Skip to content

Commit

Permalink
Merge #3098
Browse files Browse the repository at this point in the history 
3098: chore: ignore RUSTSEC-2020-0071 and upgrade two yanked crates r=quake,driftluo a=yangby-cryptape

### What problem does this PR solve?

CI was failed on security audit.

Problem Summary:

- [RUSTSEC-2020-0071](https://rustsec.org/advisories/RUSTSEC-2020-0071)

  It difficult to fix that issue in our repository, so we have to wait for upstream to fix that (`chrono`).

  Just ignore it temporarily.

- `digest v0.8.0` is yanked

- `pin-project-lite v0.2.4` is yanked

### Check List

Tests
- No code (skip ci)

### Release note

```release-note
Title Only: Include only the PR title in the release note.
```



Co-authored-by: Boyu Yang <[email protected]>
  • Loading branch information
@bors @yangby-cryptape
bors[bot] and yangby-cryptape authored Oct 18, 2021
2 parents 40877df + 95d9587 commit 45572a8
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 6 deletions.
10 changes: 5 additions & 5 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 4 additions & 1 deletion deny.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,10 @@ vulnerability = "deny"
unmaintained = "warn"
yanked = "deny"
notice = "deny"
ignore = []
ignore = [
# TODO Potential segfault in the time crate; waiting for the fix from upstream (chrono)
"RUSTSEC-2020-0071"
]

[licenses]
unlicensed = "deny"
Expand Down

0 comments on commit 45572a8

Please sign in to comment.