Add supply-chain audit for nonempty

zcash · Dec 17, 2024 · 75e4c14 · 75e4c14
1 parent fad7f38
commit 75e4c14
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 11 deletions.
diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml
@@ -254,6 +254,26 @@ who = "Jack Grigg <[email protected]>"
 criteria = "safe-to-deploy"
 delta = "2.11.2 -> 2.12.0"
 
+[[audits.nonempty]]
+who = "Kris Nuttycombe <[email protected]>"
+criteria = "safe-to-deploy"
+version = "0.11.0"
+notes = """
+Additional use of `unsafe` to wrap `NonZeroUsize::new_unchecked`; in both cases
+the argument to this method is `<Vec length or capacity> + 1`; in general this
+is safe with the exception that if an existing `Vec` has length or capacity
+`usize::MAX` this could wrap into zero; it would be better to use the safe
+operation and then `expect` to generate a panic, rather than risk undefined
+behavior.
+
+Additions are:
+- no_std support
+- sorting
+- `nonzero` module (just wrappers
+- `serde` support
+- `nonempty macro` (trivial, verified safe)
+"""
+
 [[audits.num-bigint]]
 who = "Daira-Emma Hopwood <[email protected]>"
 criteria = "safe-to-deploy"

diff --git a/supply-chain/config.toml b/supply-chain/config.toml
@@ -765,10 +765,6 @@ criteria = "safe-to-deploy"
 version = "0.8.3"
 criteria = "safe-to-deploy"
 
-[[exemptions.nonempty]]
-version = "0.7.0"
-criteria = "safe-to-deploy"
-
 [[exemptions.notify]]
 version = "6.1.1"
 criteria = "safe-to-deploy"

diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock
@@ -77,13 +77,6 @@ user-id = 6289
 user-login = "str4d"
 user-name = "Jack Grigg"
 
-[[publisher.orchard]]
-version = "0.10.1"
-when = "2024-12-17"
-user-id = 169181
-user-login = "nuttycom"
-user-name = "Kris Nuttycombe"
-
 [[publisher.pczt]]
 version = "0.1.0"
 when = "2024-12-17"