[advisories]

# Deny yanked crates to catch supply chain issues early.
yanked = "deny"
# Emulate cargo-audit which only checks vulnerabilities and yanked crates, not unmaintained/unsound.
unmaintained = "none"
unsound = "none"

# Ignore proc-macro-error unmaintained warning
# See: https://github.com/aaif-goose/goose/issues/7008
ignore = [
    "RUSTSEC-2023-0071",  # rsa: Marvin Attack timing sidechannel (no safe upgrade available, via jsonwebtoken)
]