Bug 1788518 - Audit rust crates `filetime_win 0.2.0` and `comedy 0.2.0`. r=bholley

Differential Revision: https://phabricator.services.mozilla.com/D157759

supply-chain/audits.toml

@@ -166,6 +166,17 @@ who = "Mike Hommey <mh+mozilla@glandium.org>"
 criteria = "safe-to-deploy"
 delta = "0.2.2 -> 0.2.4"
 
+[[audits.comedy]]
+who = "Nick Alexander <nalexander@mozilla.com>"
+criteria = "safe-to-deploy"
+version = "0.2.0"
+notes = """
+The comedy crate was written by Adam Gashlin for Mozilla's use.  The entire
+comedy 0.2.0 crate is full of `unsafe` code and makes many assumptions about
+memory and layout, but there is no particular processing of untrusted input
+here.
+"""
+
 [[audits.cpufeatures]]
 who = "Mike Hommey <mh+mozilla@glandium.org>"
 criteria = "safe-to-deploy"
@@ -332,6 +343,16 @@ who = "Mike Hommey <mh+mozilla@glandium.org>"
 criteria = "safe-to-deploy"
 delta = "1.7.0 -> 1.8.0"
 
+[[audits.filetime_win]]
+who = "Nick Alexander <nalexander@mozilla.com>"
+criteria = "safe-to-deploy"
+version = "0.2.0"
+notes = """
+filetime_win was written by Adam Gashlin for Mozilla's use.  The `unsafe` code
+blocks in filetime_win 0.2.0 are straight-forward invocations of `mem::zeroed`
+and expected invocations of Win32 APIs (with error handling as appropriate).
+"""
+
 [[audits.flagset]]
 who = "Ryan Hunt <rhunt@eqrion.net>"
 criteria = "safe-to-deploy"

supply-chain/config.toml

@@ -331,10 +331,6 @@ criteria = "safe-to-deploy"
 version = "0.11.1"
 criteria = "safe-to-deploy"
 
-[[exemptions.comedy]]
-version = "0.2.0"
-criteria = "safe-to-deploy"
-
 [[exemptions.cookie]]
 version = "0.16.0"
 criteria = "safe-to-run"
@@ -527,10 +523,6 @@ criteria = "safe-to-deploy"
 version = "0.4.4"
 criteria = "safe-to-deploy"
 
-[[exemptions.filetime_win]]
-version = "0.2.0"
-criteria = "safe-to-deploy"
-
 [[exemptions.flate2]]
 version = "1.0.24"
 criteria = "safe-to-deploy"