merge #13716

risingwavelabs · Nov 29, 2023 · bf5e130 · bf5e130
1 parent 3f12bf0
commit bf5e130
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/.cargo/audit.toml b/.cargo/audit.toml
@@ -9,4 +9,11 @@ ignore = [
     # `chrono` also suffers from a similar vulnerability ([`RUSTSEC-2020-0159`](https://rustsec.org/advisories/RUSTSEC-2020-0159),
     # but it's already patched in `0.4.20` by rewriting vulnerable C function in Rust).
     "RUSTSEC-2020-0071",
+
+    # https://github.com/risingwavelabs/risingwave/issues/11842
+    "RUSTSEC-2023-0052",
+
+    # https://github.com/risingwavelabs/risingwave/issues/13703
+    # It's impossible to get rid of OpenSSL (or more accurately, the `rsa` crate), and no patch is yet available.
+    "RUSTSEC-2023-0071",
 ]
diff --git a/ci/scripts/misc-check-cron.sh b/ci/scripts/misc-check-cron.sh
@@ -5,9 +5,5 @@ set -euo pipefail
 
 source ci/scripts/common.sh
 
-# RUSTSEC-2023-0052: https://github.com/risingwavelabs/risingwave/issues/11842
-# RUSTSEC-2023-0071 https://github.com/risingwavelabs/risingwave/issues/13703
 echo "--- Run audit check"
-cargo audit \
-  --ignore RUSTSEC-2023-0052 \
-  --ignore RUSTSEC-2023-0071
+cargo audit