From 5e4b92816115e17d60761478a53d1523d475b03c Mon Sep 17 00:00:00 2001 From: Bobby Holley Date: Tue, 18 Apr 2023 11:23:46 -0700 Subject: [PATCH] Run cargo-vet prune. (#6231) --- supply-chain/config.toml | 80 ---------------------------------------- 1 file changed, 80 deletions(-) diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 9492be5e20e0..109e24031819 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -145,16 +145,6 @@ criteria = "safe-to-deploy" version = "0.6.2" criteria = "safe-to-deploy" -[[exemptions.core-foundation]] -version = "0.9.3" -criteria = "safe-to-deploy" -notes = "4kloc of C FFI bindings, with lots of unsafe memory management. very challenging to vet for safety" - -[[exemptions.core-foundation-sys]] -version = "0.8.3" -criteria = "safe-to-deploy" -notes = "bindings to a large C FFI" - [[exemptions.cpp_demangle]] version = "0.3.5" criteria = "safe-to-deploy" @@ -303,11 +293,6 @@ criteria = "safe-to-run" version = "0.1.8" criteria = "safe-to-run" -[[exemptions.futures-macro]] -version = "0.3.27" -criteria = "safe-to-deploy" -notes = "deferring this vetting until Alex gets back from vacation" - [[exemptions.futures-task]] version = "0.3.27" criteria = "safe-to-deploy" @@ -431,10 +416,6 @@ version = "0.3.57" criteria = "safe-to-deploy" notes = "dependency of ring for wasm32 browser platform, which our project does not target" -[[exemptions.js-sys]] -version = "0.3.57" -criteria = "safe-to-run" - [[exemptions.k256]] version = "0.9.6" criteria = "safe-to-deploy" @@ -479,23 +460,11 @@ criteria = "safe-to-deploy" version = "0.6.5" criteria = "safe-to-deploy" -[[exemptions.mio]] -version = "0.8.2" -criteria = "safe-to-deploy" - [[exemptions.mio]] version = "0.8.6" criteria = "safe-to-deploy" notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon" -[[exemptions.miow]] -version = "0.3.7" -criteria = "safe-to-deploy" - -[[exemptions.ntapi]] -version = "0.3.7" -criteria = "safe-to-deploy" - [[exemptions.num-bigint-dig]] version = "0.7.0" criteria = "safe-to-deploy" @@ -532,16 +501,6 @@ criteria = "safe-to-deploy" version = "11.1.3" criteria = "safe-to-run" -[[exemptions.openssl]] -version = "0.10.48" -criteria = "safe-to-deploy" -notes = "required by tokio-native-tls, no practical way to audit at this time" - -[[exemptions.openssl-sys]] -version = "0.9.83" -criteria = "safe-to-deploy" -notes = "required by tokio-native-tls, no practical way to audit at this time" - [[exemptions.openvino-finder]] version = "0.4.1" criteria = "safe-to-deploy" @@ -759,25 +718,10 @@ criteria = "safe-to-deploy" version = "1.0.6" criteria = "safe-to-deploy" -[[exemptions.schannel]] -version = "0.1.21" -criteria = "safe-to-deploy" -notes = "5kloc of bindings to a C FFI, heavy use of unsafe memory manipulation. very challenging to vet safety." - [[exemptions.scopeguard]] version = "1.1.0" criteria = "safe-to-deploy" -[[exemptions.security-framework]] -version = "2.8.1" -criteria = "safe-to-deploy" -notes = "10kloc of FFI bindings to the mac os security framework: very challenging to vet safety" - -[[exemptions.security-framework-sys]] -version = "2.8.0" -criteria = "safe-to-deploy" -notes = "bindings to a large C FFI" - [[exemptions.serde]] version = "1.0.137" criteria = "safe-to-deploy" @@ -894,10 +838,6 @@ criteria = "safe-to-run" version = "1.2.1" criteria = "safe-to-run" -[[exemptions.tokio]] -version = "1.18.1" -criteria = "safe-to-deploy" - [[exemptions.tokio]] version = "1.26.0" criteria = "safe-to-deploy" @@ -976,46 +916,26 @@ version = "0.2.80" criteria = "safe-to-deploy" notes = "dependency of ring for wasm32 browser platform, which our project does not target" -[[exemptions.wasm-bindgen]] -version = "0.2.80" -criteria = "safe-to-run" - [[exemptions.wasm-bindgen-backend]] version = "0.2.80" criteria = "safe-to-deploy" notes = "dependency of ring for wasm32 browser platform, which our project does not target" -[[exemptions.wasm-bindgen-backend]] -version = "0.2.80" -criteria = "safe-to-run" - [[exemptions.wasm-bindgen-macro]] version = "0.2.80" criteria = "safe-to-deploy" notes = "dependency of ring for wasm32 browser platform, which our project does not target" -[[exemptions.wasm-bindgen-macro]] -version = "0.2.80" -criteria = "safe-to-run" - [[exemptions.wasm-bindgen-macro-support]] version = "0.2.80" criteria = "safe-to-deploy" notes = "dependency of ring for wasm32 browser platform, which our project does not target" -[[exemptions.wasm-bindgen-macro-support]] -version = "0.2.80" -criteria = "safe-to-run" - [[exemptions.web-sys]] version = "0.3.57" criteria = "safe-to-deploy" notes = "dependency of ring for wasm32 browser platform, which our project does not target" -[[exemptions.web-sys]] -version = "0.3.57" -criteria = "safe-to-run" - [[exemptions.which]] version = "4.2.5" criteria = "safe-to-run"