From 779e39c4061aae3c93f0c2a64928cf6195ade944 Mon Sep 17 00:00:00 2001
From: Boog900 <54e72d8a-345f-4599-bd90-c6b9bc7d0ec5@aleeas.com>
Date: Fri, 1 Nov 2024 23:43:51 +0000
Subject: [PATCH] add a comment

---
 deny.toml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/deny.toml b/deny.toml
index 1e84da052..e54d11615 100644
--- a/deny.toml
+++ b/deny.toml
@@ -81,7 +81,9 @@ ignore = [
     #{ id = "RUSTSEC-0000-0000", reason = "you can specify a reason the advisory is ignored" },
     #"a-crate-that-is-yanked@0.1.1", # you can also ignore yanked crate versions if you wish
     #{ crate = "a-crate-that-is-yanked@0.1.1", reason = "you can specify why you are ignoring the yanked crate" },
-    { id = "RUSTSEC-2024-0370", reason = "you can specify a reason the advisory is ignored" }
+
+    # TODO: check this is sorted before a beta release.
+    { id = "RUSTSEC-2024-0370", reason = "unmaintained crate, not necessarily vulnerable yet." }
 ]
 # If this is true, then cargo deny will use the git executable to fetch advisory database.
 # If this is false, then it uses a built-in git library.