Skip to content

Commit

Permalink
ci: Add tonic to audit ignore
Browse files Browse the repository at this point in the history
#### Problem

Similar to anza-xyz/agave#3052, we need to
ignore the RUSTSEC advisory on tonic until it's resolved upstream.

#### Summary of changes

Ignore the tonic advisory.
  • Loading branch information
joncinque committed Oct 2, 2024
1 parent 3280249 commit 05e761e
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions ci/do-audit.sh
Original file line number Diff line number Diff line change
Expand Up @@ -14,5 +14,14 @@ cargo_audit_ignores=(
#
# Remove once SPL upgrades to curve25519-dalek v4
--ignore RUSTSEC-2024-0344

# Crate: tonic
# Version: 0.9.2
# Title: Remotely exploitable Denial of Service in Tonic
# Date: 2024-10-01
# ID: RUSTSEC-2024-0376
# URL: https://rustsec.org/advisories/RUSTSEC-2024-0376
# Solution: Upgrade to >=0.12.3
--ignore RUSTSEC-2024-0376
)
cargo +"$rust_stable" audit "${cargo_audit_ignores[@]}"

0 comments on commit 05e761e

Please sign in to comment.