diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 3f8c7d6d4786..a95296653000 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -2226,6 +2226,12 @@ a few `unsafe` blocks related to utf-8 validation which are locally verifiable as correct and otherwise this crate is good to go. """ +[[audits.pin-project-lite]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "0.2.13 -> 0.2.14" +notes = "No substantive changes in this update" + [[audits.pin-utils]] who = "Pat Hickey " criteria = "safe-to-deploy" diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 20fb7d75e8a4..7f10a115b061 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -592,7 +592,7 @@ version = "1.2.1" criteria = "safe-to-run" [[exemptions.tokio]] -version = "1.29.1" +version = "1.30.0" criteria = "safe-to-deploy" notes = "we are exempting tokio, hyper, and their tightly coupled dependencies by the same authors, expecting that the authors at aws will publish attestions we can import at some point soon" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 2d7845bc04ba..17a3db1b5bcc 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -4008,6 +4008,13 @@ version = "0.2.9" notes = "Reviewed on https://fxrev.dev/824504" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" +[[audits.google.audits.pin-project-lite]] +who = "David Koloski " +criteria = "safe-to-deploy" +delta = "0.2.9 -> 0.2.13" +notes = "Audited at https://fxrev.dev/946396" +aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.socket2]] who = "David Koloski " criteria = "safe-to-deploy"