From 7dd7141307a01ba589c0a960c904bf0a6d9cdbca Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Fri, 8 Jan 2021 21:52:28 +0000 Subject: [PATCH] Suppress cargo audit failure for `difference` crate (bp #14488) (#14493) * Suppress cargo audit failure for `difference` crate, there's no newer crate to upgrade to yet (cherry picked from commit 3eaa826ad9226194820bf6b23fd9b927973dc497) * Bump smallvec version (cherry picked from commit 21a0a835431dc1a68366aa27d6b0384bad1596b7) Co-authored-by: Michael Vines --- Cargo.lock | 18 +++++++++--------- ci/test-checks.sh | 6 ++++++ programs/bpf/Cargo.lock | 12 ++++++------ 3 files changed, 21 insertions(+), 15 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 84b7f3a11e..c95f29fc2c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2566,7 +2566,7 @@ dependencies = [ "libc", "redox_syscall", "rustc_version", - "smallvec 0.6.13", + "smallvec 0.6.14", "winapi 0.3.8", ] @@ -2580,7 +2580,7 @@ dependencies = [ "cloudabi 0.0.3", "libc", "redox_syscall", - "smallvec 1.4.2", + "smallvec 1.6.1", "winapi 0.3.8", ] @@ -2595,7 +2595,7 @@ dependencies = [ "instant", "libc", "redox_syscall", - "smallvec 1.4.2", + "smallvec 1.6.1", "winapi 0.3.8", ] @@ -3113,7 +3113,7 @@ checksum = "a415a013dd7c5d4221382329a5a3482566da675737494935cbbbcdec04662f9d" dependencies = [ "cc", "libc", - "smallvec 1.4.2", + "smallvec 1.6.1", ] [[package]] @@ -3587,18 +3587,18 @@ checksum = "c111b5bd5695e56cffe5129854aa230b39c93a305372fdbb2668ca2394eea9f8" [[package]] name = "smallvec" -version = "0.6.13" +version = "0.6.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7b0758c52e15a8b5e3691eae6cc559f08eee9406e548a4477ba4e67770a82b6" +checksum = "b97fcaeba89edba30f044a10c6a3cc39df9c3f17d7cd829dd1446cab35f890e0" dependencies = [ "maybe-uninit", ] [[package]] name = "smallvec" -version = "1.4.2" +version = "1.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbee7696b84bbf3d89a1c2eccff0850e3047ed46bfcd2e92c29a2d074d57e252" +checksum = "fe0f37c9e8f3c5a4a66ad655a93c74daac4ad00c441533bf5c6e7990bb42604e" [[package]] name = "smpl_jwt" @@ -6311,7 +6311,7 @@ version = "0.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5479532badd04e128284890390c1e876ef7a993d0570b3597ae43dfa1d59afa4" dependencies = [ - "smallvec 1.4.2", + "smallvec 1.6.1", ] [[package]] diff --git a/ci/test-checks.sh b/ci/test-checks.sh index 0d96a77826..8f8c83d45d 100755 --- a/ci/test-checks.sh +++ b/ci/test-checks.sh @@ -78,6 +78,12 @@ cargo_audit_ignores=( # # Blocked on multiple crates updating `time` to >= 0.2.23 --ignore RUSTSEC-2020-0071 + + # difference is unmaintained + # + # Blocked on predicates v1.0.6 removing its dependency on `difference` + --ignore RUSTSEC-2020-0095 + ) _ scripts/cargo-for-all-lock-files.sh +"$rust_stable" audit "${cargo_audit_ignores[@]}" diff --git a/programs/bpf/Cargo.lock b/programs/bpf/Cargo.lock index 9f14d822d0..48c9222a49 100644 --- a/programs/bpf/Cargo.lock +++ b/programs/bpf/Cargo.lock @@ -1308,7 +1308,7 @@ dependencies = [ "libc", "redox_syscall", "rustc_version", - "smallvec 0.6.13", + "smallvec 0.6.14", "winapi 0.3.8", ] @@ -1816,18 +1816,18 @@ checksum = "c111b5bd5695e56cffe5129854aa230b39c93a305372fdbb2668ca2394eea9f8" [[package]] name = "smallvec" -version = "0.6.13" +version = "0.6.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7b0758c52e15a8b5e3691eae6cc559f08eee9406e548a4477ba4e67770a82b6" +checksum = "b97fcaeba89edba30f044a10c6a3cc39df9c3f17d7cd829dd1446cab35f890e0" dependencies = [ "maybe-uninit", ] [[package]] name = "smallvec" -version = "1.4.2" +version = "1.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbee7696b84bbf3d89a1c2eccff0850e3047ed46bfcd2e92c29a2d074d57e252" +checksum = "fe0f37c9e8f3c5a4a66ad655a93c74daac4ad00c441533bf5c6e7990bb42604e" [[package]] name = "socket2" @@ -2861,7 +2861,7 @@ version = "0.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5479532badd04e128284890390c1e876ef7a993d0570b3597ae43dfa1d59afa4" dependencies = [ - "smallvec 1.4.2", + "smallvec 1.6.1", ] [[package]]