diff options
| -rw-r--r-- | test/deny.toml | 3 | ||||
| -rw-r--r-- | test/osv-scanner.toml | 10 |
2 files changed, 13 insertions, 0 deletions
diff --git a/test/deny.toml b/test/deny.toml index 70584012e1..2fc0d17751 100644 --- a/test/deny.toml +++ b/test/deny.toml @@ -20,6 +20,9 @@ yanked = "deny" ignore = [ # Ignored audit issues. This list should be kept short, and effort should be # put into removing items from the list. + # + # RUSTSEC-2025-0014 - `humantime` is unmaintained: https://github.com/tailhook/humantime/issues/31 + "RUSTSEC-2025-0014" ] diff --git a/test/osv-scanner.toml b/test/osv-scanner.toml index 9d95c0b636..51e3e1d894 100644 --- a/test/osv-scanner.toml +++ b/test/osv-scanner.toml @@ -1,3 +1,13 @@ # See repository root `osv-scanner.toml` for instructions and rules for this file. # # Keep this file in sync with test/deny.toml + +# The `humantime` crate is no longer maintained +[[IgnoredVulns]] +id = "RUSTSEC-2025-0014" +ignoreUntil = 2025-06-11 +reason = """ +The `humantime` crate is no longer maintained. `tarpc` depend on it, and there is currently no "fix" for this. +We have no reason to suspect that `humantime` is vulnerable in any way. An issue has been opened upstream: +https://github.com/google/tarpc/issues/509 +""" |