Skip to content

Commit 0e3a7bd

Browse files
committed
build: Exempt regex-automata 0.4.13
It seems like everyone just decides to trust or exempt this crate. There are a few "safe-to-run" audits but no one really commits to an audit certifying "safe-to-deploy". I'm not content with this, but I definitely need way more time if I'm going to actually audit the whole thing. So for now, an exemption is preferred over "trusting" since it keeps the audit in my backlog. Signed-off-by: hashcatHitman <155700084+hashcatHitman@users.noreply.github.com>
1 parent 96129c1 commit 0e3a7bd

1 file changed

Lines changed: 4 additions & 0 deletions

File tree

supply-chain/config.toml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,3 +20,7 @@ criteria = "safe-to-deploy"
2020
[[exemptions.memchr]]
2121
version = "2.7.6"
2222
criteria = "safe-to-deploy"
23+
24+
[[exemptions.regex-automata]]
25+
version = "0.4.13"
26+
criteria = "safe-to-deploy"

0 commit comments

Comments
 (0)