Fix errors in supply chain security workflow (#4497)
This commit is contained in:
parent
d038fb2c7a
commit
828f1c50d8
5 changed files with 32 additions and 47 deletions
4
.github/workflows/supply-chain.yml
vendored
4
.github/workflows/supply-chain.yml
vendored
|
@ -10,6 +10,8 @@ on:
|
|||
- Cargo.toml
|
||||
- core/Cargo.toml
|
||||
- lib/Cargo.toml
|
||||
- build.rs
|
||||
- lib/build.rs
|
||||
- supply-chain/audits.toml
|
||||
- supply-chain/config.toml
|
||||
- supply-chain/imports.lock
|
||||
|
@ -23,6 +25,8 @@ on:
|
|||
- Cargo.toml
|
||||
- core/Cargo.toml
|
||||
- lib/Cargo.toml
|
||||
- build.rs
|
||||
- lib/build.rs
|
||||
- supply-chain/audits.toml
|
||||
- supply-chain/config.toml
|
||||
- supply-chain/imports.lock
|
||||
|
|
4
Cargo.lock
generated
4
Cargo.lock
generated
|
@ -1061,9 +1061,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "bytemuck"
|
||||
version = "1.15.0"
|
||||
version = "1.16.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "5d6d68c57235a3a081186990eca2867354726650f42f7516ca50c28d6281fd15"
|
||||
checksum = "102087e286b4677862ea56cf8fc58bb2cdfa8725c40ffb80fe3a008eb7f2fc83"
|
||||
|
||||
[[package]]
|
||||
name = "byteorder"
|
||||
|
|
28
cackle.toml
28
cackle.toml
|
@ -794,9 +794,6 @@ allow_unsafe = true
|
|||
[pkg.time]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.crossbeam-channel]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.thread_local]
|
||||
allow_unsafe = true
|
||||
|
||||
|
@ -809,9 +806,6 @@ allow_unsafe = true
|
|||
[pkg.utf8parse]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.retain_mut]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.base64ct]
|
||||
allow_unsafe = true
|
||||
|
||||
|
@ -989,9 +983,6 @@ allow_unsafe = true
|
|||
[pkg.crossbeam-deque]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.crossbeam-queue]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.anstream]
|
||||
allow_unsafe = true
|
||||
|
||||
|
@ -1031,22 +1022,12 @@ allow_unsafe = true
|
|||
[pkg.geo]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.nanorand]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.futures-lite]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.half]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.http-types]
|
||||
build.allow_apis = [
|
||||
"fs",
|
||||
"process",
|
||||
]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.any_ascii]
|
||||
allow_unsafe = true
|
||||
|
||||
|
@ -1117,9 +1098,6 @@ allow_apis = [
|
|||
[pkg.predicates]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.futures-timer]
|
||||
allow_unsafe = true
|
||||
|
||||
[pkg.rustyline]
|
||||
allow_unsafe = true
|
||||
allow_apis = [
|
||||
|
@ -1172,6 +1150,9 @@ allow_apis = [
|
|||
allow_apis = [
|
||||
"fs",
|
||||
]
|
||||
build.allow_build_instructions = [
|
||||
"cargo::rustc-check-cfg=*",
|
||||
]
|
||||
|
||||
[pkg.surrealdb-core]
|
||||
allow_unsafe = true
|
||||
|
@ -1179,6 +1160,9 @@ allow_apis = [
|
|||
"net",
|
||||
"fs",
|
||||
]
|
||||
build.allow_build_instructions = [
|
||||
"cargo::rustc-check-cfg=*",
|
||||
]
|
||||
|
||||
[pkg.assert_fs]
|
||||
from.test.allow_apis = [
|
||||
|
|
|
@ -447,10 +447,6 @@ criteria = "safe-to-deploy"
|
|||
version = "1.1.2"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.crossbeam-channel]]
|
||||
version = "0.5.11"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.crossbeam-deque]]
|
||||
version = "0.8.5"
|
||||
criteria = "safe-to-deploy"
|
||||
|
@ -2043,10 +2039,6 @@ criteria = "safe-to-deploy"
|
|||
version = "0.5.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.xattr]]
|
||||
version = "1.3.1"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
[[exemptions.xml-rs]]
|
||||
version = "0.8.20"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
|
@ -683,6 +683,18 @@ who = "Pat Hickey <phickey@fastly.com>"
|
|||
criteria = "safe-to-deploy"
|
||||
version = "0.3.0"
|
||||
|
||||
[[audits.bytecode-alliance.audits.xattr]]
|
||||
who = "Andrew Brown <andrew.brown@intel.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.2.0"
|
||||
notes = "This crate contains `unsafe` calls to libc `extattr_*` functions as one would expect from the crate's purpose."
|
||||
|
||||
[[audits.bytecode-alliance.audits.xattr]]
|
||||
who = "Andrew Brown <andrew.brown@intel.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.2.0 -> 1.3.1"
|
||||
notes = "Minor changes to MacOS-specific code."
|
||||
|
||||
[[audits.embark-studios.audits.assert-json-diff]]
|
||||
who = "Johan Andersson <opensource@embark-studios.com>"
|
||||
criteria = "safe-to-run"
|
||||
|
@ -843,14 +855,14 @@ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_p
|
|||
[[audits.google.audits.bytemuck]]
|
||||
who = "Lukasz Anforowicz <lukasza@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
version = "1.14.3"
|
||||
notes = "Additional review notes may be found in https://crrev.com/c/5362675."
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.bytemuck]]
|
||||
who = "Adrian Taylor <adetaylor@chromium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.14.3 -> 1.15.0"
|
||||
version = "1.16.3"
|
||||
notes = """
|
||||
Review notes from the original audit (of 1.14.3) may be found in
|
||||
https://crrev.com/c/5362675. Note that this audit has initially missed UB risk
|
||||
that was fixed in 1.16.2 - see https://github.com/Lokathor/bytemuck/pull/258.
|
||||
Because of this, the original audit has been edited to certify version `1.16.3`
|
||||
instead (see also https://crrev.com/c/5771867).
|
||||
"""
|
||||
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
|
||||
|
||||
[[audits.google.audits.difflib]]
|
||||
|
@ -1417,13 +1429,6 @@ delta = "0.9.3 -> 0.9.4"
|
|||
notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla."
|
||||
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.crossbeam-channel]]
|
||||
who = "Jan-Erik Rediger <jrediger@mozilla.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "0.5.11 -> 0.5.12"
|
||||
notes = "Minimal change fixing a memory leak."
|
||||
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
|
||||
|
||||
[[audits.mozilla.audits.crypto-common]]
|
||||
who = "Mike Hommey <mh+mozilla@glandium.org>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
|
Loading…
Reference in a new issue