Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-24 13:21:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1750691 - [rust-mozversion] Cargo vet version 0.5.0. r=supply-chain-reviewers,bholley

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D159361
This commit is contained in:
Henrik Skupin 2022-10-14 21:52:34 +00:00
parent f03eb07e0c
commit a70be56ac8
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
supply-chain/audits.toml
View File

@ -696,6 +696,12 @@ criteria = "safe-to-deploy"
version = "0.15.0"
notes = "Maintained by the DevTools team at Mozilla and has no unsafe code."
[[audits.mozversion]]
who = "Henrik Skupin <mail@hskupin.info>"
criteria = "safe-to-run"
version = "0.5.0"
notes = "Maintained by the DevTools team at Mozilla and has no unsafe code."
[[audits.naga]]
who = "Dzmitry Malyshau <kvark@fastmail.com>"
criteria = "safe-to-deploy"

4
supply-chain/config.toml
View File

@ -110,6 +110,10 @@ notes = "This is a first-party crate which is also published to crates.io, but w
audit-as-crates-io = true
notes = "This is a first-party crate which is also published to crates.io, but we should publish audits for it for the benefit of the ecosystem."
[policy.mozversion]
audit-as-crates-io = true
notes = "This is a first-party crate which is also published to crates.io, but we should publish audits for it for the benefit of the ecosystem."
[policy.naga]
audit-as-crates-io = true
notes = "wgpu-core pins this crate."