From 0cd63db706a951d464e43705a28094247d23f084 Mon Sep 17 00:00:00 2001
From: David Runge <dvzrv@archlinux.org>
Date: Sat, 22 Feb 2025 12:14:20 +0100
Subject: [PATCH] chore(deny.toml): Ignore `RUSTSEC-2025-0007` (for now)

Fixes: https://gitlab.archlinux.org/archlinux/signstar/-/issues/151
Signed-off-by: David Runge <dvzrv@archlinux.org>
---
 deny.toml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/deny.toml b/deny.toml
index 8699ce3f..0789e88d 100644
--- a/deny.toml
+++ b/deny.toml
@@ -4,6 +4,11 @@ yanked = "deny"
 ignore = [
   "RUSTSEC-2023-0071",  # side-channel attacks are not relevant for our use-case (only used in tests)
   "RUSTSEC-2023-0050",  # nethsm-sdk-rs uses unmaintained multipart until something else becomes available: https://github.com/Nitrokey/nethsm-sdk-rs/issues/29
+  # The ring crate is unmaintained.
+  # Via nethsm-sdk-rs->ureq->ring we currently have to rely on it.
+  # Ureq is working on adapting its use of rustls: https://github.com/algesten/ureq/issues/1013
+  # A new nethsm-sdk-rs needs releasing (support for ureq>3 already present in default branch).
+  "RUSTSEC-2025-0007",
 ]
 
 [bans]
-- 
GitLab