matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-08-07 17:03:01 +03:00
Code Activity

Update Cargo.lock and update cargo-deny exceptions

Browse Source
This commit is contained in:
Quentin Gliech
2024-05-02 14:16:40 +02:00
parent a99427e942
commit 8e513ea3cc
5 changed files with 270 additions and 273 deletions
Download Patch File Download Diff File Expand all files Collapse all files

518
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

2
crates/axum-utils/Cargo.toml
View File

@@ -16,7 +16,7 @@ async-trait.workspace = true
axum = { version = "0.6.20", features = ["headers"] } axum = { version = "0.6.20", features = ["headers"] }
axum-extra = { version = "0.8.0", features = ["cookie-private", "cookie-key-expansion"] } axum-extra = { version = "0.8.0", features = ["cookie-private", "cookie-key-expansion"] }
chrono.workspace = true chrono.workspace = true
data-encoding = "2.5.0" data-encoding = "2.6.0"
futures-util = "0.3.30" futures-util = "0.3.30"
headers.workspace = true headers.workspace = true
http.workspace = true http.workspace = true

2
crates/handlers/Cargo.toml
View File

@@ -59,7 +59,7 @@ base64ct = "1.6.0"
camino.workspace = true camino.workspace = true
chrono.workspace = true chrono.workspace = true
psl = "2.1.35" psl = "2.1.35"
time = "0.3.34" time = "0.3.36"
url.workspace = true url.workspace = true
mime = "0.3.17" mime = "0.3.17"
minijinja.workspace = true minijinja.workspace = true

2
crates/oauth2-types/Cargo.toml
View File

@@ -20,7 +20,7 @@ url.workspace = true
serde_with = { version = "3.8.1", features = ["chrono"] } serde_with = { version = "3.8.1", features = ["chrono"] }
chrono.workspace = true chrono.workspace = true
sha2 = "0.10.8" sha2 = "0.10.8"
data-encoding = "2.5.0" data-encoding = "2.6.0"
thiserror.workspace = true thiserror.workspace = true
mas-iana.workspace = true mas-iana.workspace = true

19
deny.toml
View File

@@ -11,16 +11,9 @@ version = 2
db-path = "~/.cargo/advisory-db" db-path = "~/.cargo/advisory-db"
db-urls = ["https://github.com/rustsec/advisory-db"] db-urls = ["https://github.com/rustsec/advisory-db"]
ignore = [ ignore = [
# `wasmtime` depends on `mach`
# PR to migrate to `mach2`: https://github.com/bytecodealliance/wasmtime/pull/6164
"RUSTSEC-2020-0168",
# RSA key extraction "Marvin Attack". This is only relevant when using # RSA key extraction "Marvin Attack". This is only relevant when using
# PKCS#1 v1.5 encryption, which we don't # PKCS#1 v1.5 encryption, which we don't
"RUSTSEC-2023-0071", "RUSTSEC-2023-0071",
# yaml-rust is unmaintained, and used by insta, which isn't a production dependency
"RUSTSEC-2024-0320",
] ]
[licenses] [licenses]
@@ -65,15 +58,13 @@ skip = [
{ name = "base64", version = "0.21.7" }, # many dependencies depends on this old version { name = "base64", version = "0.21.7" }, # many dependencies depends on this old version
{ name = "spin", version = "0.5.2" }, # lazy_static and ring depends on the old version { name = "spin", version = "0.5.2" }, # lazy_static and ring depends on the old version
{ name = "syn", version = "1.0.109" }, # sea-query, sqlx, schemars depend on the old version { name = "syn", version = "1.0.109" }, # sea-query, sqlx, schemars depend on the old version
{ name = "strsim", version = "0.10.0" }, # darling depends on the old version
{ name = "event-listener", version = "2.5.3" }, # async-channel (wiremock) and sqlx-core depend on the old version { name = "event-listener", version = "2.5.3" }, # async-channel (wiremock) and sqlx-core depend on the old version
{ name = "regex-syntax", version = "0.6.29" }, # tracing-subscriber[env-filter] -> matchers depends on the old version { name = "regex-syntax", version = "0.6.29" }, # tracing-subscriber[env-filter] -> matchers depends on the old version
{ name = "regex-automata", version = "0.1.10" }, # ^ { name = "regex-automata", version = "0.1.10" }, # ^
{ name = "regex-automata", version = "0.2.0" }, # icu_list depends on this old version { name = "regex-automata", version = "0.2.0" }, # icu_list depends on this old version
{ name = "socket2", version = "0.4.10" }, # old hyper version depends on this old version
{ name = "indexmap", version = "1.9.3" }, # schemars depends on this old version { name = "indexmap", version = "1.9.3" }, # schemars depends on this old version
{ name = "object", version = "0.32.2" }, # sentry-backtrace depends on this old version { name = "object", version = "0.32.2" }, # sentry-backtrace depends on this old version
{ name = "itertools", version = "0.10.5" }, # wasmtime & others depends on the old version
{ name = "itertools", version = "0.11.0" },
{ name = "bitflags", version = "1.3.2" }, # axum depends on an old version { name = "bitflags", version = "1.3.2" }, # axum depends on an old version
{ name = "hashbrown" }, # Too many versions :( { name = "hashbrown" }, # Too many versions :(
# sqlx uses old versions of those: # sqlx uses old versions of those:
@@ -85,11 +76,13 @@ skip = [
{ name = "heck", version = "0.4.1" }, { name = "heck", version = "0.4.1" },
# we depend on old http/http-body/hyper versions, but some dependencies already upgraded # we depend on old http/http-body/hyper versions, but some dependencies already upgraded
{ name = "http", version = "0.2.12" }, { name = "http", version = "0.2.12" },
# sea-query-attr uses an old version of darling
{ name = "darling", version = "0.14.4" },
{ name = "darling_core", version = "0.14.4" },
{ name = "darling_macro", version = "0.14.4" },
] ]
skip-tree = [ skip-tree = []
{ name = "darling", version = "0.14.4", depth = 2 }, # sea-query-attr depends on an old version
]
# We should never enable the (default) `oldtime` feature of `chrono` # We should never enable the (default) `oldtime` feature of `chrono`
[[bans.features]] [[bans.features]]