Skip to content

Commit

Permalink
build(deps): bump semver compatible dependencies
Browse files Browse the repository at this point in the history 
Fixes the following cargo-audit feedback:

```
Crate:     openssl
Version:   0.10.64
Title:     `MemBio::get_buf` has undefined behavior with empty buffers
Date:      2024-07-21
ID:        RUSTSEC-2024-0357
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0357
Solution:  Upgrade to >=0.10.66
Dependency tree:
openssl 0.10.64
├── sqlx-cli 0.8.3
└── native-tls 0.2.11
    └── sqlx-core 0.8.3
        ├── sqlx-sqlite 0.8.3
        │   ├── sqlx-macros-core 0.8.3
        │   │   └── sqlx-macros 0.8.3
        │   │       └── sqlx 0.8.3
        │   │           ├── sqlx-test 0.1.0
        │   │           │   └── sqlx 0.8.3
        │   │           ├── sqlx-sqlite 0.8.3
        │   │           ├── sqlx-postgres 0.8.3
        │   │           │   ├── sqlx-macros-core 0.8.3
        │   │           │   └── sqlx 0.8.3
        │   │           ├── sqlx-mysql 0.8.3
        │   │           │   ├── sqlx-macros-core 0.8.3
        │   │           │   └── sqlx 0.8.3
        │   │           ├── sqlx-example-sqlite-todos 0.1.0
        │   │           ├── sqlx-example-postgres-transaction 0.1.0
        │   │           ├── sqlx-example-postgres-todos 0.1.0
        │   │           ├── sqlx-example-postgres-mockable-todos 0.1.0
        │   │           ├── sqlx-example-postgres-listen 0.1.0
        │   │           ├── sqlx-example-postgres-json 0.1.0
        │   │           ├── sqlx-example-postgres-files 0.1.0
        │   │           ├── sqlx-example-postgres-chat 0.1.0
        │   │           ├── sqlx-example-postgres-axum-social 0.1.0
        │   │           ├── sqlx-example-mysql-todos 0.1.0
        │   │           ├── sqlx-core 0.8.3
        │   │           └── sqlx-cli 0.8.3
        │   └── sqlx 0.8.3
        ├── sqlx-postgres 0.8.3
        ├── sqlx-mysql 0.8.3
        ├── sqlx-macros-core 0.8.3
        ├── sqlx-macros 0.8.3
        └── sqlx 0.8.3

Crate:     futures-util
Version:   0.3.30
Warning:   yanked
Dependency tree:
futures-util 0.3.30
├── tower-http 0.3.5
│   └── axum 0.5.17
│       └── sqlx-example-postgres-axum-social 0.1.0
├── tower 0.4.13
│   ├── tower-http 0.3.5
│   ├── sqlx-example-postgres-axum-social 0.1.0
│   └── axum 0.5.17
├── sqlx-sqlite 0.8.3
│   ├── sqlx-macros-core 0.8.3
│   │   └── sqlx-macros 0.8.3
│   │       └── sqlx 0.8.3
│   │           ├── sqlx-test 0.1.0
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-sqlite 0.8.3
│   │           ├── sqlx-postgres 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-mysql 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-example-sqlite-todos 0.1.0
│   │           ├── sqlx-example-postgres-transaction 0.1.0
│   │           ├── sqlx-example-postgres-todos 0.1.0
│   │           ├── sqlx-example-postgres-mockable-todos 0.1.0
│   │           ├── sqlx-example-postgres-listen 0.1.0
│   │           ├── sqlx-example-postgres-json 0.1.0
│   │           ├── sqlx-example-postgres-files 0.1.0
│   │           ├── sqlx-example-postgres-chat 0.1.0
│   │           ├── sqlx-example-postgres-axum-social 0.1.0
│   │           ├── sqlx-example-mysql-todos 0.1.0
│   │           ├── sqlx-core 0.8.3
│   │           │   ├── sqlx-sqlite 0.8.3
│   │           │   ├── sqlx-postgres 0.8.3
│   │           │   ├── sqlx-mysql 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   ├── sqlx-macros 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           └── sqlx-cli 0.8.3
│   └── sqlx 0.8.3
├── sqlx-postgres 0.8.3
├── sqlx-mysql 0.8.3
├── sqlx-core 0.8.3
├── hyper 0.14.28
│   └── axum 0.5.17
├── futures-executor 0.3.30
│   ├── sqlx-sqlite 0.8.3
│   └── futures 0.3.30
│       ├── sqlx-example-sqlite-todos 0.1.0
│       ├── sqlx-example-postgres-transaction 0.1.0
│       ├── sqlx-example-postgres-todos 0.1.0
│       ├── sqlx-example-postgres-mockable-todos 0.1.0
│       ├── sqlx-example-postgres-listen 0.1.0
│       ├── sqlx-example-postgres-json 0.1.0
│       ├── sqlx-example-postgres-chat 0.1.0
│       ├── sqlx-example-mysql-todos 0.1.0
│       ├── sqlx-cli 0.8.3
│       ├── sqlx 0.8.3
│       └── criterion 0.5.1
│           └── sqlx 0.8.3
├── futures 0.3.30
├── axum-core 0.2.9
│   └── axum 0.5.17
└── axum 0.5.17

Crate:     url
Version:   2.5.3
Warning:   yanked
Dependency tree:
url 2.5.3
├── validator 0.16.1
│   └── sqlx-example-postgres-axum-social 0.1.0
├── sqlx-sqlite 0.8.3
│   ├── sqlx-macros-core 0.8.3
│   │   └── sqlx-macros 0.8.3
│   │       └── sqlx 0.8.3
│   │           ├── sqlx-test 0.1.0
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-sqlite 0.8.3
│   │           ├── sqlx-postgres 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-mysql 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-example-sqlite-todos 0.1.0
│   │           ├── sqlx-example-postgres-transaction 0.1.0
│   │           ├── sqlx-example-postgres-todos 0.1.0
│   │           ├── sqlx-example-postgres-mockable-todos 0.1.0
│   │           ├── sqlx-example-postgres-listen 0.1.0
│   │           ├── sqlx-example-postgres-json 0.1.0
│   │           ├── sqlx-example-postgres-files 0.1.0
│   │           ├── sqlx-example-postgres-chat 0.1.0
│   │           ├── sqlx-example-postgres-axum-social 0.1.0
│   │           ├── sqlx-example-mysql-todos 0.1.0
│   │           ├── sqlx-core 0.8.3
│   │           │   ├── sqlx-sqlite 0.8.3
│   │           │   ├── sqlx-postgres 0.8.3
│   │           │   ├── sqlx-mysql 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   ├── sqlx-macros 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           └── sqlx-cli 0.8.3
│   └── sqlx 0.8.3
├── sqlx-macros-core 0.8.3
├── sqlx-core 0.8.3
└── sqlx 0.8.3
```

Result of cargo update:

```
    Updating crates.io index
    Updating addr2line v0.21.0 -> v0.24.2
    Removing adler v1.0.2
      Adding adler2 v2.0.0
    Removing ahash v0.8.11
    Updating aho-corasick v1.1.2 -> v1.1.3
    Updating allocator-api2 v0.2.16 -> v0.2.21
    Updating anstream v0.6.13 -> v0.6.18
    Updating anstyle v1.0.6 -> v1.0.10
    Updating anstyle-parse v0.2.3 -> v0.2.6
    Updating anstyle-query v1.0.2 -> v1.1.2
    Updating anstyle-wincon v3.0.2 -> v3.0.6
    Updating anyhow v1.0.81 -> v1.0.95
    Updating arrayvec v0.7.4 -> v0.7.6
    Updating assert_cmd v2.0.14 -> v2.0.16
    Updating async-channel v2.2.0 -> v2.3.1
    Updating async-executor v1.8.0 -> v1.13.1
    Updating async-io v2.3.2 -> v2.4.0
    Updating async-lock v3.3.0 -> v3.4.0
    Updating async-task v4.7.0 -> v4.7.1
    Updating async-trait v0.1.77 -> v0.1.84
    Updating autocfg v1.1.0 -> v1.4.0
    Updating aws-lc-rs v1.8.0 -> v1.12.0
    Updating aws-lc-sys v0.19.0 -> v0.24.1
    Updating backtrace v0.3.69 -> v0.3.74
    Updating base64 v0.22.0 -> v0.22.1
    Removing basic-toml v0.1.9
    Updating bigdecimal v0.4.3 -> v0.4.7
    Updating bindgen v0.69.4 -> v0.69.5 (latest: v0.71.1)
    Updating bitflags v2.4.2 -> v2.6.0
    Updating blocking v1.5.1 -> v1.6.1
    Updating borsh v1.5.1 -> v1.5.3
    Updating borsh-derive v1.5.1 -> v1.5.3
    Updating bstr v1.9.1 -> v1.11.3
    Updating bumpalo v3.15.4 -> v3.16.0
    Updating bytes v1.5.0 -> v1.9.0
    Updating camino v1.1.6 -> v1.1.9
    Updating cargo-platform v0.1.7 -> v0.1.9
    Updating cc v1.1.6 -> v1.2.7
      Adding cfg_aliases v0.1.1 (latest: v0.2.1)
    Updating chrono v0.4.35 -> v0.4.39
    Updating clap v4.5.2 -> v4.5.23
    Updating clap_builder v4.5.2 -> v4.5.23
    Updating clap_complete v4.5.1 -> v4.5.40
    Updating clap_derive v4.5.0 -> v4.5.18
    Updating clap_lex v0.7.0 -> v0.7.4
    Updating cmake v0.1.50 -> v0.1.52
    Updating colorchoice v1.0.0 -> v1.0.3
    Updating concurrent-queue v2.4.0 -> v2.5.0
    Updating console v0.15.8 -> v0.15.10
      Adding core-foundation v0.10.0
    Updating core-foundation-sys v0.8.6 -> v0.8.7
    Updating cpufeatures v0.2.12 -> v0.2.16
    Updating crc v3.0.1 -> v3.2.1
    Updating crossbeam-deque v0.8.5 -> v0.8.6
    Updating crossbeam-queue v0.3.11 -> v0.3.12
    Updating crossbeam-utils v0.8.19 -> v0.8.21
    Updating darling v0.20.8 -> v0.20.10
    Updating darling_core v0.20.8 -> v0.20.10
    Updating darling_macro v0.20.8 -> v0.20.10
    Updating der v0.7.8 -> v0.7.9
    Updating dunce v1.0.4 -> v1.0.5
    Updating either v1.10.0 -> v1.13.0
    Updating encode_unicode v0.3.6 -> v1.0.0
    Updating env_filter v0.1.0 -> v0.1.3
    Updating env_logger v0.11.3 -> v0.11.6
    Updating errno v0.3.8 -> v0.3.10
    Removing event-listener v4.0.3
    Removing event-listener v5.2.0
      Adding event-listener v5.3.1
    Removing event-listener-strategy v0.4.0
    Removing event-listener-strategy v0.5.0
      Adding event-listener-strategy v0.5.3
    Updating fastrand v2.0.1 -> v2.3.0
    Updating filetime v0.2.23 -> v0.2.25
    Removing finl_unicode v1.2.0
    Updating flume v0.11.0 -> v0.11.1
    Updating foldhash v0.1.3 -> v0.1.4
    Updating futures v0.3.30 -> v0.3.31
    Updating futures-channel v0.3.30 -> v0.3.31
    Updating futures-core v0.3.30 -> v0.3.31
    Updating futures-executor v0.3.30 -> v0.3.31
    Updating futures-io v0.3.30 -> v0.3.31
    Updating futures-lite v2.2.0 -> v2.5.0
    Updating futures-macro v0.3.30 -> v0.3.31
    Updating futures-sink v0.3.30 -> v0.3.31
    Updating futures-task v0.3.30 -> v0.3.31
    Updating futures-util v0.3.30 -> v0.3.31
    Updating getrandom v0.2.12 -> v0.2.15
    Updating gimli v0.28.1 -> v0.31.1
    Updating glob v0.3.1 -> v0.3.2
    Updating half v2.4.0 -> v2.4.1
    Removing hashbrown v0.14.5
      Adding hermit-abi v0.4.0
    Updating httparse v1.8.0 -> v1.9.5
    Updating hyper v0.14.28 -> v0.14.32 (latest: v1.5.2)
    Updating iana-time-zone v0.1.60 -> v0.1.61
    Updating indexmap v2.2.5 -> v2.7.0
    Updating instant v0.1.12 -> v0.1.13
    Updating is-terminal v0.4.12 -> v0.4.13
      Adding is_terminal_polyfill v1.70.1
    Updating itoa v1.0.10 -> v1.0.14
    Updating jobserver v0.1.31 -> v0.1.32
    Updating js-sys v0.3.69 -> v0.3.76
    Updating lazy_static v1.4.0 -> v1.5.0
    Updating libc v0.2.153 -> v0.2.169
    Updating libloading v0.8.4 -> v0.8.6
    Updating libm v0.2.8 -> v0.2.11
    Updating libredox v0.0.1 -> v0.1.3
    Updating linux-raw-sys v0.4.13 -> v0.4.14 (latest: v0.6.5)
    Updating litemap v0.7.3 -> v0.7.4
    Updating lock_api v0.4.11 -> v0.4.12
    Updating log v0.4.21 -> v0.4.22
    Updating lru v0.12.3 -> v0.12.5
    Updating mac_address v1.1.5 -> v1.1.7
    Updating memchr v2.7.1 -> v2.7.4
      Adding memoffset v0.9.1
    Updating miniz_oxide v0.7.2 -> v0.8.2
      Adding mio v1.0.3
    Removing mirai-annotations v1.12.0
    Updating native-tls v0.2.11 -> v0.2.12
      Adding nix v0.28.0 (latest: v0.29.0)
    Updating num-bigint v0.4.4 -> v0.4.6
    Updating num-iter v0.1.44 -> v0.1.45
    Updating num-traits v0.2.18 -> v0.2.19
    Removing num_cpus v1.16.0
    Updating object v0.32.2 -> v0.36.7
    Updating once_cell v1.19.0 -> v1.20.2
    Updating oorandom v11.1.3 -> v11.1.4
    Updating openssl v0.10.64 -> v0.10.68
    Updating openssl-src v300.2.3+3.2.1 -> v300.4.1+3.4.0
    Updating openssl-sys v0.9.101 -> v0.9.104
    Updating parking v2.2.0 -> v2.2.1
    Updating parking_lot v0.12.1 -> v0.12.3
    Updating parking_lot_core v0.9.9 -> v0.9.10
    Updating paste v1.0.14 -> v1.0.15
    Updating pin-project v1.1.5 -> v1.1.7
    Updating pin-project-internal v1.1.5 -> v1.1.7
    Updating pin-project-lite v0.2.13 -> v0.2.15
    Updating piper v0.2.1 -> v0.2.4
    Updating pkg-config v0.3.30 -> v0.3.31
    Updating plotters v0.3.5 -> v0.3.7
    Updating plotters-backend v0.3.5 -> v0.3.7
    Updating plotters-svg v0.3.5 -> v0.3.7
    Updating polling v3.5.0 -> v3.7.4
    Updating ppv-lite86 v0.2.17 -> v0.2.20
    Updating predicates v3.1.0 -> v3.1.3
    Updating predicates-core v1.0.6 -> v1.0.9
    Updating predicates-tree v1.0.9 -> v1.0.12
    Updating prettyplease v0.2.17 -> v0.2.25
    Updating proc-macro-crate v3.1.0 -> v3.2.0
    Updating proc-macro2 v1.0.89 -> v1.0.92
    Updating quote v1.0.35 -> v1.0.38
    Updating rayon v1.9.0 -> v1.10.0
    Updating redox_syscall v0.4.1 -> v0.5.8
    Updating redox_users v0.4.4 -> v0.4.6 (latest: v0.5.0)
    Updating regex v1.10.3 -> v1.11.1
    Updating regex-automata v0.4.6 -> v0.4.9
    Updating regex-syntax v0.8.2 -> v0.8.5
    Updating rkyv v0.7.44 -> v0.7.45 (latest: v0.8.9)
    Updating rkyv_derive v0.7.44 -> v0.7.45 (latest: v0.8.9)
    Updating rsa v0.9.6 -> v0.9.7
    Updating rust_decimal v1.34.3 -> v1.36.0
    Updating rustc-demangle v0.1.23 -> v0.1.24
    Updating rustix v0.38.31 -> v0.38.42
    Updating rustls v0.23.11 -> v0.23.20
    Updating rustls-native-certs v0.8.0 -> v0.8.1
    Updating rustls-pemfile v2.1.2 -> v2.2.0
    Updating rustls-pki-types v1.7.0 -> v1.10.1
    Updating rustls-webpki v0.102.5 -> v0.102.8
    Updating rustversion v1.0.17 -> v1.0.19
    Updating ryu v1.0.17 -> v1.0.18
    Updating schannel v0.1.23 -> v0.1.27
    Removing security-framework v2.9.2
      Adding security-framework v2.11.1 (latest: v3.1.0)
      Adding security-framework v3.1.0
    Updating security-framework-sys v2.9.1 -> v2.13.0
    Updating semver v1.0.22 -> v1.0.24
    Updating serde v1.0.197 -> v1.0.217
    Updating serde_derive v1.0.197 -> v1.0.217
    Updating serde_json v1.0.114 -> v1.0.134
      Adding serde_spanned v0.6.8
    Updating signal-hook-mio v0.2.3 -> v0.2.4
    Updating signal-hook-registry v1.4.1 -> v1.4.2
    Updating simdutf8 v0.1.4 -> v0.1.5
    Updating smallvec v1.13.1 -> v1.13.2
    Updating socket2 v0.5.6 -> v0.5.8
    Removing spin v0.5.2
    Updating stringprep v0.1.4 -> v0.1.5
    Removing strsim v0.10.0
    Removing strsim v0.11.0
      Adding strsim v0.11.1
    Updating subtle v2.5.0 -> v2.6.1
    Updating syn v2.0.87 -> v2.0.94
    Removing syn_derive v0.1.8
      Adding target-triple v0.1.3
    Updating tempfile v3.10.1 -> v3.15.0
    Updating termtree v0.4.1 -> v0.5.1
    Removing thiserror v1.0.58
    Removing thiserror v2.0.0
      Adding thiserror v1.0.69 (latest: v2.0.9)
      Adding thiserror v2.0.9
    Removing thiserror-impl v1.0.58
    Removing thiserror-impl v2.0.0
      Adding thiserror-impl v1.0.69 (latest: v2.0.9)
      Adding thiserror-impl v2.0.9
    Updating time v0.3.36 -> v0.3.37
    Updating time-macros v0.2.18 -> v0.2.19
    Updating tinyvec v1.6.0 -> v1.8.1
    Updating tokio v1.36.0 -> v1.42.0
    Updating tokio-macros v2.2.0 -> v2.4.0
    Updating tokio-stream v0.1.14 -> v0.1.17
      Adding toml v0.8.19
    Updating toml_datetime v0.6.6 -> v0.6.8
    Updating toml_edit v0.21.1 -> v0.22.22
    Updating tower-layer v0.3.2 -> v0.3.3
    Updating tower-service v0.3.2 -> v0.3.3
    Updating tracing v0.1.40 -> v0.1.41
    Updating tracing-attributes v0.1.27 -> v0.1.28
    Updating tracing-core v0.1.32 -> v0.1.33
    Updating trybuild v1.0.89 -> v1.0.101
    Updating unicode-bidi v0.3.15 -> v0.3.18
    Updating unicode-ident v1.0.12 -> v1.0.14
    Updating unicode-normalization v0.1.23 -> v0.1.24
      Adding unicode-properties v0.1.3
    Updating unicode-segmentation v1.11.0 -> v1.12.0
    Removing unicode-width v0.1.13
      Adding unicode-width v0.1.14 (latest: v0.2.0)
      Adding unicode-width v0.2.0
    Updating url v2.5.3 -> v2.5.4
    Updating utf8parse v0.2.1 -> v0.2.2
    Updating uuid v1.7.0 -> v1.11.0
    Updating value-bag v1.8.0 -> v1.10.0
    Updating version_check v0.9.4 -> v0.9.5
    Updating waker-fn v1.1.1 -> v1.2.0
    Updating wasm-bindgen v0.2.92 -> v0.2.99
    Updating wasm-bindgen-backend v0.2.92 -> v0.2.99
    Updating wasm-bindgen-futures v0.4.42 -> v0.4.49
    Updating wasm-bindgen-macro v0.2.92 -> v0.2.99
    Updating wasm-bindgen-macro-support v0.2.92 -> v0.2.99
    Updating wasm-bindgen-shared v0.2.92 -> v0.2.99
    Updating web-sys v0.3.69 -> v0.3.76
    Updating webpki-roots v0.26.3 -> v0.26.7
    Updating whoami v1.5.1 -> v1.5.2
    Updating winapi-util v0.1.6 -> v0.1.9
      Adding windows-sys v0.59.0
    Updating windows-targets v0.52.4 -> v0.52.6
    Updating windows_aarch64_gnullvm v0.52.4 -> v0.52.6
    Updating windows_aarch64_msvc v0.52.4 -> v0.52.6
    Updating windows_i686_gnu v0.52.4 -> v0.52.6
      Adding windows_i686_gnullvm v0.52.6
    Updating windows_i686_msvc v0.52.4 -> v0.52.6
    Updating windows_x86_64_gnu v0.52.4 -> v0.52.6
    Updating windows_x86_64_gnullvm v0.52.4 -> v0.52.6
    Updating windows_x86_64_msvc v0.52.4 -> v0.52.6
    Updating winnow v0.5.40 -> v0.6.22
    Updating yoke v0.7.4 -> v0.7.5
    Updating yoke-derive v0.7.4 -> v0.7.5
    Updating zerocopy v0.7.32 -> v0.7.35 (latest: v0.8.14)
    Updating zerocopy-derive v0.7.32 -> v0.7.35 (latest: v0.8.14)
    Updating zerofrom v0.1.4 -> v0.1.5
    Updating zerofrom-derive v0.1.4 -> v0.1.5
    Updating zeroize v1.7.0 -> v1.8.1
    Removing zeroize_derive v1.4.2
note: pass `--verbose` to see 88 unchanged dependencies behind latest
```
  • Loading branch information
@paolobarbolini
paolobarbolini committed Jan 4, 2025
1 parent 9d74aea commit fb53869
Showing 1 changed file with 734 additions and 712 deletions.
Loading

0 comments on commit fb53869

Please sign in to comment.