From a64bf189356b471e004af29f4a7b298f4bcb2797 Mon Sep 17 00:00:00 2001
From: kalvinparker <106995826+kalvinparker@users.noreply.github.com>
Date: Sun, 9 Nov 2025 07:57:46 +0000
Subject: [PATCH] chore(audit): format deny.toml license exceptions as
 [[licenses.exceptions]] (cargo-deny compatible)

---
 deny.toml | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/deny.toml b/deny.toml
index 5179a91c..e353846a 100644
--- a/deny.toml
+++ b/deny.toml
@@ -9,11 +9,15 @@
 allow = ["AGPL-3.0-only", "MIT", "Apache-2.0", "BSD-3-Clause"]
 ## Temporary exceptions added by remediations/audit-2025-11-09
 ## These exceptions are timeboxed and tracked in issues/TRACK-2025-11-09-RSA-PASTE.md
-exceptions = [
-	# Allow RUSTSEC-2023-0071 (rsa 0.9.8) transitively required today via openidconnect
-	# Rationale: no safe published upgrade available at audit date; risk acknowledged and tracked.
-	{ crate = "rsa", version = "=0.9.8", reason = "RUSTSEC-2023-0071: no safe upgrade available; temporary exception; see issues/TRACK-2025-11-09-RSA-PASTE.md", expires = "2026-02-01" },
-	# Allow RUSTSEC-2024-0436 (paste 1.0.15) transitively required today via rmp/rmpv
-	# Rationale: crate marked unmaintained; temporary exception while replacement plan is executed.
-	{ crate = "paste", version = "=1.0.15", reason = "RUSTSEC-2024-0436: unmaintained; temporary exception; see issues/TRACK-2025-11-09-RSA-PASTE.md", expires = "2026-02-01" }
-]
+
+[[licenses.exceptions]]
+crate = "rsa"
+version = "=0.9.8"
+reason = "RUSTSEC-2023-0071: no safe upgrade available; temporary exception; see issues/TRACK-2025-11-09-RSA-PASTE.md"
+expires = "2026-02-01"
+
+[[licenses.exceptions]]
+crate = "paste"
+version = "=1.0.15"
+reason = "RUSTSEC-2024-0436: unmaintained; temporary exception; see issues/TRACK-2025-11-09-RSA-PASTE.md"
+expires = "2026-02-01"