Merge pull request #898 from flavio/update-cargo-audit

chore: update cargo audit ignore list
kubewarden · Sep 6, 2024 · 4b2a47d · 4b2a47d
2 parents 16943d3 + 229ea74
commit 4b2a47d
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/.cargo/audit.toml b/.cargo/audit.toml
@@ -17,4 +17,6 @@ ignore = [
   "RUSTSEC-2023-0071", # "Classic" RSA timing sidechannel attack from non-constant-time implementation.
   # Okay for local use.
   # https://rustsec.org/advisories/RUSTSEC-2023-0071.html
+  "RUSTSEC-2024-0370", # This is a warning about `proc-macro-errors` being unmaintained. It's a transitive dependency of `sigstore` and `oci-spec`.
+  "RUSTSEC-2023-0055", # This is a warning about `lexical` having multiple soundness issues. It's a transitive dependency of `sigstore`.
 ]