Can't ignore unmaintained crates?

[emilk]

Describe the bug

I'm trying to ignore the fact that a crate is unmaintained, but I don't know how.

Is the ignore field only for yanked crates? If so, how do I ignore unmaintained crates?

To reproduce

This is what I tried:

[advisories]
version = 2
ignore = [
  "safemem",
  "safemem@0.3.3",
]

Resulting in:

error[unmaintained]: safemem is unmaintained
    ┌─ Cargo.lock:497:1
    │
497 │ safemem 0.3.3 registry+https://github.com/rust-lang/crates.io-index
    │ ------------------------------------------------------------------- unmaintained advisory detected
    │
    = ID: RUSTSEC-2023-0081
    = Advisory: https://rustsec.org/advisories/RUSTSEC-2023-0081
    = The latest crates.io release was in 2019. The repository has been archived by the author.

…

    = Announcement: https://github.com/abonander/safemem
    = Solution: No safe upgrade is available!
    = safemem v0.3.3
      └── base64 v0.9.3
          └── wasm-bindgen-cli-support v0.2.90
              ├── cargo-run-wasm v0.3.2
              │   └── run_wasm v0.16.0-alpha.1+dev
              └── re_dev_tools v0.16.0-alpha.1+dev

warning[yanked-not-detected]: yanked crate was not encountered
   ┌─ /Users/emilk/code/rerun/rerun/deny.toml:34:4
   │
34 │   "safemem@0.3.3",
   │    ^^^^^^^^^^^^^ yanked crate not detected

warning[yanked-not-detected]: yanked crate was not encountered
   ┌─ /Users/emilk/code/rerun/rerun/deny.toml:33:4
   │
33 │   "safemem",
   │    ^^^^^^^ yanked crate not detected

advisories FAILED, bans ok, licenses ok, sources ok

cargo-deny version

cargo-deny 0.14.21

What OS were you running cargo-deny on?

MacOS

Additional context

No response

[Jake-Shadle]

The ignore field is for yanked crates or advisories, in the case of unmaintained crates you use the advisory for it, but I can see how using the crate spec would also make sense.

[emilk]

Ah that makes sense - thanks. Ignoring "RUSTSEC-2023-0081" works as expected.

Feel free to close this.