Update Rustix to address security notification (#546)

supply-chain/config.toml

@@ -297,10 +297,6 @@ criteria = "safe-to-deploy"
 version = "2.0.2"
 criteria = "safe-to-deploy"
 
-[[exemptions.instant]]
-version = "0.1.12"
-criteria = "safe-to-deploy"
-
 [[exemptions.ipnet]]
 version = "2.3.1"
 criteria = "safe-to-deploy"
@@ -457,6 +453,10 @@ criteria = "safe-to-deploy"
 version = "0.3.5"
 criteria = "safe-to-deploy"
 
+[[exemptions.redox_syscall]]
+version = "0.4.1"
+criteria = "safe-to-deploy"
+
 [[exemptions.redox_users]]
 version = "0.4.0"
 criteria = "safe-to-deploy"
@@ -618,7 +618,7 @@ version = "0.5.8"
 criteria = "safe-to-deploy"
 
 [[exemptions.tempfile]]
-version = "3.4.0"
+version = "3.8.1"
 criteria = "safe-to-deploy"
 
 [[exemptions.textwrap]]

supply-chain/imports.lock

@@ -391,8 +391,8 @@ user-login = "sunfishcode"
 user-name = "Dan Gohman"
 
 [[publisher.rustix]]
-version = "0.38.8"
-when = "2023-08-10"
+version = "0.38.21"
+when = "2023-10-26"
 user-id = 6825
 user-login = "sunfishcode"
 user-name = "Dan Gohman"
@@ -1340,12 +1340,6 @@ who = "Pat Hickey <[email protected]>"
 criteria = "safe-to-deploy"
 version = "1.0.0-rc.2"
 
-[[audits.bytecode-alliance.audits.http-body-util]]
-who = "Pat Hickey <[email protected]>"
-criteria = "safe-to-deploy"
-version = "0.1.0-rc.2"
-notes = "only one use of unsafe related to pin projection. unclear to me why pin_project! is used in many modules of the project, but the expanded output of that macro is inlined in either.rs"
-
 [[audits.bytecode-alliance.audits.httpdate]]
 who = "Pat Hickey <[email protected]>"
 criteria = "safe-to-deploy"
@@ -1542,12 +1536,6 @@ criteria = "safe-to-deploy"
 delta = "0.25.6 -> 0.25.7"
 notes = "This is a minor bug-fix update."
 
-[[audits.bytecode-alliance.audits.tempfile]]
-who = "Alex Crichton <[email protected]>"
-criteria = "safe-to-deploy"
-delta = "3.5.0 -> 3.6.0"
-notes = "Dependency updates and new optimized trait implementations, but otherwise everything looks normal."
-
 [[audits.bytecode-alliance.audits.tinyvec]]
 who = "Alex Crichton <[email protected]>"
 criteria = "safe-to-deploy"
@@ -1901,6 +1889,19 @@ criteria = "safe-to-deploy"
 delta = "2.2.1 -> 2.3.2"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 
+[[audits.mozilla.audits.bitflags]]
+who = "Mike Hommey <[email protected]>"
+criteria = "safe-to-deploy"
+delta = "2.3.3 -> 2.4.0"
+aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
+
+[[audits.mozilla.audits.bitflags]]
+who = "Jan-Erik Rediger <[email protected]>"
+criteria = "safe-to-deploy"
+delta = "2.4.0 -> 2.4.1"
+notes = "Only allowing new clippy lints"
+aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
+
 [[audits.mozilla.audits.crypto-common]]
 who = "Mike Hommey <[email protected]>"
 criteria = "safe-to-deploy"
@@ -2140,18 +2141,6 @@ criteria = "safe-to-deploy"
 delta = "0.10.2 -> 0.10.6"
 aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
 
-[[audits.mozilla.audits.tempfile]]
-who = "Jan-Erik Rediger <[email protected]>"
-criteria = "safe-to-deploy"
-delta = "3.4.0 -> 3.5.0"
-aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"
-
-[[audits.mozilla.audits.tempfile]]
-who = "Mike Hommey <[email protected]>"
-criteria = "safe-to-deploy"
-delta = "3.6.0 -> 3.8.0"
-aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
-
 [[audits.mozilla.audits.unicode-bidi]]
 who = "Makoto Kato <[email protected]>"
 criteria = "safe-to-deploy"