From 880df98a28268e99af323b6f2f815e778df6453c Mon Sep 17 00:00:00 2001
From: Fraser Hutchison <190532+Fraser999@users.noreply.github.com>
Date: Tue, 14 Apr 2026 18:26:02 +0100
Subject: [PATCH] ignore new cargo audit warning

---
 .cargo/audit.toml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.cargo/audit.toml b/.cargo/audit.toml
index 6d7bfff..3d57d75 100644
--- a/.cargo/audit.toml
+++ b/.cargo/audit.toml
@@ -15,4 +15,9 @@ ignore = [
     # `rsa` Marvin Attack; transitive dep via `sqlx-macros-core` -> `sqlx-mysql`. The `mysql`
     # feature is not enabled, so `sqlx-mysql` is never compiled — it only appears in Cargo.lock.
     "RUSTSEC-2023-0071",
+
+    # `rand` 0.8.5 unsoundness when `log` + `thread_rng` features are both enabled and a custom
+    # logger calls `rand::rng()` during reseeding. Our 0.8.5 (transitive via alloy-consensus)
+    # has neither feature enabled; our 0.9.4 is already patched.
+    "RUSTSEC-2026-0097",
 ]