fix: ignore a few RUSTSECs

[hanabi1224]

Summary of changes

To fix cargo deny check advisories failures.

Changes introduced in this pull request:

Reference issue to close (if applicable)

Closes #6179

Other information and links

Change checklist

• I have performed a self-review of my own code,
• I have made corresponding changes to the documentation. All new code adheres to the team's documentation standards,
• I have added tests that prove my fix is effective or that my feature works (if possible),
• I have made sure the CHANGELOG is up-to-date. All user-facing changes should be reflected in this document.

Summary by CodeRabbit

• Chores
  • Updated dependency security advisory configuration to suppress six additional known advisories in the project's security tooling.

[coderabbitai]

Walkthrough

Adds six RUSTSEC advisory identifiers to the ignore list in deny.toml. No structural changes are introduced. These advisories are now suppressed from dependency security checks.

Changes

Cohort / File(s)	Summary
Security advisory suppression deny.toml	Added six RUSTSEC advisory IDs to the ignore array: RUSTSEC-2025-0098, RUSTSEC-2025-0104, RUSTSEC-2025-0074, RUSTSEC-2025-0075, RUSTSEC-2025-0080, and RUSTSEC-2025-0081

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• chore: suppress RUSTSEC-2025-0046 #5852: Previously added RUSTSEC-2025-0046 to the same deny.toml ignore list for dependency security advisory suppression.

Suggested reviewers

• elmattic
• akaladarshi
• sudo-shashank

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The PR title "fix: ignore a few RUSTSECs" directly and accurately describes the primary change in the changeset. The title clearly captures that the PR adds a small number of RUSTSEC advisories to the ignore list in deny.toml. The title is concise, specific, and sufficiently descriptive for a teammate scanning history to understand the main change without ambiguity.
Linked Issues Check	✅ Passed	The linked issue #6179 requests investigation and resolution of a cargo deny check advisories failure. The PR directly addresses this objective by adding six RUSTSEC advisories to the ignore list in deny.toml, which is a standard approach to resolving such failures. The author has presumably identified these specific advisories from the CI logs referenced in the issue, and the code changes directly resolve the automated failure requirement.
Out of Scope Changes Check	✅ Passed	All changes in this PR are narrowly scoped and directly related to resolving the linked issue. The only modification is to deny.toml, adding RUSTSEC advisories to the ignore list with no unrelated changes to other files or components. The PR contains no structural or behavioral changes beyond what is required to address the cargo deny check advisories failure.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch hm/ignore-rustsecs

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

deny.toml (1)

10-15: Consider consolidating the repetitive comment.

All six entries share identical rationale. You could consolidate them with a single comment to reduce duplication, though individual comments do provide clarity on which advisory maps to which entry.

Suggested consolidation approach (optional):

-  "RUSTSEC-2025-0098", # All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained.
-  "RUSTSEC-2025-0104", # All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained.
-  "RUSTSEC-2025-0074", # All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained.
-  "RUSTSEC-2025-0075", # All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained.
-  "RUSTSEC-2025-0080", # All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained.
-  "RUSTSEC-2025-0081", # All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained.
+  # All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained.
+  "RUSTSEC-2025-0098",
+  "RUSTSEC-2025-0104",
+  "RUSTSEC-2025-0074",
+  "RUSTSEC-2025-0075",
+  "RUSTSEC-2025-0080",
+  "RUSTSEC-2025-0081",

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 49658ff and 755fdee.

📒 Files selected for processing (1)

• deny.toml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Build forest binaries on Linux AMD64
• GitHub Check: tests
• GitHub Check: tests-release
• GitHub Check: cargo-publish-dry-run
• GitHub Check: Build Ubuntu
• GitHub Check: Build MacOS
• GitHub Check: All lint checks

🔇 Additional comments (1)

deny.toml (1)

10-15: RUSTSEC identifiers verified as legitimate and correctly mapped to rust-unic crates.

All six advisories (RUSTSEC-2025-0098, RUSTSEC-2025-0104, RUSTSEC-2025-0074, RUSTSEC-2025-0075, RUSTSEC-2025-0080, RUSTSEC-2025-0081) correctly correspond to unmaintained Unicode crates that are part of the rust-unic project. The suppressions are appropriate for informational advisories about unmaintained crates, which cannot be remediated through upstream updates. The identical justification comment is accurate and the changes align with the documented motivation.

[LesnyRumcajs]

Hopefully, we can remove the ignores (at least some of them) once Keats/tera#978 is resolved and a new version is released. I believe it's the only package we depend on directly that uses those unmaintained crates.