topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

chore(audit): ignore RUSTSEC-2023-0071 and RUSTSEC-2024-0436 in deny.toml (temporary)

pull/6727/head
kalvinparker 3 months ago
parent
a305cf3d6d
commit
c97fc90f40
1 changed files with 3 additions and 13 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      deny.toml

16
deny.toml
View File

@ -3,19 +3,9 @@
[advisories]
# default uses the rustsec DB; keep empty to use defaults
## Temporary advisory exceptions added by remediations/audit-2025-11-09
## These exceptions are timeboxed and tracked in issues/TRACK-2025-11-09-RSA-PASTE.md
[[advisories.exceptions]]
id = "RUSTSEC-2023-0071"
reason = "Transitive rsa = 0.9.8 (Marvin Attack); no safe published upgrade available at audit time. Temporary exception to unblock CI; see issues/TRACK-2025-11-09-RSA-PASTE.md"
expires = "2026-02-01"
[[advisories.exceptions]]
id = "RUSTSEC-2024-0436"
reason = "Transitive paste = 1.0.15 (unmaintained). Temporary exception to unblock CI; see issues/TRACK-2025-11-09-RSA-PASTE.md"
expires = "2026-02-01"
# Temporary advisory exceptions (timeboxed) — these are ignored by cargo-deny so CI can run
# Tracked in issues/TRACK-2025-11-09-RSA-PASTE.md
ignore = ["RUSTSEC-2023-0071", "RUSTSEC-2024-0436"]
[licenses]
# Allowlist of licenses. Edit to match project policy.

Write Preview
Loading…
Cancel
Save