# cargo-vet config file [cargo-vet] version = "0.8" [imports.embark-studios] url = "https://raw.githubusercontent.com/EmbarkStudios/rust-ecosystem/main/audits.toml" [imports.fermyon] url = "https://raw.githubusercontent.com/fermyon/spin/main/supply-chain/audits.toml" [imports.google] url = [ "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/main/cargo-vet/audits.toml?format=TEXT", "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT", ] [imports.isrg] url = "https://raw.githubusercontent.com/divviup/libprio-rs/main/supply-chain/audits.toml" [imports.mozilla] url = "https://raw.githubusercontent.com/mozilla/supply-chain/main/audits.toml" [policy.cranelift] audit-as-crates-io = true [policy.cranelift-bforest] audit-as-crates-io = true [policy.cranelift-codegen] audit-as-crates-io = true [policy.cranelift-codegen-meta] audit-as-crates-io = true [policy.cranelift-codegen-shared] audit-as-crates-io = true [policy.cranelift-control] audit-as-crates-io = true [policy.cranelift-entity] audit-as-crates-io = true [policy.cranelift-frontend] audit-as-crates-io = true [policy.cranelift-interpreter] audit-as-crates-io = true [policy.cranelift-isle] audit-as-crates-io = true [policy.cranelift-jit] audit-as-crates-io = true [policy.cranelift-module] audit-as-crates-io = true [policy.cranelift-native] audit-as-crates-io = true [policy.cranelift-object] audit-as-crates-io = true [policy.cranelift-reader] audit-as-crates-io = true [policy.cranelift-serde] audit-as-crates-io = true [policy.cranelift-wasm] audit-as-crates-io = true [policy.isle-fuzz] criteria = "safe-to-run" [policy.wasi-cap-std-sync] audit-as-crates-io = true [policy.wasi-common] audit-as-crates-io = true [policy.wasi-tokio] audit-as-crates-io = true [policy.wasmtime] audit-as-crates-io = true [policy.wasmtime-asm-macros] audit-as-crates-io = true [policy.wasmtime-cache] audit-as-crates-io = true [policy.wasmtime-cli] audit-as-crates-io = true [policy.wasmtime-cli-flags] audit-as-crates-io = true [policy.wasmtime-component-macro] audit-as-crates-io = true [policy.wasmtime-component-util] audit-as-crates-io = true [policy.wasmtime-cranelift] audit-as-crates-io = true [policy.wasmtime-cranelift-shared] audit-as-crates-io = true [policy.wasmtime-environ] audit-as-crates-io = true [policy.wasmtime-environ-fuzz] criteria = "safe-to-run" [policy.wasmtime-explorer] audit-as-crates-io = true [policy.wasmtime-fiber] audit-as-crates-io = true [policy.wasmtime-fuzz] criteria = "safe-to-run" [policy.wasmtime-fuzzing] criteria = "safe-to-run" [policy.wasmtime-jit] audit-as-crates-io = true [policy.wasmtime-jit-debug] audit-as-crates-io = true [policy.wasmtime-jit-icache-coherence] audit-as-crates-io = true [policy.wasmtime-runtime] audit-as-crates-io = true [policy.wasmtime-types] audit-as-crates-io = true [policy.wasmtime-versioned-export-macros] audit-as-crates-io = false [policy.wasmtime-wasi] audit-as-crates-io = true [policy.wasmtime-wasi-http] audit-as-crates-io = true [policy.wasmtime-wasi-nn] audit-as-crates-io = true [policy.wasmtime-wasi-threads] audit-as-crates-io = true [policy.wasmtime-wast] audit-as-crates-io = true [policy.wasmtime-winch] audit-as-crates-io = true [policy.wasmtime-wit-bindgen] audit-as-crates-io = true [policy.wasmtime-wmemcheck] audit-as-crates-io = true [policy.wiggle] audit-as-crates-io = true [policy.wiggle-generate] audit-as-crates-io = true [policy.wiggle-macro] audit-as-crates-io = true [policy.wiggle-test] audit-as-crates-io = true [policy.winch-codegen] audit-as-crates-io = true [policy.witx] audit-as-crates-io = false [[exemptions.addr2line]] version = "0.17.0" criteria = "safe-to-deploy" [[exemptions.ahash]] version = "0.7.6" criteria = "safe-to-deploy" [[exemptions.bincode]] version = "1.3.3" criteria = "safe-to-deploy" [[exemptions.bitflags]] version = "1.3.2" criteria = "safe-to-deploy" [[exemptions.bytes]] version = "1.1.0" criteria = "safe-to-deploy" [[exemptions.capstone]] version = "0.9.0" criteria = "safe-to-deploy" [[exemptions.capstone-sys]] version = "0.13.0" criteria = "safe-to-deploy" [[exemptions.cast]] version = "0.2.7" criteria = "safe-to-run" [[exemptions.console]] version = "0.15.0" criteria = "safe-to-deploy" [[exemptions.cpp_demangle]] version = "0.3.5" criteria = "safe-to-deploy" [[exemptions.cpufeatures]] version = "0.2.2" criteria = "safe-to-deploy" [[exemptions.crc32fast]] version = "1.3.2" criteria = "safe-to-deploy" [[exemptions.criterion]] version = "0.3.5" criteria = "safe-to-run" [[exemptions.criterion-plot]] version = "0.4.4" criteria = "safe-to-run" [[exemptions.crossbeam-channel]] version = "0.5.4" criteria = "safe-to-deploy" [[exemptions.crossbeam-deque]] version = "0.8.1" criteria = "safe-to-deploy" [[exemptions.crossbeam-epoch]] version = "0.9.9" criteria = "safe-to-deploy" [[exemptions.crossbeam-utils]] version = "0.8.10" criteria = "safe-to-deploy" [[exemptions.digest]] version = "0.9.0" criteria = "safe-to-deploy" [[exemptions.directories-next]] version = "2.0.0" criteria = "safe-to-deploy" [[exemptions.dirs-next]] version = "2.0.0" criteria = "safe-to-deploy" [[exemptions.dirs-sys-next]] version = "0.1.2" criteria = "safe-to-deploy" [[exemptions.downcast-rs]] version = "1.2.0" criteria = "safe-to-run" [[exemptions.egg]] version = "0.6.0" criteria = "safe-to-run" [[exemptions.encode_unicode]] version = "0.3.6" criteria = "safe-to-deploy" [[exemptions.env_logger]] version = "0.7.1" criteria = "safe-to-deploy" [[exemptions.env_logger]] version = "0.9.0" criteria = "safe-to-deploy" [[exemptions.fallible-iterator]] version = "0.2.0" criteria = "safe-to-deploy" [[exemptions.filetime]] version = "0.2.16" criteria = "safe-to-run" [[exemptions.fslock]] version = "0.1.8" criteria = "safe-to-run" [[exemptions.futures-task]] version = "0.3.27" criteria = "safe-to-deploy" notes = "deferring this vetting until Alex gets back from vacation" [[exemptions.futures-util]] version = "0.3.27" criteria = "safe-to-deploy" notes = "this is 25k lines and contains over 149 uses of the substring unsafe. it is a huge grab bag of complexity with no practical way to audit it" [[exemptions.generic-array]] version = "0.14.5" criteria = "safe-to-deploy" [[exemptions.getrandom]] version = "0.2.6" criteria = "safe-to-deploy" [[exemptions.gimli]] version = "0.26.1" criteria = "safe-to-deploy" [[exemptions.h2]] version = "0.3.19" criteria = "safe-to-deploy" notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon" [[exemptions.hermit-abi]] version = "0.1.19" criteria = "safe-to-deploy" [[exemptions.hermit-abi]] version = "0.2.0" criteria = "safe-to-deploy" [[exemptions.http]] version = "0.2.9" criteria = "safe-to-deploy" notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon" [[exemptions.httparse]] version = "1.8.0" criteria = "safe-to-deploy" notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon" [[exemptions.humantime]] version = "1.3.0" criteria = "safe-to-deploy" [[exemptions.humantime]] version = "2.1.0" criteria = "safe-to-deploy" [[exemptions.hyper]] version = "1.0.0-rc.3" criteria = "safe-to-deploy" notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon" [[exemptions.indicatif]] version = "0.13.0" criteria = "safe-to-deploy" [[exemptions.ipnet]] version = "2.5.0" criteria = "safe-to-deploy" [[exemptions.itertools]] version = "0.10.3" criteria = "safe-to-deploy" [[exemptions.jobserver]] version = "0.1.24" criteria = "safe-to-deploy" [[exemptions.js-sys]] version = "0.3.57" criteria = "safe-to-deploy" notes = "dependency of ring for wasm32 browser platform, which our project does not target" [[exemptions.libloading]] version = "0.7.3" criteria = "safe-to-deploy" [[exemptions.listenfd]] version = "1.0.0" criteria = "safe-to-deploy" [[exemptions.mach]] version = "0.3.2" criteria = "safe-to-deploy" [[exemptions.maybe-owned]] version = "0.3.4" criteria = "safe-to-deploy" [[exemptions.memmap2]] version = "0.2.3" criteria = "safe-to-deploy" [[exemptions.memoffset]] version = "0.6.5" criteria = "safe-to-deploy" [[exemptions.mio]] version = "0.8.6" criteria = "safe-to-deploy" notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon" [[exemptions.num_cpus]] version = "1.13.1" criteria = "safe-to-deploy" [[exemptions.number_prefix]] version = "0.3.0" criteria = "safe-to-deploy" [[exemptions.object]] version = "0.29.0" criteria = "safe-to-deploy" [[exemptions.ocaml-boxroot-sys]] version = "0.2.0" criteria = "safe-to-run" [[exemptions.ocaml-interop]] version = "0.8.8" criteria = "safe-to-run" [[exemptions.ocaml-sys]] version = "0.22.3" criteria = "safe-to-run" [[exemptions.once_cell]] version = "1.12.0" criteria = "safe-to-deploy" [[exemptions.openvino-finder]] version = "0.4.1" criteria = "safe-to-deploy" [[exemptions.openvino-sys]] version = "0.4.1" criteria = "safe-to-deploy" [[exemptions.plotters]] version = "0.3.1" criteria = "safe-to-run" [[exemptions.plotters-backend]] version = "0.3.2" criteria = "safe-to-run" [[exemptions.plotters-svg]] version = "0.3.1" criteria = "safe-to-run" [[exemptions.ppv-lite86]] version = "0.2.16" criteria = "safe-to-deploy" [[exemptions.pretty_env_logger]] version = "0.4.0" criteria = "safe-to-deploy" [[exemptions.proptest]] version = "1.0.0" criteria = "safe-to-deploy" [[exemptions.psm]] version = "0.1.18" criteria = "safe-to-deploy" [[exemptions.quick-error]] version = "1.2.3" criteria = "safe-to-deploy" [[exemptions.quick-error]] version = "2.0.1" criteria = "safe-to-deploy" [[exemptions.rand]] version = "0.8.5" criteria = "safe-to-deploy" [[exemptions.rand_xorshift]] version = "0.3.0" criteria = "safe-to-deploy" [[exemptions.redox_syscall]] version = "0.2.13" criteria = "safe-to-deploy" [[exemptions.redox_users]] version = "0.4.3" criteria = "safe-to-deploy" [[exemptions.region]] version = "2.2.0" criteria = "safe-to-deploy" [[exemptions.ring]] version = "0.16.20" criteria = "safe-to-deploy" notes = "contains assembly language and object file implementations of crypto primitives for a very large number of platforms" [[exemptions.rusty-fork]] version = "0.3.0" criteria = "safe-to-deploy" [[exemptions.shellexpand]] version = "2.1.0" criteria = "safe-to-deploy" [[exemptions.shuffling-allocator]] version = "1.1.2" criteria = "safe-to-deploy" [[exemptions.slice-group-by]] version = "0.3.0" criteria = "safe-to-deploy" [[exemptions.smallvec]] version = "1.8.0" criteria = "safe-to-deploy" [[exemptions.socket2]] version = "0.4.9" criteria = "safe-to-deploy" [[exemptions.souper-ir]] version = "2.1.0" criteria = "safe-to-deploy" [[exemptions.spin]] version = "0.5.2" criteria = "safe-to-deploy" [[exemptions.stable_deref_trait]] version = "1.2.0" criteria = "safe-to-deploy" [[exemptions.strsim]] version = "0.10.0" criteria = "safe-to-deploy" [[exemptions.symbolic_expressions]] version = "5.0.3" criteria = "safe-to-run" [[exemptions.tempfile]] version = "3.3.0" criteria = "safe-to-deploy" [[exemptions.terminal_size]] version = "0.1.17" criteria = "safe-to-deploy" [[exemptions.tinytemplate]] version = "1.2.1" criteria = "safe-to-run" [[exemptions.tokio]] version = "1.29.1" criteria = "safe-to-deploy" notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon" [[exemptions.tokio-macros]] version = "1.7.0" criteria = "safe-to-deploy" [[exemptions.tracing]] version = "0.1.34" criteria = "safe-to-deploy" [[exemptions.tracing-attributes]] version = "0.1.21" criteria = "safe-to-deploy" [[exemptions.tracing-core]] version = "0.1.28" criteria = "safe-to-deploy" [[exemptions.typenum]] version = "1.15.0" criteria = "safe-to-deploy" [[exemptions.uuid]] version = "1.0.0" criteria = "safe-to-deploy" [[exemptions.v8]] version = "0.74.1" criteria = "safe-to-run" [[exemptions.wait-timeout]] version = "0.2.0" criteria = "safe-to-deploy" [[exemptions.wasi]] version = "0.11.0+wasi-snapshot-preview1" criteria = "safe-to-deploy" [[exemptions.web-sys]] version = "0.3.57" criteria = "safe-to-deploy" notes = "dependency of ring for wasm32 browser platform, which our project does not target" [[exemptions.which]] version = "4.2.5" criteria = "safe-to-run" [[exemptions.winapi]] version = "0.3.9" criteria = "safe-to-deploy" [[exemptions.winapi-i686-pc-windows-gnu]] version = "0.4.0" criteria = "safe-to-deploy" [[exemptions.winapi-x86_64-pc-windows-gnu]] version = "0.4.0" criteria = "safe-to-deploy" [[exemptions.zstd]] version = "0.11.1+zstd.1.5.2" criteria = "safe-to-deploy" [[exemptions.zstd-safe]] version = "5.0.1+zstd.1.5.2" criteria = "safe-to-deploy" [[exemptions.zstd-sys]] version = "2.0.1+zstd.1.5.2" criteria = "safe-to-deploy"