eliott/servo
1
0
Fork 0
mirror of https://github.com/servo/servo synced 2026-04-25 17:15:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

build: bump webpki-root-certs from 1.0.6 to 1.0.7 (#44415)

Browse Source 
Bumps [webpki-root-certs](https://github.com/rustls/webpki-roots) from
1.0.6 to 1.0.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rustls/webpki-roots/releases">webpki-root-certs's
releases</a>.</em></p>
<blockquote>
<h2>1.0.7</h2>
<p>For their April 2026 root store changes, Mozilla has made more
changes than usual:</p>
<blockquote>
<p>These changes are part of Mozilla’s ongoing root store maintenance
under the Mozilla Root Store Policy (MRSP), including <a
href="https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#74-root-ca-lifecycles">§7.4</a>
(Root CA Lifecycles) and <a
href="https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#753-transition-plan-for-existing-roots">§7.5.3</a>
(Transition Plans). They reflect a combination of lifecycle-based
transitions, CA operator requests, and alignment with intended
certificate usage, including retiring older or less suitable root
certificates, enforcing clear separation of trust purposes (e.g., TLS
vs. S/MIME), and reducing unnecessary trust surface in the Web PKI
ecosystem. Collectively, these actions help to ensure that root
certificates are relied upon only for their intended and actively
maintained use cases, or are retired in accordance with established
distrust timelines.</p>
</blockquote>
<p>This removes:</p>
<ul>
<li>CN=Certigna O=Dhimyotis</li>
<li>CN=COMODO Certification Authority O=COMODO CA Limited</li>
<li>CN=DigiCert Assured ID Root CA O=DigiCert Inc
OU=www.digicert.com</li>
<li>CN=DigiCert Global Root CA O=DigiCert Inc OU=www.digicert.com</li>
<li>CN=DigiCert High Assurance EV Root CA O=DigiCert Inc
OU=www.digicert.com</li>
<li>CN=FIRMAPROFESIONAL CA ROOT-A WEB O=Firmaprofesional SA</li>
<li>CN=GTS Root R2 O=Google Trust Services LLC</li>
<li>CN=QuoVadis Root CA 2 O=QuoVadis Limited</li>
<li>CN=QuoVadis Root CA 3 O=QuoVadis Limited</li>
<li>CN=Secure Global CA O=SecureTrust Corporation</li>
<li>CN=SecureTrust CA O=SecureTrust Corporation</li>
<li>CN=SwissSign Gold CA - G2 O=SwissSign AG</li>
<li>CN=TeliaSonera Root CA v1 O=TeliaSonera</li>
<li>CN=Trustwave Global Certification Authority O=Trustwave Holdings,
Inc.</li>
<li>CN=Trustwave Global ECC P256 Certification Authority O=Trustwave
Holdings, Inc.</li>
<li>CN=Trustwave Global ECC P384 Certification Authority O=Trustwave
Holdings, Inc.</li>
<li>O=certSIGN OU=certSIGN ROOT CA</li>
</ul>
<p>See <a
href="https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/o1VliD70ctg/m/pY0JBzTlAQAJ?pli=1">their
announcement</a> for more details.</p>
<h2>What's Changed</h2>
<ul>
<li>Take semver-compatible dependency updates by <a
href="https://github.com/djc"><code>@​djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki-roots/pull/116">rustls/webpki-roots#116</a></li>
<li>Take semver-compatible dependency updates by <a
href="https://github.com/djc"><code>@​djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki-roots/pull/117">rustls/webpki-roots#117</a></li>
<li>Take semver-compatible updates by <a
href="https://github.com/ctz"><code>@​ctz</code></a> in <a
href="https://redirect.github.com/rustls/webpki-roots/pull/118">rustls/webpki-roots#118</a></li>
<li>Prepare 1.0.7 by <a
href="https://github.com/djc"><code>@​djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki-roots/pull/120">rustls/webpki-roots#120</a></li>
<li>Update dependencies by <a
href="https://github.com/djc"><code>@​djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki-roots/pull/119">rustls/webpki-roots#119</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/rustls/webpki-roots/compare/v/1.0.6...v/1.0.7">https://github.com/rustls/webpki-roots/compare/v/1.0.6...v/1.0.7</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="be948464fd"><code>be94846</code></a>
Update dependencies (<a
href="https://redirect.github.com/rustls/webpki-roots/issues/119">#119</a>)</li>
<li><a
href="76476f91c9"><code>76476f9</code></a>
Prepare 1.0.7 (<a
href="https://redirect.github.com/rustls/webpki-roots/issues/120">#120</a>)</li>
<li><a
href="ed392f437c"><code>ed392f4</code></a>
Take semver-compatible updates (<a
href="https://redirect.github.com/rustls/webpki-roots/issues/118">#118</a>)</li>
<li><a
href="ec8b744a63"><code>ec8b744</code></a>
Take semver-compatible dependency updates (<a
href="https://redirect.github.com/rustls/webpki-roots/issues/117">#117</a>)</li>
<li><a
href="84a0c23ef2"><code>84a0c23</code></a>
Take semver-compatible dependency updates (<a
href="https://redirect.github.com/rustls/webpki-roots/issues/116">#116</a>)</li>
<li>See full diff in <a
href="https://github.com/rustls/webpki-roots/compare/v/1.0.6...v/1.0.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webpki-root-certs&package-manager=cargo&previous-version=1.0.6&new-version=1.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
dependabot[bot]
2026-04-22 00:52:56 +00:00
committed by GitHub
parent 4322792c84
commit c75eea95c3
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Cargo.lock generated
View File

@@ -10974,9 +10974,9 @@ dependencies = [
[[package]]
name = "webpki-root-certs"
version = "1.0.6"
version = "1.0.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "804f18a4ac2676ffb4e8b5b5fa9ae38af06df08162314f96a68d2a363e21a8ca"
checksum = "f31141ce3fc3e300ae89b78c0dd67f9708061d1d2eda54b8209346fd6be9a92c"
dependencies = [
"rustls-pki-types",
]