no more cargo advisories ignored
This commit is contained in:
12
deny.toml
12
deny.toml
@@ -4,17 +4,7 @@ all-features = true
|
||||
[advisories]
|
||||
version = 2
|
||||
yanked = "deny"
|
||||
# Note: RUSTSEC-2023-0071 (rsa via sqlx-mysql) is in Cargo.lock but unreachable —
|
||||
# sqlx-macros-core unconditionally resolves sqlx-mysql; we only use postgres.
|
||||
# cargo deny's graph analysis correctly identifies it as unreachable, so no
|
||||
# ignore entry is needed here. If cargo audit is ever re-added, it will need
|
||||
# --ignore RUSTSEC-2023-0071 since it scans the lockfile without graph analysis.
|
||||
ignore = [
|
||||
# rustls-pemfile v2.x - unmaintained
|
||||
# Transitive dependency via lapin → amq-protocol-tcp → tcp-stream.
|
||||
# No alternative available until lapin updates its TLS stack.
|
||||
{ id = "RUSTSEC-2025-0134", reason = "transitive via lapin TLS stack; no alternative" },
|
||||
]
|
||||
ignore = []
|
||||
|
||||
[licenses]
|
||||
version = 2
|
||||
|
||||
Reference in New Issue
Block a user