build: update audit and deny checks

Author: brianheineman

.github/workflows/checks.yml

@@ -22,28 +22,39 @@ jobs:
           toolchain: stable
       - name: Install cargo audit
         run: cargo install cargo-audit
-
-      # Ignoring RUSTSEC-2023-0071 as it only occurs in a dependency used in an example
-      # and is not exploitable in the context of this project.
-      #
-      # Crate:     rsa
-      # Version:   0.9.6
-      # Title:     Marvin Attack: potential key recovery through timing sidechannels
-      # Date:      2023-11-22
-      # ID:        RUSTSEC-2023-0071
-      # URL:       https://rustsec.org/advisories/RUSTSEC-2023-0071
-      # Severity:  5.9 (medium)
-      # Solution:  No fixed upgrade is available!
+      # Crate:     sqlx
+      # Version:   0.8.0
+      # Title:     Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts
+      # error: 1 vulnerability found!
+      # Date:      2024-08-15
+      # ID:        RUSTSEC-2024-0363
+      # URL:       https://rustsec.org/advisories/RUSTSEC-2024-0363
+      # Solution:  Upgrade to >=0.8.1
       # Dependency tree:
-      # rsa 0.9.6
-      # └── sqlx-mysql 0.7.3
-      #     ├── sqlx-macros-core 0.7.3
-      #     │   └── sqlx-macros 0.7.3
-      #     │       └── sqlx 0.7.3
-      #     │           └── sqlx_embedded 0.4.1
-      #     └── sqlx 0.7.3
+      # sqlx 0.8.0
+      # ├── tensor_chord_extension 0.16.1
+      # ├── sqlx_embedded 0.16.1
+      # ├── postgresql_embedded 0.16.1
+      # │   ├── zonky 0.16.1
+      # │   ├── tensor_chord_extension 0.16.1
+      # │   ├── sqlx_embedded 0.16.1
+      # │   ├── postgresql_extensions 0.16.1
+      # │   │   ├── tensor_chord_extension 0.16.1
+      # │   │   ├── portal_corp_extension 0.16.1
+      # │   │   ├── download_progress_bar 0.16.1
+      # │   │   └── axum_embedded 0.16.1
+      # │   ├── postgres_embedded 0.16.1
+      # │   ├── portal_corp_extension 0.16.1
+      # │   ├── embedded_sync 0.16.1
+      # │   ├── embedded_async 0.16.1
+      # │   ├── download_progress_bar 0.16.1
+      # │   └── axum_embedded 0.16.1
+      # ├── portal_corp_extension 0.16.1
+      # ├── pgvector 0.4.0
+      # │   └── portal_corp_extension 0.16.1
+      # └── axum_embedded 0.16.1
       - name: Audit dependencies
-        run: cargo audit --ignore RUSTSEC-2023-0071
+        run: cargo audit --ignore RUSTSEC-2024-0363
 
   check:
     runs-on: ubuntu-22.04

deny.toml

@@ -21,11 +21,16 @@ allow = [
     "BSL-1.0",
     "ISC",
     "MIT",
-    "OpenSSL",
     "PostgreSQL",
     "Unicode-DFS-2016",
 ]
 
+# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html
+[advisories]
+ignore = [
+    "RUSTSEC-2024-0363",
+]
+
 # https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
 [bans]
 multiple-versions = "deny"

postgresql_embedded/src/settings.rs

@@ -135,6 +135,7 @@ impl Settings {
     /// # Errors
     ///
     /// Returns an error if the URL is invalid.
+    #[allow(irrefutable_let_patterns)]
     pub fn from_url<S: AsRef<str>>(url: S) -> Result<Self> {
         let parsed_url = match Url::parse(url.as_ref()) {
             Ok(parsed_url) => parsed_url,