cargo audit: ignore RUSTSEC-2023-0071 #321
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Jack Leightcap <[email protected]>
woodruffw
reviewed
Jan 2, 2024
oops, thanks! Co-authored-by: William Woodruff <[email protected]> Signed-off-by: Jack Leightcap <[email protected]>
woodruffw
approved these changes
Jan 2, 2024
viccuad
reviewed
Jan 3, 2024
viccuad
previously approved these changes
Jan 3, 2024
Signed-off-by: Jack Leightcap <[email protected]>
woodruffw
approved these changes
Jan 3, 2024
viccuad
approved these changes
Jan 4, 2024
flavio
added a commit
to flavio/sigstore-rs
that referenced
this pull request
Mar 27, 2024
== What's Changed * sign: init by @jleightcap in sigstore#310 * cargo audit: ignore RUSTSEC-2023-0071 by @jleightcap in sigstore#321 * chore(deps): Update json-syntax requirement from 0.9.6 to 0.10.0 by @dependabot in sigstore#319 * chore(deps): Update cached requirement from 0.46.0 to 0.47.0 by @dependabot in sigstore#323 * chore(deps): Update serial_test requirement from 2.0.0 to 3.0.0 by @dependabot in sigstore#322 * dep: update rustls-webpki, fold in pki_types by @jleightcap in sigstore#324 * chore(deps): Update cached requirement from 0.47.0 to 0.48.0 by @dependabot in sigstore#325 * chore(deps): Update json-syntax requirement from 0.10.0 to 0.11.1 by @dependabot in sigstore#327 * chore(deps): Update cached requirement from 0.48.0 to 0.49.2 by @dependabot in sigstore#329 * chore(deps): Update json-syntax requirement from 0.11.1 to 0.12.2 by @dependabot in sigstore#330 * lint: fix lint error of chrono and tokio by @Xynnn007 in sigstore#334 * chore(deps): Update base64 requirement from 0.21.0 to 0.22.0 by @dependabot in sigstore#332 * The `Repository` trait and `ManualRepository` struct no longer require a feature flag by @tannaurus in sigstore#331 * chore(deps): Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in sigstore#336 * chore(deps): Update reqwest requirement from 0.11 to 0.12 by @dependabot in sigstore#341 * update tough dep by @astoycos in sigstore#340 == New Contributors * @tannaurus made their first contribution in sigstore#331 * @astoycos made their first contribution in sigstore#340 **Full Changelog**: sigstore/sigstore-rs@v0.8.0...v0.9.0 Signed-off-by: Flavio Castelli <[email protected]>
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Current
cargo auditworkflow is failing due to RSA timing sidechannel attack. Not relevant for this use (and to be refactored in #307), so add to.cargo/audit.tomlignorelist with rationale.(CC @woodruffw)