Update tokio to resolve dependabot warning (#5607)
This doesn't fully update tokio since the update to the latest version has quite a few changes I'd prefer to not audit at the moment, but it updates to a patched version.
This commit is contained in:
Alex Crichton
5
Cargo.lock
generated
5
Cargo.lock
generated
@@ -2900,16 +2900,15 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c"
|
||||
|
||||
[[package]]
|
||||
name = "tokio"
|
||||
version = "1.18.1"
|
||||
version = "1.18.4"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "dce653fb475565de9f6fb0614b28bca8df2c430c0cf84bcd9c843f15de5414cc"
|
||||
checksum = "8bfb875c82dc0a4f1f37a30e720dee181a2b3a06a428b0fc6873ea38d6407850"
|
||||
dependencies = [
|
||||
"bytes",
|
||||
"libc",
|
||||
"memchr",
|
||||
"mio",
|
||||
"num_cpus",
|
||||
"once_cell",
|
||||
"pin-project-lite",
|
||||
"socket2",
|
||||
"tokio-macros",
|
||||
|
||||
@@ -506,6 +506,16 @@ intended to multiplex across the internal representation of a tinyvec,
|
||||
presumably. This trivially doesn't contain anything bad.
|
||||
"""
|
||||
|
||||
[[audits.tokio]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
delta = "1.18.1 -> 1.18.4"
|
||||
notes = """
|
||||
This looks to be a minor release primarily to fix a security-related Windows
|
||||
issue plus some reorganization around lazy initialization. Altogether nothing
|
||||
amiss here.
|
||||
"""
|
||||
|
||||
[[audits.unicase]]
|
||||
who = "Alex Crichton <alex@alexcrichton.com>"
|
||||
criteria = "safe-to-deploy"
|
||||
|
||||
Reference in New Issue
Block a user