From 400cd9da83ae45440abae1aff6f16c44c77420e0 Mon Sep 17 00:00:00 2001
From: Fraser Hutchison <190532+Fraser999@users.noreply.github.com>
Date: Mon, 20 Apr 2026 11:01:00 +0100
Subject: [PATCH] handle new cargo audit warning

---
 .cargo/audit.toml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.cargo/audit.toml b/.cargo/audit.toml
index 39b3401..8245039 100644
--- a/.cargo/audit.toml
+++ b/.cargo/audit.toml
@@ -16,4 +16,8 @@ ignore = [
     # logger calls `rand::rng()` during reseeding. Our 0.8.5 (transitive via alloy-consensus)
     # has neither feature enabled; our 0.9.4 is already patched.
     "RUSTSEC-2026-0097",
+
+    # `rsa` Marvin Attack; transitive dep via `sqlx-macros-core` -> `sqlx-mysql`. The `mysql`
+    # feature is not enabled, so `sqlx-mysql` is never compiled — it only appears in Cargo.lock.
+    "RUSTSEC-2023-0071",
 ]