From cc6296b1faca607f21e78fa0f983aa443aace587 Mon Sep 17 00:00:00 2001
From: Tyera Eulberg <tyera@solana.com>
Date: Mon, 9 Aug 2021 10:22:57 -0600
Subject: [PATCH] Add audit ignores

---
 ci/do-audit.sh | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/ci/do-audit.sh b/ci/do-audit.sh
index b6c1b86be1..1b66e6d552 100755
--- a/ci/do-audit.sh
+++ b/ci/do-audit.sh
@@ -39,5 +39,23 @@ cargo_audit_ignores=(
   # https://github.com/paritytech/libsecp256k1/issues/66
   --ignore RUSTSEC-2020-0146
 
+  # hyper: Lenient `hyper` header parsing of `Content-Length` could allow request smuggling
+  #
+  # Blocked on jsonrpc removing dependency on unmaintained `websocket`
+  # https://github.com/paritytech/jsonrpc/issues/605
+  --ignore RUSTSEC-2021-0078
+
+  # hyper: Integer overflow in `hyper`'s parsing of the `Transfer-Encoding` header leads to data loss
+  #
+  # Blocked on jsonrpc removing dependency on unmaintained `websocket`
+  # https://github.com/paritytech/jsonrpc/issues/605
+  --ignore RUSTSEC-2021-0079
+
+  # tar: Links in archive can create arbitrary directories
+  #
+  # Blocked on `tar` releasing safe upgrade
+  # https://github.com/alexcrichton/tar-rs/issues/238
+  --ignore RUSTSEC-2021-0080
+
 )
 scripts/cargo-for-all-lock-files.sh stable audit "${cargo_audit_ignores[@]}"