mirrors/gst-plugins-rs
mirrors/gst-plugins-rs
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs.git synced 2024-06-11 02:39:22 +00:00
Code Issues Projects Releases Wiki Activity

deny.toml: don't ignore RUSTSEC-2021-0124

Browse source 
This advisory was ignored because we couldn't use a version for
the tokio fork that reflected that it was not vulnerable.

Also remove the tokio fork as an allowed git since we now use
our own executor for threadshare.
This commit is contained in:
François Laignel 2021-12-14 19:52:46 +01:00 committed by Sebastian Dröge
parent 6163589ac7
commit 21d41ca244
1 changed files with 0 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
deny.toml
View file

@ -8,14 +8,6 @@ ignore = [
# Waiting for https://github.com/chronotope/chrono/pull/578
"RUSTSEC-2020-0071",
"RUSTSEC-2020-0159",
# Temporarily ignore: vulnerability handled as part of
# https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs/-/merge_requests/602
# and
# https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs/-/merge_requests/603
# but the tokio fork used in threadshare is based on an earlier version
# which prevents cargo-deny from assuming that the vulnerability is fixed.
# See https://gitlab.freedesktop.org/gstreamer/gst-plugins-rs/-/merge_requests/604
"RUSTSEC-2021-0124",
]
[licenses]
@ -170,7 +162,6 @@ allow-git = [
"https://gitlab.freedesktop.org/gstreamer/gstreamer-rs",
"https://github.com/gtk-rs/gtk-rs-core",
"https://github.com/gtk-rs/gtk4-rs",
"https://github.com/fengalin/tokio",
"https://github.com/rust-av/ffv1",
"https://github.com/rust-av/flavors",
]