Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

ci: ignore RUSTSEC-2022-0048 

XML parsing lib for the Azure SDK is unmaintained and reportedly
contains integer overflow / panic issues in the parsing functionality.

Low risk ignore as it is used when talking to Azure only. The Azure SDK
is in the progress of being removed as a dependency.
pull/24376/head
Dom Dwyer 2022-08-29 13:47:04 +02:00
parent 1b230d9291
commit 130785977f
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
deny.toml
View File

@ -16,6 +16,11 @@ ignore = [
# why needed: part of `arrow`
# upstream issue: https://github.com/google/flatbuffers/issues/6627
"RUSTSEC-2021-0122",
# title: xml-rs is Unmaintained
# why needed: upstream of Azure SDK, removal in-progress
# upstream issue: many (https://github.com/netvl/xml-rs/issues)
"RUSTSEC-2022-0048",
]
git-fetch-with-cli = true