data-modelling-sdk 2.4.0

Shared SDK for model operations across platforms (API, WASM, Native)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

# Cargo audit configuration
# This file allows specific advisories that are acceptable for this project

# Allow unmaintained warnings for transitive dependencies
# These are acceptable because:
# 1. They come from optional feature-gated dependencies (imageproc, datafusion)
# 2. They are unmaintained warnings, not security vulnerabilities
# 3. The crates are still functional and widely used

[advisories]
# custom_derive - transitive via imageproc (png-export feature)
# This is an unmaintained warning, not a security issue
allow = [
    "RUSTSEC-2025-0058",  # custom_derive unmaintained
    "RUSTSEC-2024-0436",  # paste unmaintained (via datafusion and imageproc)
    "RUSTSEC-2021-0140",  # rusttype unmaintained (via imageproc)
    "RUSTSEC-2024-0320",  # yaml-rust unmaintained (direct dependency)
    "RUSTSEC-2025-0119",  # number_prefix unmaintained (via indicatif)
    "RUSTSEC-2026-0002",  # lru unsound (via aws-sdk-s3, not triggered in practice)
    "RUSTSEC-2026-0007",  # bytes integer overflow - upgrade blocked by transitive deps (iceberg, reqwest)
    "RUSTSEC-2026-0008",  # git2 unsound Buf deref (upgrade blocked by libgit2)
    "RUSTSEC-2026-0009",  # time DoS via stack exhaustion - upgrade blocked by transitive deps
]

# Only deny actual security vulnerabilities, not unmaintained warnings
deny = []