diff --git a/Cargo.lock b/Cargo.lock index 449138a9..c41ca5c2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -21,6 +21,21 @@ dependencies = [ "gimli 0.27.2", ] +[[package]] +name = "addr2line" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a30b2e23b9e17a9f90641c7ab1549cd9b44f296d3ccbf309d2863cfe398a0cb" +dependencies = [ + "gimli 0.28.0", +] + +[[package]] +name = "adler" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" + [[package]] name = "ahash" version = "0.8.3" @@ -68,6 +83,12 @@ version = "0.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e9d4ee0d472d1cd2e28c97dfa124b3d8d992e10eb0a035f33f5d12e3a177ba3b" +[[package]] +name = "anes" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b46cbb362ab8752921c97e041f5e366ee6297bd428a31275b9fcf1e380f7299" + [[package]] name = "ansi_term" version = "0.12.1" @@ -77,11 +98,17 @@ dependencies = [ "winapi", ] +[[package]] +name = "anstyle" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7079075b41f533b8c61d2a4d073c4676e1f8b249ff94a393b0595db304e0dd87" + [[package]] name = "anyhow" -version = "1.0.71" +version = "1.0.75" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8" +checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6" [[package]] name = "arbitrary" @@ -105,7 +132,7 @@ dependencies = [ "proc-macro2", "quote", "swc_macros_common", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -136,6 +163,21 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +[[package]] +name = "backtrace" +version = "0.3.69" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2089b7e3f35b9dd2d0ed921ead4f6d318c27680d4a5bd167b3ee120edb105837" +dependencies = [ + "addr2line 0.21.0", + "cc", + "cfg-if", + "libc", + "miniz_oxide", + "object 0.32.1", + "rustc-demangle", +] + [[package]] name = "base64" version = "0.21.0" @@ -181,23 +223,24 @@ dependencies = [ [[package]] name = "bindgen" -version = "0.64.0" +version = "0.68.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4243e6031260db77ede97ad86c27e501d646a27ab57b59a574f725d98ab1fb4" +checksum = "726e4313eb6ec35d2730258ad4e15b547ee75d6afaa1361a922e78e59b7d8078" dependencies = [ - "bitflags 1.3.2", + "bitflags 2.3.3", "cexpr", "clang-sys", "lazy_static", "lazycell", "log", "peeking_take_while", + "prettyplease", "proc-macro2", "quote", "regex", "rustc-hash", "shlex", - "syn 1.0.109", + "syn 2.0.32", "which", ] @@ -224,9 +267,9 @@ dependencies = [ [[package]] name = "brotli" -version = "3.3.4" +version = "3.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1a0b1dbcc8ae29329621f8d4f0d835787c1c38bb1401979b49d13b0b305ff68" +checksum = "516074a47ef4bce09577a3b379392300159ce5b1ba2e501ff1c819950066100f" dependencies = [ "alloc-no-stdlib", "alloc-stdlib", @@ -235,26 +278,14 @@ dependencies = [ [[package]] name = "brotli-decompressor" -version = "2.3.2" +version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "59ad2d4653bf5ca36ae797b1f4bb4dbddb60ce49ca4aed8a2ce4829f60425b80" +checksum = "da74e2b81409b1b743f8f0c62cc6254afefb8b8e50bbfe3735550f7aeefa3448" dependencies = [ "alloc-no-stdlib", "alloc-stdlib", ] -[[package]] -name = "bstr" -version = "0.2.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba3569f383e8f1598449f1a423e72e99569137b47740b1da11ef19af3d5c3223" -dependencies = [ - "lazy_static", - "memchr", - "regex-automata", - "serde", -] - [[package]] name = "bumpalo" version = "3.11.1" @@ -269,9 +300,9 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "bytes" -version = "1.1.0" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8" +checksum = "a2bd12c1caf447e69cd4528f47f94d203fd2582878ecb9e9465484c4148a8223" [[package]] name = "cap-fs-ext" @@ -376,11 +407,12 @@ checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5" [[package]] name = "cc" -version = "1.0.73" +version = "1.0.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" +checksum = "f1174fb0b6ec23863f8b971027804a42614e347eafb0a95bf0b12cdae21fc4d0" dependencies = [ "jobserver", + "libc", ] [[package]] @@ -398,6 +430,33 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" +[[package]] +name = "ciborium" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "effd91f6c78e5a4ace8a5d3c0b6bfaec9e2baaef55f3efc00e45fb2e477ee926" +dependencies = [ + "ciborium-io", + "ciborium-ll", + "serde", +] + +[[package]] +name = "ciborium-io" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cdf919175532b369853f5d5e20b26b43112613fd6fe7aee757e35f7a44642656" + +[[package]] +name = "ciborium-ll" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "defaa24ecc093c77630e6c15e17c51f5e187bf35ee514f4e2d67baaa96dae22b" +dependencies = [ + "ciborium-io", + "half", +] + [[package]] name = "clang-sys" version = "1.3.1" @@ -424,6 +483,31 @@ dependencies = [ "vec_map", ] +[[package]] +name = "clap" +version = "4.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac495e00dcec98c83465d5ad66c5c4fabd652fd6686e7c6269b117e729a6f17b" +dependencies = [ + "clap_builder", +] + +[[package]] +name = "clap_builder" +version = "4.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c77ed9a32a62e6ca27175d00d29d05ca32e396ea1eb5fb01d8256b669cec7663" +dependencies = [ + "anstyle", + "clap_lex", +] + +[[package]] +name = "clap_lex" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "702fc72eb24e5a1e48ce58027a675bc24edd52096d5397d4aea7c6dd9eca0bd1" + [[package]] name = "cmake" version = "0.1.48" @@ -435,9 +519,12 @@ dependencies = [ [[package]] name = "convert_case" -version = "0.4.0" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6245d59a3e82a7fc217c5828a6692dbc6dfb63a0c8c90495621f7b9d79704a0e" +checksum = "ec182b0ca2f35d8fc196cf3404988fd8b8c739a4d270ff118a398feb0cbec1ca" +dependencies = [ + "unicode-segmentation", +] [[package]] name = "core-foundation" @@ -592,24 +679,24 @@ dependencies = [ [[package]] name = "criterion" -version = "0.3.6" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b01d6de93b2b6c65e17c634a26653a29d107b3c98c607c765bf38d041531cd8f" +checksum = "f2b12d017a929603d80db1831cd3a24082f8137ce19c69e6447f54f5fc8d692f" dependencies = [ - "atty", + "anes", "cast", - "clap", + "ciborium", + "clap 4.4.7", "criterion-plot", - "csv", + "is-terminal", "itertools", - "lazy_static", "num-traits", + "once_cell", "oorandom", "plotters", "rayon", "regex", "serde", - "serde_cbor", "serde_derive", "serde_json", "tinytemplate", @@ -618,9 +705,9 @@ dependencies = [ [[package]] name = "criterion-plot" -version = "0.4.5" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2673cc8207403546f45f5fd319a974b1e6983ad1a3ee7e6041650013be041876" +checksum = "6b50826342786a51a89e2da3a28f1c32b06e387201bc2d19791f622c673706b1" dependencies = [ "cast", "itertools", @@ -680,28 +767,6 @@ dependencies = [ "typenum", ] -[[package]] -name = "csv" -version = "1.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22813a6dc45b335f9bade10bf7271dc477e81113e89eb251a0bc2a8a81c536e1" -dependencies = [ - "bstr", - "csv-core", - "itoa 0.4.8", - "ryu", - "serde", -] - -[[package]] -name = "csv-core" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b2466559f260f48ad25fe6317b3c8dac77b5bdb5763ac7d9d6103530663bc90" -dependencies = [ - "memchr", -] - [[package]] name = "data-encoding" version = "2.4.0" @@ -781,7 +846,7 @@ checksum = "eecf8589574ce9b895052fa12d69af7a233f99e6107f5cb8dd1044f2a17bfdcb" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -860,6 +925,12 @@ dependencies = [ "instant", ] +[[package]] +name = "fastrand" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25cbce373ec4653f1a01a31e8a5e5ec0c622dc27ff9c4e6606eefef5cbbed4a5" + [[package]] name = "fd-lock" version = "3.0.12" @@ -920,7 +991,7 @@ dependencies = [ "pmutil", "proc-macro2", "swc_macros_common", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -956,15 +1027,15 @@ dependencies = [ [[package]] name = "futures-core" -version = "0.3.27" +version = "0.3.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86d7a0c1aa76363dac491de0ee99faf6941128376f1cf96f07db7603b7de69dd" +checksum = "eb1d22c66e66d9d72e1758f0bd7d4fd0bee04cad842ee34587d68c07e45d088c" [[package]] name = "futures-task" -version = "0.3.27" +version = "0.3.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd65540d33b37b16542a0438c12e6aeead10d4ac5d05bd3f805b8f35ab592879" +checksum = "efd193069b0ddadc69c46389b740bbccdd97203899b48d09c5f7969591d6bae2" [[package]] name = "futures-util" @@ -1055,6 +1126,12 @@ dependencies = [ "stable_deref_trait", ] +[[package]] +name = "gimli" +version = "0.28.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fb8d784f27acf97159b40fc4db5ecd8aa23b9ad5ef69cdd136d3bc80665f0c0" + [[package]] name = "glob" version = "0.3.0" @@ -1126,7 +1203,7 @@ checksum = "bd6effc99afb63425aff9b05836f029929e345a6148a14b7ecd5ab67af944482" dependencies = [ "bytes", "fnv", - "itoa 1.0.4", + "itoa", ] [[package]] @@ -1184,7 +1261,7 @@ dependencies = [ "http-body", "httparse", "httpdate", - "itoa 1.0.4", + "itoa", "pin-project-lite", "tokio", "tracing", @@ -1297,7 +1374,7 @@ dependencies = [ "pmutil", "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -1321,12 +1398,6 @@ dependencies = [ "either", ] -[[package]] -name = "itoa" -version = "0.4.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b71991ff56294aa922b450139ee08b3bfc70982c6b2c7562771375cf73542dd4" - [[package]] name = "itoa" version = "1.0.4" @@ -1369,7 +1440,7 @@ name = "javy-apis" version = "2.1.1-alpha.1" dependencies = [ "anyhow", - "fastrand", + "fastrand 1.9.0", "javy", ] @@ -1392,11 +1463,11 @@ dependencies = [ "uuid", "walrus", "wasi-common", - "wasmparser 0.106.0", + "wasmparser 0.115.0", "wasmprinter", "wasmtime", "wasmtime-wasi", - "wit-parser 0.11.3", + "wit-parser 0.12.1", "wizer", ] @@ -1448,9 +1519,9 @@ checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" [[package]] name = "libc" -version = "0.2.147" +version = "0.2.149" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" +checksum = "a08173bc88b7955d1b3145aa561539096c421ac8debde8cbc3612ec635fee29b" [[package]] name = "libloading" @@ -1470,15 +1541,15 @@ checksum = "5284f00d480e1c39af34e72f8ad60b94f47007e3481cd3b731c1d67190ddc7b7" [[package]] name = "linux-raw-sys" -version = "0.1.4" +version = "0.3.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f051f77a7c8e6957c0696eac88f26b0117e54f52d3fc682ab19397a8812846a4" +checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" [[package]] name = "linux-raw-sys" -version = "0.3.8" +version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" +checksum = "da2479e8c062e40bf0066ffa0bc823de0a9368974af99c9f6df941d2c231e03f" [[package]] name = "lock_api" @@ -1553,16 +1624,25 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" +[[package]] +name = "miniz_oxide" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7" +dependencies = [ + "adler", +] + [[package]] name = "mio" -version = "0.8.6" +version = "0.8.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b9d9a46eff5b4ff64b45a9e316a6d1e0bc719ef429cbec4dc630684212bfdf9" +checksum = "3dce281c5e46beae905d4de1870d8b1509a9142b62eedf18b443b011ca8343d0" dependencies = [ "libc", "log", "wasi 0.11.0+wasi-snapshot-preview1", - "windows-sys 0.45.0", + "windows-sys 0.48.0", ] [[package]] @@ -1614,12 +1694,12 @@ dependencies = [ [[package]] name = "num-format" -version = "0.4.3" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "54b862ff8df690cf089058c98b183676a7ed0f974cc08b426800093227cbff3b" +checksum = "a652d9771a63711fd3c3deb670acfbe5c30a4072e664d7a3bf5a9e1056ac72c3" dependencies = [ "arrayvec", - "itoa 1.0.4", + "itoa", ] [[package]] @@ -1663,6 +1743,15 @@ dependencies = [ "memchr", ] +[[package]] +name = "object" +version = "0.32.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9cf5f9dd3933bd50a9e1f149ec995f39ae2c496d31fd772c1fd45ebc27e902b0" +dependencies = [ + "memchr", +] + [[package]] name = "once_cell" version = "1.18.0" @@ -1692,13 +1781,13 @@ dependencies = [ [[package]] name = "openssl-macros" -version = "0.1.0" +version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c" +checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.32", ] [[package]] @@ -1739,7 +1828,7 @@ dependencies = [ "libc", "redox_syscall 0.3.5", "smallvec", - "windows-targets 0.48.0", + "windows-targets", ] [[package]] @@ -1858,7 +1947,7 @@ checksum = "52a40bc70c2c58040d2d8b167ba9a5ff59fc9dab7ad44771cfde3dcfde7a09c6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -1873,6 +1962,16 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "925383efa346730478fb4838dbe9137d2a47675ad789c546d150a6e1dd4ab31c" +[[package]] +name = "prettyplease" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae005bd773ab59b4725093fd7df83fd7892f7d8eafb48dbd7de6e024e4215f9d" +dependencies = [ + "proc-macro2", + "syn 2.0.32", +] + [[package]] name = "proc-macro-error" version = "1.0.4" @@ -1932,17 +2031,6 @@ dependencies = [ "unicase", ] -[[package]] -name = "pulldown-cmark" -version = "0.9.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77a1a2f1f0a7ecff9c31abbe177637be0e97a0aef46cf8738ece09327985d998" -dependencies = [ - "bitflags 1.3.2", - "memchr", - "unicase", -] - [[package]] name = "quickcheck" version = "1.0.3" @@ -1983,7 +2071,7 @@ dependencies = [ "native-tls", "openssl-macros", "tokio", - "tokio-macros", + "tokio-macros 1.7.0", "tokio-native-tls", "walkdir", ] @@ -2104,12 +2192,6 @@ dependencies = [ "regex-syntax", ] -[[package]] -name = "regex-automata" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" - [[package]] name = "regex-syntax" version = "0.6.26" @@ -2129,9 +2211,9 @@ dependencies = [ [[package]] name = "rmp-serde" -version = "1.1.1" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c5b13be192e0220b8afb7222aa5813cb62cc269ebb5cac346ca6487681d2913e" +checksum = "bffea85eea980d8a74453e5d02a8d93028f3c34725de143085a844ebe953258a" dependencies = [ "byteorder", "rmp", @@ -2168,7 +2250,7 @@ dependencies = [ "bitflags 1.3.2", "errno 0.2.8", "io-lifetimes 0.5.3", - "itoa 1.0.4", + "itoa", "libc", "linux-raw-sys 0.0.42", "once_cell", @@ -2177,31 +2259,30 @@ dependencies = [ [[package]] name = "rustix" -version = "0.36.16" +version = "0.37.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6da3636faa25820d8648e0e31c5d519bbb01f72fdf57131f0f5f7da5fed36eab" +checksum = "84f3f8f960ed3b5a59055428714943298bf3fa2d4a1d53135084e0544829d995" dependencies = [ "bitflags 1.3.2", "errno 0.3.1", "io-lifetimes 1.0.11", + "itoa", "libc", - "linux-raw-sys 0.1.4", - "windows-sys 0.45.0", + "linux-raw-sys 0.3.8", + "once_cell", + "windows-sys 0.48.0", ] [[package]] name = "rustix" -version = "0.37.26" +version = "0.38.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84f3f8f960ed3b5a59055428714943298bf3fa2d4a1d53135084e0544829d995" +checksum = "19ed4fa021d81c8392ce04db050a3da9a60299050b7ae1cf482d862b54a7218f" dependencies = [ - "bitflags 1.3.2", + "bitflags 2.3.3", "errno 0.3.1", - "io-lifetimes 1.0.11", - "itoa 1.0.4", "libc", - "linux-raw-sys 0.3.8", - "once_cell", + "linux-raw-sys 0.4.10", "windows-sys 0.48.0", ] @@ -2293,9 +2374,9 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" [[package]] name = "serde" -version = "1.0.168" +version = "1.0.190" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d614f89548720367ded108b3c843be93f3a341e22d5674ca0dd5cd57f34926af" +checksum = "91d3c334ca1ee894a2c6f6ad698fe8c435b76d504b13d436f0685d648d6d96f7" dependencies = [ "serde_derive", ] @@ -2311,32 +2392,22 @@ dependencies = [ [[package]] name = "serde_bytes" -version = "0.11.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cfc50e8183eeeb6178dcb167ae34a8051d63535023ae38b5d8d12beae193d37b" -dependencies = [ - "serde", -] - -[[package]] -name = "serde_cbor" -version = "0.11.2" +version = "0.11.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2bef2ebfde456fb76bbcf9f59315333decc4fda0b2b44b420243c11e0f5ec1f5" +checksum = "ab33ec92f677585af6d88c65593ae2375adde54efdbf16d597f2cbc7a6d368ff" dependencies = [ - "half", "serde", ] [[package]] name = "serde_derive" -version = "1.0.168" +version = "1.0.190" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4fe589678c688e44177da4f27152ee2d190757271dc7f1d5b6b9f68d869d641" +checksum = "67c5609f394e5c2bd7fc51efda478004ea80ef42fee983d5c67a65e34f32c0e3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -2345,7 +2416,7 @@ version = "1.0.107" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6b420ce6e3d8bd882e9b243c6eed35dbc9a6110c9769e74b584e0d68d1f20c65" dependencies = [ - "itoa 1.0.4", + "itoa", "ryu", "serde", ] @@ -2407,12 +2478,12 @@ dependencies = [ [[package]] name = "socket2" -version = "0.4.9" +version = "0.5.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64a4a911eed85daf18834cfaa86a79b7d266ff93ff5ba14005426219480ed662" +checksum = "7b5fac59a5cb5dd637972e5fca70daf0523c9067fcdc4842f053dae04a18f8e9" dependencies = [ "libc", - "winapi", + "windows-sys 0.48.0", ] [[package]] @@ -2491,7 +2562,7 @@ dependencies = [ "proc-macro2", "quote", "swc_macros_common", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -2506,7 +2577,7 @@ version = "0.3.26" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0c6b5c64445ba8094a6ab0c3cd2ad323e07171012d9c98b0b15651daf1787a10" dependencies = [ - "clap", + "clap 2.34.0", "lazy_static", "structopt-derive", ] @@ -2526,9 +2597,9 @@ dependencies = [ [[package]] name = "swc_atoms" -version = "0.5.9" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f54563d7dcba626d4acfe14ed12def7ecc28e004debe3ecd2c3ee07cc47e449" +checksum = "ebf7a12229f0c0efb654a6a0f8cbfd94fbd320a57c764857a82d8abe9342b450" dependencies = [ "once_cell", "rustc-hash", @@ -2540,9 +2611,9 @@ dependencies = [ [[package]] name = "swc_common" -version = "0.32.1" +version = "0.33.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c84742fc22df1c293da5354c1cc8a5b45a045e9dc941005c1fd9cb4e9bdabc1" +checksum = "c290470b7a9a4323c356208caf3c6c424b4c68e1d9aa63758b21d3e04e89cb07" dependencies = [ "ast_node", "better_scoped_tls", @@ -2567,9 +2638,9 @@ dependencies = [ [[package]] name = "swc_core" -version = "0.83.0" +version = "0.86.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22079c12192337bec144dace0e35a934e407db36e9dc21c5d9b876b0b7c9fba2" +checksum = "ad8a32c0ec17e82397b28db7a00d5c3609f878aab3b29b85031248cbcf149893" dependencies = [ "swc_atoms", "swc_common", @@ -2581,9 +2652,9 @@ dependencies = [ [[package]] name = "swc_ecma_ast" -version = "0.109.1" +version = "0.110.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e063a1614daed3ea8be56e5dd8edb17003409088d2fc9ce4aca3378879812607" +checksum = "2505e1bb74456695f6a92e68005a5fd1054fb3516e88268e81dbcfa4b26394b4" dependencies = [ "bitflags 2.3.3", "is-macro", @@ -2597,9 +2668,9 @@ dependencies = [ [[package]] name = "swc_ecma_parser" -version = "0.140.0" +version = "0.141.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c968599841fcecfdc2e490188ad93251897a1bb912882547e6889e14a368399" +checksum = "b0b5f31caca7daa4e9737f6073de461fa078aa36175afe5431966b92882e56f9" dependencies = [ "either", "num-bigint", @@ -2617,9 +2688,9 @@ dependencies = [ [[package]] name = "swc_ecma_transforms_base" -version = "0.133.0" +version = "0.134.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7787d3607d628ad0cc2e7173770f6a43229ce46e55136e81e5fdeb0951dd6c9" +checksum = "18150ea5c817b8f2f13c06fd99229d82754efc5c32e07dbf9745a33dc8d8232e" dependencies = [ "better_scoped_tls", "bitflags 2.3.3", @@ -2640,9 +2711,9 @@ dependencies = [ [[package]] name = "swc_ecma_utils" -version = "0.123.0" +version = "0.124.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b6d6b59ebd31b25fe2692ff705c806961e7856de8b7e91fd0942328886cd315" +checksum = "0d86cb80fb98018eba38720f940cf6c70df873d17092c0e4e390ddd4c01557a2" dependencies = [ "indexmap 1.9.3", "num_cpus", @@ -2658,9 +2729,9 @@ dependencies = [ [[package]] name = "swc_ecma_visit" -version = "0.95.1" +version = "0.96.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2774848b306e17fa280c598ecb192cc2c72a1163942b02d48606514336e9e7c5" +checksum = "f98eae0217e246aff1fc010bf716a94b781effa223b0e39449dced60db012deb" dependencies = [ "num-bigint", "swc_atoms", @@ -2679,7 +2750,7 @@ dependencies = [ "pmutil", "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -2691,7 +2762,7 @@ dependencies = [ "pmutil", "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -2715,7 +2786,7 @@ dependencies = [ "proc-macro2", "quote", "swc_macros_common", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -2731,9 +2802,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.22" +version = "2.0.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2efbeae7acf4eabd6bcdcbd11c92f45231ddda7539edc7806bd1a04a03b24616" +checksum = "239814284fd6f1a4ffe4ca893952cdd93c224b6a1571c9a9eadd670295c0c9e2" dependencies = [ "proc-macro2", "quote", @@ -2764,15 +2835,15 @@ checksum = "d7fa7e55043acb85fca6b3c01485a2eeb6b69c5d21002e273c79e465f43b7ac1" [[package]] name = "tempfile" -version = "3.4.0" +version = "3.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af18f7ae1acd354b992402e9ec5864359d693cd8a79dcbef59f76891701c1e95" +checksum = "cb94d2f3cc536af71caac6b6fcebf65860b347e7ce0cc9ebe8f70d3e521054ef" dependencies = [ "cfg-if", - "fastrand", - "redox_syscall 0.2.10", - "rustix 0.36.16", - "windows-sys 0.42.0", + "fastrand 2.0.1", + "redox_syscall 0.3.5", + "rustix 0.38.8", + "windows-sys 0.48.0", ] [[package]] @@ -2810,7 +2881,7 @@ checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -2819,7 +2890,7 @@ version = "0.3.22" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ea9e1b3cf1243ae005d9e74085d4d542f3125458f3a81af210d901dcd7411efd" dependencies = [ - "itoa 1.0.4", + "itoa", "serde", "time-core", "time-macros", @@ -2867,17 +2938,17 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "tokio" -version = "1.26.0" +version = "1.33.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03201d01c3c27a29c8a5cee5b55a93ddae1ccf6f08f65365c2c918f8c1b76f64" +checksum = "4f38200e3ef7995e5ef13baec2f432a6da0aa9ac495b2c0e8f3b7eec2c92d653" dependencies = [ - "autocfg", + "backtrace", "libc", "mio", "pin-project-lite", "socket2", - "tokio-macros", - "windows-sys 0.45.0", + "tokio-macros 2.1.0", + "windows-sys 0.48.0", ] [[package]] @@ -2891,6 +2962,17 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "tokio-macros" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.32", +] + [[package]] name = "tokio-native-tls" version = "0.3.1" @@ -2931,7 +3013,7 @@ checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.32", ] [[package]] @@ -3038,9 +3120,9 @@ dependencies = [ [[package]] name = "uuid" -version = "1.4.1" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "79daa5ed5740825c40b389c5e50312b9c86df53fccd33f281df655642b43869d" +checksum = "88ad59a7560b41a70d191093a945f0b87bc1deeda46fb237479708a1d6b6cdfc" dependencies = [ "getrandom", ] @@ -3080,12 +3162,11 @@ checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" [[package]] name = "walkdir" -version = "2.3.2" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "808cf2735cd4b6866113f648b791c6adc5714537bc222d9347bb203386ffda56" +checksum = "d71d857dc86794ca4c280d616f7da00d2dbfd8cd788846559a6813e6aa4b54ee" dependencies = [ "same-file", - "winapi", "winapi-util", ] @@ -3272,9 +3353,9 @@ checksum = "449167e2832691a1bff24cde28d2804e90e09586a448c8e76984792c44334a6b" [[package]] name = "wasmparser" -version = "0.96.0" +version = "0.103.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "adde01ade41ab9a5d10ec8ed0bb954238cf8625b5cd5a13093d6de2ad9c2be1a" +checksum = "2c437373cac5ea84f1113d648d51f71751ffbe3d90c00ae67618cf20d0b5ee7b" dependencies = [ "indexmap 1.9.3", "url", @@ -3282,9 +3363,9 @@ dependencies = [ [[package]] name = "wasmparser" -version = "0.103.0" +version = "0.106.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2c437373cac5ea84f1113d648d51f71751ffbe3d90c00ae67618cf20d0b5ee7b" +checksum = "d014e33793cab91655fa6349b0bc974984de106b2e0f6b0dfe6f6594b260624d" dependencies = [ "indexmap 1.9.3", "url", @@ -3292,22 +3373,22 @@ dependencies = [ [[package]] name = "wasmparser" -version = "0.106.0" +version = "0.115.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d014e33793cab91655fa6349b0bc974984de106b2e0f6b0dfe6f6594b260624d" +checksum = "e06c0641a4add879ba71ccb3a1e4278fd546f76f1eafb21d8f7b07733b547cd5" dependencies = [ - "indexmap 1.9.3", - "url", + "indexmap 2.0.2", + "semver 1.0.17", ] [[package]] name = "wasmprinter" -version = "0.2.45" +version = "0.2.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3045e1aa2cac847f4f94a1e25db9f084a947aeff47d9099fb9c5ccd16d335040" +checksum = "e74458a9bc5cc9c7108abfa0fe4dc88d5abf1f3baf194df3264985f17d559b5e" dependencies = [ "anyhow", - "wasmparser 0.96.0", + "wasmparser 0.115.0", ] [[package]] @@ -3325,7 +3406,7 @@ dependencies = [ "indexmap 1.9.3", "libc", "log", - "object", + "object 0.30.3", "once_cell", "paste", "psm", @@ -3410,7 +3491,7 @@ dependencies = [ "cranelift-wasm", "gimli 0.27.2", "log", - "object", + "object 0.30.3", "target-lexicon", "thiserror", "wasmparser 0.103.0", @@ -3429,7 +3510,7 @@ dependencies = [ "cranelift-control", "cranelift-native", "gimli 0.27.2", - "object", + "object 0.30.3", "target-lexicon", "wasmtime-environ", ] @@ -3445,7 +3526,7 @@ dependencies = [ "gimli 0.27.2", "indexmap 1.9.3", "log", - "object", + "object 0.30.3", "serde", "target-lexicon", "thiserror", @@ -3472,7 +3553,7 @@ version = "9.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2712eafe829778b426cad0e1769fef944898923dd29f0039e34e0d53ba72b234" dependencies = [ - "addr2line", + "addr2line 0.19.0", "anyhow", "bincode", "cfg-if", @@ -3480,7 +3561,7 @@ dependencies = [ "gimli 0.27.2", "ittapi", "log", - "object", + "object 0.30.3", "rustc-demangle", "serde", "target-lexicon", @@ -3497,7 +3578,7 @@ version = "9.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "65fb78eacf4a6e47260d8ef8cc81ea8ddb91397b2e848b3fb01567adebfe89b5" dependencies = [ - "object", + "object 0.30.3", "once_cell", "rustix 0.37.26", ] @@ -3714,37 +3795,13 @@ dependencies = [ "windows_x86_64_msvc 0.42.1", ] -[[package]] -name = "windows-sys" -version = "0.45.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75283be5efb2831d37ea142365f009c02ec203cd29a3ebecbc093d52315b66d0" -dependencies = [ - "windows-targets 0.42.1", -] - [[package]] name = "windows-sys" version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" dependencies = [ - "windows-targets 0.48.0", -] - -[[package]] -name = "windows-targets" -version = "0.42.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8e2522491fbfcd58cc84d47aeb2958948c4b8982e9a2d8a2a35bbaed431390e7" -dependencies = [ - "windows_aarch64_gnullvm 0.42.1", - "windows_aarch64_msvc 0.42.1", - "windows_i686_gnu 0.42.1", - "windows_i686_msvc 0.42.1", - "windows_x86_64_gnu 0.42.1", - "windows_x86_64_gnullvm 0.42.1", - "windows_x86_64_msvc 0.42.1", + "windows-targets", ] [[package]] @@ -3878,27 +3935,26 @@ dependencies = [ "id-arena", "indexmap 1.9.3", "log", - "pulldown-cmark 0.8.0", + "pulldown-cmark", "unicode-xid", "url", ] [[package]] name = "wit-parser" -version = "0.11.3" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a39edca9abb16309def3843af73b58d47d243fe33a9ceee572446bcc57556b9a" +checksum = "f6ace9943d89bbf3dbbc71b966da0e7302057b311f36a4ac3d65ddfef17b52cf" dependencies = [ "anyhow", "id-arena", "indexmap 2.0.2", "log", - "pulldown-cmark 0.9.3", "semver 1.0.17", "serde", + "serde_derive", "serde_json", "unicode-xid", - "url", ] [[package]] diff --git a/crates/cli/Cargo.toml b/crates/cli/Cargo.toml index eb4bfe56..d8d65af5 100644 --- a/crates/cli/Cargo.toml +++ b/crates/cli/Cargo.toml @@ -19,28 +19,28 @@ wizer = "3.0" structopt = "0.3" anyhow = { workspace = true } binaryen = { git = "https://github.com/pepyakin/binaryen-rs", rev = "00c98174843f957681ba0bc5cdcc9d15f5d0cb23" } -brotli = "3.3.4" -wasmprinter = { version = "0.2.45", optional = true } +brotli = "3.4.0" +wasmprinter = { version = "0.2.70", optional = true } wasmtime = { workspace = true } wasmtime-wasi = { workspace = true } wasi-common = { workspace = true } walrus = "0.20.1" -swc_core = { version = "0.83.0", features = ["common_sourcemap", "ecma_ast", "ecma_parser"] } -wit-parser = "0.11.3" -convert_case = "0.4.0" +swc_core = { version = "0.86.17", features = ["common_sourcemap", "ecma_ast", "ecma_parser"] } +wit-parser = "0.12.1" +convert_case = "0.6.0" [dev-dependencies] serde_json = "1.0" -uuid = { version = "1.4", features = ["v4"] } +uuid = { version = "1.5", features = ["v4"] } lazy_static = "1.4" serde = { version = "1.0", default-features = false, features = ["derive"] } -criterion = "0.3" -num-format = "0.4.3" -tempfile = "3.4.0" -wasmparser = "0.106.0" +criterion = "0.5" +num-format = "0.4.4" +tempfile = "3.8.0" +wasmparser = "0.115.0" [build-dependencies] -anyhow = "1.0.71" +anyhow = "1.0.75" wizer = "3.0" [[bench]] diff --git a/crates/quickjs-wasm-rs/Cargo.toml b/crates/quickjs-wasm-rs/Cargo.toml index 223f48d5..b10093d2 100644 --- a/crates/quickjs-wasm-rs/Cargo.toml +++ b/crates/quickjs-wasm-rs/Cargo.toml @@ -17,4 +17,4 @@ once_cell = "1.16" [dev-dependencies] quickcheck = "1" -serde_bytes = "0.11.7" +serde_bytes = "0.11.12" diff --git a/crates/quickjs-wasm-sys/Cargo.toml b/crates/quickjs-wasm-sys/Cargo.toml index 7dc0c451..6fe87e31 100644 --- a/crates/quickjs-wasm-sys/Cargo.toml +++ b/crates/quickjs-wasm-sys/Cargo.toml @@ -11,21 +11,21 @@ categories = ["external-ffi-bindings"] [build-dependencies] cc = "1.0" -bindgen = "0.64.0" +bindgen = "0.68.1" walkdir = "2" anyhow.workspace = true # The dependencies below are pinned so they map exactly to the exemptions # we copied from the wasmtime team to our supply-chain config -tokio = { version = "=1.26.0", default-features = false, features = ["rt", "macros", "net"] } +tokio = { version = "=1.33.0", default-features = false, features = ["rt", "macros", "net"] } hyper = { version = "=1.0.0-rc.3", features = ["client", "http1"], default-features = false } -bytes = "=1.1.0" -futures-task = "=0.3.27" +bytes = "=1.5.0" +futures-task = "=0.3.29" futures-util = { version = "=0.3.27", default-features = false } tokio-macros = "=1.7.0" -futures-core = "=0.3.27" -mio = "=0.8.6" +futures-core = "=0.3.29" +mio = "=0.8.9" http-body-util = "=0.1.0-rc.2" tokio-native-tls = "=0.3.1" native-tls = "0.2.11" -openssl-macros = "=0.1.0" +openssl-macros = "=0.1.1" diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index e2aed37e..809d8083 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -33,6 +33,18 @@ user-id = 6825 # Dan Gohman (sunfishcode) start = "2021-04-14" end = "2024-07-25" +[[trusted.anstyle]] +criteria = "safe-to-run" +user-id = 6743 # Ed Page (epage) +start = "2022-05-18" +end = "2024-10-26" + +[[trusted.anyhow]] +criteria = "safe-to-deploy" +user-id = 3618 # David Tolnay (dtolnay) +start = "2019-10-05" +end = "2024-10-26" + [[trusted.async-trait]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) @@ -75,6 +87,18 @@ user-id = 6825 # Dan Gohman (sunfishcode) start = "2020-09-21" end = "2024-07-25" +[[trusted.clap_builder]] +criteria = "safe-to-run" +user-id = 6743 # Ed Page (epage) +start = "2023-03-28" +end = "2024-10-26" + +[[trusted.clap_lex]] +criteria = "safe-to-run" +user-id = 6743 # Ed Page (epage) +start = "2022-04-15" +end = "2024-10-26" + [[trusted.csv]] criteria = "safe-to-deploy" user-id = 189 # Andrew Gallant (BurntSushi) @@ -153,6 +177,12 @@ user-id = 3618 # David Tolnay (dtolnay) start = "2019-03-19" end = "2024-07-12" +[[trusted.prettyplease]] +criteria = "safe-to-deploy" +user-id = 3618 # David Tolnay (dtolnay) +start = "2022-01-04" +end = "2024-10-26" + [[trusted.proc-macro-hack]] criteria = "safe-to-deploy" user-id = 3618 # David Tolnay (dtolnay) diff --git a/supply-chain/config.toml b/supply-chain/config.toml index f85b36fe..ef484080 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -68,6 +68,10 @@ criteria = "safe-to-deploy" version = "0.9.5" criteria = "safe-to-deploy" +[[exemptions.backtrace]] +version = "0.3.69" +criteria = "safe-to-deploy" + [[exemptions.better_scoped_tls]] version = "0.1.1" criteria = "safe-to-deploy" @@ -93,21 +97,37 @@ version = "0.10.4" criteria = "safe-to-deploy" [[exemptions.brotli]] -version = "3.3.4" +version = "3.4.0" criteria = "safe-to-deploy" [[exemptions.brotli-decompressor]] -version = "2.3.2" +version = "2.5.0" criteria = "safe-to-deploy" [[exemptions.bytes]] -version = "1.1.0" +version = "1.5.0" criteria = "safe-to-deploy" [[exemptions.cast]] version = "0.3.0" criteria = "safe-to-run" +[[exemptions.cc]] +version = "1.0.83" +criteria = "safe-to-deploy" + +[[exemptions.ciborium]] +version = "0.2.1" +criteria = "safe-to-run" + +[[exemptions.ciborium-io]] +version = "0.2.1" +criteria = "safe-to-run" + +[[exemptions.ciborium-ll]] +version = "0.2.1" +criteria = "safe-to-run" + [[exemptions.clang-sys]] version = "1.3.1" criteria = "safe-to-deploy" @@ -116,10 +136,18 @@ criteria = "safe-to-deploy" version = "2.34.0" criteria = "safe-to-deploy" +[[exemptions.clap]] +version = "4.4.7" +criteria = "safe-to-run" + [[exemptions.cmake]] version = "0.1.48" criteria = "safe-to-deploy" +[[exemptions.convert_case]] +version = "0.6.0" +criteria = "safe-to-deploy" + [[exemptions.cpp_demangle]] version = "0.3.5" criteria = "safe-to-deploy" @@ -204,10 +232,13 @@ criteria = "safe-to-deploy" version = "0.1.6" criteria = "safe-to-deploy" +[[exemptions.futures-core]] +version = "0.3.29" +criteria = "safe-to-deploy" + [[exemptions.futures-task]] -version = "0.3.27" +version = "0.3.29" criteria = "safe-to-deploy" -notes = "deferring this vetting until Alex gets back from vacation" [[exemptions.futures-util]] version = "0.3.27" @@ -226,6 +257,10 @@ criteria = "safe-to-deploy" version = "0.1.2" criteria = "safe-to-deploy" +[[exemptions.gimli]] +version = "0.26.1" +criteria = "safe-to-deploy" + [[exemptions.gimli]] version = "0.26.2" criteria = "safe-to-deploy" @@ -330,16 +365,15 @@ version = "0.2.1" criteria = "safe-to-deploy" [[exemptions.mio]] -version = "0.8.6" +version = "0.8.9" criteria = "safe-to-deploy" -notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon" [[exemptions.nom]] version = "7.1.0" criteria = "safe-to-deploy" [[exemptions.num-format]] -version = "0.4.3" +version = "0.4.4" criteria = "safe-to-run" [[exemptions.num_cpus]] @@ -350,6 +384,10 @@ criteria = "safe-to-deploy" version = "0.30.3" criteria = "safe-to-deploy" +[[exemptions.object]] +version = "0.32.1" +criteria = "safe-to-deploy" + [[exemptions.once_cell]] version = "1.16.0" criteria = "safe-to-deploy" @@ -447,7 +485,7 @@ version = "0.8.11" criteria = "safe-to-deploy" [[exemptions.rmp-serde]] -version = "1.1.1" +version = "1.1.2" criteria = "safe-to-deploy" [[exemptions.rustc_version]] @@ -507,7 +545,7 @@ version = "1.0.1" criteria = "safe-to-deploy" [[exemptions.socket2]] -version = "0.4.9" +version = "0.5.5" criteria = "safe-to-deploy" [[exemptions.sourcemap]] @@ -551,35 +589,35 @@ version = "0.4.18" criteria = "safe-to-deploy" [[exemptions.swc_atoms]] -version = "0.5.9" +version = "0.6.0" criteria = "safe-to-deploy" [[exemptions.swc_common]] -version = "0.32.1" +version = "0.33.2" criteria = "safe-to-deploy" [[exemptions.swc_core]] -version = "0.83.0" +version = "0.86.17" criteria = "safe-to-deploy" [[exemptions.swc_ecma_ast]] -version = "0.109.1" +version = "0.110.2" criteria = "safe-to-deploy" [[exemptions.swc_ecma_parser]] -version = "0.140.0" +version = "0.141.5" criteria = "safe-to-deploy" [[exemptions.swc_ecma_transforms_base]] -version = "0.133.0" +version = "0.134.10" criteria = "safe-to-deploy" [[exemptions.swc_ecma_utils]] -version = "0.123.0" +version = "0.124.9" criteria = "safe-to-deploy" [[exemptions.swc_ecma_visit]] -version = "0.95.1" +version = "0.96.2" criteria = "safe-to-deploy" [[exemptions.swc_eq_ignore_macros]] @@ -623,9 +661,8 @@ version = "1.2.1" criteria = "safe-to-run" [[exemptions.tokio]] -version = "1.26.0" +version = "1.33.0" criteria = "safe-to-deploy" -notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon" [[exemptions.tokio-macros]] version = "1.7.0" @@ -668,7 +705,7 @@ version = "2.4.1" criteria = "safe-to-deploy" [[exemptions.uuid]] -version = "0.8.2" +version = "1.5.0" criteria = "safe-to-deploy" [[exemptions.vergen]] @@ -735,18 +772,10 @@ criteria = "safe-to-deploy" version = "0.42.0" criteria = "safe-to-deploy" -[[exemptions.windows-sys]] -version = "0.45.0" -criteria = "safe-to-deploy" - [[exemptions.windows-sys]] version = "0.48.0" criteria = "safe-to-deploy" -[[exemptions.windows-targets]] -version = "0.42.1" -criteria = "safe-to-deploy" - [[exemptions.windows-targets]] version = "0.48.0" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 974cab28..19ce5b88 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -15,6 +15,20 @@ user-id = 6825 user-login = "sunfishcode" user-name = "Dan Gohman" +[[publisher.anstyle]] +version = "1.0.4" +when = "2023-09-28" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.anyhow]] +version = "1.0.75" +when = "2023-08-17" +user-id = 3618 +user-login = "dtolnay" +user-name = "David Tolnay" + [[publisher.arbitrary]] version = "1.3.0" when = "2023-03-13" @@ -29,13 +43,6 @@ user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" -[[publisher.bstr]] -version = "0.2.17" -when = "2021-09-20" -user-id = 189 -user-login = "BurntSushi" -user-name = "Andrew Gallant" - [[publisher.byteorder]] version = "1.4.3" when = "2021-03-10" @@ -92,6 +99,20 @@ user-id = 3788 user-login = "emilio" user-name = "Emilio Cobos Álvarez" +[[publisher.clap_builder]] +version = "4.4.7" +when = "2023-10-24" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.clap_lex]] +version = "0.6.0" +when = "2023-10-24" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + [[publisher.core-foundation]] version = "0.9.3" when = "2022-02-07" @@ -166,20 +187,6 @@ when = "2023-06-13" user-id = 73222 user-login = "wasmtime-publish" -[[publisher.csv]] -version = "1.1.6" -when = "2021-03-07" -user-id = 189 -user-login = "BurntSushi" -user-name = "Andrew Gallant" - -[[publisher.csv-core]] -version = "0.1.10" -when = "2020-02-14" -user-id = 189 -user-login = "BurntSushi" -user-name = "Andrew Gallant" - [[publisher.equivalent]] version = "1.0.1" when = "2023-07-10" @@ -222,13 +229,6 @@ user-id = 6825 user-login = "sunfishcode" user-name = "Dan Gohman" -[[publisher.itoa]] -version = "0.4.8" -when = "2021-08-22" -user-id = 3618 -user-login = "dtolnay" -user-name = "David Tolnay" - [[publisher.itoa]] version = "1.0.4" when = "2022-10-06" @@ -251,15 +251,15 @@ user-login = "sunfishcode" user-name = "Dan Gohman" [[publisher.linux-raw-sys]] -version = "0.1.4" -when = "2022-12-13" +version = "0.3.8" +when = "2023-05-19" user-id = 6825 user-login = "sunfishcode" user-name = "Dan Gohman" [[publisher.linux-raw-sys]] -version = "0.3.8" -when = "2023-05-19" +version = "0.4.10" +when = "2023-10-09" user-id = 6825 user-login = "sunfishcode" user-name = "Dan Gohman" @@ -285,6 +285,13 @@ user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" +[[publisher.prettyplease]] +version = "0.2.15" +when = "2023-09-07" +user-id = 3618 +user-login = "dtolnay" +user-name = "David Tolnay" + [[publisher.proc-macro-hack]] version = "0.5.20+deprecated" when = "2022-12-19" @@ -327,13 +334,6 @@ user-id = 189 user-login = "BurntSushi" user-name = "Andrew Gallant" -[[publisher.regex-automata]] -version = "0.1.10" -when = "2021-06-01" -user-id = 189 -user-login = "BurntSushi" -user-name = "Andrew Gallant" - [[publisher.regex-syntax]] version = "0.6.26" when = "2022-05-20" @@ -341,13 +341,6 @@ user-id = 189 user-login = "BurntSushi" user-name = "Andrew Gallant" -[[publisher.rustix]] -version = "0.33.3" -when = "2022-02-22" -user-id = 6825 -user-login = "sunfishcode" -user-name = "Dan Gohman" - [[publisher.rustix]] version = "0.33.7" when = "2022-04-18" @@ -356,22 +349,15 @@ user-login = "sunfishcode" user-name = "Dan Gohman" [[publisher.rustix]] -version = "0.36.16" -when = "2023-10-12" -user-id = 6825 -user-login = "sunfishcode" -user-name = "Dan Gohman" - -[[publisher.rustix]] -version = "0.37.23" -when = "2023-07-05" +version = "0.37.26" +when = "2023-10-19" user-id = 6825 user-login = "sunfishcode" user-name = "Dan Gohman" [[publisher.rustix]] -version = "0.37.26" -when = "2023-10-19" +version = "0.38.8" +when = "2023-08-10" user-id = 6825 user-login = "sunfishcode" user-name = "Dan Gohman" @@ -405,22 +391,22 @@ user-login = "Amanieu" user-name = "Amanieu d'Antras" [[publisher.serde]] -version = "1.0.168" -when = "2023-07-09" +version = "1.0.190" +when = "2023-10-26" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde_bytes]] -version = "0.11.7" -when = "2022-08-03" +version = "0.11.12" +when = "2023-07-15" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde_derive]] -version = "1.0.168" -when = "2023-07-09" +version = "1.0.190" +when = "2023-10-26" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -440,8 +426,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.syn]] -version = "2.0.22" -when = "2023-06-24" +version = "2.0.32" +when = "2023-09-10" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -489,8 +475,8 @@ user-login = "Manishearth" user-name = "Manish Goregaokar" [[publisher.walkdir]] -version = "2.3.2" -when = "2021-03-22" +version = "2.4.0" +when = "2023-09-05" user-id = 189 user-login = "BurntSushi" user-name = "Andrew Gallant" @@ -529,22 +515,29 @@ user-login = "alexcrichton" user-name = "Alex Crichton" [[publisher.wasmparser]] -version = "0.101.0" -when = "2023-02-14" +version = "0.103.0" +when = "2023-04-13" user-id = 1 user-login = "alexcrichton" user-name = "Alex Crichton" [[publisher.wasmparser]] -version = "0.103.0" -when = "2023-04-13" +version = "0.106.0" +when = "2023-05-23" user-id = 1 user-login = "alexcrichton" user-name = "Alex Crichton" [[publisher.wasmparser]] -version = "0.106.0" -when = "2023-05-23" +version = "0.115.0" +when = "2023-10-14" +user-id = 1 +user-login = "alexcrichton" +user-name = "Alex Crichton" + +[[publisher.wasmprinter]] +version = "0.2.70" +when = "2023-10-14" user-id = 1 user-login = "alexcrichton" user-name = "Alex Crichton" @@ -692,8 +685,8 @@ user-login = "alexcrichton" user-name = "Alex Crichton" [[publisher.wit-parser]] -version = "0.11.3" -when = "2023-09-27" +version = "0.12.1" +when = "2023-10-18" user-id = 1 user-login = "alexcrichton" user-name = "Alex Crichton" @@ -836,6 +829,19 @@ I am employed by a member of the Bytecode Alliance and plan to continue doing so and will actively maintain this crate over time. """ +[[audits.bytecode-alliance.wildcard-audits.wasmprinter]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +user-id = 1 # Alex Crichton (alexcrichton) +start = "2019-11-18" +end = "2024-04-14" +notes = """ +This is a Bytecode Alliance authored crate maintained in the `wasm-tools` +repository of which I'm one of the primary maintainers and publishers for. +I am employed by a member of the Bytecode Alliance and plan to continue doing +so and will actively maintain this crate over time. +""" + [[audits.bytecode-alliance.wildcard-audits.wasmtime]] who = "Bobby Holley " criteria = "safe-to-deploy" @@ -1027,16 +1033,35 @@ I am employed by a member of the Bytecode Alliance and plan to continue doing so and will actively maintain this crate over time. """ +[[audits.bytecode-alliance.audits.addr2line]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "0.19.0 -> 0.20.0" +notes = "This version brings support for split-dwarf which while it uses the filesystem is always done at the behest of the caller, so everything is as expected for this update." + +[[audits.bytecode-alliance.audits.addr2line]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "0.20.0 -> 0.21.0" +notes = "This version bump updated some dependencies and optimized some internals. All looks good." + +[[audits.bytecode-alliance.audits.adler]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +version = "1.0.2" +notes = "This is a small crate which forbids unsafe code and is a straightforward implementation of the adler hashing algorithm." + [[audits.bytecode-alliance.audits.ambient-authority]] who = "Dan Gohman " criteria = "safe-to-deploy" version = "0.0.2" notes = "Contains no unsafe code, no IO, no build.rs." -[[audits.bytecode-alliance.audits.anyhow]] +[[audits.bytecode-alliance.audits.anes]] who = "Pat Hickey " criteria = "safe-to-deploy" -delta = "1.0.69 -> 1.0.71" +version = "0.1.6" +notes = "Contains no unsafe code, no IO, no build.rs." [[audits.bytecode-alliance.audits.arrayvec]] who = "Nick Fitzgerald " @@ -1100,18 +1125,27 @@ criteria = "safe-to-deploy" delta = "1.0.1 -> 1.0.14" notes = "The Bytecode Alliance is the author of this crate." -[[audits.bytecode-alliance.audits.cc]] -who = "Alex Crichton " -criteria = "safe-to-deploy" -version = "1.0.73" -notes = "I am the author of this crate." - [[audits.bytecode-alliance.audits.cfg-if]] who = "Alex Crichton " criteria = "safe-to-deploy" version = "1.0.0" notes = "I am the author of this crate." +[[audits.bytecode-alliance.audits.criterion]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.3.6 -> 0.4.0" +notes = """ +criterion v0.3.6..v0.4.0 is mostly re-arranging the crate features and bumping dependencies. all changes +to code seem to be confined to benchmarks. +""" + +[[audits.bytecode-alliance.audits.criterion-plot]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.4.5 -> 0.5.0" +notes = "Just a version bump, only change to code is to remove an allow(deprecated)" + [[audits.bytecode-alliance.audits.crypto-common]] who = "Benjamin Bouvier " criteria = "safe-to-deploy" @@ -1135,6 +1169,15 @@ criteria = "safe-to-deploy" version = "0.1.2" notes = "This should be portable to any POSIX system and seems like it should be part of the libc crate, but at any rate it's safe as is." +[[audits.bytecode-alliance.audits.fastrand]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "2.0.0 -> 2.0.1" +notes = """ +This update had a few doc updates but no otherwise-substantial source code +updates. +""" + [[audits.bytecode-alliance.audits.fd-lock]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -1198,12 +1241,6 @@ criteria = "safe-to-deploy" version = "0.3.27" notes = "build.rs is just detecting the target and setting cfg. unsafety is for implementing a concurrency primitives using atomics and unsafecell, and is not obviously incorrect (this is the sort of thing I wouldn't certify as correct without formal methods)" -[[audits.bytecode-alliance.audits.futures-core]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -version = "0.3.27" -notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting." - [[audits.bytecode-alliance.audits.fxprof-processed-profile]] who = "Jamey Sharp " criteria = "safe-to-deploy" @@ -1215,6 +1252,31 @@ serialization support. All logic is trivial: either unit conversion, or hash-consing to support de-duplication required by the format. """ +[[audits.bytecode-alliance.audits.gimli]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "0.26.1 -> 0.27.0" +notes = """ +This is a standard update to gimli for more DWARF support for more platforms, +more features, etc. Some minor `unsafe` code was added that does not appear +incorrect. Otherwise looks like someone probably ran clippy and/or rustfmt. +""" + +[[audits.bytecode-alliance.audits.gimli]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "0.27.0 -> 0.27.3" +notes = "More support for more DWARF, nothing major in this update. Some small refactorings and updates to publication of the package but otherwise everything's in order." + +[[audits.bytecode-alliance.audits.gimli]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "0.27.3 -> 0.28.0" +notes = """ +Still looks like a good DWARF-parsing crate, nothing major was added or deleted +and no `unsafe` code to review here. +""" + [[audits.bytecode-alliance.audits.glob]] who = "Jamey Sharp " criteria = "safe-to-deploy" @@ -1332,6 +1394,20 @@ criteria = "safe-to-deploy" delta = "0.7.1 -> 0.8.0" notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes." +[[audits.bytecode-alliance.audits.miniz_oxide]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +version = "0.7.1" +notes = """ +This crate is a Rust implementation of zlib compression/decompression and has +been used by default by the Rust standard library for quite some time. It's also +a default dependency of the popular `backtrace` crate for decompressing debug +information. This crate forbids unsafe code and does not otherwise access system +resources. It's originally a port of the `miniz.c` library as well, and given +its own longevity should be relatively hardened against some of the more common +compression-related issues. +""" + [[audits.bytecode-alliance.audits.native-tls]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -1390,18 +1466,6 @@ are otherwise not doing other `unsafe` operations. Additionally the crate does not do anything other than markdown rendering as is expected. """ -[[audits.bytecode-alliance.audits.pulldown-cmark]] -who = "Alex Crichton " -criteria = "safe-to-deploy" -delta = "0.8.0 -> 0.9.3" -notes = """ -This is a large change to the `pulldown-cmark` crate but it tightens -restrictions on `unsafe` code to forbid it in non-SIMD mode and additionally -many changes look to be related to refactoring, improving, and restructuring. -This crate is not fundamentally different from before, which was trusted, but -looks to be receiving new assistance for maintainership as well. -""" - [[audits.bytecode-alliance.audits.quote]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -1413,18 +1477,6 @@ criteria = "safe-to-deploy" version = "0.1.21" notes = "I am the author of this crate." -[[audits.bytecode-alliance.audits.rustix]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.36.7" -notes = "The Bytecode Alliance is the author of this crate." - -[[audits.bytecode-alliance.audits.rustix]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.36.7 -> 0.36.8" -notes = "The Bytecode Alliance is the author of this crate." - [[audits.bytecode-alliance.audits.semver]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -1455,6 +1507,12 @@ criteria = "safe-to-deploy" delta = "0.25.6 -> 0.25.7" notes = "This is a minor bug-fix update." +[[audits.bytecode-alliance.audits.tempfile]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "3.5.0 -> 3.6.0" +notes = "Dependency updates and new optimized trait implementations, but otherwise everything looks normal." + [[audits.bytecode-alliance.audits.tinyvec]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -1475,6 +1533,12 @@ intended to multiplex across the internal representation of a tinyvec, presumably. This trivially doesn't contain anything bad. """ +[[audits.bytecode-alliance.audits.tokio-macros]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "1.7.0 -> 2.1.0" +notes = "A number of updates to parsed syntax and such but nothing unexpected and entirely what one would expect a Rust procedural macro to do." + [[audits.bytecode-alliance.audits.tokio-native-tls]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -1544,18 +1608,6 @@ criteria = "safe-to-deploy" version = "0.25.0" notes = "The Bytecode Alliance is the author of this crate." -[[audits.bytecode-alliance.audits.wasmparser]] -who = "Alex Crichton " -criteria = "safe-to-deploy" -version = "0.96.0" -notes = "The Bytecode Alliance is the author of this crate." - -[[audits.bytecode-alliance.audits.wasmprinter]] -who = "Alex Crichton " -criteria = "safe-to-deploy" -version = "0.2.45" -notes = "The Bytecode Alliance is the author of this crate." - [[audits.bytecode-alliance.audits.wast]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -1580,17 +1632,6 @@ criteria = "safe-to-deploy" delta = "0.35.0 -> 0.35.1" notes = "Just a dependency version bump" -[[audits.embark-studios.audits.anyhow]] -who = "Johan Andersson " -criteria = "safe-to-deploy" -version = "1.0.58" - -[[audits.embark-studios.audits.convert_case]] -who = "Johan Andersson " -criteria = "safe-to-deploy" -version = "0.4.0" -notes = "No unsafe usage or ambient capabilities" - [[audits.embark-studios.audits.idna]] who = "Johan Andersson " criteria = "safe-to-deploy" @@ -1659,6 +1700,12 @@ criteria = "safe-to-deploy" version = "0.3.1" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/main/cargo-vet/audits.toml?format=TEXT" +[[audits.google.audits.openssl-macros]] +who = "George Burgess IV " +criteria = "safe-to-deploy" +delta = "0.1.0 -> 0.1.1" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/main/cargo-vet/audits.toml?format=TEXT" + [[audits.google.audits.proc-macro-error-attr]] who = "George Burgess IV " criteria = "safe-to-deploy" @@ -1671,6 +1718,11 @@ criteria = "safe-to-deploy" version = "0.9.4" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/main/cargo-vet/audits.toml?format=TEXT" +[[audits.isrg.audits.criterion]] +who = "Brandon Pitman " +criteria = "safe-to-run" +delta = "0.4.0 -> 0.5.1" + [[audits.isrg.audits.either]] who = "David Cook " criteria = "safe-to-deploy" @@ -1757,37 +1809,6 @@ end = "2024-05-03" notes = "All code written or reviewed by Manish" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.anyhow]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.0.57 -> 1.0.61" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.anyhow]] -who = "Bobby Holley " -criteria = "safe-to-deploy" -delta = "1.0.58 -> 1.0.57" -notes = "No functional differences, just CI config and docs." -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.anyhow]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.0.61 -> 1.0.62" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.anyhow]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.0.62 -> 1.0.68" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.anyhow]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.0.68 -> 1.0.69" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.autocfg]] who = "Josh Stone " criteria = "safe-to-deploy" @@ -1814,6 +1835,18 @@ criteria = "safe-to-deploy" delta = "0.63.0 -> 0.64.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.bindgen]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.64.0 -> 0.66.1" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.bindgen]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.66.1 -> 0.68.1" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.bitflags]] who = "Alex Franchuk " criteria = "safe-to-deploy" @@ -1846,6 +1879,12 @@ version = "0.8.0" notes = "This crates was written by Sentry and I've fully audited it as Firefox crash reporting machinery relies on it." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.fastrand]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "1.9.0 -> 2.0.0" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.fnv]] who = "Bobby Holley " criteria = "safe-to-deploy" @@ -1891,6 +1930,19 @@ version = "1.4.0" notes = "I have read over the macros, and audited the unsafe code." aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml" +[[audits.mozilla.audits.libc]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.2.147 -> 0.2.148" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.libc]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "0.2.148 -> 0.2.149" +notes = "New defintions for a new target we don't use" +aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" + [[audits.mozilla.audits.log]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -2047,22 +2099,22 @@ version = "1.1.0" notes = "Straightforward crate with no unsafe code, does what it says on the tin." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.serde_cbor]] -who = "R. Martinho Fernandes " +[[audits.mozilla.audits.sha2]] +who = "Mike Hommey " criteria = "safe-to-deploy" -version = "0.11.1" +delta = "0.10.2 -> 0.10.6" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.serde_cbor]] -who = "John M. Schanck " +[[audits.mozilla.audits.tempfile]] +who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -delta = "0.11.1 -> 0.11.2" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +delta = "3.4.0 -> 3.5.0" +aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" -[[audits.mozilla.audits.sha2]] +[[audits.mozilla.audits.tempfile]] who = "Mike Hommey " criteria = "safe-to-deploy" -delta = "0.10.2 -> 0.10.6" +delta = "3.6.0 -> 3.8.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.unicode-bidi]] @@ -2089,22 +2141,3 @@ who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.1.21 -> 0.1.22" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.uuid]] -who = "Gabriele Svelto " -criteria = "safe-to-deploy" -delta = "0.8.2 -> 1.2.2" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.uuid]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.2.2 -> 1.3.0" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.uuid]] -who = "Jan-Erik Rediger " -criteria = "safe-to-deploy" -delta = "1.3.0 -> 1.4.1" -notes = "Internal refactoring, new target support" -aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"