gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2025-12-05 20:40:02 -08:00
Code Issues Packages Projects Releases Wiki Activity

ci(supply-chain): update exemptions for cargo-vet

Browse Source
This commit is contained in:
David Niehues
2025-04-05 17:24:08 +02:00
parent db6530ef77
commit f7fb09bc44
2 changed files with 26 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
supply-chain/config.toml
View File

@@ -122,15 +122,15 @@ version = "1.8.1"
criteria = "safe-to-deploy"
[[exemptions.clap]]
version = "4.5.31"
version = "4.5.30"
criteria = "safe-to-deploy"
[[exemptions.clap_builder]]
version = "4.5.31"
version = "4.5.30"
criteria = "safe-to-deploy"
[[exemptions.clap_complete]]
version = "4.5.46"
version = "4.5.45"
criteria = "safe-to-deploy"
[[exemptions.clap_derive]]
@@ -142,7 +142,7 @@ version = "0.7.4"
criteria = "safe-to-deploy"
[[exemptions.clap_mangen]]
version = "0.2.26"
version = "0.2.24"
criteria = "safe-to-deploy"
[[exemptions.cmake]]
@@ -301,14 +301,26 @@ criteria = "safe-to-deploy"
version = "0.1.0"
criteria = "safe-to-deploy"
[[exemptions.hax-lib]]
version = "0.2.0"
criteria = "safe-to-deploy"
[[exemptions.hax-lib-macros]]
version = "0.1.0"
criteria = "safe-to-deploy"
[[exemptions.hax-lib-macros]]
version = "0.2.0"
criteria = "safe-to-deploy"
[[exemptions.hax-lib-macros-types]]
version = "0.1.0"
criteria = "safe-to-deploy"
[[exemptions.hax-lib-macros-types]]
version = "0.2.0"
criteria = "safe-to-deploy"
[[exemptions.heapless]]
version = "0.7.17"
criteria = "safe-to-deploy"
@@ -362,19 +374,15 @@ version = "1.3.0"
criteria = "safe-to-deploy"
[[exemptions.libc]]
version = "0.2.170"
version = "0.2.169"
criteria = "safe-to-deploy"
[[exemptions.libcrux]]
version = "0.0.2-pre.2"
criteria = "safe-to-deploy"
[[exemptions.libcrux-blake2]]
version = "0.0.2-beta.3"
criteria = "safe-to-deploy"
[[exemptions.libcrux-chacha20poly1305]]
version = "0.0.2-beta.3"
version = "0.0.2"
criteria = "safe-to-deploy"
[[exemptions.libcrux-hacl]]
@@ -382,15 +390,15 @@ version = "0.0.2-pre.2"
criteria = "safe-to-deploy"
[[exemptions.libcrux-hacl-rs]]
version = "0.0.2-beta.3"
version = "0.0.2"
criteria = "safe-to-deploy"
[[exemptions.libcrux-intrinsics]]
version = "0.0.2-beta.3"
version = "0.0.2"
criteria = "safe-to-deploy"
[[exemptions.libcrux-macros]]
version = "0.0.2-beta.3"
version = "0.0.2"
criteria = "safe-to-deploy"
[[exemptions.libcrux-ml-kem]]
@@ -402,7 +410,7 @@ version = "0.0.2-pre.2"
criteria = "safe-to-deploy"
[[exemptions.libcrux-poly1305]]
version = "0.0.2-beta.3"
version = "0.0.2"
criteria = "safe-to-deploy"
[[exemptions.libcrux-sha3]]
@@ -582,7 +590,7 @@ version = "0.9.0"
criteria = "safe-to-deploy"
[[exemptions.rand_core]]
version = "0.9.2"
version = "0.9.3"
criteria = "safe-to-deploy"
[[exemptions.redox_syscall]]
@@ -734,7 +742,7 @@ version = "0.2.2"
criteria = "safe-to-deploy"
[[exemptions.uuid]]
version = "1.15.1"
version = "1.14.0"
criteria = "safe-to-deploy"
[[exemptions.version_check]]
@@ -954,7 +962,7 @@ version = "0.7.35"
criteria = "safe-to-deploy"
[[exemptions.zerocopy]]
version = "0.8.20"
version = "0.8.24"
criteria = "safe-to-deploy"
[[exemptions.zerocopy-derive]]
@@ -962,5 +970,5 @@ version = "0.7.35"
criteria = "safe-to-deploy"
[[exemptions.zerocopy-derive]]
version = "0.8.20"
version = "0.8.24"
criteria = "safe-to-deploy"

14
supply-chain/imports.lock
View File

@@ -392,20 +392,6 @@ version = "1.13.0"
notes = "Unsafe code pertaining to wrapping Pin APIs. Mostly passes invariants down."
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.either]]
who = "Daniel Cheng <dcheng@chromium.org>"
criteria = "safe-to-deploy"
delta = "1.13.0 -> 1.14.0"
notes = """
Inheriting ub-risk-1 from the baseline review of 1.13.0. While the delta has some diffs in unsafe code, they are either:
- migrating code to use helper macros
- migrating match patterns to take advantage of default bindings mode from RFC 2005
Either way, the result is code that does exactly the same thing and does not change the risk of UB.
See https://crrev.com/c/6323164 for more audit details.
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.equivalent]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-deploy"