generated from EmbarkStudios/opensource-template
-
Notifications
You must be signed in to change notification settings - Fork 79
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
143 additions
and
64 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -42,6 +42,13 @@ user-id = 6743 | |
| user-login = "epage" | ||
| user-name = "Ed Page" | ||
|
|
||
| [[publisher.core-foundation]] | ||
| version = "0.9.3" | ||
| when = "2022-02-07" | ||
| user-id = 5946 | ||
| user-login = "jrmuizel" | ||
| user-name = "Jeff Muizelaar" | ||
|
|
||
| [[publisher.core-foundation-sys]] | ||
| version = "0.8.4" | ||
| when = "2023-04-03" | ||
|
|
@@ -56,6 +63,13 @@ user-id = 5946 | |
| user-login = "jrmuizel" | ||
| user-name = "Jeff Muizelaar" | ||
|
|
||
| [[publisher.core-graphics-types]] | ||
| version = "0.1.1" | ||
| when = "2020-09-15" | ||
| user-id = 2396 | ||
| user-login = "jdm" | ||
| user-name = "Josh Matthews" | ||
|
|
||
| [[publisher.ecolor]] | ||
| version = "0.27.1" | ||
| when = "2024-03-29" | ||
|
|
@@ -620,6 +634,15 @@ who = "Radu Matei <[email protected]>" | |
| criteria = "safe-to-run" | ||
| version = "11.1.3" | ||
|
|
||
| [[audits.firefox.wildcard-audits.core-foundation]] | ||
| who = "Bobby Holley <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| user-id = 5946 # Jeff Muizelaar (jrmuizel) | ||
| start = "2019-03-29" | ||
| end = "2023-05-04" | ||
| renew = false | ||
| notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla." | ||
|
|
||
| [[audits.firefox.wildcard-audits.core-foundation-sys]] | ||
| who = "Bobby Holley <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
|
|
@@ -638,6 +661,15 @@ end = "2023-05-04" | |
| renew = false | ||
| notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla." | ||
|
|
||
| [[audits.firefox.wildcard-audits.core-graphics-types]] | ||
| who = "Bobby Holley <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| user-id = 2396 # Josh Matthews (jdm) | ||
| start = "2020-07-20" | ||
| end = "2023-05-04" | ||
| renew = false | ||
| notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla." | ||
|
|
||
| [[audits.firefox.wildcard-audits.unicode-segmentation]] | ||
| who = "Manish Goregaokar <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
|
|
@@ -667,11 +699,28 @@ who = "Mike Hommey <[email protected]>" | |
| criteria = "safe-to-deploy" | ||
| delta = "1.0.73 -> 1.0.78" | ||
|
|
||
| [[audits.firefox.audits.core-foundation]] | ||
| who = "Teodor Tanasoaia <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.9.3 -> 0.9.4" | ||
| notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla." | ||
|
|
||
| [[audits.firefox.audits.core-graphics]] | ||
| who = "Teodor Tanasoaia <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.22.3 -> 0.23.1" | ||
|
|
||
| [[audits.firefox.audits.core-graphics-types]] | ||
| who = "Teodor Tanasoaia <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.1.1 -> 0.1.2" | ||
|
|
||
| [[audits.firefox.audits.core-graphics-types]] | ||
| who = "Teodor Tanasoaia <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.1.2 -> 0.1.3" | ||
| notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla." | ||
|
|
||
| [[audits.firefox.audits.crossbeam-utils]] | ||
| who = "Mike Hommey <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
|
|
@@ -758,26 +807,6 @@ not entirely certain is technically sound, but in either case I am reasonably co | |
| it's not exploitable. | ||
| """ | ||
|
|
||
| [[audits.firefox.audits.memmap2]] | ||
| who = "Mike Hommey <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.5.4 -> 0.5.7" | ||
|
|
||
| [[audits.firefox.audits.memmap2]] | ||
| who = "Mike Hommey <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.5.7 -> 0.5.8" | ||
|
|
||
| [[audits.firefox.audits.memmap2]] | ||
| who = "Mike Hommey <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.5.8 -> 0.5.9" | ||
|
|
||
| [[audits.firefox.audits.memmap2]] | ||
| who = "Gabriele Svelto <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.5.9 -> 0.8.0" | ||
|
|
||
| [[audits.firefox.audits.memmap2]] | ||
| who = "Mike Hommey <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
|
|
@@ -945,6 +974,12 @@ criteria = "safe-to-deploy" | |
| version = "1.5.0" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.cast]] | ||
| who = "George Burgess IV <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| version = "0.3.0" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.cfg-if]] | ||
| who = "George Burgess IV <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
|
|
@@ -980,12 +1015,36 @@ criteria = "safe-to-deploy" | |
| delta = "0.5.7 -> 0.5.8" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.crossbeam-deque]] | ||
| who = "George Burgess IV <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| version = "0.8.3" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.crossbeam-epoch]] | ||
| who = "George Burgess IV <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| version = "0.9.14" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.crossbeam-epoch]] | ||
| who = "George Burgess IV <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.9.14 -> 0.9.15" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.dirs-sys-next]] | ||
| who = "George Burgess IV <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| version = "0.1.2" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.downcast-rs]] | ||
| who = "George Burgess IV <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| version = "1.2.0" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.either]] | ||
| who = "George Burgess IV <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
|
|
@@ -1095,6 +1154,18 @@ criteria = "safe-to-deploy" | |
| delta = "0.4.17 -> 0.4.20" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.memmap2]] | ||
| who = "Ying Hsu <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| version = "0.8.0" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.memoffset]] | ||
| who = "George Burgess IV <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| version = "0.6.5" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.miniz_oxide]] | ||
| who = "George Burgess IV <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
|
|
@@ -1170,6 +1241,12 @@ delta = "0.2.9 -> 0.2.13" | |
| notes = "Audited at https://fxrev.dev/946396" | ||
| aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.quick-xml]] | ||
| who = "Matthew DeVore <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| version = "0.30.0" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.quote]] | ||
| who = "ChromeOS" | ||
| criteria = "safe-to-deploy" | ||
|
|
@@ -1229,6 +1306,12 @@ criteria = "safe-to-deploy" | |
| delta = "1.4.0 -> 1.4.1" | ||
| aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.tinytemplate]] | ||
| who = "Ying Hsu <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| version = "1.2.1" | ||
| aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" | ||
|
|
||
| [[audits.google.audits.tracing-core]] | ||
| who = "David Koloski <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
|
|
@@ -1471,6 +1554,42 @@ changes in the build environment. | |
| """ | ||
| aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" | ||
|
|
||
| [[audits.zcash.audits.crossbeam-deque]] | ||
| who = "Jack Grigg <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.8.3 -> 0.8.4" | ||
| aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" | ||
|
|
||
| [[audits.zcash.audits.crossbeam-deque]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.8.4 -> 0.8.5" | ||
| notes = "Changes to `unsafe` code look okay." | ||
| aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" | ||
|
|
||
| [[audits.zcash.audits.crossbeam-epoch]] | ||
| who = "Jack Grigg <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.9.15 -> 0.9.16" | ||
| notes = "Moved an `unsafe` block while removing `scopeguard` dependency." | ||
| aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" | ||
|
|
||
| [[audits.zcash.audits.crossbeam-epoch]] | ||
| who = "Jack Grigg <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.9.16 -> 0.9.17" | ||
| notes = """ | ||
| Changes to `unsafe` code are to replace manual pointer logic with equivalent | ||
| `unsafe` stdlib methods, now that MSRV is high enough to use them. | ||
| """ | ||
| aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" | ||
|
|
||
| [[audits.zcash.audits.crossbeam-epoch]] | ||
| who = "Daira-Emma Hopwood <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
| delta = "0.9.17 -> 0.9.18" | ||
| aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" | ||
|
|
||
| [[audits.zcash.audits.errno]] | ||
| who = "Jack Grigg <[email protected]>" | ||
| criteria = "safe-to-deploy" | ||
|
|
||