From da67ce2e0ed51eee594ed9acbed2f32294f6d4b1 Mon Sep 17 00:00:00 2001
From: Fraser Hutchison <190532+Fraser999@users.noreply.github.com>
Date: Thu, 12 Feb 2026 14:01:36 +0000
Subject: [PATCH] ignore false-positive audit warning

---
 .cargo/audit.toml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.cargo/audit.toml b/.cargo/audit.toml
index d6bf58e..6d7bfff 100644
--- a/.cargo/audit.toml
+++ b/.cargo/audit.toml
@@ -11,4 +11,8 @@ ignore = [
 
     # `paste` is unmaintained; transitive dep via revm's `ark-ff` and alloy's `syn-solidity`.
     "RUSTSEC-2024-0436",
+
+    # `rsa` Marvin Attack; transitive dep via `sqlx-macros-core` -> `sqlx-mysql`. The `mysql`
+    # feature is not enabled, so `sqlx-mysql` is never compiled — it only appears in Cargo.lock.
+    "RUSTSEC-2023-0071",
 ]