chore(deps): bump actions/cache from 4 to 5

Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Regenerate cargo vet exemptions
2025-12-29 14:15:33 -08:00 · 2025-12-17 23:12:23 +00:00 · 2025-12-17 20:52:09 +01:00 · 2025-12-17 20:52:09 +01:00
6 changed files with 21 additions and 19 deletions
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -173,7 +173,7 @@ jobs:
          touch "${{ runner.temp }}/digests/${digest#sha256:}"

      - name: Upload digest
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
        with:
          name: digests-rp-${{ matrix.arch }}
          path: ${{ runner.temp }}/digests/*
@@ -237,7 +237,7 @@ jobs:
          touch "${{ runner.temp }}/digests/${digest#sha256:}"

      - name: Upload digest
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
        with:
          name: digests-rosenpass-${{ matrix.arch }}
          path: ${{ runner.temp }}/digests/*
--- a/.github/workflows/qc-mac.yaml
+++ b/.github/workflows/qc-mac.yaml
@@ -17,7 +17,7 @@ jobs:
    runs-on: warp-macos-13-arm64-6x
    steps:
      - uses: actions/checkout@v5
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
--- a/.github/workflows/qc.yaml
+++ b/.github/workflows/qc.yaml
@@ -34,7 +34,7 @@ jobs:
    runs-on: ubicloud-standard-2-ubuntu-2204
    steps:
      - uses: actions/checkout@v5
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
@@ -57,7 +57,7 @@ jobs:
    runs-on: ubicloud-standard-2-ubuntu-2204
    steps:
      - uses: actions/checkout@v5
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
@@ -93,7 +93,7 @@ jobs:
    runs-on: ubicloud-standard-2-ubuntu-2204
    steps:
      - uses: actions/checkout@v5
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
@@ -112,7 +112,7 @@ jobs:
    runs-on: ubicloud-standard-2-ubuntu-2204
    steps:
      - uses: actions/checkout@v5
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
@@ -131,7 +131,7 @@ jobs:
    runs-on: ubicloud-standard-2-ubuntu-2204
    steps:
      - uses: actions/checkout@v5
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
@@ -150,7 +150,7 @@ jobs:
      - ubicloud-standard-2-ubuntu-2204
    steps:
      - uses: actions/checkout@v5
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
@@ -172,7 +172,7 @@ jobs:
    runs-on: ubicloud-standard-2-ubuntu-2204
    steps:
      - uses: actions/checkout@v5
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
@@ -207,7 +207,7 @@ jobs:
      RUSTUP_TOOLCHAIN: nightly
    steps:
      - uses: actions/checkout@v5
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
--- a/.github/workflows/supply-chain.yml
+++ b/.github/workflows/supply-chain.yml
@@ -20,7 +20,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v5
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
@@ -32,7 +32,7 @@ jobs:
        run: |
          rustup toolchain install nightly
          rustup override set nightly
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: ${{ runner.tool_cache }}/cargo-supply-chain
          key: cargo-supply-chain-bin
@@ -56,7 +56,7 @@ jobs:
      - uses: actions/checkout@v5
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ~/.cargo/bin/
@@ -67,7 +67,7 @@ jobs:
        run: |
          rustup toolchain install nightly
          rustup override set nightly
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: ${{ runner.tool_cache }}/cargo-vet
          key: cargo-vet-bin
--- a/supply-chain/config.toml
+++ b/supply-chain/config.toml
@@ -257,10 +257,6 @@ criteria = "safe-to-deploy"
 version = "0.10.7"
 criteria = "safe-to-deploy"

-[[exemptions.embedded-io]]
-version = "0.6.1"
-criteria = "safe-to-deploy"
-
 [[exemptions.env_logger]]
 version = "0.10.2"
 criteria = "safe-to-deploy"
--- a/supply-chain/imports.lock
+++ b/supply-chain/imports.lock
@@ -138,6 +138,12 @@ criteria = "safe-to-deploy"
 version = "0.4.0"
 notes = "No `unsafe` code and only uses `std` in ways one would expect the crate to do so."

+[[audits.bytecode-alliance.audits.embedded-io]]
+who = "Alex Crichton <alex@alexcrichton.com>"
+criteria = "safe-to-deploy"
+delta = "0.4.0 -> 0.6.1"
+notes = "Major updates, but almost all safe code. Lots of pruning/deletions, nothing out of the ordrinary."
+
 [[audits.bytecode-alliance.audits.errno]]
 who = "Dan Gohman <dev@sunfishcode.online>"
 criteria = "safe-to-deploy"