From dc2567aaaeb8fa60e9e2c15250937a15b45a99ba Mon Sep 17 00:00:00 2001 From: Stacky McStackface Date: Fri, 13 Feb 2026 11:05:18 +0000 Subject: [PATCH] chore: Generated commit to update templated files since the last template run up to stackabletech/operator-templating@7dffd3cfddd8ddb67d0238004b9096feb029a072 Reference-to: stackabletech/operator-templating@7dffd3c (chore: Allow RUSTSEC-2024-0436 and github.com/kube-rs/kube-rs) --- .gitignore | 1 + deny.toml | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/.gitignore b/.gitignore index 2dbc7ab0..696bc411 100644 --- a/.gitignore +++ b/.gitignore @@ -13,6 +13,7 @@ result image.tar tilt_options.json +.values.yaml .direnv/ .direnvrc diff --git a/deny.toml b/deny.toml index d02a12f4..8ec7e452 100644 --- a/deny.toml +++ b/deny.toml @@ -24,6 +24,20 @@ ignore = [ # # https://github.com/RustCrypto/RSA/issues/19 is the tracking issue "RUSTSEC-2023-0071", + + # https://rustsec.org/advisories/RUSTSEC-2024-0436 + # The "paste" crate is no longer maintained because the owner states that the implementation is + # finished. There are at least two (forked) alternatives which state to be maintained. They'd + # need to be vetted before a potential switch. Additionally, they'd need to be in a maintained + # state for a couple of years to provide any benefit over using "paste". + # + # This crate is only used in a single place in the xtask package inside the declarative + # "write_crd" macro. The impact of vulnerabilities, if any, should be fairly minimal. + # + # See thread: https://users.rust-lang.org/t/paste-alternatives/126787/4 + # + # This can only be removed again if we decide to use a different crate. + "RUSTSEC-2024-0436", ] [bans] @@ -67,6 +81,9 @@ license-files = [ [sources] unknown-registry = "deny" unknown-git = "deny" +allow-git = [ + "https://github.com/kube-rs/kube-rs", +] [sources.allow-org] github = ["stackabletech"]