From fe7fe58673f4729c0fd6122567876082f8274d44 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Dec 2024 22:01:52 +0000 Subject: [PATCH] Bump the nonbreaking group across 1 directory with 13 updates (#853) --- Cargo.lock | 187 ++++++++++++++++++++-------------- Cargo.toml | 2 +- crates/cli/Cargo.toml | 10 +- crates/javy/Cargo.toml | 4 +- crates/runner/Cargo.toml | 2 +- crates/test-macros/Cargo.toml | 4 +- supply-chain/audits.toml | 8 +- supply-chain/config.toml | 14 +-- supply-chain/imports.lock | 114 ++++++++++++++++----- 9 files changed, 226 insertions(+), 119 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index fd2e06b7..f68adf58 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -146,9 +146,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.92" +version = "1.0.94" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "74f37166d7d48a0284b99dd824694c26119c700b53bf0d1540cdb147dbdaaf13" +checksum = "c1fd03a028ef38ba2276dce7e33fcd6369c158a1bca17946c4b1b701891c1ff7" [[package]] name = "arbitrary" @@ -181,7 +181,7 @@ dependencies = [ "proc-macro2", "quote", "swc_macros_common", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -192,7 +192,7 @@ checksum = "6e0c28dcc82d7c8ead5cb13beb15405b57b8546e93215673ff8ca0349a028107" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -259,7 +259,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.87", + "syn 2.0.90", "which", ] @@ -513,9 +513,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.20" +version = "4.5.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b97f376d85a664d5837dbae44bf546e6477a679ff6610010f17276f686d867e8" +checksum = "69371e34337c4c984bbe322360c2547210bf632eb2814bbe78a6e87a2935bd2b" dependencies = [ "clap_builder", "clap_derive", @@ -523,9 +523,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.20" +version = "4.5.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19bc80abd44e4bed93ca373a0704ccbd1b710dc5749406201bb018272808dc54" +checksum = "6e24c1b4099818523236a8ca881d2b45db98dadfb4625cf6608c12069fcbbde1" dependencies = [ "anstream", "anstyle", @@ -542,7 +542,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -838,7 +838,7 @@ dependencies = [ "proc-macro2", "quote", "scratch", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -855,7 +855,7 @@ checksum = "4b2c1c1776b986979be68bb2285da855f8d8a35851a769fca8740df7c3d07877" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -879,7 +879,7 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -890,7 +890,7 @@ checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806" dependencies = [ "darling_core", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -927,7 +927,7 @@ dependencies = [ "darling", "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -937,7 +937,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4abae7035bf79b9877b779505d8cf3749285b80c43941eda66604841889451dc" dependencies = [ "derive_builder_core", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -1058,9 +1058,9 @@ checksum = "2acce4a10f12dc2fb14a218589d4f1f62ef011b2d0cc4b3cb1bba8e94da14649" [[package]] name = "fastrand" -version = "2.1.1" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e8c02a5121d4ea3eb16a80748c74f5549a5665e4c21333c6098f283870fbdea6" +checksum = "486f806e73c5707928240ddc295403b1b93c96a02038563881c4a2fd84b81ac4" [[package]] name = "fd-lock" @@ -1088,6 +1088,12 @@ version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" +[[package]] +name = "foldhash" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f81ec6369c545a7d40e4589b5597581fa1c441fe1cce96dd1de43159910a36a2" + [[package]] name = "form_urlencoded" version = "1.2.1" @@ -1105,7 +1111,7 @@ checksum = "8d7ccf961415e7aa17ef93dcb6c2441faaa8e768abe09e659b908089546f74c5" dependencies = [ "proc-macro2", "swc_macros_common", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -1240,7 +1246,7 @@ dependencies = [ "proc-macro-error2", "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -1323,6 +1329,16 @@ dependencies = [ "serde", ] +[[package]] +name = "hashbrown" +version = "0.15.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf151400ff0baff5465007dd2f3e717f3fe502074ca563069ce3a6629d07b289" +dependencies = [ + "foldhash", + "serde", +] + [[package]] name = "heck" version = "0.4.1" @@ -1467,7 +1483,7 @@ dependencies = [ "Inflector", "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -1571,8 +1587,8 @@ dependencies = [ "walrus", "wasi-common", "wasm-opt", - "wasmparser 0.219.1", - "wasmprinter 0.219.1", + "wasmparser 0.221.2", + "wasmprinter 0.221.2", "wasmtime", "wasmtime-wasi", "wit-parser", @@ -1616,7 +1632,7 @@ dependencies = [ "tempfile", "uuid", "wasi-common", - "wasmparser 0.219.1", + "wasmparser 0.221.2", "wasmtime", "wasmtime-wasi", ] @@ -1628,7 +1644,7 @@ dependencies = [ "anyhow", "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -1677,19 +1693,18 @@ checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" [[package]] name = "libc" -version = "0.2.159" +version = "0.2.167" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "561d97a539a36e26a9a5fad1ea11a3039a67714694aaa379433e580854bc3dc5" +checksum = "09d6582e104315a817dff97f75133544b2e094ee22447d2acf4a74e189ba06fc" [[package]] name = "libfuzzer-sys" -version = "0.4.7" +version = "0.4.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a96cfd5557eb82f2b83fed4955246c988d331975a002961b07c81584d107e7f7" +checksum = "9b9569d2f74e257076d8c6bfa73fb505b46b851e51ddaecc825944aa3bed17fa" dependencies = [ "arbitrary", "cc", - "once_cell", ] [[package]] @@ -1935,7 +1950,7 @@ dependencies = [ "phf_shared", "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -2024,7 +2039,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5f12335488a2f3b0a83b14edad48dca9879ce89b2edd10e80237e4e852dd645e" dependencies = [ "proc-macro2", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -2080,14 +2095,14 @@ dependencies = [ "proc-macro-error-attr2", "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] name = "proc-macro2" -version = "1.0.89" +version = "1.0.92" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f139b0662de085916d1fb67d2b4169d1addddda1919e696f3252b740b629986e" +checksum = "37d3544b3f2748c54e147655edb5025752e2303145b5aefb3c3ea2c78b973bb0" dependencies = [ "unicode-ident", ] @@ -2118,7 +2133,7 @@ checksum = "ca414edb151b4c8d125c12566ab0d74dc9cdba36fb80eb7b848c15f495fd32d1" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -2225,7 +2240,7 @@ checksum = "bcc303e793d3734489387d205e9b186fac9c6cfacedd98cbb2e8a5943595f3e6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -2333,7 +2348,7 @@ dependencies = [ "proc-macro2", "quote", "rquickjs-core", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -2369,9 +2384,9 @@ dependencies = [ [[package]] name = "rustix" -version = "0.38.37" +version = "0.38.41" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8acb788b847c24f28525660c4d7758620a7210875711f79e7f663cc152726811" +checksum = "d7f649912bc1495e167a6edee79151c84b1bad49748cb4f1f1167f459f6224f6" dependencies = [ "bitflags", "errno", @@ -2447,9 +2462,9 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" [[package]] name = "serde" -version = "1.0.210" +version = "1.0.215" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" +checksum = "6513c1ad0b11a9376da888e3e0baa0077f1aed55c17f50e7b2397136129fb88f" dependencies = [ "serde_derive", ] @@ -2465,20 +2480,20 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.210" +version = "1.0.215" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" +checksum = "ad1e866f866923f252f05c889987993144fb74e722403468a4ebd70c3cd756c0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] name = "serde_json" -version = "1.0.132" +version = "1.0.133" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d726bfaff4b320266d395898905d0eba0345aae23b54aee3a737e260fd46db03" +checksum = "c7fceb2473b9166b2294ef05efcb65a3db80803f0b03ef86a5fc88a2b85ee377" dependencies = [ "itoa", "memchr", @@ -2532,9 +2547,9 @@ dependencies = [ [[package]] name = "simd-json" -version = "0.14.2" +version = "0.14.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1df0290e9bfe79ddd5ff8798ca887cd107b75353d2957efe9777296e17f26b5" +checksum = "aa2bcf6c6e164e81bc7a5d49fc6988b3d515d9e8c07457d7b74ffb9324b9cd40" dependencies = [ "getrandom", "halfbrown", @@ -2652,7 +2667,7 @@ dependencies = [ "proc-macro2", "quote", "swc_macros_common", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -2852,7 +2867,7 @@ checksum = "e96e15288bf385ab85eb83cff7f9e2d834348da58d0a31b33bdb572e66ee413e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -2863,7 +2878,7 @@ checksum = "a509f56fca05b39ba6c15f3e58636c3924c78347d63853632ed2ffcb6f5a0ac7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -2889,9 +2904,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.87" +version = "2.0.90" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25aa4ce346d03a6dcd68dd8b4010bcb74e54e62c90c573f394c46eae99aba32d" +checksum = "919d3b74a5dd0ccd15aeb8f93e7006bd9e14c295087c9896a110f490752bcf31" dependencies = [ "proc-macro2", "quote", @@ -2928,9 +2943,9 @@ checksum = "4873307b7c257eddcb50c9bedf158eb669578359fb28428bef438fec8e6ba7c2" [[package]] name = "tempfile" -version = "3.13.0" +version = "3.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0f2c9fc62d0beef6951ccffd757e241266a2c833136efbe35af6cd2567dca5b" +checksum = "28cce251fcbc87fac86a866eeb0d6c2d536fc16d06f184bb61aeae11aa4cee0c" dependencies = [ "cfg-if", "fastrand", @@ -2965,7 +2980,7 @@ checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -3074,7 +3089,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -3242,9 +3257,9 @@ dependencies = [ [[package]] name = "walrus" -version = "0.22.0" +version = "0.23.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d68aa3c7b80be75c8458fc087453e5a31a226cfffede2e9b932393b2ea1c624a" +checksum = "031bc51853697a6a01731f1c2d6d56989c3a742d63316f59918c90b709a6edd9" dependencies = [ "anyhow", "gimli 0.26.2", @@ -3252,8 +3267,8 @@ dependencies = [ "leb128", "log", "walrus-macro", - "wasm-encoder 0.212.0", - "wasmparser 0.212.0", + "wasm-encoder 0.214.0", + "wasmparser 0.214.0", ] [[package]] @@ -3265,7 +3280,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -3321,7 +3336,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", "wasm-bindgen-shared", ] @@ -3343,7 +3358,7 @@ checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -3372,6 +3387,15 @@ dependencies = [ "leb128", ] +[[package]] +name = "wasm-encoder" +version = "0.214.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff694f02a8d7a50b6922b197ae03883fbf18cdb2ae9fbee7b6148456f5f44041" +dependencies = [ + "leb128", +] + [[package]] name = "wasm-opt" version = "0.116.1" @@ -3439,9 +3463,9 @@ dependencies = [ [[package]] name = "wasmparser" -version = "0.219.1" +version = "0.214.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c771866898879073c53b565a6c7b49953795159836714ac56a5befb581227c5" +checksum = "5309c1090e3e84dad0d382f42064e9933fdaedb87e468cc239f0eabea73ddcb6" dependencies = [ "ahash", "bitflags", @@ -3451,6 +3475,19 @@ dependencies = [ "serde", ] +[[package]] +name = "wasmparser" +version = "0.221.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9845c470a2e10b61dd42c385839cdd6496363ed63b5c9e420b5488b77bd22083" +dependencies = [ + "bitflags", + "hashbrown 0.15.2", + "indexmap 2.2.6", + "semver 1.0.23", + "serde", +] + [[package]] name = "wasmprinter" version = "0.212.0" @@ -3464,13 +3501,13 @@ dependencies = [ [[package]] name = "wasmprinter" -version = "0.219.1" +version = "0.221.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "228cdc1f30c27816da225d239ce4231f28941147d34713dee8f1fff7cb330e54" +checksum = "a80742ff1b9e6d8c231ac7c7247782c6fc5bce503af760bca071811e5fc9ee56" dependencies = [ "anyhow", "termcolor", - "wasmparser 0.219.1", + "wasmparser 0.221.2", ] [[package]] @@ -3567,7 +3604,7 @@ dependencies = [ "anyhow", "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", "wasmtime-component-util", "wasmtime-wit-bindgen", "wit-parser", @@ -3697,7 +3734,7 @@ checksum = "a2bde986038b819bc43a21fef0610aeb47aabfe3ea09ca3533a7b81023b84ec6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] @@ -3839,7 +3876,7 @@ dependencies = [ "proc-macro2", "quote", "shellexpand", - "syn 2.0.87", + "syn 2.0.90", "witx", ] @@ -3851,7 +3888,7 @@ checksum = "f8f8feabe94ce6f07d62669d1acf469e0d3249f786562b4263dff3537a4e77ae" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", "wiggle-generate", ] @@ -4160,7 +4197,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.87", + "syn 2.0.90", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index bb369585..ec53d788 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -24,7 +24,7 @@ wasmtime-wasi = "23" wasi-common = "23" anyhow = "1.0" javy = { path = "crates/javy", version = "3.1.1-alpha.1" } -tempfile = "3.13.0" +tempfile = "3.14.0" uuid = { version = "1.11", features = ["v4"] } serde = { version = "1.0", default-features = false } serde_json = "1.0" diff --git a/crates/cli/Cargo.toml b/crates/cli/Cargo.toml index 14b22bb6..ec1db75b 100644 --- a/crates/cli/Cargo.toml +++ b/crates/cli/Cargo.toml @@ -17,11 +17,11 @@ dump_wat = ["dep:wasmprinter"] wizer = { workspace = true } anyhow = { workspace = true } brotli = "7.0.0" -wasmprinter = { version = "0.219.1", optional = true } +wasmprinter = { version = "0.221.2", optional = true } wasmtime = { workspace = true } wasmtime-wasi = { workspace = true } wasi-common = { workspace = true } -walrus = "0.22.0" +walrus = "0.23.2" swc_core = { version = "8.0.1", features = [ "common_sourcemap", "ecma_ast", @@ -31,7 +31,7 @@ wit-parser = "0.212.0" convert_case = "0.6.0" wasm-opt = "0.116.1" tempfile = { workspace = true } -clap = { version = "4.5.20", features = ["derive"] } +clap = { version = "4.5.22", features = ["derive"] } serde = { workspace = true, default-features = false } serde_json = { workspace = true } @@ -39,13 +39,13 @@ serde_json = { workspace = true } lazy_static = "1.5" criterion = "0.5" num-format = "0.4.4" -wasmparser = "0.219.1" +wasmparser = "0.221.2" javy-runner = { path = "../runner/" } uuid = { workspace = true } javy-test-macros = { path = "../test-macros/" } [build-dependencies] -anyhow = "1.0.92" +anyhow = "1.0.94" wizer = { workspace = true } [[bench]] diff --git a/crates/javy/Cargo.toml b/crates/javy/Cargo.toml index cf14b600..d27d11d6 100644 --- a/crates/javy/Cargo.toml +++ b/crates/javy/Cargo.toml @@ -22,8 +22,8 @@ rmp-serde = { version = "^1.3", optional = true } # tests. quickcheck = "1" bitflags = "2.6.0" -fastrand = "2.1.1" -simd-json = { version = "0.14.2", optional = true, default-features = false, features = [ +fastrand = "2.2.0" +simd-json = { version = "0.14.3", optional = true, default-features = false, features = [ "big-int-as-float", "serde_impl", ] } diff --git a/crates/runner/Cargo.toml b/crates/runner/Cargo.toml index 924dab2f..502e1cce 100644 --- a/crates/runner/Cargo.toml +++ b/crates/runner/Cargo.toml @@ -13,4 +13,4 @@ wasi-common = { workspace = true } anyhow = { workspace = true } tempfile = { workspace = true } uuid = { workspace = true } -wasmparser = "0.219.1" +wasmparser = "0.221.2" diff --git a/crates/test-macros/Cargo.toml b/crates/test-macros/Cargo.toml index a301f31e..589d89b4 100644 --- a/crates/test-macros/Cargo.toml +++ b/crates/test-macros/Cargo.toml @@ -12,6 +12,6 @@ doctest = false [dependencies] anyhow = { workspace = true } -proc-macro2 = "1.0.89" +proc-macro2 = "1.0.92" quote = "1.0.37" -syn = { version = "2.0.87", features = ["full"] } +syn = { version = "2.0.90", features = ["full"] } diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 0bc3f87d..e7b4b2d6 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -324,6 +324,12 @@ user-id = 51017 start = "2020-03-17" end = "2024-10-30" +[[trusted.libfuzzer-sys]] +criteria = "safe-to-deploy" +user-id = 696 # Nick Fitzgerald (fitzgen) +start = "2020-01-14" +end = "2025-12-04" + [[trusted.linux-raw-sys]] criteria = "safe-to-deploy" user-id = 6825 # Dan Gohman (sunfishcode) @@ -430,7 +436,7 @@ end = "2024-10-03" criteria = "safe-to-deploy" user-id = 6825 # Dan Gohman (sunfishcode) start = "2021-10-29" -end = "2024-07-25" +end = "2025-12-04" [[trusted.rustversion]] criteria = "safe-to-deploy" diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 8f9fd291..2e16b041 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -214,7 +214,7 @@ version = "0.2.0" criteria = "safe-to-deploy" [[exemptions.fastrand]] -version = "2.1.1" +version = "2.2.0" criteria = "safe-to-deploy" [[exemptions.float-cmp]] @@ -338,11 +338,7 @@ version = "1.3.0" criteria = "safe-to-deploy" [[exemptions.libc]] -version = "0.2.159" -criteria = "safe-to-deploy" - -[[exemptions.libfuzzer-sys]] -version = "0.4.7" +version = "0.2.167" criteria = "safe-to-deploy" [[exemptions.libloading]] @@ -538,7 +534,7 @@ version = "0.7.1" criteria = "safe-to-deploy" [[exemptions.simd-json]] -version = "0.14.2" +version = "0.14.3" criteria = "safe-to-deploy" [[exemptions.simdutf8]] @@ -626,7 +622,7 @@ version = "2.0.0" criteria = "safe-to-deploy" [[exemptions.tempfile]] -version = "3.13.0" +version = "3.14.0" criteria = "safe-to-deploy" [[exemptions.tinyvec_macros]] @@ -694,7 +690,7 @@ version = "0.1.3" criteria = "safe-to-deploy" [[exemptions.walrus]] -version = "0.22.0" +version = "0.23.2" criteria = "safe-to-deploy" [[exemptions.walrus-macro]] diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index a336154f..24213eb0 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -44,8 +44,8 @@ user-login = "epage" user-name = "Ed Page" [[publisher.anyhow]] -version = "1.0.92" -when = "2024-11-01" +version = "1.0.94" +when = "2024-12-03" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -128,15 +128,15 @@ user-login = "emilio" user-name = "Emilio Cobos Álvarez" [[publisher.clap]] -version = "4.5.20" -when = "2024-10-08" +version = "4.5.22" +when = "2024-12-03" user-id = 6743 user-login = "epage" user-name = "Ed Page" [[publisher.clap_builder]] -version = "4.5.20" -when = "2024-10-08" +version = "4.5.22" +when = "2024-12-03" user-id = 6743 user-login = "epage" user-name = "Ed Page" @@ -347,6 +347,13 @@ user-id = 1 user-login = "alexcrichton" user-name = "Alex Crichton" +[[publisher.libfuzzer-sys]] +version = "0.4.8" +when = "2024-11-07" +user-id = 696 +user-login = "fitzgen" +user-name = "Nick Fitzgerald" + [[publisher.linux-raw-sys]] version = "0.4.14" when = "2024-05-17" @@ -390,8 +397,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.proc-macro2]] -version = "1.0.89" -when = "2024-10-22" +version = "1.0.92" +when = "2024-11-21" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -460,8 +467,8 @@ user-login = "BurntSushi" user-name = "Andrew Gallant" [[publisher.rustix]] -version = "0.38.34" -when = "2024-04-22" +version = "0.38.41" +when = "2024-11-18" user-id = 6825 user-login = "sunfishcode" user-name = "Dan Gohman" @@ -509,8 +516,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde_json]] -version = "1.0.132" -when = "2024-10-19" +version = "1.0.133" +when = "2024-11-17" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -537,8 +544,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.syn]] -version = "2.0.87" -when = "2024-11-02" +version = "2.0.90" +when = "2024-11-29" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -695,6 +702,12 @@ when = "2024-06-27" user-id = 73222 user-login = "wasmtime-publish" +[[publisher.wasm-encoder]] +version = "0.214.0" +when = "2024-07-16" +user-id = 73222 +user-login = "wasmtime-publish" + [[publisher.wasmparser]] version = "0.202.0" when = "2024-03-26" @@ -708,8 +721,14 @@ user-id = 73222 user-login = "wasmtime-publish" [[publisher.wasmparser]] -version = "0.219.1" -when = "2024-10-10" +version = "0.214.0" +when = "2024-07-16" +user-id = 73222 +user-login = "wasmtime-publish" + +[[publisher.wasmparser]] +version = "0.221.2" +when = "2024-12-02" user-id = 73222 user-login = "wasmtime-publish" @@ -720,8 +739,8 @@ user-id = 73222 user-login = "wasmtime-publish" [[publisher.wasmprinter]] -version = "0.219.1" -when = "2024-10-10" +version = "0.221.2" +when = "2024-12-02" user-id = 73222 user-login = "wasmtime-publish" @@ -1463,6 +1482,15 @@ this crate has to do with iterators and `Result` and such. No `unsafe` or anything like that, all looks good. """ +[[audits.bytecode-alliance.audits.foldhash]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +version = "0.1.3" +notes = """ +Only a minor amount of `unsafe` code in this crate related to global per-process +initialization which looks correct to me. +""" + [[audits.bytecode-alliance.audits.fxprof-processed-profile]] who = "Jamey Sharp " criteria = "safe-to-deploy" @@ -1486,6 +1514,11 @@ criteria = "safe-to-deploy" delta = "0.13.1 -> 0.13.2" notes = "I read through the diff between v0.13.1 and v0.13.2, and verified that the changes made matched up with the changelog entries. There were very few changes between these two releases, and it was easy to verify what they did." +[[audits.bytecode-alliance.audits.hashbrown]] +who = "Chris Fallin " +criteria = "safe-to-deploy" +delta = "0.14.5 -> 0.15.2" + [[audits.bytecode-alliance.audits.heck]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -1608,11 +1641,6 @@ who = "Alex Crichton " criteria = "safe-to-deploy" delta = "0.1.21 -> 0.1.24" -[[audits.bytecode-alliance.audits.rustix]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -delta = "0.38.34 -> 0.38.37" - [[audits.bytecode-alliance.audits.slice-group-by]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -1920,6 +1948,25 @@ delta = "1.0.209 -> 1.0.210" notes = "Almost no new code - just feature rearrangement" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" +[[audits.google.audits.serde]] +who = "Liza Burakova " +criteria = "safe-to-deploy" +delta = "1.0.210 -> 1.0.213" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde]] +who = "Dustin J. Mitchell " +criteria = "safe-to-deploy" +delta = "1.0.213 -> 1.0.214" +notes = "No unsafe, no crypto" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde]] +who = "Adrian Taylor " +criteria = "safe-to-deploy" +delta = "1.0.214 -> 1.0.215" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.serde_derive]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" @@ -1946,6 +1993,27 @@ delta = "1.0.209 -> 1.0.210" notes = "Almost no new code - just feature rearrangement" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" +[[audits.google.audits.serde_derive]] +who = "Liza Burakova " +criteria = "safe-to-deploy" +delta = "1.0.210 -> 1.0.213" +notes = "Grepped for 'unsafe', 'crypt', 'cipher', 'fs', 'net' - there were no hits" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde_derive]] +who = "Dustin J. Mitchell " +criteria = "safe-to-deploy" +delta = "1.0.213 -> 1.0.214" +notes = "No changes to unsafe, no crypto" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde_derive]] +who = "Adrian Taylor " +criteria = "safe-to-deploy" +delta = "1.0.214 -> 1.0.215" +notes = "Minor changes should not impact UB risk" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.socket2]] who = "David Koloski " criteria = "safe-to-deploy"