Ignore RUSTSEC-2022-0054 caused by wee_alloc.

cspr-rad · Jun 12, 2024 · c699cc9 · c699cc9
1 parent 3bfbcdf
commit c699cc9
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/flake.nix b/flake.nix
@@ -189,6 +189,10 @@
             kairos-contracts-audit = craneLib.cargoAudit {
               inherit (kairosContractsAttrs) src;
               advisory-db = inputs.advisory-db;
+              # Default values from https://crane.dev/API.html?highlight=cargoAudit#cranelibcargoaudit
+              # FIXME --ignore RUSTSEC-2022-0093 ignores ed25519-dalek 1.0.1 vulnerability caused by introducing casper-client 2.0.0
+              # FIXME --ignore RUSTSEC-2022-0054 wee_alloc is Unmaintained caused by introducing casper-contract
+              cargoAuditExtraArgs = "--ignore yanked --deny warnings --ignore RUSTSEC-2022-0093 --ignore RUSTSEC-2022-0054";
             };
           };