From 99ce3bc4875a25d95fe55189a27a670def1028b8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Oct 2023 14:49:32 +0000 Subject: [PATCH 1/2] Bump the nonbreaking group with 1 update Bumps the nonbreaking group with 1 update: [swc_core](https://github.com/swc-project/swc). - [Release notes](https://github.com/swc-project/swc/releases) - [Changelog](https://github.com/swc-project/swc/blob/main/CHANGELOG.md) - [Commits](https://github.com/swc-project/swc/commits) --- updated-dependencies: - dependency-name: swc_core dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nonbreaking ... Signed-off-by: dependabot[bot] --- Cargo.lock | 16 ++++++++-------- crates/cli/Cargo.toml | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index f398b526..016bccb4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2632,9 +2632,9 @@ dependencies = [ [[package]] name = "swc_core" -version = "0.86.17" +version = "0.86.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ad8a32c0ec17e82397b28db7a00d5c3609f878aab3b29b85031248cbcf149893" +checksum = "0838bf550dcd529191ab75e05d4b5b9863d386cff2d53ac95c6aa81d455af81d" dependencies = [ "swc_atoms", "swc_common", @@ -2662,9 +2662,9 @@ dependencies = [ [[package]] name = "swc_ecma_parser" -version = "0.141.5" +version = "0.141.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b0b5f31caca7daa4e9737f6073de461fa078aa36175afe5431966b92882e56f9" +checksum = "118da17ab64cf4842905ef661117f22bfbb9286424e14d9aaef537dcd66db085" dependencies = [ "either", "num-bigint", @@ -2682,9 +2682,9 @@ dependencies = [ [[package]] name = "swc_ecma_transforms_base" -version = "0.134.10" +version = "0.134.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18150ea5c817b8f2f13c06fd99229d82754efc5c32e07dbf9745a33dc8d8232e" +checksum = "86e730c6e94c2bce56f477de070a296e53aebe377e9b86e70a129873a5287aad" dependencies = [ "better_scoped_tls", "bitflags 2.4.1", @@ -2705,9 +2705,9 @@ dependencies = [ [[package]] name = "swc_ecma_utils" -version = "0.124.9" +version = "0.124.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d86cb80fb98018eba38720f940cf6c70df873d17092c0e4e390ddd4c01557a2" +checksum = "f1db291c5aca623bf9005c2351cb101df4faedd1fb24856d7d14e79f618e01ce" dependencies = [ "indexmap 1.9.3", "num_cpus", diff --git a/crates/cli/Cargo.toml b/crates/cli/Cargo.toml index d8d65af5..4a32b4ad 100644 --- a/crates/cli/Cargo.toml +++ b/crates/cli/Cargo.toml @@ -25,7 +25,7 @@ wasmtime = { workspace = true } wasmtime-wasi = { workspace = true } wasi-common = { workspace = true } walrus = "0.20.1" -swc_core = { version = "0.86.17", features = ["common_sourcemap", "ecma_ast", "ecma_parser"] } +swc_core = { version = "0.86.23", features = ["common_sourcemap", "ecma_ast", "ecma_parser"] } wit-parser = "0.12.1" convert_case = "0.6.0" From 4655c72686baafef0f0fa797ca3e1a90349b0f8d Mon Sep 17 00:00:00 2001 From: Jeff Charles Date: Mon, 30 Oct 2023 11:19:06 -0400 Subject: [PATCH 2/2] [dependabot skip] cargo vet --- supply-chain/audits.toml | 6 +++++ supply-chain/config.toml | 12 +++------ supply-chain/imports.lock | 53 +++++++++++++-------------------------- 3 files changed, 27 insertions(+), 44 deletions(-) diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 8ff15fe3..dacd5119 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -183,6 +183,12 @@ user-id = 2915 # Amanieu d'Antras (Amanieu) start = "2021-01-27" end = "2024-07-25" +[[trusted.libc]] +criteria = "safe-to-deploy" +user-id = 51017 # Yuki Okushi (JohnTitor) +start = "2020-03-17" +end = "2024-10-30" + [[trusted.linux-raw-sys]] criteria = "safe-to-deploy" user-id = 6825 # Dan Gohman (sunfishcode) diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 191f5159..0ca5719b 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -586,7 +586,7 @@ version = "0.33.2" criteria = "safe-to-deploy" [[exemptions.swc_core]] -version = "0.86.17" +version = "0.86.23" criteria = "safe-to-deploy" [[exemptions.swc_ecma_ast]] @@ -594,15 +594,15 @@ version = "0.110.2" criteria = "safe-to-deploy" [[exemptions.swc_ecma_parser]] -version = "0.141.5" +version = "0.141.6" criteria = "safe-to-deploy" [[exemptions.swc_ecma_transforms_base]] -version = "0.134.10" +version = "0.134.12" criteria = "safe-to-deploy" [[exemptions.swc_ecma_utils]] -version = "0.124.9" +version = "0.124.11" criteria = "safe-to-deploy" [[exemptions.swc_ecma_visit]] @@ -637,10 +637,6 @@ criteria = "safe-to-deploy" version = "0.3.22" criteria = "safe-to-deploy" -[[exemptions.time-core]] -version = "0.1.1" -criteria = "safe-to-deploy" - [[exemptions.time-macros]] version = "0.2.9" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 52da4db6..6fdc068f 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -229,13 +229,6 @@ user-id = 359 user-login = "seanmonstar" user-name = "Sean McArthur" -[[publisher.hyper]] -version = "1.0.0-rc.3" -when = "2023-02-23" -user-id = 359 -user-login = "seanmonstar" -user-name = "Sean McArthur" - [[publisher.hyper-tls]] version = "0.5.0" when = "2020-12-29" @@ -272,11 +265,11 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.libc]] -version = "0.2.146" -when = "2023-06-06" -user-id = 2915 -user-login = "Amanieu" -user-name = "Amanieu d'Antras" +version = "0.2.149" +when = "2023-10-06" +user-id = 51017 +user-login = "JohnTitor" +user-name = "Yuki Okushi" [[publisher.linux-raw-sys]] version = "0.0.42" @@ -1342,11 +1335,6 @@ criteria = "safe-to-deploy" version = "0.4.0" notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation." -[[audits.bytecode-alliance.audits.http-body]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -version = "1.0.0-rc.2" - [[audits.bytecode-alliance.audits.httpdate]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -1403,12 +1391,6 @@ criteria = "safe-to-deploy" version = "0.2.5" notes = "I am the author of this crate." -[[audits.bytecode-alliance.audits.libc]] -who = "Alex Crichton " -criteria = "safe-to-deploy" -delta = "0.2.146 -> 0.2.147" -notes = "Only new type definitions and updating others for some platforms, no major changes" - [[audits.bytecode-alliance.audits.memfd]] who = "Dan Gohman " criteria = "safe-to-deploy" @@ -1973,19 +1955,6 @@ version = "1.4.0" notes = "I have read over the macros, and audited the unsafe code." aggregated-from = "https://raw.githubusercontent.com/mozilla/cargo-vet/main/supply-chain/audits.toml" -[[audits.mozilla.audits.libc]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.2.147 -> 0.2.148" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.libc]] -who = "Jan-Erik Rediger " -criteria = "safe-to-deploy" -delta = "0.2.148 -> 0.2.149" -notes = "New defintions for a new target we don't use" -aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" - [[audits.mozilla.audits.log]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -2148,6 +2117,18 @@ criteria = "safe-to-deploy" delta = "0.10.2 -> 0.10.6" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.time-core]] +who = "Kershaw Chang " +criteria = "safe-to-deploy" +version = "0.1.0" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.time-core]] +who = "Kershaw Chang " +criteria = "safe-to-deploy" +delta = "0.1.0 -> 0.1.1" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.unicode-bidi]] who = "Makoto Kato " criteria = "safe-to-deploy"