From c97fc90f407a6056a057e9b6f4756718b8d3ef80 Mon Sep 17 00:00:00 2001
From: kalvinparker <106995826+kalvinparker@users.noreply.github.com>
Date: Sun, 9 Nov 2025 08:00:37 +0000
Subject: [PATCH] chore(audit): ignore RUSTSEC-2023-0071 and RUSTSEC-2024-0436
 in deny.toml (temporary)

---
 deny.toml | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/deny.toml b/deny.toml
index 003f0678..4d60139b 100644
--- a/deny.toml
+++ b/deny.toml
@@ -3,19 +3,9 @@
 
 [advisories]
 # default uses the rustsec DB; keep empty to use defaults
-
-## Temporary advisory exceptions added by remediations/audit-2025-11-09
-## These exceptions are timeboxed and tracked in issues/TRACK-2025-11-09-RSA-PASTE.md
-
-[[advisories.exceptions]]
-id = "RUSTSEC-2023-0071"
-reason = "Transitive rsa = 0.9.8 (Marvin Attack); no safe published upgrade available at audit time. Temporary exception to unblock CI; see issues/TRACK-2025-11-09-RSA-PASTE.md"
-expires = "2026-02-01"
-
-[[advisories.exceptions]]
-id = "RUSTSEC-2024-0436"
-reason = "Transitive paste = 1.0.15 (unmaintained). Temporary exception to unblock CI; see issues/TRACK-2025-11-09-RSA-PASTE.md"
-expires = "2026-02-01"
+# Temporary advisory exceptions (timeboxed) — these are ignored by cargo-deny so CI can run
+# Tracked in issues/TRACK-2025-11-09-RSA-PASTE.md
+ignore = ["RUSTSEC-2023-0071", "RUSTSEC-2024-0436"]
 
 [licenses]
 # Allowlist of licenses. Edit to match project policy.