diff --git a/ci/do-audit.sh b/ci/do-audit.sh index d60ec40cd93e3f..406129a97e5172 100755 --- a/ci/do-audit.sh +++ b/ci/do-audit.sh @@ -59,6 +59,17 @@ cargo_audit_ignores=( # Dependency tree: # rustls 0.23.17 --ignore RUSTSEC-2024-0399 + + # Crate: hashbrown + # Version: 0.15.0 + # Title: Borsh serialization of HashMap is non-canonical + # Date: 2024-10-11 + # ID: RUSTSEC-2024-0402 + # URL: https://rustsec.org/advisories/RUSTSEC-2024-0402 + # Solution: Upgrade to >=0.15.1 + # Dependency tree: + # hashbrown 0.15.0 + --ignore RUSTSEC-2024-0402 ) scripts/cargo-for-all-lock-files.sh audit "${cargo_audit_ignores[@]}" | $dep_tree_filter # we want the `cargo audit` exit code, not `$dep_tree_filter`'s