From d3fdb5fc2c02c043e716f4aedf4854bb92705c7c Mon Sep 17 00:00:00 2001 From: Pat Hickey Date: Mon, 6 Mar 2023 18:20:03 -0600 Subject: [PATCH] cargo vet: add audits for criterion upgrade, and its transitive dependencies (#5946) --- supply-chain/audits.toml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index c7360c0b3718..64bfa8bd06ae 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -15,6 +15,12 @@ who = "Chris Fallin " criteria = "safe-to-deploy" delta = "0.7.6 -> 0.8.2" +[[audits.anes]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +version = "0.1.6" +notes = "Contains no unsafe code, no IO, no build.rs." + [[audits.anyhow]] who = "Alex Crichton " criteria = "safe-to-deploy" @@ -230,6 +236,21 @@ criteria = "safe-to-deploy" version = "1.0.0" notes = "I am the author of this crate." +[[audits.ciborium]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +version = "0.2.0" + +[[audits.ciborium-io]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +version = "0.2.0" + +[[audits.ciborium-ll]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +version = "0.2.0" + [[audits.codespan-reporting]] who = "Jamey Sharp " criteria = "safe-to-deploy" @@ -251,6 +272,15 @@ There were no major changes to code in this update, mostly just stylistic and updating some version dependency requirements. """ +[[audits.criterion]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.3.6 -> 0.4.0" +notes = """ +criterion v0.3.6..v0.4.0 is mostly re-arranging the crate features and bumping dependencies. all changes +to code seem to be confined to benchmarks. +""" + [[audits.criterion-plot]] who = "Alex Crichton " criteria = "safe-to-run" @@ -260,6 +290,12 @@ No major changes in this update, it was almost entirely stylistic with what appears to be a few clippy fixes here and there. """ +[[audits.criterion-plot]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.4.5 -> 0.5.0" +notes = "Just a version bump, only change to code is to remove an allow(deprecated)" + [[audits.crypto-common]] who = "Benjamin Bouvier " criteria = "safe-to-deploy"