Bug 1824482 — Certify some audits. r=nika,supply-chain-reviewers

criteria = "safe-to-run"

delta = "0.3.7 -> 0.3.8"

[[audits.headers-core]]

who = "Bobby Holley <bobbyholley@gmail.com>"

criteria = "safe-to-deploy"

version = "0.2.0"

notes = "Trivial crate, no unsafe code."

[[audits.heck]]

who = "Mike Hommey <mh+mozilla@glandium.org>"

criteria = "safe-to-deploy"

criteria = "safe-to-run"

delta = "0.14.23 -> 0.14.24"

[[audits.idna]]

who = "Bobby Holley <bobbyholley@gmail.com>"

criteria = "safe-to-deploy"

delta = "0.3.0 -> 0.2.3"

notes = "Backwards diff with some algorithm changes, no unsafe code."

[[audits.indexmap]]

who = "Mike Hommey <mh+mozilla@glandium.org>"

criteria = "safe-to-deploy"

criteria = "safe-to-deploy"

version = "0.4.1"

[[audits.malloc_buf]]

who = "Bobby Holley <bobbyholley@gmail.com>"

criteria = "safe-to-deploy"

version = "0.0.6"

notes = """

Very small crate for managing malloc-ed buffers, primarily for use in the objc crate.

There is an edge-case condition that passes slice::from_raw_parts(0x1, 0) which I'm

not entirely certain is technically sound, but in either case I am reasonably confident

it's not exploitable.

"""

[[audits.malloc_size_of_derive]]

who = "Bobby Holley <bobbyholley@gmail.com>"

criteria = "safe-to-deploy"

criteria = "safe-to-deploy"

delta = "1.0.8 -> 1.0.11"

[[audits.peeking_take_while]]

who = "Bobby Holley <bobbyholley@gmail.com>"

criteria = "safe-to-deploy"

delta = "1.0.0 -> 0.1.2"

notes = "Small refactor of some simple iterator logic, no unsafe code or capabilities."

[[audits.pin-project]]

who = "Mike Hommey <mh+mozilla@glandium.org>"

criteria = "safe-to-run"

criteria = "safe-to-deploy"

delta = "1.0.11 -> 1.0.12"

[[audits.safemem]]

who = "Bobby Holley <bobbyholley@gmail.com>"

criteria = "safe-to-run"

version = "0.3.3"

notes = "I didn't review the allocation code carefully but it's not malicious."

[[audits.scoped-tls]]

who = "Mike Hommey <mh+mozilla@glandium.org>"

criteria = "safe-to-run"

version = "0.3.7"

criteria = "safe-to-run"

[[exemptions.headers-core]]

version = "0.2.0"

criteria = "safe-to-run"

[[exemptions.hermit-abi]]

version = "0.1.19"

criteria = "safe-to-deploy"

version = "1.0.1"

criteria = "safe-to-deploy"

[[exemptions.idna]]

version = "0.2.3"

criteria = "safe-to-deploy"

[[exemptions.indexmap]]

version = "1.8.2"

criteria = "safe-to-deploy"

version = "0.3.2"

criteria = "safe-to-deploy"

[[exemptions.malloc_buf]]

version = "0.0.6"

criteria = "safe-to-deploy"

[[exemptions.memalloc]]

version = "0.1.0"

criteria = "safe-to-deploy"

version = "1.0.7"

criteria = "safe-to-deploy"

[[exemptions.peeking_take_while]]

version = "0.1.2"

criteria = "safe-to-deploy"

[[exemptions.phf]]

version = "0.10.1"

criteria = "safe-to-deploy"

version = "1.0.10"

criteria = "safe-to-deploy"

[[exemptions.safemem]]

version = "0.3.3"

criteria = "safe-to-run"

[[exemptions.same-file]]

version = "1.0.6"

criteria = "safe-to-deploy"

version = "2.2.1"

notes = "I am the author of this crate."

[[audits.bytecode-alliance.audits.idna]]

who = "Alex Crichton <alex@alexcrichton.com>"

criteria = "safe-to-deploy"

version = "0.3.0"

notes = """

This is a crate without unsafe code or usage of the standard library. The large

size of this crate comes from the large generated unicode tables file. This

crate is broadly used throughout the ecosystem and does not contain anything

suspicious.

"""

[[audits.bytecode-alliance.audits.leb128]]

who = "Nick Fitzgerald <fitzgen@gmail.com>"

criteria = "safe-to-deploy"

version = "0.2.5"

notes = "I am the author of this crate."

[[audits.bytecode-alliance.audits.peeking_take_while]]

who = "Nick Fitzgerald <fitzgen@gmail.com>"

criteria = "safe-to-deploy"

version = "1.0.0"

notes = "I am the author of this crate."

[[audits.bytecode-alliance.audits.percent-encoding]]

who = "Alex Crichton <alex@alexcrichton.com>"

criteria = "safe-to-deploy"