T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update tokio to resolve dependabot warning (#5607)

Browse Source 
This doesn't fully update tokio since the update to the latest version
has quite a few changes I'd prefer to not audit at the moment, but it
updates to a patched version.
This commit is contained in:
Alex Crichton
2023-01-20 11:56:59 -06:00
committed by GitHub
parent 299b8187f8
commit e0d7c3bbe1
2 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
supply-chain/audits.toml
View File

@@ -506,6 +506,16 @@ intended to multiplex across the internal representation of a tinyvec,
presumably. This trivially doesn't contain anything bad.
"""
[[audits.tokio]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
delta = "1.18.1 -> 1.18.4"
notes = """
This looks to be a minor release primarily to fix a security-related Windows
issue plus some reorganization around lazy initialization. Altogether nothing
amiss here.
"""
[[audits.unicase]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"