Auto merge of #112217 - arlosi:update-vuln-deps, r=Mark-Simulacrum

Update dependencies with reported vulnerabilities Vulnerable dependencies: * bumpalo 3.12.1 (yanked) * updated to 3.13.0 * tokio 1.8.4 - https://rustsec.org/advisories/RUSTSEC-2023-0001 * updated to 1.28.2 * remove_dir_all 0.5.3 - https://rustsec.org/advisories/RUSTSEC-2023-0018 * removed by using the standard library function in `rust-installer` instead and updating to `tempfile@3.5.0` (which also removes the dependency). The new dependencies come from `tempfile@3.5.0` which adds the dependency on `rustix`
author: bors <bors@rust-lang.org> 2023-06-03 01:59:14 +0000
committer: bors <bors@rust-lang.org> 2023-06-03 01:59:14 +0000
commit: dff88b206416d814a90c8b72b2656b4921cdd6b8 (patch)
tree: 218a8d139875691e54c903aab4ceb6df98788e78
parent: 7a0070eaeadf6cd4641197401f0554bad12532eb (diff)
parent: 4d9b476bb1f63fa25ca9bb7f85b536352c744570 (diff)
download: rust-dff88b206416d814a90c8b72b2656b4921cdd6b8.tar.gz
rust-dff88b206416d814a90c8b72b2656b4921cdd6b8.zip
5 files changed, 29 insertions, 29 deletions
diff --git a/Cargo.lock b/Cargo.lock
index 30d1fe51af5..416a1aea4a0 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -316,9 +316,9 @@ dependencies = [
 
 [[package]]
 name = "bumpalo"
-version = "3.12.1"
+version = "3.13.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9b1ce199063694f33ffb7dd4e0ee620741495c32833cde5aa08f02a0bf96f0c8"
+checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1"
 
 [[package]]
 name = "bytecount"
@@ -1209,7 +1209,7 @@ checksum = "8a3de6e8d11b22ff9edc6d916f890800597d60f8b2da1caf2955c274638d6412"
 dependencies = [
  "cfg-if",
  "libc",
- "redox_syscall",
+ "redox_syscall 0.2.10",
  "windows-sys 0.45.0",
 ]
 
@@ -1751,7 +1751,6 @@ dependencies = [
  "flate2",
  "num_cpus",
  "rayon",
- "remove_dir_all",
  "tar",
  "walkdir",
  "xz2",
@@ -2435,7 +2434,7 @@ dependencies = [
  "cfg-if",
  "instant",
  "libc",
- "redox_syscall",
+ "redox_syscall 0.2.10",
  "smallvec",
  "winapi",
 ]
@@ -2448,7 +2447,7 @@ checksum = "4dc9e0dc2adc1c69d09143aff38d3d30c5c3f0df0dad82e6d25547af174ebec0"
 dependencies = [
  "cfg-if",
  "libc",
- "redox_syscall",
+ "redox_syscall 0.2.10",
  "smallvec",
  "windows-sys 0.42.0",
 ]
@@ -2792,13 +2791,22 @@ dependencies = [
 ]
 
 [[package]]
+name = "redox_syscall"
+version = "0.3.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29"
+dependencies = [
+ "bitflags",
+]
+
+[[package]]
 name = "redox_users"
 version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "528532f3d801c87aec9def2add9ca802fe569e44a544afe633765267840abe64"
 dependencies = [
  "getrandom",
- "redox_syscall",
+ "redox_syscall 0.2.10",
 ]
 
 [[package]]
@@ -2851,15 +2859,6 @@ name = "remote-test-server"
 version = "0.1.0"
 
 [[package]]
-name = "remove_dir_all"
-version = "0.5.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3acd125665422973a33ac9d3dd2df85edad0f4ae9b00dafb1a05e43a9f5ef8e7"
-dependencies = [
- "winapi",
-]
-
-[[package]]
 name = "replace-version-placeholder"
 version = "0.1.0"
 dependencies = [
@@ -4778,16 +4777,15 @@ dependencies = [
 
 [[package]]
 name = "tempfile"
-version = "3.3.0"
+version = "3.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4"
+checksum = "b9fbec84f381d5795b08656e4912bec604d162bff9291d6189a78f4c8ab87998"
 dependencies = [
  "cfg-if",
  "fastrand",
- "libc",
- "redox_syscall",
- "remove_dir_all",
- "winapi",
+ "redox_syscall 0.3.5",
+ "rustix",
+ "windows-sys 0.45.0",
 ]
 
 [[package]]
@@ -4973,14 +4971,14 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c"
 
 [[package]]
 name = "tokio"
-version = "1.8.4"
+version = "1.28.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "50dae83881bc9b0403dd5b44ea9deed3e939856cc8722d5be37f0d6e5c6d53dd"
+checksum = "94d7b1cfd2aa4011f2de74c2c4c63665e27a71006b0a192dcd2710272e73dfa2"
 dependencies = [
  "autocfg",
  "bytes",
- "memchr",
  "pin-project-lite",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
diff --git a/compiler/rustc_data_structures/src/temp_dir.rs b/compiler/rustc_data_structures/src/temp_dir.rs
index a780d2386a6..621d3011a2a 100644
--- a/compiler/rustc_data_structures/src/temp_dir.rs
+++ b/compiler/rustc_data_structures/src/temp_dir.rs
@@ -16,7 +16,7 @@ impl Drop for MaybeTempDir {
         // occur.
         let dir = unsafe { ManuallyDrop::take(&mut self.dir) };
         if self.keep {
-            dir.into_path();
+            let _ = dir.into_path();
         }
     }
 }
diff --git a/src/tools/rust-installer/Cargo.toml b/src/tools/rust-installer/Cargo.toml
index 97734f048ab..85e979f07bf 100644
--- a/src/tools/rust-installer/Cargo.toml
+++ b/src/tools/rust-installer/Cargo.toml
@@ -17,7 +17,6 @@ tar = "0.4.38"
 walkdir = "2"
 xz2 = "0.1.4"
 num_cpus = "1"
-remove_dir_all = "0.5"
 
 [dependencies.clap]
 features = ["derive"]
diff --git a/src/tools/rust-installer/src/util.rs b/src/tools/rust-installer/src/util.rs
index 674617c657c..6cac314b68d 100644
--- a/src/tools/rust-installer/src/util.rs
+++ b/src/tools/rust-installer/src/util.rs
@@ -82,7 +82,7 @@ pub fn open_file<P: AsRef<Path>>(path: P) -> Result<fs::File> {
 
 /// Wraps `remove_dir_all` with a nicer error message.
 pub fn remove_dir_all<P: AsRef<Path>>(path: P) -> Result<()> {
-    remove_dir_all::remove_dir_all(path.as_ref())
+    fs::remove_dir_all(path.as_ref())
         .with_context(|| format!("failed to remove dir '{}'", path.as_ref().display()))?;
     Ok(())
 }
diff --git a/src/tools/tidy/src/deps.rs b/src/tools/tidy/src/deps.rs
index abaed95a084..9979dfbd56a 100644
--- a/src/tools/tidy/src/deps.rs
+++ b/src/tools/tidy/src/deps.rs
@@ -167,12 +167,14 @@ const PERMITTED_RUSTC_DEPENDENCIES: &[&str] = &[
     "instant",
     "intl-memoizer",
     "intl_pluralrules",
+    "io-lifetimes",
     "itertools",
     "itoa",
     "jobserver",
     "lazy_static",
     "libc",
     "libloading",
+    "linux-raw-sys",
     "litemap",
     "lock_api",
     "log",
@@ -210,12 +212,12 @@ const PERMITTED_RUSTC_DEPENDENCIES: &[&str] = &[
     "regex",
     "regex-automata",
     "regex-syntax",
-    "remove_dir_all",
     "rustc-demangle",
     "rustc-hash",
     "rustc-rayon",
     "rustc-rayon-core",
     "rustc_version",
+    "rustix",
     "ruzstd", // via object in thorin-dwp
     "ryu",
     "scoped-tls",
@@ -279,6 +281,7 @@ const PERMITTED_RUSTC_DEPENDENCIES: &[&str] = &[
     "winapi-util",
     "winapi-x86_64-pc-windows-gnu",
     "windows",
+    "windows-sys",
     "windows-targets",
     "windows_aarch64_gnullvm",
     "windows_aarch64_msvc",
author	bors <bors@rust-lang.org>	2023-06-03 01:59:14 +0000
committer	bors <bors@rust-lang.org>	2023-06-03 01:59:14 +0000
commit	dff88b206416d814a90c8b72b2656b4921cdd6b8 (patch)
tree	218a8d139875691e54c903aab4ceb6df98788e78
parent	7a0070eaeadf6cd4641197401f0554bad12532eb (diff)
parent	4d9b476bb1f63fa25ca9bb7f85b536352c744570 (diff)
download	rust-dff88b206416d814a90c8b72b2656b4921cdd6b8.tar.gz rust-dff88b206416d814a90c8b72b2656b4921cdd6b8.zip