Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Silence RUSTSEC-2024-0436 - paste is unmaintained #7790

Merged
merged 1 commit into from
Mar 11, 2025
Merged

Silence RUSTSEC-2024-0436 - paste is unmaintained #7790

merged 1 commit into from
Mar 11, 2025

Conversation

MarkusPettersson98
Copy link
Contributor

@MarkusPettersson98 MarkusPettersson98 commented Mar 10, 2025
edited by faern
Loading

This PR silences RUSTSEC-2024-0436 - paste is unmaintained. We currently depend on paste through htmlize, and currently there is no patch or way to opt out of paste as a transitive dependency in this case. There is no reason to believe that paste is affected by any vulnerability, so (as I see it) there is no rush to get rid of it. As such, I chose to silence the CVE for now.

This change is Reviewable

@MarkusPettersson98 MarkusPettersson98 changed the title Silence RUSTSEC-2024-0436 Silence RUSTSEC-2024-0436 - paste is unmaintained Mar 10, 2025
@MarkusPettersson98 MarkusPettersson98 marked this pull request as ready for review March 10, 2025 14:50
@MarkusPettersson98 MarkusPettersson98 force-pushed the silence-RUSTSEC-2024-0436 branch from 3d34ac1 to 2295ecc Compare March 11, 2025 09:57
@MarkusPettersson98 MarkusPettersson98 force-pushed the silence-RUSTSEC-2024-0436 branch 2 times, most recently from 4fe775a to 9b73c50 Compare March 11, 2025 10:06
faern
faern approved these changes Mar 11, 2025
View reviewed changes
Copy link
Member

@faern faern left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 1 of 1 files at r1, 1 of 1 files at r2, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved

@MarkusPettersson98 MarkusPettersson98 force-pushed the silence-RUSTSEC-2024-0436 branch from 9b73c50 to a8f2884 Compare March 11, 2025 11:03
@MarkusPettersson98 MarkusPettersson98 merged commit f85d5b3 into main Mar 11, 2025
22 of 23 checks passed
@MarkusPettersson98 MarkusPettersson98 deleted the silence-RUSTSEC-2024-0436 branch March 11, 2025 11:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@faern faern faern approved these changes

@raksooo raksooo Awaiting requested review from raksooo raksooo is a code owner

@pinkisemils pinkisemils Awaiting requested review from pinkisemils pinkisemils is a code owner

@albin-mullvad albin-mullvad Awaiting requested review from albin-mullvad albin-mullvad is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MarkusPettersson98 @faern