From 2e1a9caeda8918066f4829290b70bac8e79f4a35 Mon Sep 17 00:00:00 2001 From: Niklas Adolfsson Date: Tue, 3 Aug 2021 09:33:20 +0200 Subject: [PATCH] deps(hyper): require 0.14.10 To make sure that we are not affected by: - https://github.com/hyperium/hyper/security/advisories/GHSA-f3pg-qwvg-p99c - https://github.com/hyperium/hyper/security/advisories/GHSA-5h46-h7hh-c6x9 However, `hyper 13` is not fixed but I think we should remove that support anyway?! --- http-client/Cargo.toml | 2 +- http-server/Cargo.toml | 2 +- test-utils/Cargo.toml | 2 +- types/Cargo.toml | 2 +- utils/Cargo.toml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/http-client/Cargo.toml b/http-client/Cargo.toml index f9959c5a26..bd9305cd27 100644 --- a/http-client/Cargo.toml +++ b/http-client/Cargo.toml @@ -13,7 +13,7 @@ documentation = "https://docs.rs/jsonrpsee-http-client" async-trait = "0.1" hyper13-rustls = { package = "hyper-rustls", version = "0.21", optional = true } hyper14-rustls = { package = "hyper-rustls", version = "0.22", optional = true } -hyper14 = { package = "hyper", version = "0.14", features = ["client", "http1", "http2", "tcp"], optional = true } +hyper14 = { package = "hyper", version = "0.14.10", features = ["client", "http1", "http2", "tcp"], optional = true } hyper13 = { package = "hyper", version = "0.13", optional = true } jsonrpsee-types = { path = "../types", version = "0.2.0" } jsonrpsee-utils = { path = "../utils", version = "0.2.0", optional = true } diff --git a/http-server/Cargo.toml b/http-server/Cargo.toml index a5cf25f3dd..74cff949c0 100644 --- a/http-server/Cargo.toml +++ b/http-server/Cargo.toml @@ -11,7 +11,7 @@ documentation = "https://docs.rs/jsonrpsee-http-server" [dependencies] thiserror = "1" -hyper = { version = "0.14", features = ["server", "http1", "http2", "tcp"] } +hyper = { version = "0.14.10", features = ["server", "http1", "http2", "tcp"] } futures-channel = "0.3.14" futures-util = { version = "0.3.14", default-features = false } jsonrpsee-types = { path = "../types", version = "0.2.0" } diff --git a/test-utils/Cargo.toml b/test-utils/Cargo.toml index aca58d3cc3..eb9a4a4c6b 100644 --- a/test-utils/Cargo.toml +++ b/test-utils/Cargo.toml @@ -11,7 +11,7 @@ edition = "2018" anyhow = "1" futures-channel = "0.3.14" futures-util = "0.3.14" -hyper = { version = "0.14", features = ["full"] } +hyper = { version = "0.14.10", features = ["full"] } log = "0.4" serde = { version = "1", default-features = false, features = ["derive"] } serde_json = "1" diff --git a/types/Cargo.toml b/types/Cargo.toml index 6964760be6..e5e20d4ce1 100644 --- a/types/Cargo.toml +++ b/types/Cargo.toml @@ -19,4 +19,4 @@ serde = { version = "1", default-features = false, features = ["derive"] } serde_json = { version = "1", default-features = false, features = ["alloc", "raw_value", "std"] } thiserror = "1.0" soketto = "0.6" -hyper = "0.14" +hyper = "0.14.10" diff --git a/utils/Cargo.toml b/utils/Cargo.toml index c9cf1213d2..442d068908 100644 --- a/utils/Cargo.toml +++ b/utils/Cargo.toml @@ -11,7 +11,7 @@ thiserror = { version = "1", optional = true } futures-channel = { version = "0.3.14", default-features = false, optional = true } futures-util = { version = "0.3.14", default-features = false, optional = true } hyper13 = { package = "hyper", version = "0.13", default-features = false, features = ["stream"], optional = true } -hyper14 = { package = "hyper", version = "0.14", default-features = false, features = ["stream"], optional = true } +hyper14 = { package = "hyper", version = "0.14.10", default-features = false, features = ["stream"], optional = true } jsonrpsee-types = { path = "../types", version = "0.2.0", optional = true } log = { version = "0.4", optional = true } rustc-hash = { version = "1", optional = true }