Address cargo audit failure RUSTSEC-2024-0437 (#7114)

eserilev · web-flow · commit 3a555f571f62 · 2025-03-13T03:17:33.000Z
Resolves #7091 The `prometheus` crate pulls in `protobuf 2.x` which fails cargo audit. We actually dont use any `protobuf` related features in LH. By disabling default features for `prometheus`, we no longer pull in the `protobuf` crate
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -161,7 +161,7 @@ mockito = "1.5.0"
 num_cpus = "1"
 parking_lot = "0.12"
 paste = "1"
-prometheus = "0.13"
+prometheus = { version = "0.13", default-features = false }
 quickcheck = "1"
 quickcheck_macros = "1"
 quote = "1"
diff --git a/Makefile b/Makefile
@@ -250,7 +250,7 @@ install-audit:
 	cargo install --force cargo-audit
 
 audit-CI:
-	cargo audit --ignore RUSTSEC-2024-0437
+	cargo audit
 
 # Runs `cargo vendor` to make sure dependencies can be vendored for packaging, reproducibility and archival purpose.
 vendor:
