From c05a701e13883b3ca490c7b4e2325e56d1a52dbd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 18:04:50 +0000 Subject: [PATCH 1/2] Bump the nonbreaking group across 1 directory with 11 updates Bumps the nonbreaking group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [anyhow](https://github.com/dtolnay/anyhow) | `1.0.86` | `1.0.89` | | [serde](https://github.com/serde-rs/serde) | `1.0.207` | `1.0.210` | | [serde_json](https://github.com/serde-rs/json) | `1.0.124` | `1.0.128` | | [fastrand](https://github.com/smol-rs/fastrand) | `2.1.0` | `2.1.1` | | [wasmprinter](https://github.com/bytecodealliance/wasm-tools) | `0.215.0` | `0.217.0` | | [walrus](https://github.com/rustwasm/walrus) | `0.21.1` | `0.21.2` | | [swc_core](https://github.com/swc-project/swc) | `0.100.7` | `0.104.2` | | [clap](https://github.com/clap-rs/clap) | `4.5.15` | `4.5.17` | | [wasmparser](https://github.com/bytecodealliance/wasm-tools) | `0.215.0` | `0.217.0` | | [quote](https://github.com/dtolnay/quote) | `1.0.36` | `1.0.37` | | [syn](https://github.com/dtolnay/syn) | `2.0.74` | `2.0.77` | Updates `anyhow` from 1.0.86 to 1.0.89 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](https://github.com/dtolnay/anyhow/compare/1.0.86...1.0.89) Updates `serde` from 1.0.207 to 1.0.210 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.207...v1.0.210) Updates `serde_json` from 1.0.124 to 1.0.128 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](https://github.com/serde-rs/json/compare/v1.0.124...1.0.128) Updates `fastrand` from 2.1.0 to 2.1.1 - [Release notes](https://github.com/smol-rs/fastrand/releases) - [Changelog](https://github.com/smol-rs/fastrand/blob/master/CHANGELOG.md) - [Commits](https://github.com/smol-rs/fastrand/compare/v2.1.0...v2.1.1) Updates `wasmprinter` from 0.215.0 to 0.217.0 - [Release notes](https://github.com/bytecodealliance/wasm-tools/releases) - [Commits](https://github.com/bytecodealliance/wasm-tools/commits) Updates `walrus` from 0.21.1 to 0.21.2 - [Release notes](https://github.com/rustwasm/walrus/releases) - [Changelog](https://github.com/rustwasm/walrus/blob/main/CHANGELOG.md) - [Commits](https://github.com/rustwasm/walrus/compare/0.21.1...0.21.2) Updates `swc_core` from 0.100.7 to 0.104.2 - [Release notes](https://github.com/swc-project/swc/releases) - [Changelog](https://github.com/swc-project/swc/blob/main/CHANGELOG.md) - [Commits](https://github.com/swc-project/swc/commits) Updates `clap` from 4.5.15 to 4.5.17 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.15...clap_complete-v4.5.17) Updates `wasmparser` from 0.215.0 to 0.217.0 - [Release notes](https://github.com/bytecodealliance/wasm-tools/releases) - [Commits](https://github.com/bytecodealliance/wasm-tools/commits) Updates `quote` from 1.0.36 to 1.0.37 - [Release notes](https://github.com/dtolnay/quote/releases) - [Commits](https://github.com/dtolnay/quote/compare/1.0.36...1.0.37) Updates `syn` from 2.0.74 to 2.0.77 - [Release notes](https://github.com/dtolnay/syn/releases) - [Commits](https://github.com/dtolnay/syn/compare/2.0.74...2.0.77) --- updated-dependencies: - dependency-name: anyhow dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nonbreaking - dependency-name: serde dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nonbreaking - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nonbreaking - dependency-name: fastrand dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nonbreaking - dependency-name: wasmprinter dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nonbreaking - dependency-name: walrus dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nonbreaking - dependency-name: swc_core dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nonbreaking - dependency-name: clap dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nonbreaking - dependency-name: wasmparser dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nonbreaking - dependency-name: quote dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nonbreaking - dependency-name: syn dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nonbreaking ... Signed-off-by: dependabot[bot] --- Cargo.lock | 255 ++++++++++++++++++++++++---------- crates/cli/Cargo.toml | 12 +- crates/javy/Cargo.toml | 2 +- crates/runner/Cargo.toml | 2 +- crates/test-macros/Cargo.toml | 4 +- 5 files changed, 195 insertions(+), 80 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 13e8a254..5fb6563b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -146,9 +146,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.86" +version = "1.0.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b3d1d046238990b9cf5bcde22a3fb3584ee5cf65fb2765f454ed428c7a0063da" +checksum = "86fdf8605db99b54d3cd748a44c6d04df638eb5dafb219b135d0149bd0db01f6" [[package]] name = "arbitrary" @@ -181,7 +181,7 @@ dependencies = [ "proc-macro2", "quote", "swc_macros_common", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -192,7 +192,7 @@ checksum = "6e0c28dcc82d7c8ead5cb13beb15405b57b8546e93215673ff8ca0349a028107" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -268,7 +268,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.74", + "syn 2.0.77", "which", ] @@ -522,9 +522,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.15" +version = "4.5.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "11d8838454fda655dafd3accb2b6e2bea645b9e4078abe84a22ceb947235c5cc" +checksum = "3e5a21b8495e732f1b3c364c9949b201ca7bae518c502c80256c96ad79eaf6ac" dependencies = [ "clap_builder", "clap_derive", @@ -532,9 +532,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.15" +version = "4.5.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "216aec2b177652e3846684cbfe25c9964d18ec45234f0f5da5157b207ed1aab6" +checksum = "8cf2dd12af7a047ad9d6da2b6b249759a22a7abc0f474c1dae1777afa4b21a73" dependencies = [ "anstream", "anstyle", @@ -551,7 +551,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -828,7 +828,7 @@ dependencies = [ "proc-macro2", "quote", "scratch", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -845,7 +845,42 @@ checksum = "4b2c1c1776b986979be68bb2285da855f8d8a35851a769fca8740df7c3d07877" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", +] + +[[package]] +name = "darling" +version = "0.20.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f63b86c8a8826a49b8c21f08a2d07338eec8d900540f8630dc76284be802989" +dependencies = [ + "darling_core", + "darling_macro", +] + +[[package]] +name = "darling_core" +version = "0.20.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95133861a8032aaea082871032f5815eb9e98cef03fa916ab4500513994df9e5" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim", + "syn 2.0.77", +] + +[[package]] +name = "darling_macro" +version = "0.20.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806" +dependencies = [ + "darling_core", + "quote", + "syn 2.0.77", ] [[package]] @@ -864,6 +899,37 @@ dependencies = [ "uuid", ] +[[package]] +name = "derive_builder" +version = "0.20.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cd33f37ee6a119146a1781d3356a7c26028f83d779b2e04ecd45fdc75c76877b" +dependencies = [ + "derive_builder_macro", +] + +[[package]] +name = "derive_builder_core" +version = "0.20.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7431fa049613920234f22c47fdc33e6cf3ee83067091ea4277a3f8c4587aae38" +dependencies = [ + "darling", + "proc-macro2", + "quote", + "syn 2.0.77", +] + +[[package]] +name = "derive_builder_macro" +version = "0.20.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4abae7035bf79b9877b779505d8cf3749285b80c43941eda66604841889451dc" +dependencies = [ + "derive_builder_core", + "syn 2.0.77", +] + [[package]] name = "digest" version = "0.10.7" @@ -970,9 +1036,9 @@ checksum = "2acce4a10f12dc2fb14a218589d4f1f62ef011b2d0cc4b3cb1bba8e94da14649" [[package]] name = "fastrand" -version = "2.1.0" +version = "2.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9fc0510504f03c51ada170672ac806f1f105a88aa97a5281117e1ddc3368e51a" +checksum = "e8c02a5121d4ea3eb16a80748c74f5549a5665e4c21333c6098f283870fbdea6" [[package]] name = "fd-lock" @@ -1017,7 +1083,7 @@ checksum = "fdc9cc75639b041067353b9bce2450d6847e547276c6fbe4487d7407980e07db" dependencies = [ "proc-macro2", "swc_macros_common", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -1143,6 +1209,18 @@ dependencies = [ "wasm-bindgen", ] +[[package]] +name = "getset" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f636605b743120a8d32ed92fc27b6cde1a769f8f936c065151eb66f88ded513c" +dependencies = [ + "proc-macro-error2", + "proc-macro2", + "quote", + "syn 2.0.77", +] + [[package]] name = "gimli" version = "0.26.2" @@ -1376,7 +1454,7 @@ dependencies = [ "Inflector", "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -1481,8 +1559,8 @@ dependencies = [ "walrus", "wasi-common", "wasm-opt", - "wasmparser 0.215.0", - "wasmprinter 0.215.0", + "wasmparser 0.217.0", + "wasmprinter 0.217.0", "wasmtime", "wasmtime-wasi", "wit-parser 0.212.0", @@ -1525,7 +1603,7 @@ dependencies = [ "tempfile", "uuid", "wasi-common", - "wasmparser 0.215.0", + "wasmparser 0.217.0", "wasmtime", "wasmtime-wasi", ] @@ -1537,7 +1615,7 @@ dependencies = [ "anyhow", "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -1909,7 +1987,7 @@ dependencies = [ "phf_shared", "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -1980,7 +2058,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5f12335488a2f3b0a83b14edad48dca9879ce89b2edd10e80237e4e852dd645e" dependencies = [ "proc-macro2", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -2017,6 +2095,28 @@ dependencies = [ "version_check", ] +[[package]] +name = "proc-macro-error-attr2" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96de42df36bb9bba5542fe9f1a054b8cc87e172759a1868aa05c1f3acc89dfc5" +dependencies = [ + "proc-macro2", + "quote", +] + +[[package]] +name = "proc-macro-error2" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11ec05c52be0a07b08061f7dd003e7d7092e0472bc731b4af7bb1ef876109802" +dependencies = [ + "proc-macro-error-attr2", + "proc-macro2", + "quote", + "syn 2.0.77", +] + [[package]] name = "proc-macro2" version = "1.0.86" @@ -2068,9 +2168,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.36" +version = "1.0.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7" +checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af" dependencies = [ "proc-macro2", ] @@ -2159,7 +2259,7 @@ checksum = "bcc303e793d3734489387d205e9b186fac9c6cfacedd98cbb2e8a5943595f3e6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -2267,7 +2367,7 @@ dependencies = [ "proc-macro2", "quote", "rquickjs-core", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -2381,9 +2481,9 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" [[package]] name = "serde" -version = "1.0.207" +version = "1.0.210" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5665e14a49a4ea1b91029ba7d3bca9f299e1f7cfa194388ccc20f14743e784f2" +checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" dependencies = [ "serde_derive", ] @@ -2399,20 +2499,20 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.207" +version = "1.0.210" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6aea2634c86b0e8ef2cfdc0c340baede54ec27b1e46febd7f80dffb2aa44a00e" +checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] name = "serde_json" -version = "1.0.124" +version = "1.0.128" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "66ad62847a56b3dba58cc891acd13884b9c61138d330c0d7b6181713d4fce38d" +checksum = "6ff5456707a1de34e7e37f2a6fd3d3f808c318259cbd01ab6377795054b483d8" dependencies = [ "itoa", "memchr", @@ -2584,7 +2684,7 @@ dependencies = [ "proc-macro2", "quote", "swc_macros_common", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -2639,9 +2739,9 @@ dependencies = [ [[package]] name = "swc_common" -version = "0.37.2" +version = "0.38.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46741b5a4ff3e821f6bb8d6c1289549272e71a5e0d163dbbae9e16e771d8da76" +checksum = "0a69266c96a6a41bc2de27fdf14fdf5995549b6244f99c9b07604569576657eb" dependencies = [ "ast_node", "better_scoped_tls", @@ -2666,9 +2766,9 @@ dependencies = [ [[package]] name = "swc_core" -version = "0.100.7" +version = "0.104.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "66ff548cf185b9bb1ddaff5e5c74c1b79fb06b5f5e6f34a80d0faab211cb9972" +checksum = "c99f06e547d867763baa35a3f58aca9c894735d6318f56cb9944819d47c4d5dd" dependencies = [ "swc_allocator", "swc_atoms", @@ -2681,9 +2781,9 @@ dependencies = [ [[package]] name = "swc_ecma_ast" -version = "0.118.1" +version = "0.119.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed6c1b94abbaf080a4e4ae47101a83d4eedef90d733dd98e32b361356d3f5e4b" +checksum = "69e9696b3d02197c16ba7548c95b31f7ca79532200d269ce3ad03a5b2174cf28" dependencies = [ "bitflags", "is-macro", @@ -2698,9 +2798,9 @@ dependencies = [ [[package]] name = "swc_ecma_parser" -version = "0.149.0" +version = "0.150.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7c7a81df222f44212c72fec4879c0d182c6eac66fb0e180afd05e8be6d920663" +checksum = "071840b1838add74470d759f69783f41f860c1dc69a1317db3bd2efbed9b8338" dependencies = [ "either", "new_debug_unreachable", @@ -2720,9 +2820,9 @@ dependencies = [ [[package]] name = "swc_ecma_transforms_base" -version = "0.144.0" +version = "0.147.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7c0a71579d030e12fd3cfbfc8712c4ce21afc526f2a759903c77d8df61950f5e" +checksum = "5b1e55ce789bd4411b1e0a8b83149c70dd1186e38471fd65860dcece8a522f2f" dependencies = [ "better_scoped_tls", "bitflags", @@ -2743,9 +2843,9 @@ dependencies = [ [[package]] name = "swc_ecma_utils" -version = "0.134.1" +version = "0.135.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cde8f1ef3f7bd53340c7bd679f1ec563a45225ac8fb63f22d6de1ff4b345475d" +checksum = "90b316ef306ff4b81505c697d112be0173a412c382acc7c572c98600c26ee80d" dependencies = [ "indexmap 2.2.6", "num_cpus", @@ -2762,9 +2862,9 @@ dependencies = [ [[package]] name = "swc_ecma_visit" -version = "0.104.5" +version = "0.105.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c71f5f97db49b96208805104b381c5e117f55fad5f3d178e626c92934a4d0e36" +checksum = "bc4e8093063408a54afdee982ce1a47180de9047875adcbcfb7c0be2d827ac26" dependencies = [ "new_debug_unreachable", "num-bigint", @@ -2783,7 +2883,7 @@ checksum = "695a1d8b461033d32429b5befbf0ad4d7a2c4d6ba9cd5ba4e0645c615839e8e4" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -2794,7 +2894,7 @@ checksum = "91745f3561057493d2da768437c427c0e979dff7396507ae02f16c981c4a8466" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -2820,9 +2920,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.74" +version = "2.0.77" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1fceb41e3d546d0bd83421d3409b1460cc7444cd389341a4c880fe7a042cb3d7" +checksum = "9f35bcdf61fd8e7be6caf75f429fdca8beb3ed76584befb503b1569faee373ed" dependencies = [ "proc-macro2", "quote", @@ -2896,7 +2996,7 @@ checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -3005,7 +3105,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -3130,14 +3230,29 @@ dependencies = [ [[package]] name = "vergen" -version = "8.3.1" +version = "9.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e27d6bdd219887a9eadd19e1c34f32e47fa332301184935c6d9bca26f3cca525" +checksum = "c32e7318e93a9ac53693b6caccfb05ff22e04a44c7cf8a279051f24c09da286f" dependencies = [ "anyhow", "cargo_metadata", + "derive_builder", + "getset", "regex", "rustversion", + "vergen-lib", +] + +[[package]] +name = "vergen-lib" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e06bee42361e43b60f363bad49d63798d0f42fb1768091812270eca00c784720" +dependencies = [ + "anyhow", + "derive_builder", + "getset", + "rustversion", ] [[package]] @@ -3158,9 +3273,9 @@ dependencies = [ [[package]] name = "walrus" -version = "0.21.1" +version = "0.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "467611cafbc8a84834b77d2b4bb191fd2f5769752def8340407e924390c6883b" +checksum = "160c3708e3ad718ab4d84bec8de8c3d3450cd2902bd6c3ee3bbf50ad7529c2ad" dependencies = [ "anyhow", "gimli 0.26.2", @@ -3237,7 +3352,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", "wasm-bindgen-shared", ] @@ -3259,7 +3374,7 @@ checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -3375,9 +3490,9 @@ dependencies = [ [[package]] name = "wasmparser" -version = "0.215.0" +version = "0.217.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "53fbde0881f24199b81cf49b6ff8f9c145ac8eb1b7fc439adb5c099734f7d90e" +checksum = "ca917a21307d3adf2b9857b94dd05ebf8496bdcff4437a9b9fb3899d3e6c74e7" dependencies = [ "ahash", "bitflags", @@ -3399,13 +3514,13 @@ dependencies = [ [[package]] name = "wasmprinter" -version = "0.215.0" +version = "0.217.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8e9a325d85053408209b3d2ce5eaddd0dd6864d1cff7a007147ba073157defc" +checksum = "50dc568b3e0d47e8f96ea547c90790cfa783f0205160c40de894a427114185ce" dependencies = [ "anyhow", "termcolor", - "wasmparser 0.215.0", + "wasmparser 0.217.0", ] [[package]] @@ -3492,7 +3607,7 @@ dependencies = [ "anyhow", "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", "wasmtime-component-util", "wasmtime-wit-bindgen", "wit-parser 0.201.0", @@ -3666,7 +3781,7 @@ checksum = "ffaafa5c12355b1a9ee068e9295d50c4ca0a400c721950cdae4f5b54391a2da5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] @@ -3814,7 +3929,7 @@ dependencies = [ "proc-macro2", "quote", "shellexpand", - "syn 2.0.74", + "syn 2.0.77", "witx", ] @@ -3826,7 +3941,7 @@ checksum = "acdb12de36507498abaa3a042f895a43ee00a2f6125b6901b9a27edf72bfdbe7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", "wiggle-generate", ] @@ -4152,7 +4267,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.74", + "syn 2.0.77", ] [[package]] diff --git a/crates/cli/Cargo.toml b/crates/cli/Cargo.toml index 9df16fa8..c3b1b440 100644 --- a/crates/cli/Cargo.toml +++ b/crates/cli/Cargo.toml @@ -18,12 +18,12 @@ experimental_event_loop = [] wizer = { workspace = true } anyhow = { workspace = true } brotli = "6.0.0" -wasmprinter = { version = "0.215.0", optional = true } +wasmprinter = { version = "0.217.0", optional = true } wasmtime = { workspace = true } wasmtime-wasi = { workspace = true } wasi-common = { workspace = true } -walrus = "0.21.1" -swc_core = { version = "0.100.7", features = [ +walrus = "0.21.2" +swc_core = { version = "0.104.2", features = [ "common_sourcemap", "ecma_ast", "ecma_parser", @@ -32,7 +32,7 @@ wit-parser = "0.212.0" convert_case = "0.6.0" wasm-opt = "0.116.1" tempfile = { workspace = true } -clap = { version = "4.5.15", features = ["derive"] } +clap = { version = "4.5.17", features = ["derive"] } javy-config = { workspace = true } [dev-dependencies] @@ -41,13 +41,13 @@ lazy_static = "1.5" serde = { version = "1.0", default-features = false, features = ["derive"] } criterion = "0.5" num-format = "0.4.4" -wasmparser = "0.215.0" +wasmparser = "0.217.0" javy-runner = { path = "../runner/" } uuid = { workspace = true } javy-test-macros = { path = "../test-macros/" } [build-dependencies] -anyhow = "1.0.86" +anyhow = "1.0.89" wizer = { workspace = true } [[bench]] diff --git a/crates/javy/Cargo.toml b/crates/javy/Cargo.toml index 3bbe2e94..42933b06 100644 --- a/crates/javy/Cargo.toml +++ b/crates/javy/Cargo.toml @@ -22,7 +22,7 @@ rmp-serde = { version = "^1.3", optional = true } # tests. quickcheck = "1" bitflags = { workspace = true } -fastrand = "2.1.0" +fastrand = "2.1.1" simd-json = { version = "0.13.10", optional = true, default-features = false, features = ["big-int-as-float", "serde_impl"] } [dev-dependencies] diff --git a/crates/runner/Cargo.toml b/crates/runner/Cargo.toml index 74a87636..afa245d5 100644 --- a/crates/runner/Cargo.toml +++ b/crates/runner/Cargo.toml @@ -13,4 +13,4 @@ wasi-common = { workspace = true } anyhow = { workspace = true } tempfile = { workspace = true } uuid = { workspace = true } -wasmparser = "0.215.0" +wasmparser = "0.217.0" diff --git a/crates/test-macros/Cargo.toml b/crates/test-macros/Cargo.toml index 69e94fbf..c44a6a66 100644 --- a/crates/test-macros/Cargo.toml +++ b/crates/test-macros/Cargo.toml @@ -13,5 +13,5 @@ doctest = false [dependencies] anyhow = { workspace = true } proc-macro2 = "1.0.86" -quote = "1.0.36" -syn = { version = "2.0.74", features = ["full"] } +quote = "1.0.37" +syn = { version = "2.0.77", features = ["full"] } From 4b67b55ec8e968d3c776994c54a0a0829cddb1ba Mon Sep 17 00:00:00 2001 From: Jeff Charles Date: Mon, 16 Sep 2024 16:12:31 -0400 Subject: [PATCH 2/2] cargo vet --- supply-chain/config.toml | 74 +++++++++---- supply-chain/imports.lock | 223 +++++++++++++++++++++++++++++--------- 2 files changed, 223 insertions(+), 74 deletions(-) diff --git a/supply-chain/config.toml b/supply-chain/config.toml index c20339a1..f361fa13 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -161,10 +161,34 @@ criteria = "safe-to-deploy" version = "0.8.20" criteria = "safe-to-deploy" +[[exemptions.darling]] +version = "0.13.4" +criteria = "safe-to-deploy" + +[[exemptions.darling_core]] +version = "0.13.4" +criteria = "safe-to-deploy" + +[[exemptions.darling_macro]] +version = "0.13.4" +criteria = "safe-to-deploy" + [[exemptions.data-encoding]] version = "2.6.0" criteria = "safe-to-deploy" +[[exemptions.derive_builder]] +version = "0.20.1" +criteria = "safe-to-deploy" + +[[exemptions.derive_builder_core]] +version = "0.20.1" +criteria = "safe-to-deploy" + +[[exemptions.derive_builder_macro]] +version = "0.20.1" +criteria = "safe-to-deploy" + [[exemptions.digest]] version = "0.10.6" criteria = "safe-to-deploy" @@ -197,6 +221,10 @@ criteria = "safe-to-deploy" version = "0.2.0" criteria = "safe-to-deploy" +[[exemptions.fastrand]] +version = "2.1.1" +criteria = "safe-to-deploy" + [[exemptions.float-cmp]] version = "0.9.0" criteria = "safe-to-deploy" @@ -245,6 +273,10 @@ criteria = "safe-to-deploy" version = "0.2.2" criteria = "safe-to-deploy" +[[exemptions.getset]] +version = "0.1.3" +criteria = "safe-to-deploy" + [[exemptions.gimli]] version = "0.26.2" criteria = "safe-to-deploy" @@ -457,6 +489,14 @@ criteria = "safe-to-deploy" version = "1.0.4" criteria = "safe-to-deploy" +[[exemptions.proc-macro-error-attr2]] +version = "2.0.0" +criteria = "safe-to-deploy" + +[[exemptions.proc-macro-error2]] +version = "2.0.1" +criteria = "safe-to-deploy" + [[exemptions.psm]] version = "0.1.21" criteria = "safe-to-deploy" @@ -485,14 +525,6 @@ criteria = "safe-to-deploy" version = "1.9.3" criteria = "safe-to-deploy" -[[exemptions.rmp]] -version = "0.8.14" -criteria = "safe-to-deploy" - -[[exemptions.rmp-serde]] -version = "1.3.0" -criteria = "safe-to-deploy" - [[exemptions.rquickjs]] version = "0.6.1" criteria = "safe-to-deploy" @@ -593,10 +625,6 @@ criteria = "safe-to-deploy" version = "0.4.4" criteria = "safe-to-deploy" -[[exemptions.strsim]] -version = "0.11.1" -criteria = "safe-to-deploy" - [[exemptions.swc_allocator]] version = "0.1.8" criteria = "safe-to-deploy" @@ -606,31 +634,31 @@ version = "0.6.7" criteria = "safe-to-deploy" [[exemptions.swc_common]] -version = "0.37.2" +version = "0.38.0" criteria = "safe-to-deploy" [[exemptions.swc_core]] -version = "0.100.7" +version = "0.104.2" criteria = "safe-to-deploy" [[exemptions.swc_ecma_ast]] -version = "0.118.1" +version = "0.119.0" criteria = "safe-to-deploy" [[exemptions.swc_ecma_parser]] -version = "0.149.0" +version = "0.150.0" criteria = "safe-to-deploy" [[exemptions.swc_ecma_transforms_base]] -version = "0.144.0" +version = "0.147.0" criteria = "safe-to-deploy" [[exemptions.swc_ecma_utils]] -version = "0.134.1" +version = "0.135.0" criteria = "safe-to-deploy" [[exemptions.swc_ecma_visit]] -version = "0.104.5" +version = "0.105.0" criteria = "safe-to-deploy" [[exemptions.swc_eq_ignore_macros]] @@ -706,11 +734,15 @@ version = "0.8.1" criteria = "safe-to-deploy" [[exemptions.vergen]] -version = "8.3.1" +version = "9.0.0" +criteria = "safe-to-deploy" + +[[exemptions.vergen-lib]] +version = "0.1.3" criteria = "safe-to-deploy" [[exemptions.walrus]] -version = "0.21.1" +version = "0.21.2" criteria = "safe-to-deploy" [[exemptions.walrus-macro]] diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index accb84a9..2207f7e4 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -44,8 +44,8 @@ user-login = "epage" user-name = "Ed Page" [[publisher.anyhow]] -version = "1.0.86" -when = "2024-05-18" +version = "1.0.89" +when = "2024-09-15" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -128,15 +128,15 @@ user-login = "emilio" user-name = "Emilio Cobos Álvarez" [[publisher.clap]] -version = "4.5.15" -when = "2024-08-10" +version = "4.5.17" +when = "2024-09-04" user-id = 6743 user-login = "epage" user-name = "Ed Page" [[publisher.clap_builder]] -version = "4.5.15" -when = "2024-08-10" +version = "4.5.17" +when = "2024-09-04" user-id = 6743 user-login = "epage" user-name = "Ed Page" @@ -398,8 +398,8 @@ user-login = "BurntSushi" user-name = "Andrew Gallant" [[publisher.quote]] -version = "1.0.36" -when = "2024-04-10" +version = "1.0.37" +when = "2024-08-22" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -503,8 +503,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.serde_json]] -version = "1.0.124" -when = "2024-08-11" +version = "1.0.128" +when = "2024-09-04" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -531,8 +531,8 @@ user-login = "dtolnay" user-name = "David Tolnay" [[publisher.syn]] -version = "2.0.74" -when = "2024-08-11" +version = "2.0.77" +when = "2024-08-31" user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" @@ -713,8 +713,8 @@ user-id = 73222 user-login = "wasmtime-publish" [[publisher.wasmparser]] -version = "0.215.0" -when = "2024-07-31" +version = "0.217.0" +when = "2024-09-10" user-id = 73222 user-login = "wasmtime-publish" @@ -725,8 +725,8 @@ user-id = 73222 user-login = "wasmtime-publish" [[publisher.wasmprinter]] -version = "0.215.0" -when = "2024-07-31" +version = "0.217.0" +when = "2024-09-10" user-id = 73222 user-login = "wasmtime-publish" @@ -1529,15 +1529,6 @@ this crate has to do with iterators and `Result` and such. No `unsafe` or anything like that, all looks good. """ -[[audits.bytecode-alliance.audits.fastrand]] -who = "Alex Crichton " -criteria = "safe-to-deploy" -delta = "2.0.0 -> 2.0.1" -notes = """ -This update had a few doc updates but no otherwise-substantial source code -updates. -""" - [[audits.bytecode-alliance.audits.fxprof-processed-profile]] who = "Jamey Sharp " criteria = "safe-to-deploy" @@ -1826,16 +1817,6 @@ Audit comments for 1.4.2 can be found at https://crrev.com/c/4723145. """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" -[[audits.google.audits.fastrand]] -who = "George Burgess IV " -criteria = "safe-to-deploy" -version = "1.9.0" -notes = """ -`does-not-implement-crypto` is certified because this crate explicitly says -that the RNG here is not cryptographically secure. -""" -aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" - [[audits.google.audits.getrandom]] who = "David Koloski " criteria = "safe-to-deploy" @@ -1944,6 +1925,58 @@ criteria = "safe-to-deploy" version = "1.0.4" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" +[[audits.google.audits.serde]] +who = "Lukasz Anforowicz " +criteria = "safe-to-deploy" +delta = "1.0.204 -> 1.0.207" +notes = "The small change in `src/private/ser.rs` should have no impact on `ub-risk-2`." +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde]] +who = "Lukasz Anforowicz " +criteria = "safe-to-deploy" +delta = "1.0.207 -> 1.0.209" +notes = """ +The delta carries fairly small changes in `src/private/de.rs` and +`src/private/ser.rs` (see https://crrev.com/c/5812194/2..5). AFAICT the +delta has no impact on the `unsafe`, `from_utf8_unchecked`-related parts +of the crate (in `src/de/format.rs` and `src/ser/impls.rs`). +""" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde]] +who = "Adrian Taylor " +criteria = "safe-to-deploy" +delta = "1.0.209 -> 1.0.210" +notes = "Almost no new code - just feature rearrangement" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde_derive]] +who = "Lukasz Anforowicz " +criteria = "safe-to-deploy" +delta = "1.0.204 -> 1.0.207" +notes = 'Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits' +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde_derive]] +who = "Lukasz Anforowicz " +criteria = "safe-to-deploy" +delta = "1.0.207 -> 1.0.209" +notes = ''' +There are no code changes in this delta - see https://crrev.com/c/5812194/2..5 + +I've neverthless also grepped for `-i cipher`, `-i crypto`, `\bfs\b`, +`\bnet\b`, and `\bunsafe\b`. There were no hits. +''' +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde_derive]] +who = "Adrian Taylor " +criteria = "safe-to-deploy" +delta = "1.0.209 -> 1.0.210" +notes = "Almost no new code - just feature rearrangement" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.socket2]] who = "David Koloski " criteria = "safe-to-deploy" @@ -1951,6 +1984,17 @@ delta = "0.4.4 -> 0.5.5" notes = "Reviewed at https://fxrev.dev/946307" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" +[[audits.google.audits.strsim]] +who = "danakj@chromium.org" +criteria = "safe-to-deploy" +version = "0.10.0" +notes = """ +Reviewed in https://crrev.com/c/5171063 + +Previously reviewed during security review and the audit is grandparented in. +""" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.tinytemplate]] who = "Ying Hsu " criteria = "safe-to-run" @@ -2041,16 +2085,6 @@ who = "Ameer Ghani " criteria = "safe-to-deploy" version = "1.12.1" -[[audits.isrg.audits.serde]] -who = "Brandon Pitman " -criteria = "safe-to-deploy" -delta = "1.0.204 -> 1.0.207" - -[[audits.isrg.audits.serde_derive]] -who = "Brandon Pitman " -criteria = "safe-to-deploy" -delta = "1.0.204 -> 1.0.207" - [[audits.mozilla.wildcard-audits.cexpr]] who = "Emilio Cobos Álvarez " criteria = "safe-to-deploy" @@ -2180,23 +2214,83 @@ criteria = "safe-to-deploy" delta = "0.1.3 -> 0.1.6" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.debugid]] -who = "Gabriele Svelto " +[[audits.mozilla.audits.darling]] +who = "Mike Hommey " criteria = "safe-to-deploy" -version = "0.8.0" -notes = "This crates was written by Sentry and I've fully audited it as Firefox crash reporting machinery relies on it." +delta = "0.13.4 -> 0.14.2" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.darling]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.14.2 -> 0.14.3" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.darling]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.14.3 -> 0.20.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.fastrand]] +[[audits.mozilla.audits.darling]] +who = "Ben Dean-Kawamura " +criteria = "safe-to-deploy" +delta = "0.20.1 -> 0.20.10" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.darling_core]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.13.4 -> 0.14.2" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.darling_core]] who = "Mike Hommey " criteria = "safe-to-deploy" -delta = "1.9.0 -> 2.0.0" +delta = "0.14.2 -> 0.14.3" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.fastrand]] +[[audits.mozilla.audits.darling_core]] who = "Mike Hommey " criteria = "safe-to-deploy" -delta = "2.0.1 -> 2.1.0" +delta = "0.14.3 -> 0.20.1" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.darling_core]] +who = "Ben Dean-Kawamura " +criteria = "safe-to-deploy" +delta = "0.20.1 -> 0.20.10" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.darling_macro]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.13.4 -> 0.14.2" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.darling_macro]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.14.2 -> 0.14.3" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.darling_macro]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.14.3 -> 0.20.1" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.darling_macro]] +who = "Ben Dean-Kawamura " +criteria = "safe-to-deploy" +delta = "0.20.1 -> 0.20.10" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.debugid]] +who = "Gabriele Svelto " +criteria = "safe-to-deploy" +version = "0.8.0" +notes = "This crates was written by Sentry and I've fully audited it as Firefox crash reporting machinery relies on it." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.fnv]] @@ -2305,6 +2399,23 @@ criteria = "safe-to-deploy" delta = "0.6.3 -> 0.6.4" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.rmp]] +who = "Ben Dean-Kawamura " +criteria = "safe-to-deploy" +version = "0.8.14" +notes = """ +Very popular crate. 1 instance of unsafe code, which is used to adjust a slice to work around +lifetime issues. No network or file access. +""" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.rmp-serde]] +who = "Ben Dean-Kawamura " +criteria = "safe-to-deploy" +version = "1.3.0" +notes = "Very popular crate. No unsafe code, network or file access." +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.rustc-hash]] who = "Bobby Holley " criteria = "safe-to-deploy" @@ -2318,6 +2429,12 @@ criteria = "safe-to-deploy" delta = "0.5.5 -> 0.5.7" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.strsim]] +who = "Ben Dean-Kawamura " +criteria = "safe-to-deploy" +delta = "0.10.0 -> 0.11.1" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.unicode-bidi]] who = "Makoto Kato " criteria = "safe-to-deploy"