From 109e0683cd51daa47165032b9f7c1d8ee8672dff Mon Sep 17 00:00:00 2001 From: Erick Bourgeois Date: Tue, 30 Jun 2026 08:23:17 -0400 Subject: [PATCH] =?UTF-8?q?RUSTSEC-2026-0190=20is=20cleared=20by=20the=20a?= =?UTF-8?q?nyhow=201.0.102=20=E2=86=92=201.0.103=20bump?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Erick Bourgeois --- .cargo/audit.toml | 9 --------- deny.toml | 8 +------- 2 files changed, 1 insertion(+), 16 deletions(-) diff --git a/.cargo/audit.toml b/.cargo/audit.toml index 2a39b72..345325a 100644 --- a/.cargo/audit.toml +++ b/.cargo/audit.toml @@ -12,13 +12,4 @@ ignore = [ # 2. Calls rand::rng() from within that logger # Neither condition applies to 5-spot. "RUSTSEC-2026-0097", - - # RUSTSEC-2026-0173: proc-macro-error2 is UNMAINTAINED (a maintenance-status - # advisory, not a vulnerability — no known exploit). It is a build-time proc-macro - # pulled transitively via jiff 0.2.29 -> defmt -> defmt-macros, and defmt is jiff's - # OPTIONAL embedded (no_std) feature: `cargo tree -e features -i defmt` reports - # "nothing to print" for the host target, so proc-macro-error2 is never compiled - # into the 5-Spot binary — it exists only as a Cargo.lock entry. Removal awaits - # upstream (kube bumping jiff, or defmt-macros dropping proc-macro-error2). - "RUSTSEC-2026-0173", ] diff --git a/deny.toml b/deny.toml index fd6b3ab..1361a12 100644 --- a/deny.toml +++ b/deny.toml @@ -43,13 +43,7 @@ name = "unicode-ident" [advisories] version = 2 yanked = "deny" -ignore = [ - # See .cargo/audit.toml for the full justification. proc-macro-error2 is - # UNMAINTAINED (not a vulnerability), reached only via jiff's optional `defmt` - # feature which is never compiled for the host target — kept in sync with - # .cargo/audit.toml so `cargo deny` and `cargo audit` agree. - "RUSTSEC-2026-0173", -] +ignore = [] # ───────────────────────────────────────────────────────────────────────────── # Bans — prevent multiple versions of the same crate and wildcard deps.