Skip to content

Commit a15aa0b

Browse files
alexcrichtonbongjunj
alexcrichton
authored and
bongjunj
committed
Add vets for wasi-tls native-tls provider (bytecodealliance#11066)
1 parent 5255a47 commit a15aa0b

File tree

3 files changed

+69
-0
lines changed

3 files changed

+69
-0
lines changed

supply-chain/audits.toml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2591,6 +2591,12 @@ criteria = "safe-to-deploy"
25912591
version = "0.2.11"
25922592
notes = "build is only looking for environment variables to set cfg. only two minor uses of unsafe,on macos, with ffi bindings to digest primitives and libc atexit. otherwise, this is an abstraction over three very complex systems (schannel, security-framework, and openssl) which may end up having subtle differences, but none of those are apparent from the implementation of this crate"
25932593

2594+
[[audits.native-tls]]
2595+
who = "Alex Crichton <alex@alexcrichton.com>"
2596+
criteria = "safe-to-deploy"
2597+
delta = "0.2.11 -> 0.2.14"
2598+
notes = "Minor changes, mostly around updating some dependencies, directives, etc."
2599+
25942600
[[audits.nu-ansi-term]]
25952601
who = "Pat Hickey <phickey@fastly.com>"
25962602
criteria = "safe-to-deploy"
@@ -4627,6 +4633,12 @@ user-id = 189 # Andrew Gallant (BurntSushi)
46274633
start = "2019-07-07"
46284634
end = "2024-07-15"
46294635

4636+
[[trusted.openssl-probe]]
4637+
criteria = "safe-to-deploy"
4638+
user-id = 1 # Alex Crichton (alexcrichton)
4639+
start = "2020-08-04"
4640+
end = "2026-06-18"
4641+
46304642
[[trusted.parking_lot]]
46314643
criteria = "safe-to-deploy"
46324644
user-id = 2915 # Amanieu d'Antras (Amanieu)

supply-chain/config.toml

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -374,6 +374,14 @@ criteria = "safe-to-deploy"
374374
version = "1.12.0"
375375
criteria = "safe-to-deploy"
376376

377+
[[exemptions.openssl]]
378+
version = "0.10.73"
379+
criteria = "safe-to-deploy"
380+
381+
[[exemptions.openssl-sys]]
382+
version = "0.9.109"
383+
criteria = "safe-to-deploy"
384+
377385
[[exemptions.openvino-finder]]
378386
version = "0.4.1"
379387
criteria = "safe-to-deploy"
@@ -454,6 +462,18 @@ criteria = "safe-to-deploy"
454462
version = "0.3.0"
455463
criteria = "safe-to-deploy"
456464

465+
[[exemptions.schannel]]
466+
version = "0.1.27"
467+
criteria = "safe-to-deploy"
468+
469+
[[exemptions.security-framework]]
470+
version = "2.11.1"
471+
criteria = "safe-to-deploy"
472+
473+
[[exemptions.security-framework-sys]]
474+
version = "2.14.0"
475+
criteria = "safe-to-deploy"
476+
457477
[[exemptions.shuffling-allocator]]
458478
version = "1.1.2"
459479
criteria = "safe-to-deploy"

supply-chain/imports.lock

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -618,6 +618,13 @@ user-id = 6743
618618
user-login = "epage"
619619
user-name = "Ed Page"
620620

621+
[[publisher.core-foundation]]
622+
version = "0.9.3"
623+
when = "2022-02-07"
624+
user-id = 5946
625+
user-login = "jrmuizel"
626+
user-name = "Jeff Muizelaar"
627+
621628
[[publisher.core-foundation-sys]]
622629
version = "0.8.4"
623630
when = "2023-04-03"
@@ -927,6 +934,13 @@ user-id = 189
927934
user-login = "BurntSushi"
928935
user-name = "Andrew Gallant"
929936

937+
[[publisher.openssl-probe]]
938+
version = "0.1.6"
939+
when = "2025-01-23"
940+
user-id = 1
941+
user-login = "alexcrichton"
942+
user-name = "Alex Crichton"
943+
930944
[[publisher.prettyplease]]
931945
version = "0.2.31"
932946
when = "2025-03-13"
@@ -1710,6 +1724,12 @@ criteria = "safe-to-run"
17101724
delta = "0.6.0 -> 0.6.1"
17111725
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/main/cargo-vet/audits.toml?format=TEXT"
17121726

1727+
[[audits.google.audits.openssl-macros]]
1728+
who = "George Burgess IV <gbiv@google.com>"
1729+
criteria = "safe-to-deploy"
1730+
delta = "0.1.0 -> 0.1.1"
1731+
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/main/cargo-vet/audits.toml?format=TEXT"
1732+
17131733
[[audits.google.audits.pin-project-lite]]
17141734
who = "David Koloski <dkoloski@google.com>"
17151735
criteria = "safe-to-deploy"
@@ -1866,6 +1886,16 @@ who = "David Cook <dcook@divviup.org>"
18661886
criteria = "safe-to-deploy"
18671887
version = "0.10.2"
18681888

1889+
[[audits.mozilla.wildcard-audits.core-foundation]]
1890+
who = "Bobby Holley <bobbyholley@gmail.com>"
1891+
criteria = "safe-to-deploy"
1892+
user-id = 5946 # Jeff Muizelaar (jrmuizel)
1893+
start = "2019-03-29"
1894+
end = "2023-05-04"
1895+
renew = false
1896+
notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla."
1897+
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
1898+
18691899
[[audits.mozilla.wildcard-audits.core-foundation-sys]]
18701900
who = "Bobby Holley <bobbyholley@gmail.com>"
18711901
criteria = "safe-to-deploy"
@@ -2008,6 +2038,13 @@ criteria = "safe-to-deploy"
20082038
delta = "1.2.11 -> 1.2.12"
20092039
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
20102040

2041+
[[audits.mozilla.audits.core-foundation]]
2042+
who = "Teodor Tanasoaia <ttanasoaia@mozilla.com>"
2043+
criteria = "safe-to-deploy"
2044+
delta = "0.9.3 -> 0.9.4"
2045+
notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla."
2046+
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
2047+
20112048
[[audits.mozilla.audits.crossbeam-utils]]
20122049
who = "Mike Hommey <mh+mozilla@glandium.org>"
20132050
criteria = "safe-to-deploy"

0 commit comments

Comments
 (0)