diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2023-08-01 13:11:21 +0200 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2023-08-01 14:22:49 +0200 |
| commit | a4d6d259b7269649b06d27a162206f6701fccffe (patch) | |
| tree | 701b1ebb2d6dbe6b01898654bba4f0cc23d13c86 | |
| parent | 163efe9f9bf0ed6547261a44b904adbb6eba4819 (diff) | |
| download | mullvadvpn-a4d6d259b7269649b06d27a162206f6701fccffe.tar.xz mullvadvpn-a4d6d259b7269649b06d27a162206f6701fccffe.zip | |
Un-ignore RUSTSEC-2020-0071 and ban time 0.1 from dependency tree
| -rw-r--r-- | .github/workflows/cargo-audit.yml | 3 | ||||
| -rw-r--r-- | deny.toml | 5 |
2 files changed, 2 insertions, 6 deletions
diff --git a/.github/workflows/cargo-audit.yml b/.github/workflows/cargo-audit.yml index 00eb2f0959..0210facfea 100644 --- a/.github/workflows/cargo-audit.yml +++ b/.github/workflows/cargo-audit.yml @@ -22,6 +22,3 @@ jobs: name: Audit Rust Dependencies with: denyWarnings: true - # RUSTSEC-2020-0071: Ignore the time segfault CVE since there are no known - # good workarounds, and we want logs etc to be in local time. - ignore: RUSTSEC-2020-0071 @@ -18,8 +18,6 @@ yanked = "deny" notice = "deny" ignore = [ - # Potential segfault in `time`: - "RUSTSEC-2020-0071" ] #severity-threshold = @@ -87,7 +85,8 @@ deny = [ { name = "clap", version = "2" }, { name = "clap", version = "3" }, # `atty` is an unmaintained crate with a CVE: RUSTSEC-2021-0145 - { name = "atty" } + { name = "atty" }, + { name = "time", version = "0.1"}, ] skip = [] skip-tree = [] |