remove resolved audit ignores

rust-lang · Feb 22, 2025 · fb5300b · fb5300b
1 parent 8cbb634
commit fb5300b
Showing 1 changed file with 1 addition and 14 deletions.
diff --git a/.cargo/audit.toml b/.cargo/audit.toml
@@ -1,23 +1,10 @@
 [advisories]
 ignore = [
-    "RUSTSEC-2023-0018", # rustwide -> remove_dir_all,TOCTOU / Race Condition 
-    # https://github.com/rust-lang/docs.rs/issues/2074
-
-    "RUSTSEC-2023-0071", # potential key recovery through timing sidechannels
-
-    "RUSTSEC-2024-0013", # Memory corruption, denial of service, and arbitrary code execution in libgit2
-    # https://github.com/rust-lang/docs.rs/issues/2414
+    "RUSTSEC-2023-0071", # rsa: potential key recovery through timing sidechannels
 
     "RUSTSEC-2024-0320", # yaml-rust is unmaintained. 
     # https://github.com/rust-lang/docs.rs/issues/2469
 
-    "RUSTSEC-2024-0363", # sqlx, Binary Protocol Misinterpretation caused by Truncating or Overflowing Cast
-    # https://github.com/rust-lang/docs.rs/issues/2588
-    # SECURITY: 
-    # We have plenty of places where user input ends up in sql, for example the inner doc path for doc pages, crate names etc.
-    # But in all these places, the user content is part of the path of the URL.
-    # Since URL length is limited by cloudfront, and also by nginx, to something much smaller than 4 GiB, I don't think this issue affects us.
-
     "RUSTSEC-2024-0370", # proc-macro-error is unmaintained
     # https://github.com/rust-lang/docs.rs/issues/2595