diff --git a/.github/workflows/rust-cargo-deny.yml b/.github/workflows/rust-cargo-deny.yml index 25a9fa0fe0..e695e44ad0 100644 --- a/.github/workflows/rust-cargo-deny.yml +++ b/.github/workflows/rust-cargo-deny.yml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@v4 - name: Run cargo-deny - uses: EmbarkStudios/cargo-deny-action@v2.0.4 + uses: EmbarkStudios/cargo-deny-action@v2.0.15 with: manifest-path: ./rust/Cargo.toml command: check ${{ matrix.checks }} diff --git a/rust/deny.toml b/rust/deny.toml index 279639ba52..538cb61374 100644 --- a/rust/deny.toml +++ b/rust/deny.toml @@ -13,6 +13,13 @@ ignore = [ "RUSTSEC-2024-0384", "RUSTSEC-2024-0388", "RUSTSEC-2022-0080", + "RUSTSEC-2025-0141", # bincode unmaintained (via uniffi) + "RUSTSEC-2025-0057", # fxhash unmaintained (via sled) + "RUSTSEC-2025-0119", # number_prefix unmaintained (via indicatif) + "RUSTSEC-2024-0436", # paste unmaintained (via substrate/uniffi) + "RUSTSEC-2025-0009", # ring AES panic (via rustls; upgrade when jsonrpsee/rustls allow) + "RUSTSEC-2025-0134", # rustls-pemfile unmaintained (via rustls-native-certs) + "RUSTSEC-2025-0055", # tracing-subscriber ANSI injection (via substrate sp-tracing) ] [licenses]