github
/
cranelift
mirror of https://github.com/bytecodealliance/wasmtime.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12473 Commits
49 Branches
140 Tags
128 MiB
 
 
 
Tree: bba4ee78a9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'bba4ee78a9'
${ noResults }
cranelift/supply-chain/config.toml

646 lines
13 KiB
Raw Blame History

# cargo-vet config file
[cargo-vet]
version = "0.8"
[imports.embark-studios]
url = "https://raw.githubusercontent.com/EmbarkStudios/rust-ecosystem/main/audits.toml"
[imports.fermyon]
url = "https://raw.githubusercontent.com/fermyon/spin/main/supply-chain/audits.toml"
[imports.google]
url = [
"https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/main/cargo-vet/audits.toml?format=TEXT",
"https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT",
]
[imports.isrg]
url = "https://raw.githubusercontent.com/divviup/libprio-rs/main/supply-chain/audits.toml"
[imports.mozilla]
url = "https://raw.githubusercontent.com/mozilla/supply-chain/main/audits.toml"
[policy.cranelift]
audit-as-crates-io = true
[policy.cranelift-bforest]
audit-as-crates-io = true
[policy.cranelift-codegen]
audit-as-crates-io = true
[policy.cranelift-codegen-meta]
audit-as-crates-io = true
[policy.cranelift-codegen-shared]
audit-as-crates-io = true
[policy.cranelift-control]
audit-as-crates-io = true
[policy.cranelift-entity]
audit-as-crates-io = true
[policy.cranelift-frontend]
audit-as-crates-io = true
[policy.cranelift-interpreter]
audit-as-crates-io = true
[policy.cranelift-isle]
audit-as-crates-io = true
[policy.cranelift-jit]
audit-as-crates-io = true
[policy.cranelift-module]
audit-as-crates-io = true
[policy.cranelift-native]
audit-as-crates-io = true
[policy.cranelift-object]
audit-as-crates-io = true
[policy.cranelift-reader]
audit-as-crates-io = true
[policy.cranelift-serde]
audit-as-crates-io = true
[policy.cranelift-wasm]
audit-as-crates-io = true
[policy.isle-fuzz]
criteria = "safe-to-run"
[policy.wasi-cap-std-sync]
audit-as-crates-io = true
[policy.wasi-common]
audit-as-crates-io = true
[policy.wasi-tokio]
audit-as-crates-io = true
[policy.wasmtime]
audit-as-crates-io = true
[policy.wasmtime-asm-macros]
audit-as-crates-io = true
[policy.wasmtime-cache]
audit-as-crates-io = true
[policy.wasmtime-cli]
audit-as-crates-io = true
[policy.wasmtime-cli-flags]
audit-as-crates-io = true
[policy.wasmtime-component-macro]
audit-as-crates-io = true
[policy.wasmtime-component-util]
audit-as-crates-io = true
[policy.wasmtime-cranelift]
audit-as-crates-io = true
[policy.wasmtime-cranelift-shared]
audit-as-crates-io = true
[policy.wasmtime-environ]
audit-as-crates-io = true
[policy.wasmtime-environ-fuzz]
criteria = "safe-to-run"
[policy.wasmtime-explorer]
audit-as-crates-io = true
[policy.wasmtime-fiber]
audit-as-crates-io = true
[policy.wasmtime-fuzz]
criteria = "safe-to-run"
[policy.wasmtime-fuzzing]
criteria = "safe-to-run"
[policy.wasmtime-jit]
audit-as-crates-io = true
[policy.wasmtime-jit-debug]
audit-as-crates-io = true
[policy.wasmtime-jit-icache-coherence]
audit-as-crates-io = true
[policy.wasmtime-runtime]
audit-as-crates-io = true
[policy.wasmtime-types]
audit-as-crates-io = true
[policy.wasmtime-versioned-export-macros]
audit-as-crates-io = false
[policy.wasmtime-wasi]
audit-as-crates-io = true
[policy.wasmtime-wasi-http]
audit-as-crates-io = true
[policy.wasmtime-wasi-nn]
audit-as-crates-io = true
[policy.wasmtime-wasi-threads]
audit-as-crates-io = true
[policy.wasmtime-wast]
audit-as-crates-io = true
[policy.wasmtime-winch]
audit-as-crates-io = true
[policy.wasmtime-wit-bindgen]
audit-as-crates-io = true
[policy.wasmtime-wmemcheck]
audit-as-crates-io = true
[policy.wiggle]
audit-as-crates-io = true
[policy.wiggle-generate]
audit-as-crates-io = true
[policy.wiggle-macro]
audit-as-crates-io = true
[policy.wiggle-test]
audit-as-crates-io = true
[policy.winch-codegen]
audit-as-crates-io = true
[policy.witx]
audit-as-crates-io = false
[[exemptions.addr2line]]
version = "0.17.0"
criteria = "safe-to-deploy"
[[exemptions.ahash]]
version = "0.7.6"
criteria = "safe-to-deploy"
[[exemptions.bincode]]
version = "1.3.3"
criteria = "safe-to-deploy"
[[exemptions.bitflags]]
version = "1.3.2"
criteria = "safe-to-deploy"
[[exemptions.bytes]]
version = "1.1.0"
criteria = "safe-to-deploy"
[[exemptions.capstone]]
version = "0.9.0"
criteria = "safe-to-deploy"
[[exemptions.capstone-sys]]
version = "0.13.0"
criteria = "safe-to-deploy"
[[exemptions.cast]]
version = "0.2.7"
criteria = "safe-to-run"
[[exemptions.console]]
version = "0.15.0"
criteria = "safe-to-deploy"
[[exemptions.cpp_demangle]]
version = "0.3.5"
criteria = "safe-to-deploy"
[[exemptions.cpufeatures]]
version = "0.2.2"
criteria = "safe-to-deploy"
[[exemptions.crc32fast]]
version = "1.3.2"
criteria = "safe-to-deploy"
[[exemptions.criterion]]
version = "0.3.5"
criteria = "safe-to-run"
[[exemptions.criterion-plot]]
version = "0.4.4"
criteria = "safe-to-run"
[[exemptions.crossbeam-channel]]
version = "0.5.4"
criteria = "safe-to-deploy"
[[exemptions.crossbeam-deque]]
version = "0.8.1"
criteria = "safe-to-deploy"
[[exemptions.crossbeam-epoch]]
version = "0.9.9"
criteria = "safe-to-deploy"
[[exemptions.crossbeam-utils]]
version = "0.8.10"
criteria = "safe-to-deploy"
[[exemptions.digest]]
version = "0.9.0"
criteria = "safe-to-deploy"
[[exemptions.directories-next]]
version = "2.0.0"
criteria = "safe-to-deploy"
[[exemptions.dirs-next]]
version = "2.0.0"
criteria = "safe-to-deploy"
[[exemptions.dirs-sys-next]]
version = "0.1.2"
criteria = "safe-to-deploy"
[[exemptions.downcast-rs]]
version = "1.2.0"
criteria = "safe-to-run"
[[exemptions.egg]]
version = "0.6.0"
criteria = "safe-to-run"
[[exemptions.encode_unicode]]
version = "0.3.6"
criteria = "safe-to-deploy"
[[exemptions.env_logger]]
version = "0.7.1"
criteria = "safe-to-deploy"
[[exemptions.env_logger]]
version = "0.9.0"
criteria = "safe-to-deploy"
[[exemptions.fallible-iterator]]
version = "0.2.0"
criteria = "safe-to-deploy"
[[exemptions.filetime]]
version = "0.2.16"
criteria = "safe-to-run"
[[exemptions.fslock]]
version = "0.1.8"
criteria = "safe-to-run"
[[exemptions.futures-task]]
version = "0.3.27"
criteria = "safe-to-deploy"
notes = "deferring this vetting until Alex gets back from vacation"
[[exemptions.futures-util]]
version = "0.3.27"
criteria = "safe-to-deploy"
notes = "this is 25k lines and contains over 149 uses of the substring unsafe. it is a huge grab bag of complexity with no practical way to audit it"
[[exemptions.generic-array]]
version = "0.14.5"
criteria = "safe-to-deploy"
[[exemptions.getrandom]]
version = "0.2.6"
criteria = "safe-to-deploy"
[[exemptions.gimli]]
version = "0.26.1"
criteria = "safe-to-deploy"
[[exemptions.h2]]
version = "0.3.19"
criteria = "safe-to-deploy"
notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon"
[[exemptions.hermit-abi]]
version = "0.1.19"
criteria = "safe-to-deploy"
[[exemptions.hermit-abi]]
version = "0.2.0"
criteria = "safe-to-deploy"
[[exemptions.http]]
version = "0.2.9"
criteria = "safe-to-deploy"
notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon"
[[exemptions.httparse]]
version = "1.8.0"
criteria = "safe-to-deploy"
notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon"
[[exemptions.humantime]]
version = "1.3.0"
criteria = "safe-to-deploy"
[[exemptions.humantime]]
version = "2.1.0"
criteria = "safe-to-deploy"
[[exemptions.hyper]]
version = "1.0.0-rc.3"
criteria = "safe-to-deploy"
notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon"
[[exemptions.indicatif]]
version = "0.13.0"
criteria = "safe-to-deploy"
[[exemptions.ipnet]]
version = "2.5.0"
criteria = "safe-to-deploy"
[[exemptions.itertools]]
version = "0.10.3"
criteria = "safe-to-deploy"
[[exemptions.jobserver]]
version = "0.1.24"
criteria = "safe-to-deploy"
[[exemptions.js-sys]]
version = "0.3.57"
criteria = "safe-to-deploy"
notes = "dependency of ring for wasm32 browser platform, which our project does not target"
[[exemptions.libloading]]
version = "0.7.3"
criteria = "safe-to-deploy"
[[exemptions.listenfd]]
version = "1.0.0"
criteria = "safe-to-deploy"
[[exemptions.mach]]
version = "0.3.2"
criteria = "safe-to-deploy"
[[exemptions.maybe-owned]]
version = "0.3.4"
criteria = "safe-to-deploy"
[[exemptions.memmap2]]
version = "0.2.3"
criteria = "safe-to-deploy"
[[exemptions.memoffset]]
version = "0.6.5"
criteria = "safe-to-deploy"
[[exemptions.mio]]
version = "0.8.6"
criteria = "safe-to-deploy"
notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon"
[[exemptions.num_cpus]]
version = "1.13.1"
criteria = "safe-to-deploy"
[[exemptions.number_prefix]]
version = "0.3.0"
criteria = "safe-to-deploy"
[[exemptions.object]]
version = "0.29.0"
criteria = "safe-to-deploy"
[[exemptions.ocaml-boxroot-sys]]
version = "0.2.0"
criteria = "safe-to-run"
[[exemptions.ocaml-interop]]
version = "0.8.8"
criteria = "safe-to-run"
[[exemptions.ocaml-sys]]
version = "0.22.3"
criteria = "safe-to-run"
[[exemptions.once_cell]]
version = "1.12.0"
criteria = "safe-to-deploy"
[[exemptions.openvino-finder]]
version = "0.4.1"
criteria = "safe-to-deploy"
[[exemptions.openvino-sys]]
version = "0.4.1"
criteria = "safe-to-deploy"
[[exemptions.plotters]]
version = "0.3.1"
criteria = "safe-to-run"
[[exemptions.plotters-backend]]
version = "0.3.2"
criteria = "safe-to-run"
[[exemptions.plotters-svg]]
version = "0.3.1"
criteria = "safe-to-run"
[[exemptions.ppv-lite86]]
version = "0.2.16"
criteria = "safe-to-deploy"
[[exemptions.pretty_env_logger]]
version = "0.4.0"
criteria = "safe-to-deploy"
[[exemptions.proptest]]
version = "1.0.0"
criteria = "safe-to-deploy"
[[exemptions.psm]]
version = "0.1.18"
criteria = "safe-to-deploy"
[[exemptions.quick-error]]
version = "1.2.3"
criteria = "safe-to-deploy"
[[exemptions.quick-error]]
version = "2.0.1"
criteria = "safe-to-deploy"
[[exemptions.rand]]
version = "0.8.5"
criteria = "safe-to-deploy"
[[exemptions.rand_xorshift]]
version = "0.3.0"
criteria = "safe-to-deploy"
[[exemptions.redox_syscall]]
version = "0.2.13"
criteria = "safe-to-deploy"
[[exemptions.redox_users]]
version = "0.4.3"
criteria = "safe-to-deploy"
[[exemptions.region]]
version = "2.2.0"
criteria = "safe-to-deploy"
[[exemptions.ring]]
version = "0.16.20"
criteria = "safe-to-deploy"
notes = "contains assembly language and object file implementations of crypto primitives for a very large number of platforms"
[[exemptions.rusty-fork]]
version = "0.3.0"
criteria = "safe-to-deploy"
[[exemptions.shellexpand]]
version = "2.1.0"
criteria = "safe-to-deploy"
[[exemptions.shuffling-allocator]]
version = "1.1.2"
criteria = "safe-to-deploy"
[[exemptions.slice-group-by]]
version = "0.3.0"
criteria = "safe-to-deploy"
[[exemptions.smallvec]]
version = "1.8.0"
criteria = "safe-to-deploy"
[[exemptions.socket2]]
version = "0.4.9"
criteria = "safe-to-deploy"
[[exemptions.souper-ir]]
version = "2.1.0"
criteria = "safe-to-deploy"
[[exemptions.spin]]
version = "0.5.2"
criteria = "safe-to-deploy"
[[exemptions.stable_deref_trait]]
version = "1.2.0"
criteria = "safe-to-deploy"
[[exemptions.strsim]]
version = "0.10.0"
criteria = "safe-to-deploy"
[[exemptions.symbolic_expressions]]
version = "5.0.3"
criteria = "safe-to-run"
[[exemptions.tempfile]]
version = "3.3.0"
criteria = "safe-to-deploy"
[[exemptions.terminal_size]]
version = "0.1.17"
criteria = "safe-to-deploy"
[[exemptions.tinytemplate]]
version = "1.2.1"
criteria = "safe-to-run"
[[exemptions.tokio]]
version = "1.29.1"
criteria = "safe-to-deploy"
notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon"
[[exemptions.tokio-macros]]
version = "1.7.0"
criteria = "safe-to-deploy"
[[exemptions.tracing]]
version = "0.1.34"
criteria = "safe-to-deploy"
[[exemptions.tracing-attributes]]
version = "0.1.21"
criteria = "safe-to-deploy"
[[exemptions.tracing-core]]
version = "0.1.28"
criteria = "safe-to-deploy"
[[exemptions.typenum]]
version = "1.15.0"
criteria = "safe-to-deploy"
[[exemptions.uuid]]
version = "1.0.0"
criteria = "safe-to-deploy"
[[exemptions.v8]]
version = "0.74.1"
criteria = "safe-to-run"
[[exemptions.wait-timeout]]
version = "0.2.0"
criteria = "safe-to-deploy"
[[exemptions.wasi]]
version = "0.11.0+wasi-snapshot-preview1"
criteria = "safe-to-deploy"
[[exemptions.web-sys]]
version = "0.3.57"
criteria = "safe-to-deploy"
notes = "dependency of ring for wasm32 browser platform, which our project does not target"
[[exemptions.which]]
version = "4.2.5"
criteria = "safe-to-run"
[[exemptions.winapi]]
version = "0.3.9"
criteria = "safe-to-deploy"
[[exemptions.winapi-i686-pc-windows-gnu]]
version = "0.4.0"
criteria = "safe-to-deploy"
[[exemptions.winapi-x86_64-pc-windows-gnu]]
version = "0.4.0"
criteria = "safe-to-deploy"
[[exemptions.zstd]]
version = "0.11.1+zstd.1.5.2"
criteria = "safe-to-deploy"
[[exemptions.zstd-safe]]
version = "5.0.1+zstd.1.5.2"
criteria = "safe-to-deploy"
[[exemptions.zstd-sys]]
version = "2.0.1+zstd.1.5.2"
criteria = "safe-to-deploy"