From 3f3437b0e7eca395f9e543bbfe771f4260dee3fe Mon Sep 17 00:00:00 2001 From: Conrad Ludgate Date: Sat, 19 Aug 2023 12:04:41 +0100 Subject: [PATCH] start vetting dependencies --- supply-chain/audits.toml | 297 ++++++++ supply-chain/config.toml | 1459 +++++++++++++++++++++++++++++++++++++ supply-chain/imports.lock | 2 + supply-chain/vet.sh | 54 ++ 4 files changed, 1812 insertions(+) create mode 100644 supply-chain/audits.toml create mode 100644 supply-chain/config.toml create mode 100644 supply-chain/imports.lock create mode 100755 supply-chain/vet.sh diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml new file mode 100644 index 00000000..7313294a --- /dev/null +++ b/supply-chain/audits.toml @@ -0,0 +1,297 @@ + +# cargo-vet audits file + +[[audits.anyhow]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "1.0.57" + +[[audits.assert-json-diff]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "2.0.1" + +[[audits.async-graphql-actix-web]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "3.0.38" + +[[audits.async-stream]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.3.3" + +[[audits.async-stream-impl]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.3.3" + +[[audits.atty]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.2.14" + +[[audits.base64-serde]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.6.1" + +[[audits.cache_control]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.2.0" + +[[audits.cfg-if]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "1.0.0" + +[[audits.diff]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "0.1.13" + +[[audits.errno-dragonfly]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.1.2" + +[[audits.executor-trait]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "2.1.0" + +[[audits.futures-core]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.3.21" + +[[audits.futures-core]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +delta = "0.3.21 -> 0.3.28" + +[[audits.futures-retry-policies]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.1.0" + +[[audits.futures-task]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.3.21" + +[[audits.futures-task]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +delta = "0.3.21 -> 0.3.28" + +[[audits.futures-timer]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "3.0.2" + +[[audits.gethostname]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.2.3" + +[[audits.ginepro]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.4.0" + +[[audits.ginepro]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.4.0" + +[[audits.hermit-abi]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.1.19" + +[[audits.http-body]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.4.5" + +[[audits.iban_validate]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "4.0.1" + +[[audits.include_dir]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.7.2" + +[[audits.include_dir_macros]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.7.2" + +[[audits.jurisdiction]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.1.1" + +[[audits.lazy_static]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "1.4.0" + +[[audits.log-panics]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "2.0.0" + +[[audits.macro_rules_attribute]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "0.1.1" + +[[audits.macro_rules_attribute-proc_macro]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "0.1.1" + +[[audits.percent-encoding]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "2.1.0" + +[[audits.percent-encoding]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +delta = "2.1.0 -> 2.3.0" + +[[audits.pretty_assertions]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "1.4.0" + +[[audits.reqwest-middleware]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.1.6" + +[[audits.reqwest-retry]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.1.5" + +[[audits.reqwest-tracing]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.2.2" + +[[audits.retry-policies]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.1.1" + +[[audits.rustls-pemfile]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.2.1" + +[[audits.serde_plain]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.3.0" + +[[audits.static_assertions]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "1.1.0" + +[[audits.strum]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.19.5" + +[[audits.strum]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.23.0" + +[[audits.task-local-extensions]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.1.1" + +[[audits.test-case]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "2.1.0" + +[[audits.test-case-macros]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "2.1.0" + +[[audits.tokio-executor-trait]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "2.1.0" + +[[audits.tonic-health]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.6.0" + +[[audits.tonic-types]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.5.0" + +[[audits.tower-layer]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.3.1" + +[[audits.tower-service]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.3.1" + +[[audits.tracing-core]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.1.27" + +[[audits.tracing-error]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.1.2" + +[[audits.tracing-futures]] +who = "Conrad Ludgate " +criteria = "safe-to-deploy" +version = "0.2.5" + +[[audits.tracing-log]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "0.1.3" + +[[audits.tracing-tree]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "0.1.11" + +[[audits.tracing-tree]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "0.2.4" + +[[audits.wiremock]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "0.5.13" + +[[audits.yansi]] +who = "Conrad Ludgate " +criteria = "safe-to-run" +version = "0.5.1" diff --git a/supply-chain/config.toml b/supply-chain/config.toml new file mode 100644 index 00000000..b2bdae55 --- /dev/null +++ b/supply-chain/config.toml @@ -0,0 +1,1459 @@ + +# cargo-vet config file + +[cargo-vet] +version = "0.8" + +[policy.atuin] +audit-as-crates-io = true + +[policy.atuin-client] +audit-as-crates-io = true + +[policy.atuin-common] +audit-as-crates-io = true + +[policy.atuin-server] +audit-as-crates-io = true + +[policy.atuin-server-database] +audit-as-crates-io = true + +[policy.atuin-server-postgres] +audit-as-crates-io = true + +[[exemptions.addr2line]] +version = "0.20.0" +criteria = "safe-to-deploy" + +[[exemptions.adler]] +version = "1.0.2" +criteria = "safe-to-deploy" + +[[exemptions.aead]] +version = "0.5.2" +criteria = "safe-to-deploy" + +[[exemptions.ahash]] +version = "0.8.3" +criteria = "safe-to-deploy" + +[[exemptions.aho-corasick]] +version = "1.0.4" +criteria = "safe-to-deploy" + +[[exemptions.allocator-api2]] +version = "0.2.16" +criteria = "safe-to-deploy" + +[[exemptions.anstream]] +version = "0.3.2" +criteria = "safe-to-deploy" + +[[exemptions.anstyle]] +version = "1.0.1" +criteria = "safe-to-deploy" + +[[exemptions.anstyle-parse]] +version = "0.2.1" +criteria = "safe-to-deploy" + +[[exemptions.anstyle-query]] +version = "1.0.0" +criteria = "safe-to-deploy" + +[[exemptions.anstyle-wincon]] +version = "1.0.2" +criteria = "safe-to-deploy" + +[[exemptions.anyhow]] +version = "1.0.75" +criteria = "safe-to-deploy" + +[[exemptions.argon2]] +version = "0.5.1" +criteria = "safe-to-deploy" + +[[exemptions.async-trait]] +version = "0.1.73" +criteria = "safe-to-deploy" + +[[exemptions.atoi]] +version = "2.0.0" +criteria = "safe-to-deploy" + +[[exemptions.atuin]] +version = "16.0.0" +criteria = "safe-to-deploy" + +[[exemptions.atuin-client]] +version = "16.0.0" +criteria = "safe-to-deploy" + +[[exemptions.atuin-common]] +version = "16.0.0" +criteria = "safe-to-deploy" + +[[exemptions.atuin-server]] +version = "16.0.0" +criteria = "safe-to-deploy" + +[[exemptions.atuin-server-database]] +version = "16.0.0" +criteria = "safe-to-deploy" + +[[exemptions.atuin-server-postgres]] +version = "16.0.0" +criteria = "safe-to-deploy" + +[[exemptions.autocfg]] +version = "1.1.0" +criteria = "safe-to-deploy" + +[[exemptions.axum]] +version = "0.6.20" +criteria = "safe-to-deploy" + +[[exemptions.axum-core]] +version = "0.3.4" +criteria = "safe-to-deploy" + +[[exemptions.backtrace]] +version = "0.3.68" +criteria = "safe-to-deploy" + +[[exemptions.base64]] +version = "0.13.1" +criteria = "safe-to-deploy" + +[[exemptions.base64]] +version = "0.21.2" +criteria = "safe-to-deploy" + +[[exemptions.base64ct]] +version = "1.6.0" +criteria = "safe-to-deploy" + +[[exemptions.beef]] +version = "0.5.2" +criteria = "safe-to-deploy" + +[[exemptions.bitflags]] +version = "1.3.2" +criteria = "safe-to-deploy" + +[[exemptions.bitflags]] +version = "2.4.0" +criteria = "safe-to-deploy" + +[[exemptions.blake2]] +version = "0.9.2" +criteria = "safe-to-deploy" + +[[exemptions.blake2]] +version = "0.10.6" +criteria = "safe-to-deploy" + +[[exemptions.block-buffer]] +version = "0.9.0" +criteria = "safe-to-deploy" + +[[exemptions.block-buffer]] +version = "0.10.4" +criteria = "safe-to-deploy" + +[[exemptions.bumpalo]] +version = "3.13.0" +criteria = "safe-to-deploy" + +[[exemptions.byteorder]] +version = "1.4.3" +criteria = "safe-to-deploy" + +[[exemptions.bytes]] +version = "1.4.0" +criteria = "safe-to-deploy" + +[[exemptions.cassowary]] +version = "0.3.0" +criteria = "safe-to-deploy" + +[[exemptions.cc]] +version = "1.0.82" +criteria = "safe-to-deploy" + +[[exemptions.chacha20]] +version = "0.8.2" +criteria = "safe-to-deploy" + +[[exemptions.chacha20]] +version = "0.9.1" +criteria = "safe-to-deploy" + +[[exemptions.cipher]] +version = "0.3.0" +criteria = "safe-to-deploy" + +[[exemptions.cipher]] +version = "0.4.4" +criteria = "safe-to-deploy" + +[[exemptions.clap]] +version = "4.3.22" +criteria = "safe-to-deploy" + +[[exemptions.clap_builder]] +version = "4.3.22" +criteria = "safe-to-deploy" + +[[exemptions.clap_complete]] +version = "4.3.2" +criteria = "safe-to-deploy" + +[[exemptions.clap_derive]] +version = "4.3.12" +criteria = "safe-to-deploy" + +[[exemptions.clap_lex]] +version = "0.5.0" +criteria = "safe-to-deploy" + +[[exemptions.colorchoice]] +version = "1.0.0" +criteria = "safe-to-deploy" + +[[exemptions.colored]] +version = "2.0.4" +criteria = "safe-to-deploy" + +[[exemptions.config]] +version = "0.13.3" +criteria = "safe-to-deploy" + +[[exemptions.console]] +version = "0.15.7" +criteria = "safe-to-deploy" + +[[exemptions.const-oid]] +version = "0.9.5" +criteria = "safe-to-deploy" + +[[exemptions.core-foundation]] +version = "0.9.3" +criteria = "safe-to-deploy" + +[[exemptions.core-foundation-sys]] +version = "0.8.4" +criteria = "safe-to-deploy" + +[[exemptions.cpufeatures]] +version = "0.2.9" +criteria = "safe-to-deploy" + +[[exemptions.crc]] +version = "3.0.1" +criteria = "safe-to-deploy" + +[[exemptions.crc-catalog]] +version = "2.2.0" +criteria = "safe-to-deploy" + +[[exemptions.crossbeam-queue]] +version = "0.3.8" +criteria = "safe-to-deploy" + +[[exemptions.crossbeam-utils]] +version = "0.8.16" +criteria = "safe-to-deploy" + +[[exemptions.crossterm]] +version = "0.26.1" +criteria = "safe-to-deploy" + +[[exemptions.crossterm_winapi]] +version = "0.9.1" +criteria = "safe-to-deploy" + +[[exemptions.crypto-common]] +version = "0.1.6" +criteria = "safe-to-deploy" + +[[exemptions.crypto-mac]] +version = "0.8.0" +criteria = "safe-to-deploy" + +[[exemptions.crypto_secretbox]] +version = "0.1.1" +criteria = "safe-to-deploy" + +[[exemptions.curve25519-dalek]] +version = "3.2.0" +criteria = "safe-to-deploy" + +[[exemptions.curve25519-dalek]] +version = "4.0.0" +criteria = "safe-to-deploy" + +[[exemptions.curve25519-dalek-derive]] +version = "0.1.0" +criteria = "safe-to-deploy" + +[[exemptions.der]] +version = "0.7.8" +criteria = "safe-to-deploy" + +[[exemptions.deranged]] +version = "0.3.7" +criteria = "safe-to-deploy" + +[[exemptions.digest]] +version = "0.9.0" +criteria = "safe-to-deploy" + +[[exemptions.digest]] +version = "0.10.7" +criteria = "safe-to-deploy" + +[[exemptions.directories]] +version = "4.0.1" +criteria = "safe-to-deploy" + +[[exemptions.dirs]] +version = "4.0.0" +criteria = "safe-to-deploy" + +[[exemptions.dirs-sys]] +version = "0.3.7" +criteria = "safe-to-deploy" + +[[exemptions.dotenvy]] +version = "0.15.7" +criteria = "safe-to-deploy" + +[[exemptions.ed25519]] +version = "1.5.3" +criteria = "safe-to-deploy" + +[[exemptions.ed25519]] +version = "2.2.2" +criteria = "safe-to-deploy" + +[[exemptions.ed25519-dalek]] +version = "1.0.1" +criteria = "safe-to-deploy" + +[[exemptions.ed25519-dalek]] +version = "2.0.0" +criteria = "safe-to-deploy" + +[[exemptions.either]] +version = "1.9.0" +criteria = "safe-to-deploy" + +[[exemptions.encode_unicode]] +version = "0.3.6" +criteria = "safe-to-deploy" + +[[exemptions.encoding_rs]] +version = "0.8.32" +criteria = "safe-to-deploy" + +[[exemptions.env_logger]] +version = "0.10.0" +criteria = "safe-to-deploy" + +[[exemptions.equivalent]] +version = "1.0.1" +criteria = "safe-to-deploy" + +[[exemptions.errno]] +version = "0.3.2" +criteria = "safe-to-deploy" + +[[exemptions.etcetera]] +version = "0.8.0" +criteria = "safe-to-deploy" + +[[exemptions.event-listener]] +version = "2.5.3" +criteria = "safe-to-deploy" + +[[exemptions.eyre]] +version = "0.6.8" +criteria = "safe-to-deploy" + +[[exemptions.fastrand]] +version = "2.0.0" +criteria = "safe-to-deploy" + +[[exemptions.fiat-crypto]] +version = "0.1.20" +criteria = "safe-to-deploy" + +[[exemptions.filedescriptor]] +version = "0.8.2" +criteria = "safe-to-deploy" + +[[exemptions.flume]] +version = "0.10.14" +criteria = "safe-to-deploy" + +[[exemptions.fnv]] +version = "1.0.7" +criteria = "safe-to-deploy" + +[[exemptions.form_urlencoded]] +version = "1.2.0" +criteria = "safe-to-deploy" + +[[exemptions.fs-err]] +version = "2.9.0" +criteria = "safe-to-deploy" + +[[exemptions.futures]] +version = "0.3.28" +criteria = "safe-to-deploy" + +[[exemptions.futures-channel]] +version = "0.3.28" +criteria = "safe-to-deploy" + +[[exemptions.futures-executor]] +version = "0.3.28" +criteria = "safe-to-deploy" + +[[exemptions.futures-intrusive]] +version = "0.5.0" +criteria = "safe-to-deploy" + +[[exemptions.futures-io]] +version = "0.3.28" +criteria = "safe-to-deploy" + +[[exemptions.futures-macro]] +version = "0.3.28" +criteria = "safe-to-deploy" + +[[exemptions.futures-sink]] +version = "0.3.28" +criteria = "safe-to-deploy" + +[[exemptions.futures-util]] +version = "0.3.28" +criteria = "safe-to-deploy" + +[[exemptions.fuzzy-matcher]] +version = "0.3.7" +criteria = "safe-to-deploy" + +[[exemptions.generic-array]] +version = "0.14.7" +criteria = "safe-to-deploy" + +[[exemptions.getrandom]] +version = "0.1.16" +criteria = "safe-to-deploy" + +[[exemptions.getrandom]] +version = "0.2.10" +criteria = "safe-to-deploy" + +[[exemptions.gimli]] +version = "0.27.3" +criteria = "safe-to-deploy" + +[[exemptions.h2]] +version = "0.3.20" +criteria = "safe-to-deploy" + +[[exemptions.hashbrown]] +version = "0.12.3" +criteria = "safe-to-deploy" + +[[exemptions.hashbrown]] +version = "0.14.0" +criteria = "safe-to-deploy" + +[[exemptions.hashlink]] +version = "0.8.3" +criteria = "safe-to-deploy" + +[[exemptions.heck]] +version = "0.4.1" +criteria = "safe-to-deploy" + +[[exemptions.hermit-abi]] +version = "0.3.2" +criteria = "safe-to-deploy" + +[[exemptions.hex]] +version = "0.4.3" +criteria = "safe-to-deploy" + +[[exemptions.hkdf]] +version = "0.12.3" +criteria = "safe-to-deploy" + +[[exemptions.hmac]] +version = "0.12.1" +criteria = "safe-to-deploy" + +[[exemptions.home]] +version = "0.5.5" +criteria = "safe-to-deploy" + +[[exemptions.http]] +version = "0.2.9" +criteria = "safe-to-deploy" + +[[exemptions.http-range-header]] +version = "0.3.1" +criteria = "safe-to-deploy" + +[[exemptions.httparse]] +version = "1.8.0" +criteria = "safe-to-deploy" + +[[exemptions.httpdate]] +version = "1.0.3" +criteria = "safe-to-deploy" + +[[exemptions.humantime]] +version = "2.1.0" +criteria = "safe-to-deploy" + +[[exemptions.hyper]] +version = "0.14.27" +criteria = "safe-to-deploy" + +[[exemptions.hyper-rustls]] +version = "0.24.1" +criteria = "safe-to-deploy" + +[[exemptions.idna]] +version = "0.4.0" +criteria = "safe-to-deploy" + +[[exemptions.indenter]] +version = "0.3.3" +criteria = "safe-to-deploy" + +[[exemptions.indexmap]] +version = "1.9.3" +criteria = "safe-to-deploy" + +[[exemptions.indexmap]] +version = "2.0.0" +criteria = "safe-to-deploy" + +[[exemptions.indicatif]] +version = "0.17.6" +criteria = "safe-to-deploy" + +[[exemptions.indoc]] +version = "2.0.3" +criteria = "safe-to-deploy" + +[[exemptions.inout]] +version = "0.1.3" +criteria = "safe-to-deploy" + +[[exemptions.instant]] +version = "0.1.12" +criteria = "safe-to-deploy" + +[[exemptions.interim]] +version = "0.1.0" +criteria = "safe-to-deploy" + +[[exemptions.ipnet]] +version = "2.8.0" +criteria = "safe-to-deploy" + +[[exemptions.is-terminal]] +version = "0.4.9" +criteria = "safe-to-deploy" + +[[exemptions.iso8601]] +version = "0.4.2" +criteria = "safe-to-deploy" + +[[exemptions.itertools]] +version = "0.10.5" +criteria = "safe-to-deploy" + +[[exemptions.itoa]] +version = "1.0.9" +criteria = "safe-to-deploy" + +[[exemptions.js-sys]] +version = "0.3.64" +criteria = "safe-to-deploy" + +[[exemptions.libc]] +version = "0.2.147" +criteria = "safe-to-deploy" + +[[exemptions.libm]] +version = "0.2.7" +criteria = "safe-to-deploy" + +[[exemptions.libsqlite3-sys]] +version = "0.26.0" +criteria = "safe-to-deploy" + +[[exemptions.linux-raw-sys]] +version = "0.4.5" +criteria = "safe-to-deploy" + +[[exemptions.lock_api]] +version = "0.4.10" +criteria = "safe-to-deploy" + +[[exemptions.log]] +version = "0.4.20" +criteria = "safe-to-deploy" + +[[exemptions.logos]] +version = "0.12.1" +criteria = "safe-to-deploy" + +[[exemptions.logos-derive]] +version = "0.12.1" +criteria = "safe-to-deploy" + +[[exemptions.matchers]] +version = "0.1.0" +criteria = "safe-to-deploy" + +[[exemptions.matchit]] +version = "0.7.2" +criteria = "safe-to-deploy" + +[[exemptions.md-5]] +version = "0.10.5" +criteria = "safe-to-deploy" + +[[exemptions.memchr]] +version = "2.5.0" +criteria = "safe-to-deploy" + +[[exemptions.mime]] +version = "0.3.17" +criteria = "safe-to-deploy" + +[[exemptions.minimal-lexical]] +version = "0.2.1" +criteria = "safe-to-deploy" + +[[exemptions.miniz_oxide]] +version = "0.7.1" +criteria = "safe-to-deploy" + +[[exemptions.minspan]] +version = "0.1.1" +criteria = "safe-to-deploy" + +[[exemptions.mio]] +version = "0.8.8" +criteria = "safe-to-deploy" + +[[exemptions.nom]] +version = "7.1.3" +criteria = "safe-to-deploy" + +[[exemptions.nu-ansi-term]] +version = "0.46.0" +criteria = "safe-to-deploy" + +[[exemptions.num]] +version = "0.2.1" +criteria = "safe-to-deploy" + +[[exemptions.num-bigint]] +version = "0.2.6" +criteria = "safe-to-deploy" + +[[exemptions.num-bigint-dig]] +version = "0.8.4" +criteria = "safe-to-deploy" + +[[exemptions.num-complex]] +version = "0.2.4" +criteria = "safe-to-deploy" + +[[exemptions.num-integer]] +version = "0.1.45" +criteria = "safe-to-deploy" + +[[exemptions.num-iter]] +version = "0.1.43" +criteria = "safe-to-deploy" + +[[exemptions.num-rational]] +version = "0.2.4" +criteria = "safe-to-deploy" + +[[exemptions.num-traits]] +version = "0.2.16" +criteria = "safe-to-deploy" + +[[exemptions.num_cpus]] +version = "1.16.0" +criteria = "safe-to-deploy" + +[[exemptions.num_threads]] +version = "0.1.6" +criteria = "safe-to-deploy" + +[[exemptions.number_prefix]] +version = "0.4.0" +criteria = "safe-to-deploy" + +[[exemptions.object]] +version = "0.31.1" +criteria = "safe-to-deploy" + +[[exemptions.once_cell]] +version = "1.18.0" +criteria = "safe-to-deploy" + +[[exemptions.opaque-debug]] +version = "0.3.0" +criteria = "safe-to-deploy" + +[[exemptions.openssl-probe]] +version = "0.1.5" +criteria = "safe-to-deploy" + +[[exemptions.overload]] +version = "0.1.1" +criteria = "safe-to-deploy" + +[[exemptions.parking_lot]] +version = "0.12.1" +criteria = "safe-to-deploy" + +[[exemptions.parking_lot_core]] +version = "0.9.8" +criteria = "safe-to-deploy" + +[[exemptions.parse_duration]] +version = "2.1.1" +criteria = "safe-to-deploy" + +[[exemptions.password-hash]] +version = "0.5.0" +criteria = "safe-to-deploy" + +[[exemptions.paste]] +version = "1.0.14" +criteria = "safe-to-deploy" + +[[exemptions.pathdiff]] +version = "0.2.1" +criteria = "safe-to-deploy" + +[[exemptions.pbkdf2]] +version = "0.11.0" +criteria = "safe-to-deploy" + +[[exemptions.pem-rfc7468]] +version = "0.7.0" +criteria = "safe-to-deploy" + +[[exemptions.pin-project]] +version = "1.1.3" +criteria = "safe-to-deploy" + +[[exemptions.pin-project-internal]] +version = "1.1.3" +criteria = "safe-to-deploy" + +[[exemptions.pin-project-lite]] +version = "0.2.12" +criteria = "safe-to-deploy" + +[[exemptions.pin-utils]] +version = "0.1.0" +criteria = "safe-to-deploy" + +[[exemptions.pkcs1]] +version = "0.7.5" +criteria = "safe-to-deploy" + +[[exemptions.pkcs8]] +version = "0.10.2" +criteria = "safe-to-deploy" + +[[exemptions.pkg-config]] +version = "0.3.27" +criteria = "safe-to-deploy" + +[[exemptions.platforms]] +version = "3.0.2" +criteria = "safe-to-deploy" + +[[exemptions.poly1305]] +version = "0.8.0" +criteria = "safe-to-deploy" + +[[exemptions.portable-atomic]] +version = "1.4.2" +criteria = "safe-to-deploy" + +[[exemptions.ppv-lite86]] +version = "0.2.17" +criteria = "safe-to-deploy" + +[[exemptions.proc-macro2]] +version = "1.0.66" +criteria = "safe-to-deploy" + +[[exemptions.quote]] +version = "1.0.33" +criteria = "safe-to-deploy" + +[[exemptions.rand]] +version = "0.7.3" +criteria = "safe-to-deploy" + +[[exemptions.rand]] +version = "0.8.5" +criteria = "safe-to-deploy" + +[[exemptions.rand_chacha]] +version = "0.2.2" +criteria = "safe-to-deploy" + +[[exemptions.rand_chacha]] +version = "0.3.1" +criteria = "safe-to-deploy" + +[[exemptions.rand_core]] +version = "0.5.1" +criteria = "safe-to-deploy" + +[[exemptions.rand_core]] +version = "0.6.4" +criteria = "safe-to-deploy" + +[[exemptions.rand_hc]] +version = "0.2.0" +criteria = "safe-to-deploy" + +[[exemptions.ratatui]] +version = "0.22.0" +criteria = "safe-to-deploy" + +[[exemptions.redox_syscall]] +version = "0.2.16" +criteria = "safe-to-deploy" + +[[exemptions.redox_syscall]] +version = "0.3.5" +criteria = "safe-to-deploy" + +[[exemptions.redox_users]] +version = "0.4.3" +criteria = "safe-to-deploy" + +[[exemptions.regex]] +version = "1.9.3" +criteria = "safe-to-deploy" + +[[exemptions.regex-automata]] +version = "0.1.10" +criteria = "safe-to-deploy" + +[[exemptions.regex-automata]] +version = "0.3.6" +criteria = "safe-to-deploy" + +[[exemptions.regex-syntax]] +version = "0.6.29" +criteria = "safe-to-deploy" + +[[exemptions.regex-syntax]] +version = "0.7.4" +criteria = "safe-to-deploy" + +[[exemptions.reqwest]] +version = "0.11.18" +criteria = "safe-to-deploy" + +[[exemptions.ring]] +version = "0.16.20" +criteria = "safe-to-deploy" + +[[exemptions.rmp]] +version = "0.8.12" +criteria = "safe-to-deploy" + +[[exemptions.rpassword]] +version = "7.2.0" +criteria = "safe-to-deploy" + +[[exemptions.rsa]] +version = "0.9.2" +criteria = "safe-to-deploy" + +[[exemptions.rtoolbox]] +version = "0.0.1" +criteria = "safe-to-deploy" + +[[exemptions.runtime-format]] +version = "0.1.3" +criteria = "safe-to-deploy" + +[[exemptions.rustc-demangle]] +version = "0.1.23" +criteria = "safe-to-deploy" + +[[exemptions.rustc-hash]] +version = "1.1.0" +criteria = "safe-to-deploy" + +[[exemptions.rustc_version]] +version = "0.4.0" +criteria = "safe-to-deploy" + +[[exemptions.rustix]] +version = "0.38.8" +criteria = "safe-to-deploy" + +[[exemptions.rustls]] +version = "0.21.6" +criteria = "safe-to-deploy" + +[[exemptions.rustls-native-certs]] +version = "0.6.3" +criteria = "safe-to-deploy" + +[[exemptions.rustls-pemfile]] +version = "1.0.3" +criteria = "safe-to-deploy" + +[[exemptions.rustls-webpki]] +version = "0.101.3" +criteria = "safe-to-deploy" + +[[exemptions.rustversion]] +version = "1.0.14" +criteria = "safe-to-deploy" + +[[exemptions.rusty_paserk]] +version = "0.2.3" +criteria = "safe-to-deploy" + +[[exemptions.rusty_paseto]] +version = "0.5.0" +criteria = "safe-to-deploy" + +[[exemptions.ryu]] +version = "1.0.15" +criteria = "safe-to-deploy" + +[[exemptions.salsa20]] +version = "0.10.2" +criteria = "safe-to-deploy" + +[[exemptions.schannel]] +version = "0.1.22" +criteria = "safe-to-deploy" + +[[exemptions.scopeguard]] +version = "1.2.0" +criteria = "safe-to-deploy" + +[[exemptions.sct]] +version = "0.7.0" +criteria = "safe-to-deploy" + +[[exemptions.security-framework]] +version = "2.9.2" +criteria = "safe-to-deploy" + +[[exemptions.security-framework-sys]] +version = "2.9.1" +criteria = "safe-to-deploy" + +[[exemptions.semver]] +version = "1.0.18" +criteria = "safe-to-deploy" + +[[exemptions.serde]] +version = "1.0.171" +criteria = "safe-to-deploy" + +[[exemptions.serde_derive]] +version = "1.0.171" +criteria = "safe-to-deploy" + +[[exemptions.serde_json]] +version = "1.0.105" +criteria = "safe-to-deploy" + +[[exemptions.serde_path_to_error]] +version = "0.1.14" +criteria = "safe-to-deploy" + +[[exemptions.serde_regex]] +version = "1.1.0" +criteria = "safe-to-deploy" + +[[exemptions.serde_urlencoded]] +version = "0.7.1" +criteria = "safe-to-deploy" + +[[exemptions.sha1]] +version = "0.10.5" +criteria = "safe-to-deploy" + +[[exemptions.sha2]] +version = "0.9.9" +criteria = "safe-to-deploy" + +[[exemptions.sha2]] +version = "0.10.7" +criteria = "safe-to-deploy" + +[[exemptions.sharded-slab]] +version = "0.1.4" +criteria = "safe-to-deploy" + +[[exemptions.shellexpand]] +version = "2.1.2" +criteria = "safe-to-deploy" + +[[exemptions.signal-hook]] +version = "0.3.17" +criteria = "safe-to-deploy" + +[[exemptions.signal-hook-mio]] +version = "0.2.3" +criteria = "safe-to-deploy" + +[[exemptions.signal-hook-registry]] +version = "1.4.1" +criteria = "safe-to-deploy" + +[[exemptions.signature]] +version = "1.6.4" +criteria = "safe-to-deploy" + +[[exemptions.signature]] +version = "2.1.0" +criteria = "safe-to-deploy" + +[[exemptions.slab]] +version = "0.4.8" +criteria = "safe-to-deploy" + +[[exemptions.smallvec]] +version = "1.11.0" +criteria = "safe-to-deploy" + +[[exemptions.socket2]] +version = "0.4.9" +criteria = "safe-to-deploy" + +[[exemptions.socket2]] +version = "0.5.3" +criteria = "safe-to-deploy" + +[[exemptions.spin]] +version = "0.5.2" +criteria = "safe-to-deploy" + +[[exemptions.spin]] +version = "0.9.8" +criteria = "safe-to-deploy" + +[[exemptions.spki]] +version = "0.7.2" +criteria = "safe-to-deploy" + +[[exemptions.sql-builder]] +version = "3.1.1" +criteria = "safe-to-deploy" + +[[exemptions.sqlformat]] +version = "0.2.1" +criteria = "safe-to-deploy" + +[[exemptions.sqlx]] +version = "0.7.1" +criteria = "safe-to-deploy" + +[[exemptions.sqlx-core]] +version = "0.7.1" +criteria = "safe-to-deploy" + +[[exemptions.sqlx-macros]] +version = "0.7.1" +criteria = "safe-to-deploy" + +[[exemptions.sqlx-macros-core]] +version = "0.7.1" +criteria = "safe-to-deploy" + +[[exemptions.sqlx-mysql]] +version = "0.7.1" +criteria = "safe-to-deploy" + +[[exemptions.sqlx-postgres]] +version = "0.7.1" +criteria = "safe-to-deploy" + +[[exemptions.sqlx-sqlite]] +version = "0.7.1" +criteria = "safe-to-deploy" + +[[exemptions.stringprep]] +version = "0.1.3" +criteria = "safe-to-deploy" + +[[exemptions.strsim]] +version = "0.10.0" +criteria = "safe-to-deploy" + +[[exemptions.subtle]] +version = "2.5.0" +criteria = "safe-to-deploy" + +[[exemptions.syn]] +version = "1.0.109" +criteria = "safe-to-deploy" + +[[exemptions.syn]] +version = "2.0.29" +criteria = "safe-to-deploy" + +[[exemptions.sync_wrapper]] +version = "0.1.2" +criteria = "safe-to-deploy" + +[[exemptions.tempfile]] +version = "3.7.1" +criteria = "safe-to-deploy" + +[[exemptions.termcolor]] +version = "1.2.0" +criteria = "safe-to-deploy" + +[[exemptions.thiserror]] +version = "1.0.47" +criteria = "safe-to-deploy" + +[[exemptions.thiserror-impl]] +version = "1.0.47" +criteria = "safe-to-deploy" + +[[exemptions.thread_local]] +version = "1.1.7" +criteria = "safe-to-deploy" + +[[exemptions.time]] +version = "0.3.26" +criteria = "safe-to-deploy" + +[[exemptions.time-core]] +version = "0.1.1" +criteria = "safe-to-deploy" + +[[exemptions.time-macros]] +version = "0.2.12" +criteria = "safe-to-deploy" + +[[exemptions.tiny-bip39]] +version = "1.0.0" +criteria = "safe-to-deploy" + +[[exemptions.tinyvec]] +version = "1.6.0" +criteria = "safe-to-deploy" + +[[exemptions.tinyvec_macros]] +version = "0.1.1" +criteria = "safe-to-deploy" + +[[exemptions.tokio]] +version = "1.32.0" +criteria = "safe-to-deploy" + +[[exemptions.tokio-macros]] +version = "2.1.0" +criteria = "safe-to-deploy" + +[[exemptions.tokio-rustls]] +version = "0.24.1" +criteria = "safe-to-deploy" + +[[exemptions.tokio-stream]] +version = "0.1.14" +criteria = "safe-to-deploy" + +[[exemptions.tokio-util]] +version = "0.7.8" +criteria = "safe-to-deploy" + +[[exemptions.toml]] +version = "0.5.11" +criteria = "safe-to-deploy" + +[[exemptions.tower]] +version = "0.4.13" +criteria = "safe-to-deploy" + +[[exemptions.tower-http]] +version = "0.3.5" +criteria = "safe-to-deploy" + +[[exemptions.tower-layer]] +version = "0.3.2" +criteria = "safe-to-deploy" + +[[exemptions.tower-service]] +version = "0.3.2" +criteria = "safe-to-deploy" + +[[exemptions.tracing]] +version = "0.1.37" +criteria = "safe-to-deploy" + +[[exemptions.tracing-attributes]] +version = "0.1.26" +criteria = "safe-to-deploy" + +[[exemptions.tracing-core]] +version = "0.1.31" +criteria = "safe-to-deploy" + +[[exemptions.tracing-subscriber]] +version = "0.3.17" +criteria = "safe-to-deploy" + +[[exemptions.try-lock]] +version = "0.2.4" +criteria = "safe-to-deploy" + +[[exemptions.typed-builder]] +version = "0.15.2" +criteria = "safe-to-deploy" + +[[exemptions.typed-builder-macro]] +version = "0.15.2" +criteria = "safe-to-deploy" + +[[exemptions.typenum]] +version = "1.16.0" +criteria = "safe-to-deploy" + +[[exemptions.unicode-bidi]] +version = "0.3.13" +criteria = "safe-to-deploy" + +[[exemptions.unicode-ident]] +version = "1.0.11" +criteria = "safe-to-deploy" + +[[exemptions.unicode-normalization]] +version = "0.1.22" +criteria = "safe-to-deploy" + +[[exemptions.unicode-segmentation]] +version = "1.10.1" +criteria = "safe-to-deploy" + +[[exemptions.unicode-width]] +version = "0.1.10" +criteria = "safe-to-deploy" + +[[exemptions.unicode_categories]] +version = "0.1.1" +criteria = "safe-to-deploy" + +[[exemptions.universal-hash]] +version = "0.5.1" +criteria = "safe-to-deploy" + +[[exemptions.untrusted]] +version = "0.7.1" +criteria = "safe-to-deploy" + +[[exemptions.url]] +version = "2.4.0" +criteria = "safe-to-deploy" + +[[exemptions.urlencoding]] +version = "2.1.3" +criteria = "safe-to-deploy" + +[[exemptions.utf8parse]] +version = "0.2.1" +criteria = "safe-to-deploy" + +[[exemptions.uuid]] +version = "1.4.1" +criteria = "safe-to-deploy" + +[[exemptions.valuable]] +version = "0.1.0" +criteria = "safe-to-deploy" + +[[exemptions.vcpkg]] +version = "0.2.15" +criteria = "safe-to-deploy" + +[[exemptions.version_check]] +version = "0.9.4" +criteria = "safe-to-deploy" + +[[exemptions.want]] +version = "0.3.1" +criteria = "safe-to-deploy" + +[[exemptions.wasi]] +version = "0.9.0+wasi-snapshot-preview1" +criteria = "safe-to-deploy" + +[[exemptions.wasi]] +version = "0.11.0+wasi-snapshot-preview1" +criteria = "safe-to-deploy" + +[[exemptions.wasm-bindgen]] +version = "0.2.87" +criteria = "safe-to-deploy" + +[[exemptions.wasm-bindgen-backend]] +version = "0.2.87" +criteria = "safe-to-deploy" + +[[exemptions.wasm-bindgen-futures]] +version = "0.4.37" +criteria = "safe-to-deploy" + +[[exemptions.wasm-bindgen-macro]] +version = "0.2.87" +criteria = "safe-to-deploy" + +[[exemptions.wasm-bindgen-macro-support]] +version = "0.2.87" +criteria = "safe-to-deploy" + +[[exemptions.wasm-bindgen-shared]] +version = "0.2.87" +criteria = "safe-to-deploy" + +[[exemptions.web-sys]] +version = "0.3.64" +criteria = "safe-to-deploy" + +[[exemptions.webpki-roots]] +version = "0.24.0" +criteria = "safe-to-deploy" + +[[exemptions.whoami]] +version = "1.4.1" +criteria = "safe-to-deploy" + +[[exemptions.winapi]] +version = "0.3.9" +criteria = "safe-to-deploy" + +[[exemptions.winapi-i686-pc-windows-gnu]] +version = "0.4.0" +criteria = "safe-to-deploy" + +[[exemptions.winapi-util]] +version = "0.1.5" +criteria = "safe-to-deploy" + +[[exemptions.winapi-x86_64-pc-windows-gnu]] +version = "0.4.0" +criteria = "safe-to-deploy" + +[[exemptions.windows-sys]] +version = "0.45.0" +criteria = "safe-to-deploy" + +[[exemptions.windows-sys]] +version = "0.48.0" +criteria = "safe-to-deploy" + +[[exemptions.windows-targets]] +version = "0.42.2" +criteria = "safe-to-deploy" + +[[exemptions.windows-targets]] +version = "0.48.5" +criteria = "safe-to-deploy" + +[[exemptions.windows_aarch64_gnullvm]] +version = "0.42.2" +criteria = "safe-to-deploy" + +[[exemptions.windows_aarch64_gnullvm]] +version = "0.48.5" +criteria = "safe-to-deploy" + +[[exemptions.windows_aarch64_msvc]] +version = "0.42.2" +criteria = "safe-to-deploy" + +[[exemptions.windows_aarch64_msvc]] +version = "0.48.5" +criteria = "safe-to-deploy" + +[[exemptions.windows_i686_gnu]] +version = "0.42.2" +criteria = "safe-to-deploy" + +[[exemptions.windows_i686_gnu]] +version = "0.48.5" +criteria = "safe-to-deploy" + +[[exemptions.windows_i686_msvc]] +version = "0.42.2" +criteria = "safe-to-deploy" + +[[exemptions.windows_i686_msvc]] +version = "0.48.5" +criteria = "safe-to-deploy" + +[[exemptions.windows_x86_64_gnu]] +version = "0.42.2" +criteria = "safe-to-deploy" + +[[exemptions.windows_x86_64_gnu]] +version = "0.48.5" +criteria = "safe-to-deploy" + +[[exemptions.windows_x86_64_gnullvm]] +version = "0.42.2" +criteria = "safe-to-deploy" + +[[exemptions.windows_x86_64_gnullvm]] +version = "0.48.5" +criteria = "safe-to-deploy" + +[[exemptions.windows_x86_64_msvc]] +version = "0.42.2" +criteria = "safe-to-deploy" + +[[exemptions.windows_x86_64_msvc]] +version = "0.48.5" +criteria = "safe-to-deploy" + +[[exemptions.winreg]] +version = "0.10.1" +criteria = "safe-to-deploy" + +[[exemptions.zeroize]] +version = "1.6.0" +criteria = "safe-to-deploy" + +[[exemptions.zeroize_derive]] +version = "1.4.2" +criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock new file mode 100644 index 00000000..0c397a40 --- /dev/null +++ b/supply-chain/imports.lock @@ -0,0 +1,2 @@ + +# cargo-vet imports lock diff --git a/supply-chain/vet.sh b/supply-chain/vet.sh new file mode 100755 index 00000000..b596a078 --- /dev/null +++ b/supply-chain/vet.sh @@ -0,0 +1,54 @@ +#!/bin/bash + +inspect() { + local name="$1" + local from="$2" + local to="$3" + local criteria="$4" + + if [ "$from" = "null" ] + then + open "https://sourcegraph.com/crates/$name@v$to" + cargo vet certify --criteria "$criteria" "$name" "$to" + else + open "https://sourcegraph.com/crates/$name/-/compare/v$from...v$to" + cargo vet certify --criteria "$criteria" "$name" "$from" "$to" + fi +} + +suggest_one() { + local criteria="$1" + + suggest=$(cargo vet suggest --output-format json 2> /dev/null) + suggestion=$(echo "$suggest" | jq ".suggest.suggest_by_criteria[\"$criteria\"][0]") + + if [ "$suggestion" = "null" ] + then + echo "No more crates to inspect for this criteria. Try one of the following:". + echo "$suggest" | jq ".suggest.suggest_by_criteria | keys" + exit 0 + fi + + name=$(echo "$suggestion" | jq -r ".name") + from=$(echo "$suggestion" | jq -r ".suggested_diff.from") + to=$(echo "$suggestion" | jq -r ".suggested_diff.to") + + read -r -p "Inspect $name $to? [Y]es/[N]o: " -n 1 process + + case "$process" in + n|N) + return 1 + ;; + *) + inspect "$name" "$from" "$to" "$criteria" + ;; + esac +} + +while : +do + if ! suggest_one $1 + then + exit 0 + fi +done