From 7d4620d9307cd694074e1410db53a0e3179aec98 Mon Sep 17 00:00:00 2001
From: toidiu <apoorv@toidiu.com>
Date: Mon, 4 Nov 2024 15:12:27 -0800
Subject: [PATCH] chore: update cargo audit (#2366)

---
 .cargo/audit.toml                  | 15 +++++++++++++++
 .github/workflows/dependencies.yml | 16 +++++++++++++++-
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 .cargo/audit.toml

diff --git a/.cargo/audit.toml b/.cargo/audit.toml
new file mode 100644
index 0000000000..23df0242d7
--- /dev/null
+++ b/.cargo/audit.toml
@@ -0,0 +1,15 @@
+[advisories]
+ignore = [
+  # `atty` is a dependency of `structopt` and only used in s2n-quic-qns and s2n-quic-sim
+  # https://github.com/aws/s2n-quic/issues/2324
+  "RUSTSEC-2021-0145",
+  # `atty` is a dependency of `structopt` and only used in s2n-quic-qns and s2n-quic-sim
+  # https://github.com/aws/s2n-quic/issues/2324
+  "RUSTSEC-2024-0375",
+  # ` proc-macro-error` is a dependency of `structopt` and only used in s2n-quic-qns and s2n-quic-sim
+  # https://github.com/aws/s2n-quic/issues/2324
+  "RUSTSEC-2024-0370",
+  # `ansi_term` is a dependency of `structopt` and only used in s2n-quic-qns and s2n-quic-sim
+  # https://github.com/aws/s2n-quic/issues/2324
+  "RUSTSEC-2021-0139"
+]
diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml
index 102d82d734..2e27f2247d 100644
--- a/.github/workflows/dependencies.yml
+++ b/.github/workflows/dependencies.yml
@@ -28,7 +28,21 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: rustsec/audit-check@v1.4.1
+        with:
+          submodules: true
+
+      - name: Install rust toolchain
+        id: toolchain
+        run: |
+          rustup toolchain install stable --profile minimal
+          rustup override set stable
+
+      - uses: camshaft/rust-cache@v1
+
+      - name: Run cargo build
+        run: cargo build
+
+      - uses: rustsec/audit-check@v2.0.0
         with:
           token: ${{ secrets.GITHUB_TOKEN }}