chore: update cargo audit ignore list

flavio · flavio · commit 229ea749b566 · 2024-09-06T09:37:41.000+02:00
A bunch of warnings have popped up. There's nothing we can do about them
and they basically no impact on us.

-  "RUSTSEC-2024-0370":  This is a warning about `proc-macro-errors` being unmaintained. It's a transitive dependency of `sigstore` and `oci-spec`.
-  "RUSTSEC-2023-0055":  This is a warning about `lexical` having multiple soundness issues. It's a transitive dependency of `sigstore`.

Signed-off-by: Flavio Castelli &lt;fcastelli@suse.com&gt;
diff --git a/.cargo/audit.toml b/.cargo/audit.toml
@@ -17,4 +17,6 @@ ignore = [
   "RUSTSEC-2023-0071", # "Classic" RSA timing sidechannel attack from non-constant-time implementation.
   # Okay for local use.
   # https://rustsec.org/advisories/RUSTSEC-2023-0071.html
+  "RUSTSEC-2024-0370", # This is a warning about `proc-macro-errors` being unmaintained. It's a transitive dependency of `sigstore` and `oci-spec`.
+  "RUSTSEC-2023-0055", # This is a warning about `lexical` having multiple soundness issues. It's a transitive dependency of `sigstore`.
 ]

Original file line number	Diff line number	Diff line change
`@@ -17,4 +17,6 @@ ignore = [`
`17`	`17`	`"RUSTSEC-2023-0071", # "Classic" RSA timing sidechannel attack from non-constant-time implementation.`
`18`	`18`	`# Okay for local use.`
`19`	`19`	`# https://rustsec.org/advisories/RUSTSEC-2023-0071.html`
	`20`	+ "RUSTSEC-2024-0370", # This is a warning about `proc-macro-errors` being unmaintained. It's a transitive dependency of `sigstore` and `oci-spec`.
	`21`	+ "RUSTSEC-2023-0055", # This is a warning about `lexical` having multiple soundness issues. It's a transitive dependency of `sigstore`.
`20`	`22`	`]`