Skip to content

Commit

Permalink
deny.toml: Ignore RUSTSEC-2024-0006
Browse files Browse the repository at this point in the history 
shlex is currently only being brought by bindgen, which does not
use the concerning APIs except for testing.

This needs spiffe to be upgraded to be finally be resolved,
which will not happen before release.

Signed-off-by: Tomás González <[email protected]>
  • Loading branch information
@tgonzalezorlandoarm
tgonzalezorlandoarm committed Feb 23, 2024
1 parent 2f582a6 commit b789bb6
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion deny.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,8 @@ notice = "warn"
# A list of advisory IDs to ignore. Note that ignored advisories will still
# output a note when they are encountered.
ignore = [
#"RUSTSEC-0000-0000",
# TODO: remove when shlex gets updated to >=1.3.0 (here and in nightly.yml)
"RUSTSEC-2024-0006",
]
# Threshold for security vulnerabilities, any vulnerability with a CVSS score
# lower than the range specified will be ignored. Note that ignored advisories
Expand Down

0 comments on commit b789bb6

Please sign in to comment.