Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): Bump hyper to fix CVE-2022-31394 #59

Merged
merged 3 commits into from
Dec 21, 2023
Merged

fix(deps): Bump hyper to fix CVE-2022-31394 #59

merged 3 commits into from
Dec 21, 2023

Conversation

keelerm84
Copy link
Member

No description provided.

@keelerm84 keelerm84 requested a review from a team December 13, 2023 14:06
@shortcut-integration Shortcut Integration
Copy link

This pull request has been linked to Shortcut Story #226796: Bump Rust SDK dependencies to fix security vulnerability.

keelerm84
keelerm84 commented Dec 13, 2023
View reviewed changes
contract-tests/Cargo.toml
@@ -14,7 +14,7 @@ launchdarkly-server-sdk = { path = "../launchdarkly-server-sdk/", default-featur
serde = { version = "1.0.132", features = ["derive"] }
serde_json = "1.0.73"
futures = "0.3.12"
hyper = { version = "0.14.17", features = ["client"] }
hyper = { version = "0.14.19", features = ["client"] }
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See launchdarkly/rust-eventsource-client#72 for related changes to the event source.

Once the eventsource crate has been published, I'll update that dependency as well.

@keelerm84 keelerm84 mentioned this pull request Dec 13, 2023
Merged
@keelerm84 keelerm84 merged commit fdd2c32 into main Dec 21, 2023
3 checks passed
@keelerm84 keelerm84 deleted the mk/sc-226796/rust-deps branch December 21, 2023 21:40
@github-actions github-actions bot mentioned this pull request Dec 21, 2023
Merged
keelerm84 pushed a commit that referenced this pull request Dec 21, 2023
@github-actions
chore(main): release 2.0.2 (#62)
539a821 
🤖 I have created a release *beep* *boop*
---


##
[2.0.2](2.0.1...2.0.2)
(2023-12-21)


### Bug Fixes

* Bump MSRV to 1.70.0
([#61](#61))
([3a4d8e7](3a4d8e7))
* **deps:** Bump hyper to fix CVE-2022-31394
([#59](#59))
([fdd2c32](fdd2c32))
* **deps:** Bump tokio to fix CVE-2021-45710
([#60](#60))
([64d6e7b](64d6e7b))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kinyoklion kinyoklion kinyoklion approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@keelerm84 @kinyoklion