Skip to content

Commit

Permalink
Update aggregated cargo-vet audits
Browse files Browse the repository at this point in the history
  • Loading branch information
@str4d @github-actions
str4d authored and github-actions[bot] committed Jul 19, 2024
1 parent 9664c5f commit 8d2c621
Showing 1 changed file with 207 additions and 0 deletions.
207 changes: 207 additions & 0 deletions supply-chain/audits.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,13 @@ criteria = "safe-to-deploy"
delta = "0.1.78 -> 0.1.80"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.async-trait]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.1.80 -> 0.1.81"
notes = "Changes to generated code look fine."
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.autocfg]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -457,6 +464,18 @@ delta = "0.4.3 -> 0.4.4"
notes = "Adds panics to prevent a block size of zero from causing unsoundness."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.clap]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-run"
delta = "4.4.14 -> 4.4.18"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.clap_builder]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-run"
delta = "4.5.0 -> 4.4.18"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.clearscreen]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -960,6 +979,24 @@ delta = "1.0.113 -> 1.0.122"
notes = "Only changes to lints."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.darling]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.20.9 -> 0.20.10"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.darling_core]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.20.9 -> 0.20.10"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.darling_macro]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.20.9 -> 0.20.10"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.der]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -1051,6 +1088,12 @@ be fine in the context of this crate:
"""
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.either]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.11.0 -> 1.13.0"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.either]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -1148,6 +1191,13 @@ was reviewed by an ECC engineer.
"""
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.futures]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.3.28 -> 0.3.30"
notes = "Only sub-crate updates and corresponding changes to tests."
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.futures-channel]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -1217,6 +1267,24 @@ delta = "0.3.29 -> 0.3.30"
notes = "Removes `build.rs` now that it can rely on the `target_has_atomic` attribute."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.futures-executor]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.3.28 -> 0.3.30"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.futures-io]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.3.28 -> 0.3.30"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.futures-macro]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.3.28 -> 0.3.29"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.futures-macro]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -1476,6 +1544,12 @@ criteria = "safe-to-deploy"
delta = "1.0.0 -> 0.2.11"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.http-body]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.0.0 -> 1.0.1"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.http-body]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -1524,6 +1598,12 @@ delta = "0.4.1 -> 0.5.1"
notes = "New uses of pin_project! look fine."
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.hyper-util]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.1.5 -> 0.1.6"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.indexmap]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -1784,6 +1864,12 @@ criteria = "safe-to-deploy"
version = "0.1.1"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.memchr]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "2.7.2 -> 2.7.4"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.memchr]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
Expand All @@ -1807,6 +1893,12 @@ criteria = "safe-to-deploy"
delta = "2.7.1 -> 2.7.2"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.memmap2]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.9.3 -> 0.9.4"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.memoffset]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -1886,6 +1978,12 @@ criteria = "safe-to-deploy"
delta = "2.11.0 -> 2.11.2"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.minreq]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "2.11.2 -> 2.12.0"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.mio]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -1991,6 +2089,18 @@ delta = "1.15.0 -> 1.16.0"
notes = "New unsafe code calls AIX `getsystemcfg` API exposed by `libc` to access the SMT mode."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.num_enum]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.7.0 -> 0.7.2"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.num_enum_derive]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.7.0 -> 0.7.2"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.object]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -2031,6 +2141,12 @@ approach looks reasonable.
"""
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.oorandom]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-run"
delta = "11.1.3 -> 11.1.4"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.opaque-debug]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -2090,6 +2206,12 @@ criteria = "safe-to-run"
delta = "0.12.1 -> 0.12.2"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.parking_lot]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.12.2 -> 0.12.3"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.parking_lot]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -2403,6 +2525,13 @@ criteria = "safe-to-deploy"
delta = "0.12.1 -> 0.12.3"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.prost-derive]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.12.3 -> 0.12.6"
notes = "Changes to proc macro code are to fix lints after bumping MSRV."
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.prost-types]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -2529,6 +2658,12 @@ criteria = "safe-to-deploy"
delta = "1.10.2 -> 1.10.4"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.regex-automata]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.4.6 -> 0.4.7"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.regex-automata]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
Expand All @@ -2545,6 +2680,12 @@ criteria = "safe-to-deploy"
delta = "0.4.3 -> 0.4.6"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.regex-syntax]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.8.3 -> 0.8.4"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.regex-syntax]]
who = "Sean Bowe <ewillbefull@gmail.com>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -2706,6 +2847,16 @@ criteria = ["safe-to-deploy", "crypto-reviewed"]
delta = "0.26.0 -> 0.27.0"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.semver]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.0.22 -> 1.0.23"
notes = """
`build.rs` change is to enable checking for expected `#[cfg]` names if compiling
with Rust 1.80 or later.
"""
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.semver]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -2847,6 +2998,12 @@ criteria = "safe-to-run"
delta = "1.0.116 -> 1.0.117"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.serde_json]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.0.117 -> 1.0.120"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.serde_json]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -3140,6 +3297,18 @@ criteria = "safe-to-deploy"
delta = "1.0.58 -> 1.0.60"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.thiserror]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.0.60 -> 1.0.61"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.thiserror]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.0.61 -> 1.0.63"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.thiserror]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -3196,6 +3365,18 @@ criteria = "safe-to-deploy"
delta = "1.0.58 -> 1.0.60"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.thiserror-impl]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.0.60 -> 1.0.61"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.thiserror-impl]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "1.0.61 -> 1.0.63"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.thiserror-impl]]
who = "Jack Grigg <jack@z.cash>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -3433,6 +3614,13 @@ criteria = "safe-to-deploy"
delta = "0.10.2 -> 0.11.0"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.tonic]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.12.0 -> 0.12.1"
notes = "Changes to generics bounds look fine"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.tonic-build]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
Expand All @@ -3445,6 +3633,12 @@ criteria = "safe-to-deploy"
delta = "0.11.0 -> 0.12.0"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.tonic-build]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.12.0 -> 0.12.1"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.tracing-appender]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -3553,6 +3747,12 @@ delta = "0.4.1 -> 0.5.0"
notes = "I checked correctness of to_blocks which uses unsafe code in a safe function."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[audits.utf8parse]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-run"
delta = "0.2.1 -> 0.2.2"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[audits.wagyu-zcash-parameters]]
who = "Sean Bowe <ewillbefull@gmail.com>"
criteria = ["safe-to-deploy", "crypto-reviewed"]
Expand Down Expand Up @@ -4109,6 +4309,13 @@ start = "2021-10-27"
end = "2024-06-21"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"

[[trusted.zcash]]
criteria = "safe-to-deploy"
user-id = 6289
start = "2024-07-15"
end = "2025-07-19"
aggregated-from = "https://raw.githubusercontent.com/zcash/librustzcash/main/supply-chain/audits.toml"

[[trusted.zcash_address]]
criteria = "safe-to-deploy"
user-id = 1244
Expand Down

0 comments on commit 8d2c621

Please sign in to comment.