fix: ignore RUSTSEC-2026-0049 in cargo-audit config

lxsaah · lxsaah · commit f62462234b5d · 2026-03-21T20:46:20.000Z
rustls-webpki 0.102.x has no patch (fix only in 0.103.10+).
Transitive dependency via rumqttc - waiting for upstream fix.
diff --git a/.cargo/audit.toml b/.cargo/audit.toml
@@ -0,0 +1,11 @@
+# cargo-audit configuration
+# See: https://github.com/rustsec/rustsec/blob/main/cargo-audit/audit.toml.example
+
+[advisories]
+# Advisories to ignore (transitive dependencies we can't fix)
+ignore = [
+    # rustls-webpki 0.102.x CRL issue - no patch in 0.102.x line
+    # Transitive via rumqttc, waiting for upstream fix
+    # Low impact: requires compromised CA to exploit
+    "RUSTSEC-2026-0049",
+]
