From df5b174d5ef02f5220fa7f132ef12e6c5c631851 Mon Sep 17 00:00:00 2001
From: Taku Kodma <79110363+risu729@users.noreply.github.com>
Date: Tue, 9 Jun 2026 06:39:01 +1000
Subject: [PATCH] chore(ci): ignore RUSTSEC-2026-0173 proc-macro-error2
 advisory

cargo deny fails on the new unmaintained advisory for proc-macro-error2,
a transitive dependency with no safe upgrade path yet.
---
 deny.toml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/deny.toml b/deny.toml
index ba05aaf90d..33b6baf1cc 100644
--- a/deny.toml
+++ b/deny.toml
@@ -71,6 +71,7 @@ feature-depth = 1
 # output a note when they are encountered.
 ignore = [
   { id = "RUSTSEC-2024-0370", reason = "proc-macro-error dependency from sigstore crate - no safe upgrade available" },
+  { id = "RUSTSEC-2026-0173", reason = "proc-macro-error2 unmaintained - transitive via age/mlua/tabled/rops, no safe upgrade available" },
   { id = "RUSTSEC-2023-0071", reason = "rsa crate Marvin attack vulnerability from sigstore crate - no safe upgrade available" },
   { id = "RUSTSEC-2025-0119", reason = "number_prefix crate is unmaintained - used by indicatif/self_update, no safe upgrade available" },
   # rustls-webpki 0.102.8 advisories — pulled in transitively by sigstore-tsa