update tls-api to 0.8.0
and remove corresponding RUSTSEC from ignored list
This commit is contained in:
parent
6f787e1e77
commit
d1bd9e209f
|
@ -1218,12 +1218,6 @@ dependencies = [
|
|||
"winapi 0.3.9",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "fuchsia-cprng"
|
||||
version = "0.1.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba"
|
||||
|
||||
[[package]]
|
||||
name = "fuchsia-zircon"
|
||||
version = "0.3.3"
|
||||
|
@ -2379,19 +2373,6 @@ dependencies = [
|
|||
"proc-macro2",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "rand"
|
||||
version = "0.4.6"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "552840b97013b1a26992c11eac34bdd778e464601a4c2054b5f0bff7c6761293"
|
||||
dependencies = [
|
||||
"fuchsia-cprng",
|
||||
"libc",
|
||||
"rand_core 0.3.1",
|
||||
"rdrand",
|
||||
"winapi 0.3.9",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "rand"
|
||||
version = "0.7.3"
|
||||
|
@ -2436,21 +2417,6 @@ dependencies = [
|
|||
"rand_core 0.6.3",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "rand_core"
|
||||
version = "0.3.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "7a6fdeb83b075e8266dcc8762c22776f6877a63111121f5f8c7411e5be7eed4b"
|
||||
dependencies = [
|
||||
"rand_core 0.4.2",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "rand_core"
|
||||
version = "0.4.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9c33a3c44ca05fa6f1807d8e6743f3824e8509beca625669633be0acbdf509dc"
|
||||
|
||||
[[package]]
|
||||
name = "rand_core"
|
||||
version = "0.5.1"
|
||||
|
@ -2478,15 +2444,6 @@ dependencies = [
|
|||
"rand_core 0.5.1",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "rdrand"
|
||||
version = "0.4.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "678054eb77286b51581ba43620cc911abf02758c91f93f479767aed0f90458b2"
|
||||
dependencies = [
|
||||
"rand_core 0.3.1",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "redox_syscall"
|
||||
version = "0.2.13"
|
||||
|
@ -2981,16 +2938,6 @@ dependencies = [
|
|||
"unicode-xid",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "tempdir"
|
||||
version = "0.3.7"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "15f2b5fb00ccdf689e0149d1b1b3c03fead81c2b37735d812fa8bddbbf41b6d8"
|
||||
dependencies = [
|
||||
"rand 0.4.6",
|
||||
"remove_dir_all",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "tempfile"
|
||||
version = "3.3.0"
|
||||
|
@ -3016,12 +2963,12 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "test-cert-gen"
|
||||
version = "0.7.0"
|
||||
version = "0.8.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3208d0ae2e3736d4ac2f6ba2229c4d9bbd54080e228e662a7684eabcf13ff419"
|
||||
checksum = "3707ef7be06a3bca379fed2e472e6f06bb4a3b3715d5eb4039eaee186a37e98a"
|
||||
dependencies = [
|
||||
"pem",
|
||||
"tempdir",
|
||||
"tempfile",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -3098,14 +3045,14 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c"
|
|||
|
||||
[[package]]
|
||||
name = "tls-api"
|
||||
version = "0.7.0"
|
||||
version = "0.8.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "b7dded74ddc6d4a98f9f94f17f1c4d796e4af3cb5fba9e7655f157a036ee7de0"
|
||||
checksum = "0dadeb49014c6aa53335ea388f2661ec050774d63dbc264340c707c9bda5bd0f"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"log",
|
||||
"pem",
|
||||
"tempdir",
|
||||
"tempfile",
|
||||
"thiserror",
|
||||
"tokio",
|
||||
"void",
|
||||
|
@ -3114,9 +3061,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "tls-api-native-tls"
|
||||
version = "0.7.0"
|
||||
version = "0.8.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "c547db405b51a4e549f803c980572f3cb3957dff153b04e3e7aebb1fc5f249b4"
|
||||
checksum = "457be0f7a4699e91449a7d2dae0cbfe0ef799acc5bdbbb4a5316c4beed904f70"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"native-tls",
|
||||
|
@ -3128,9 +3075,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "tls-api-test"
|
||||
version = "0.7.0"
|
||||
version = "0.8.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "344ab291be7ed9ab296fc28153fe3ac1e430f44c4dfb3f1324a3c09bbbb5f104"
|
||||
checksum = "c3f040610fa42a1214aff0b7d8f5c903c5eb390e81fff56992d4d85e62e46bdf"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"env_logger",
|
||||
|
|
|
@ -38,8 +38,8 @@ tokio = { package = "tokio", version = "1.7", features = [
|
|||
"macros",
|
||||
] }
|
||||
thiserror = "1"
|
||||
tls-api = { version = "0.7" }
|
||||
tls-api-native-tls = { version = "0.7.0" }
|
||||
tls-api = { version = "0.8" }
|
||||
tls-api-native-tls = { version = "0.8.0" }
|
||||
tor-error = { path = "../tor-error", version = "0.2.0" }
|
||||
tor-rtcompat = { path = "../tor-rtcompat", version = "0.2.0", features = ["tokio"] }
|
||||
|
||||
|
|
|
@ -18,16 +18,16 @@ IGNORE=(
|
|||
# fixed in `notify` 5.0 however only pre-releases are available
|
||||
# for now.
|
||||
--ignore RUSTSEC-2020-0016
|
||||
# This is not a vulnerability but an unmaintained warn for the
|
||||
# `tempdir` crate. It's pulled by `tls-api` 0.7.0. As of now
|
||||
# there is no available fix, but a patch was submitted upstream.
|
||||
--ignore RUSTSEC-2018-0017
|
||||
)
|
||||
|
||||
cargo audit -D warnings "${IGNORE[@]}"
|
||||
|
||||
|
||||
OBSOLETE_IGNORE=(
|
||||
# This is not a vulnerability but an unmaintained warn for the
|
||||
# `tempdir` crate. It was pulled by `tls-api` 0.7.0. `tls-api`
|
||||
# 0.8.0 switched to tempfile instead.
|
||||
--ignore RUSTSEC-2018-0017
|
||||
# This is a vulnerability in the `nix` crate caused by an
|
||||
# out-of-bounds write in `getgrouplist`. We got our `nix`
|
||||
# dependency via `async-ctrlc`, which uses `ctrlc`, which uses
|
||||
|
|
Loading…
Reference in New Issue