Skip to content

Commit

Permalink
build(deps): Bump ring from 0.17.2 to 0.17.5 (#805)
Browse files Browse the repository at this point in the history
  • Loading branch information
@dependabot
dependabot[bot] authored Oct 23, 2023
1 parent b6a6959 commit 5decd22
Show file tree
Hide file tree
Showing 4 changed files with 34 additions and 15 deletions.
15 changes: 9 additions & 6 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ rayon = { version = "1.8.0", optional = true }

# dependencies required if feature "prio2" is enabled
aes-gcm = { version = "^0.10", optional = true }
ring = { version = "0.17.2", optional = true }
ring = { version = "0.17.5", optional = true }

[dev-dependencies]
assert_matches = "1.5.0"
Expand Down
7 changes: 5 additions & 2 deletions supply-chain/config.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,10 @@ criteria = "safe-to-deploy"
version = "0.3.0"
criteria = "safe-to-run"

[[exemptions.cc]]
version = "1.0.83"
criteria = "safe-to-deploy"

[[exemptions.cipher]]
version = "0.4.3"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -207,9 +211,8 @@ criteria = "safe-to-deploy"
notes = "This is only used when the \"test-util\" feature is enabled."

[[exemptions.ring]]
version = "0.17.2"
version = "0.17.5"
criteria = "safe-to-deploy"
notes = "ring is only used in prio2 and eliminated from the main branch. We accept the risk of updating ring without an audit."

[[exemptions.spin]]
version = "0.9.8"
Expand Down
25 changes: 19 additions & 6 deletions supply-chain/imports.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -299,12 +299,6 @@ criteria = "safe-to-deploy"
version = "3.11.1"
notes = "I am the author of this crate."

[[audits.bytecode-alliance.audits.cc]]
who = "Alex Crichton <[email protected]>"
criteria = "safe-to-deploy"
version = "1.0.73"
notes = "I am the author of this crate."

[[audits.bytecode-alliance.audits.cfg-if]]
who = "Alex Crichton <[email protected]>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -353,6 +347,12 @@ The is-terminal implementation code is now sync'd up with the prototype
implementation in the Rust standard library.
"""

[[audits.bytecode-alliance.audits.libc]]
who = "Alex Crichton <[email protected]>"
criteria = "safe-to-deploy"
delta = "0.2.146 -> 0.2.147"
notes = "Only new type definitions and updating others for some platforms, no major changes"

[[audits.bytecode-alliance.audits.linux-raw-sys]]
who = "Dan Gohman <[email protected]>"
criteria = "safe-to-deploy"
Expand Down Expand Up @@ -691,6 +691,19 @@ criteria = "safe-to-deploy"
delta = "0.1.19 -> 0.2.6"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.libc]]
who = "Mike Hommey <[email protected]>"
criteria = "safe-to-deploy"
delta = "0.2.147 -> 0.2.148"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"

[[audits.mozilla.audits.libc]]
who = "Jan-Erik Rediger <[email protected]>"
criteria = "safe-to-deploy"
delta = "0.2.148 -> 0.2.149"
notes = "New defintions for a new target we don't use"
aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml"

[[audits.mozilla.audits.num-bigint]]
who = "Josh Stone <[email protected]>"
criteria = "safe-to-deploy"
Expand Down

0 comments on commit 5decd22

Please sign in to comment.