Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Silence RUSTSEC-2024-0421 #7308

Merged
merged 1 commit into from
Dec 10, 2024
Merged

Silence RUSTSEC-2024-0421 #7308

merged 1 commit into from
Dec 10, 2024

Conversation

MarkusPettersson98
Copy link
Contributor

@MarkusPettersson98 MarkusPettersson98 commented Dec 9, 2024
edited by faern
Loading

This PR silence RUSTSEC-2024-0421 in cargo-deny and osv-scanner. AFAICT, we are not affected by this vulnerability as we do not accept domain names as input anywhere in the app.

Currently we are blocked on getting rid of this vulnerability because of some dependencies of ours needing to cut new releases, most notably hickory-proto and shadowsocks-rs. This is referenced in the comments in the osv-scanner.toml files.

This change is Reviewable

pinkisemils
pinkisemils approved these changes Dec 10, 2024
View reviewed changes
Copy link
Collaborator

@pinkisemils pinkisemils left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 4 of 4 files at r1, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved

faern
faern approved these changes Dec 10, 2024
View reviewed changes
Copy link
Member

@faern faern left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 4 of 4 files at r1, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved

@MarkusPettersson98 MarkusPettersson98 merged commit 1cb6189 into main Dec 10, 2024
36 checks passed
@MarkusPettersson98 MarkusPettersson98 deleted the silence-rustsec-2024-0421 branch December 10, 2024 08:37
@MarkusPettersson98 MarkusPettersson98 mentioned this pull request Dec 10, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pinkisemils pinkisemils pinkisemils approved these changes

@faern faern faern approved these changes

@raksooo raksooo Awaiting requested review from raksooo raksooo is a code owner

@albin-mullvad albin-mullvad Awaiting requested review from albin-mullvad albin-mullvad is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MarkusPettersson98 @faern @pinkisemils