From 1110d1e76350289902d3b60978a1e340d6bd698d Mon Sep 17 00:00:00 2001
From: Jesse Szwedko <jesse.szwedko@datadoghq.com>
Date: Wed, 2 Oct 2024 08:20:12 -0700
Subject: [PATCH] chore(deps): Add exception for RUSTSEC-2024-0376

Since we can't upgrade to tonic v12 yet due to https://github.com/vectordotdev/vector/issues/19179.

Signed-off-by: Jesse Szwedko <jesse.szwedko@datadoghq.com>
---
 deny.toml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/deny.toml b/deny.toml
index 11ac3e5efba6e..2696c97cc6589 100644
--- a/deny.toml
+++ b/deny.toml
@@ -42,5 +42,10 @@ ignore = [
     # Vulnerability in `rsa` crate: https://rustsec.org/advisories/RUSTSEC-2023-0071.html
     # There is not fix available yet.
     # https://github.com/vectordotdev/vector/issues/19262
-    "RUSTSEC-2023-0071"
+    "RUSTSEC-2023-0071",
+
+    # Vulnerability in `tonic` crate: https://rustsec.org/advisories/RUSTSEC-2024-0376
+    # There is a fixed version (v0.12.3) but we are blocked from upgrading to `http` v1, which
+    # `tonic` v0.12 depends on. See https://github.com/vectordotdev/vector/issues/19179
+    "RUSTSEC-2024-0376",
 ]