cranelift/deny.toml

# Documentation for this configuration file can be found here
# https://embarkstudios.github.io/cargo-deny/checks/cfg.html

targets = [
    { triple = "x86_64-unknown-linux-gnu" },
    { triple = "x86_64-apple-darwin" },
    { triple = "x86_64-pc-windows-msvc" },
    { triple = "aarch64-linux-android" },
]

# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html
[licenses]
allow = [
    "Apache-2.0 WITH LLVM-exception",
    "Apache-2.0",
    "BSD-2-Clause",
    "BSD-3-Clause",
    "ISC",
    "MIT",
    "MPL-2.0",
    "OpenSSL",
    "Zlib",
]

[[licenses.clarify]]
name = "ring"
expression = "MIT AND ISC AND OpenSSL"
license-files = [
    { path = "LICENSE", hash = 0xbd0eed23 }
]

# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
[bans]
multiple-versions = "deny"
wildcards = "allow"
deny = []

skip-tree = [
    # Criterion 0.3 is pretty old at this point and has had an upcoming 0.4 for
    # a long time. This is a dev-dependency so we don't really mind its
    # dependency tree, so skip it entirely.
    { name = "criterion", depth = 20 },

    # This is maintained externally and we allow it to have duplicate
    # dependencies relative to Wasmtime's main dependency tree.
    { name = "witx", depth = 20 },

    # This is somewhat unmaintained at this point and seems to pull in an old
    # version of `env_logger`, so ignore it.
    { name = "pretty_env_logger", depth = 20 },

    # They want to publish version 2.0 to upgrade `hashbrown` so in the meantime
    # it is duplicated for us.
    { name = "indexmap", depth = 2 },

    # This is on and older version of `wasm-encoder` and is one we can't
    # necessarily easily update, so let `wasm-encoder` get duplicated for now.
    { name = "wasm-coredump-builder", depth = 2 },

    # The native-tls crate hasn't kept up with updates to the underlying
    # windows-sys, while the rest of the ecosystem has. This duplicated
    # dependency appears to be benign.
    { name = "windows-sys", depth = 2 },
]
cargo deny config 4 years ago			`# Documentation for this configuration file can be found here`
			`# https://embarkstudios.github.io/cargo-deny/checks/cfg.html`

			`targets = [`
			`{ triple = "x86_64-unknown-linux-gnu" },`
			`{ triple = "x86_64-apple-darwin" },`
			`{ triple = "x86_64-pc-windows-msvc" },`
			`{ triple = "aarch64-linux-android" },`
			`]`

			`# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html`
			`[licenses]`
			`allow = [`
			`"Apache-2.0 WITH LLVM-exception",`
			`"Apache-2.0",`
			`"BSD-2-Clause",`
Implement strings in adapter modules (#4623) * Implement strings in adapter modules This commit is a hefty addition to Wasmtime's support for the component model. This implements the final remaining type (in the current type hierarchy) unimplemented in adapter module trampolines: strings. Strings are the most complicated type to implement in adapter trampolines because they are highly structured chunks of data in memory (according to specific encodings). Additionally each lift/lower operation can choose its own encoding for strings meaning that Wasmtime, the host, may have to convert between any pairwise ordering of string encodings. The `CanonicalABI.md` in the component-model repo in general specifies all the fiddly bits of string encoding so there's not a ton of wiggle room for Wasmtime to get creative. This PR largely "just" implements that. The high-level architecture of this implementation is: * Fused adapters are first identified to determine src/dst string encodings. This statically fixes what transcoding operation is being performed. * The generated adapter will be responsible for managing calls to `realloc` and performing bounds checks. The adapter itself does not perform memory copies or validation of string contents, however. Instead each transcoding operation is modeled as an imported function into the adapter module. This means that the adapter module dynamically, during compile time, determines what string transcoders are needed. Note that an imported transcoder is not only parameterized over the transcoding operation but additionally which memory is the source and which is the destination. * The imported core wasm functions are modeled as a new `CoreDef::Transcoder` structure. These transcoders end up being small Cranelift-compiled trampolines. The Cranelift-compiled trampoline will load the actual base pointer of memory and add it to the relative pointers passed as function arguments. This trampoline then calls a transcoder "libcall" which enters Rust-defined functions for actual transcoding operations. * Each possible transcoding operation is implemented in Rust with a unique name and a unique signature depending on the needs of the transcoder. I've tried to document inline what each transcoder does. This means that the `Module::translate_string` in adapter modules is by far the largest translation method. The main reason for this is due to the management around calling the imported transcoder functions in the face of validating string pointer/lengths and performing the dance of `realloc`-vs-transcode at the right time. I've tried to ensure that each individual case in transcoding is documented well enough to understand what's going on as well. Additionally in this PR is a full implementation in the host for the `latin1+utf16` encoding which means that both lifting and lowering host strings now works with this encoding. Currently the implementation of each transcoder function is likely far from optimal. Where possible I've leaned on the standard library itself and for latin1-related things I'm leaning on the `encoding_rs` crate. I initially tried to implement everything with `encoding_rs` but was unable to uniformly do so easily. For now I settled on trying to get a known-correct (even in the face of endianness) implementation for all of these transcoders. If an when performance becomes an issue it should be possible to implement more optimized versions of each of these transcoding operations. Testing this commit has been somewhat difficult and my general plan, like with the `(list T)` type, is to rely heavily on fuzzing to cover the various cases here. In this PR though I've added a simple test that pushes some statically known strings through all the pairs of encodings between source and destination. I've attempted to pick "interesting" strings that one way or another stress the various paths in each transcoding operation to ideally get full branch coverage there. Additionally a suite of "negative" tests have also been added to ensure that validity of encoding is actually checked. * Fix a temporarily commented out case * Fix wasmtime-runtime tests * Update deny.toml configuration * Add `BSD-3-Clause` for the `encoding_rs` crate * Remove some unused licenses * Add an exemption for `encoding_rs` for now * Split up the `translate_string` method Move out all the closures and package up captured state into smaller lists of arguments. * Test out-of-bounds for zero-length strings 2 years ago			`"BSD-3-Clause",`
wasi-nn: turn it on by default (#2859) * wasi-nn: turn it on by default This change makes the wasi-nn Cargo feature a default feature. Previously, a wasi-nn user would have to build a separate Wasmtime binary (e.g. `cargo build --features wasi-nn ...`) to use wasi-nn and the resulting binary would require OpenVINO shared libraries to be present in the environment in order to run (otherwise it would fail immediately with linking errors). With recent changes to the `openvino` crate, the wasi-nn implementation can defer the loading of the OpenVINO shared libraries until runtime (i.e., when the user Wasm program calls `wasi_ephemeral_nn::load`) and display a user-level error if anything goes wrong (e.g., the OpenVINO libraries are not present on the system). This runtime-linking addition allows the wasi-nn feature to be turned on by default and shipped with upcoming releases of Wasmtime. This change should be transparent for users who do not use wasi-nn: the `openvino` crate is small and the newly-available wasi-nn imports only affect programs in which they are used. For those interested in reviewing the runtime linking approach added to the `openvino` crate, see https://github.com/intel/openvino-rs/pull/19. * wasi-nn spec path: don't use canonicalize * Allow dependencies using the ISC license The ISC license should be [just as permissive](https://choosealicense.com/licenses/isc) as MIT, e.g., with no additional limitations. * Add a `--wasi-modules` flag This flag controls which WASI modules are made available to the Wasm program. This initial commit enables `wasi-common` by default (equivalent to `--wasi-modules=all`) and allows `wasi-nn` and `wasi-crypto` to be added in either individually (e.g., `--wasi-modules=wasi-nn`) or as a group (e.g., `--wasi-modules=all-experimental`). * wasi-crypto: fix unused dependency Co-authored-by: Pat Hickey <pat@moreproductive.org> 4 years ago			`"ISC",`
cargo deny config 4 years ago			`"MIT",`
cargo-deny: allow the MPL-2.0 and OpenSSL licenses (#6136) * cargo-deny: allow the MPL-2.0 and OpenSSL licenses These are required in order to merge https://github.com/bytecodealliance/wasmtime/pull/5929. * deny.toml: add clarification of license for `ring` 2 years ago			`"MPL-2.0",`
			`"OpenSSL",`
cargo deny config 4 years ago			`"Zlib",`
			`]`

cargo-deny: allow the MPL-2.0 and OpenSSL licenses (#6136) * cargo-deny: allow the MPL-2.0 and OpenSSL licenses These are required in order to merge https://github.com/bytecodealliance/wasmtime/pull/5929. * deny.toml: add clarification of license for `ring` 2 years ago			`[[licenses.clarify]]`
			`name = "ring"`
			`expression = "MIT AND ISC AND OpenSSL"`
			`license-files = [`
			`{ path = "LICENSE", hash = 0xbd0eed23 }`
			`]`

cargo deny config 4 years ago			`# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html`
			`[bans]`
			`multiple-versions = "deny"`
			`wildcards = "allow"`
			`deny = []`

Update to clap 3.* (#4082) * Update to clap 3.0 This commit migrates all CLI commands internally used in this project from structopt/clap2 to clap 3. The intent here is to ensure that we're using maintained versions of the dependencies as structopt and clap 2 are less maintained nowadays. Most transitions were pretty straightforward and mostly dealing with structopt/clap3 differences. * Fix a number of `cargo deny` errors This commit fixes a few errors around duplicate dependencies which arose from the prior update to clap3. This also uses a new feature in `deny.toml`, `skip-tree`, which allows having a bit more targeted ignores for skips of duplicate version checks. This showed a few more locations in Wasmtime itself where we could update some dependencies. 3 years ago			`skip-tree = [`
			`# Criterion 0.3 is pretty old at this point and has had an upcoming 0.4 for`
			`# a long time. This is a dev-dependency so we don't really mind its`
			`# dependency tree, so skip it entirely.`
			`{ name = "criterion", depth = 20 },`

			`# This is maintained externally and we allow it to have duplicate`
			`# dependencies relative to Wasmtime's main dependency tree.`
			`{ name = "witx", depth = 20 },`

			`# This is somewhat unmaintained at this point and seems to pull in an old`
			# version of `env_logger`, so ignore it.
			`{ name = "pretty_env_logger", depth = 20 },`
Update dependencies (#5513) 2 years ago
			# They want to publish version 2.0 to upgrade `hashbrown` so in the meantime
			`# it is duplicated for us.`
			`{ name = "indexmap", depth = 2 },`
Update wasm-tools crates (#5945) This notably updates `wasmparser` for updates to the relaxed-simd proposal and an implementation of the function-references proposal. Additionally there are some minor bug fixes being picked up for WIT and the component model. 2 years ago
			# This is on and older version of `wasm-encoder` and is one we can't
			# necessarily easily update, so let `wasm-encoder` get duplicated for now.
			`{ name = "wasm-coredump-builder", depth = 2 },`
wasi-http supply chain audit (#6121) * add cargo-deny exception for duplicate versions of windows-sys * cargo vetting for all new deps introduced by https://github.com/bytecodealliance/wasmtime/pull/5929 The audits are straightforward. The exemptions, as always, need to be justified: * core-foundation, core-foundation-sys, security-framework, security-framework-sys: these are large crates which are FFI bindings to Mac OS frameworks. As such they contain tons of unsafe code to make these FFI calls and manage memory. These crates are too big to audit. * schannel: same as the above, except this is a windows component, which I'm also unfamiliar with. * openssl, openssl-sys: also large FFI bindings which are impractical to audit. * futures-macro, futures-task: while not as complex as futures-util, these are beyond my personal understanding of futures to vet practically. I've asked Alex to look at auditing these, and he will after he returns from vacation next week. * futures-util: 25kloc of code, over 149 instances of the substring "unsafe" (case insensitive), this is impractical to audit in the extreme. * h2, http, httparse, hyper, mio, tokio: this so-called tokio/hyper family are very large and challenging to audit. Bobby Holley has indicated that he is working to get the AWS engineers who maintain these crates to publish their own audits, which we can then import. We expect to exempt these until those imports are available. 2 years ago
			`# The native-tls crate hasn't kept up with updates to the underlying`
			`# windows-sys, while the rest of the ecosystem has. This duplicated`
			`# dependency appears to be benign.`
			`{ name = "windows-sys", depth = 2 },`
cargo deny config 4 years ago			`]`