Skip to content

Commit

Permalink
Ignore RUSTSEC-2024-0358 (#18779)
Browse files Browse the repository at this point in the history 
## Description 

This specific vulnerability does not seem to impact Sui. Upgrading the
affect package involves upgrading dependencies which will take more
time.

## Test plan 

CI

---

## Release notes

Check each box that your changes affect. If none of the boxes relate to
your changes, release notes aren't required.

For each box you select, include information after the relevant heading
that describes the impact of your changes that a user might notice and
any actions they must take to implement updates.

- [ ] Protocol: 
- [ ] Nodes (Validators and Full nodes): 
- [ ] Indexer: 
- [ ] JSON-RPC: 
- [ ] GraphQL: 
- [ ] CLI: 
- [ ] Rust SDK:
- [ ] REST API:
  • Loading branch information
@mwtian
mwtian authored Jul 24, 2024
1 parent 8169f05 commit ce374df
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions deny.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,9 @@ ignore = [
"RUSTSEC-2023-0052",
# we don't do RSA signing on Sui (only verifying for zklogin)
"RUSTSEC-2023-0071",
# Sui does not use object_store with authentication.
# Upgrade to object_store >= 10.2 to fix.
"RUSTSEC-2024-0358",
# A few dependencies use unpatched rustls.
"RUSTSEC-2024-0336",
]
Expand Down

0 comments on commit ce374df

Please sign in to comment.