Skip to content

Commit

Permalink
ci: ignore the tonic audit as a temporary stopgap (anza-xyz#3052)
Browse files Browse the repository at this point in the history
  • Loading branch information
@yihau @ray-kast
yihau authored and ray-kast committed Nov 27, 2024
1 parent 2612be8 commit a046dc6
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions ci/do-audit.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,15 @@ cargo_audit_ignores=(
# URL: https://rustsec.org/advisories/RUSTSEC-2024-0344
# Solution: Upgrade to >=4.1.3
--ignore RUSTSEC-2024-0344

# Crate: tonic
# Version: 0.9.2
# Title: Remotely exploitable Denial of Service in Tonic
# Date: 2024-10-01
# ID: RUSTSEC-2024-0376
# URL: https://rustsec.org/advisories/RUSTSEC-2024-0376
# Solution: Upgrade to >=0.12.3
--ignore RUSTSEC-2024-0376
)
scripts/cargo-for-all-lock-files.sh audit "${cargo_audit_ignores[@]}" | $dep_tree_filter
# we want the `cargo audit` exit code, not `$dep_tree_filter`'s
Expand Down

0 comments on commit a046dc6

Please sign in to comment.