788 user-login = "emilio" user-name = "Emilio Cobos Álvarez" +[[publisher.clap]] +version = "4.5.8" +when = "2024-06-28" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.clap_builder]] +version = "4.5.8" +when = "2024-06-28" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.clap_derive]] +version = "4.5.8" +when = "2024-06-28" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.clap_lex]] +version = "0.7.1" +when = "2024-06-06" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.colorchoice]] +version = "1.0.1" +when = "2024-05-02" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + [[publisher.core-foundation]] version = "0.9.3" when = "2022-02-07" @@ -251,8 +321,8 @@ user-login = "seanmonstar" user-name = "Sean McArthur" [[publisher.hyper]] -version = "1.3.1" -when = "2024-04-16" +version = "1.4.0" +when = "2024-07-01" user-id = 359 user-login = "seanmonstar" user-name = "Sean McArthur" @@ -265,8 +335,8 @@ user-login = "seanmonstar" user-name = "Sean McArthur" [[publisher.hyper-util]] -version = "0.1.5" -when = "2024-05-28" +version = "0.1.6" +when = "2024-07-01" user-id = 359 user-login = "seanmonstar" user-name = "Sean McArthur" @@ -292,6 +362,13 @@ user-id = 6825 user-login = "sunfishcode" user-name = "Dan Gohman" +[[publisher.is_terminal_polyfill]] +version = "1.70.0" +when = "2024-05-02" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + [[publisher.itoa]] version = "1.0.11" when = "2024-03-26" @@ -349,8 +426,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.proc-macro2]] -version = "1.0.85" -when = "2024-06-02" +version = "1.0.86" +when = "2024-06-21" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -447,8 +524,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde_bytes]] -version = "0.11.14" -when = "2024-01-02" +version = "0.11.15" +when = "2024-06-25" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -461,8 +538,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde_json]] -version = "1.0.117" -when = "2024-05-08" +version = "1.0.120" +when = "2024-07-01" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -489,8 +566,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.syn]] -version = "2.0.66" -when = "2024-05-23" +version = "2.0.68" +when = "2024-06-23" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -685,12 +762,6 @@ when = "2024-03-26" user-id = 73222 user-login = "wasmtime-publish" -[[publisher.wasmparser]] -version = "0.209.1" -when = "2024-05-29" -user-id = 73222 -user-login = "wasmtime-publish" - [[publisher.wasmparser]] version = "0.212.0" when = "2024-06-27" @@ -704,8 +775,8 @@ user-id = 73222 user-login = "wasmtime-publish" [[publisher.wasmprinter]] -version = "0.209.1" -when = "2024-05-29" +version = "0.212.0" +when = "2024-06-27" user-id = 73222 user-login = "wasmtime-publish" @@ -1750,29 +1821,6 @@ criteria = "safe-to-run" version = "0.7.4" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" -[[audits.google.audits.bitflags]] -who = "Lukasz Anforowicz " -criteria = "safe-to-deploy" -version = "2.4.2" -notes = """ -Audit notes: - -* I've checked for any discussion in Google-internal cl/546819168 (where audit - of version 2.3.3 happened) -* `src/lib.rs` contains `#![cfg_attr(not(test), forbid(unsafe_code))]` -* There are 2 cases of `unsafe` in `src/external.rs` but they seem to be - correct in a straightforward way - they just propagate the marker trait's - impl (e.g. `impl bytemuck::Pod`) from the inner to the outer type -* Additional discussion and/or notes may be found in https://crrev.com/c/5238056 -""" -aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" - -[[audits.google.audits.bitflags]] -who = "Adrian Taylor " -criteria = "safe-to-deploy" -delta = "2.4.2 -> 2.5.0" -aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" - [[audits.google.audits.cast]] who = "George Burgess IV " criteria = "safe-to-run" @@ -1811,6 +1859,27 @@ criteria = "safe-to-run" version = "0.10.5" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" +[[audits.google.audits.lazy_static]] +who = "Lukasz Anforowicz " +criteria = "safe-to-deploy" +version = "1.4.0" +notes = ''' +I grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits. + +There are two places where `unsafe` is used. Unsafe review notes can be found +in https://crrev.com/c/5347418. + +This crate has been added to Chromium in https://crrev.com/c/3321895. +''' +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.lazy_static]] +who = "Lukasz Anforowicz " +criteria = "safe-to-deploy" +delta = "1.4.0 -> 1.5.0" +notes = "Unsafe review notes: https://crrev.com/c/5650836" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.link-cplusplus]] who = "George Burgess IV " criteria = "safe-to-deploy" @@ -2258,13 +2327,6 @@ criteria = "safe-to-deploy" delta = "0.10.3 -> 0.10.5" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.lazy_static]] -who = "Nika Layzell " -criteria = "safe-to-deploy" -version = "1.4.0" -notes = "I have read over the macros, and audited the unsafe code." -aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml" - [[audits.mozilla.audits.litemap]] who = "Makoto Kato " criteria = "safe-to-deploy"