1
0
mirror of https://github.com/Llewellynvdm/starship.git synced 2024-11-24 13:47:38 +00:00

chore: hide warnings for additional known advisories (#3170)

This commit is contained in:
David Knaack 2021-10-21 23:35:08 +02:00 committed by GitHub
parent eb203ebe95
commit d5a5ddf826
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 3 deletions

View File

@ -2,8 +2,17 @@
ignore = [
# difference is unmaintained
# Only used in test code
# Tracked in #2835
"RUSTSEC-2020-0095",
# Out-of-bounds write in nix::unistd::getgrouplist
# Tracked in #3140
"RUSTSEC-2021-0119"
"RUSTSEC-2021-0119",
# Potential segfault in the time crate
# chrono dependency, but vulnerable function is never called
# Tacked in #3163
"RUSTSEC-2020-0071",
# chrono: Potential segfault in localtime_r invocations
# starship avoids setting any environment variables to avoid this issue
# Tracked in #3166
"RUSTSEC-2020-0159",
]

View File

@ -1,2 +1,6 @@
disallowed-methods = [
# std::process::Command::new may inadvertly run executables from the current working directory
disallowed-methods = ["std::process::Command::new"]
"std::process::Command::new",
# Setting environment variables can cause issues with non-rust code
"std::env::set_var"
]