diff --git a/Cargo.lock b/Cargo.lock index 9e11b42..84ac008 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -296,9 +296,9 @@ checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5" [[package]] name = "cc" -version = "1.2.48" +version = "1.2.51" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c481bdbf0ed3b892f6f806287d72acd515b352a4ec27a208489b8c1bc839633a" +checksum = "7a0aeaff4ff1a90589618835a598e545176939b97874f7abc7851caa0618f203" dependencies = [ "find-msvc-tools", "jobserver", @@ -619,9 +619,9 @@ dependencies = [ [[package]] name = "criterion" -version = "0.8.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a0dfe5e9e71bdcf4e4954f7d14da74d1cdb92a3a07686452d1509652684b1aab" +checksum = "4d883447757bb0ee46f233e9dc22eb84d93a9508c9b868687b274fc431d886bf" dependencies = [ "alloca", "anes", @@ -644,9 +644,9 @@ dependencies = [ [[package]] name = "criterion-plot" -version = "0.8.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5de36c2bee19fba779808f92bf5d9b0fa5a40095c277aba10c458a12b35d21d6" +checksum = "ed943f81ea2faa8dcecbbfa50164acf95d555afec96a27871663b300e387b2e4" dependencies = [ "cast", "itertools 0.13.0", @@ -814,9 +814,9 @@ dependencies = [ [[package]] name = "find-msvc-tools" -version = "0.1.5" +version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a3076410a55c90011c298b04d0cfa770b00fa04e1e3c97d3f6c9de105a03844" +checksum = "645cbb3a84e60b7531617d5ae4e57f7e27308f6445f5abf653209ea76dec8dff" [[package]] name = "fixedbitset" @@ -1119,9 +1119,9 @@ dependencies = [ [[package]] name = "hyper-util" -version = "0.1.18" +version = "0.1.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "52e9a2a24dc5c6821e71a7030e1e14b7b632acac55c40e9d2e082c621261bb56" +checksum = "727805d60e7938b76b826a6ef209eb70eaa1812794f9424d4a4e2d740662df5f" dependencies = [ "bytes", "futures-channel", diff --git a/crates/cli/Cargo.toml b/crates/cli/Cargo.toml index 9fc4df8..5b2111c 100644 --- a/crates/cli/Cargo.toml +++ b/crates/cli/Cargo.toml @@ -17,7 +17,7 @@ wasmtime-wasi = "39" wasmtime-wizer = { version = "39", features = ["wasmtime"] } [dev-dependencies] -criterion = "0.8.0" +criterion = "0.8.1" ruby-wasm-assets = { path = "../ruby-wasm-assets" } [build-dependencies] diff --git a/crates/ruby-wasm-assets/Cargo.toml b/crates/ruby-wasm-assets/Cargo.toml index 9e5ef91..8bfe52e 100644 --- a/crates/ruby-wasm-assets/Cargo.toml +++ b/crates/ruby-wasm-assets/Cargo.toml @@ -8,6 +8,6 @@ anyhow = { workspace = true } http-body-util = "0.1.3" hyper = "1.8" hyper-tls = "0.6.0" -hyper-util = { version = "0.1.18", features = ["http1"] } +hyper-util = { version = "0.1.19", features = ["http1"] } lazy_static = "1.5.0" tokio = { version = "1.48.0", features = ["rt"] } diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 3eda623..19b76d4 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -26,10 +26,6 @@ url = "https://raw.githubusercontent.com/mozilla/supply-chain/main/audits.toml" version = "0.19.0" criteria = "safe-to-deploy" -[[exemptions.alloca]] -version = "0.4.0" -criteria = "safe-to-run" - [[exemptions.bindgen]] version = "0.72.1" criteria = "safe-to-deploy" @@ -47,7 +43,7 @@ version = "0.10.4" criteria = "safe-to-deploy" [[exemptions.cc]] -version = "1.2.48" +version = "1.2.51" criteria = "safe-to-deploy" [[exemptions.ciborium]] @@ -82,10 +78,6 @@ criteria = "safe-to-deploy" version = "0.8.0" criteria = "safe-to-run" -[[exemptions.criterion-plot]] -version = "0.8.0" -criteria = "safe-to-run" - [[exemptions.crossbeam-deque]] version = "0.8.3" criteria = "safe-to-deploy" @@ -123,7 +115,7 @@ version = "4.0.0" criteria = "safe-to-deploy" [[exemptions.find-msvc-tools]] -version = "0.1.5" +version = "0.1.6" criteria = "safe-to-deploy" [[exemptions.foldhash]] @@ -218,10 +210,6 @@ criteria = "safe-to-deploy" version = "0.9.107" criteria = "safe-to-deploy" -[[exemptions.page_size]] -version = "0.6.0" -criteria = "safe-to-run" - [[exemptions.petgraph]] version = "0.6.5" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 4c711ad..3381b11 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -324,8 +324,8 @@ user-login = "seanmonstar" user-name = "Sean McArthur" [[publisher.hyper-util]] -version = "0.1.18" -when = "2025-11-13" +version = "0.1.19" +when = "2025-12-03" user-id = 359 user-login = "seanmonstar" user-name = "Sean McArthur" @@ -2509,6 +2509,11 @@ criteria = "safe-to-deploy" version = "0.9.4" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/main/cargo-vet/audits.toml?format=TEXT" +[[audits.isrg.audits.alloca]] +who = "David Cook " +criteria = "safe-to-run" +version = "0.4.0" + [[audits.isrg.audits.base64]] who = "Tim Geoghegan " criteria = "safe-to-deploy" @@ -2524,6 +2529,16 @@ who = "David Cook " criteria = "safe-to-deploy" delta = "0.21.2 -> 0.21.3" +[[audits.isrg.audits.criterion]] +who = "J.C. Jones " +criteria = "safe-to-run" +delta = "0.8.0 -> 0.8.1" + +[[audits.isrg.audits.criterion-plot]] +who = "J.C. Jones " +criteria = "safe-to-run" +version = "0.8.1" + [[audits.isrg.audits.once_cell]] who = "Brandon Pitman " criteria = "safe-to-deploy" @@ -2540,6 +2555,11 @@ criteria = "safe-to-deploy" delta = "1.21.1 -> 1.21.3" notes = "The unsafe code has moved from `compare_exchange` to a new `init` function, which makes it easier to reason about." +[[audits.isrg.audits.page_size]] +who = "David Cook " +criteria = "safe-to-run" +version = "0.6.0" + [[audits.isrg.audits.rand_chacha]] who = "David Cook " criteria = "safe-to-deploy"