Skip to content

cargo_audit: Add an exception for RUSTSEC-2022-0093.

Nick Mathewson requested to merge nickm/arti:cargo_audit_2022_0093 into main

This is the API deficiency in ed25519-dalek v1 that allows you to mismatch public and private keys, leading to a (fatal) double-signing attack. We have worked around this in our current design, so it's appropriate to suppress this warning for now.

Merge request reports

Loading