Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RUSTSEC-2024-0421 #3772

Open
academiaresf opened this issue Mar 6, 2025 · 1 comment
Open

RUSTSEC-2024-0421 #3772

academiaresf opened this issue Mar 6, 2025 · 1 comment
Labels
enhancement New feature or request

Comments

@academiaresf
Copy link

I have found these related issues/pull requests

Security Check

Description

RUSTSEC-2024-0421

Prefered solution

Update depedency to 2.5.4 on:

  • Cargo.toml
  • sqlx-core/Cargo.toml
  • sqlx-macros-core/Cargo.toml
  • sqlx-sqlite/Cargo.toml

Is this a breaking change? Why or why not?

Unit tests are passing
@academiaresf academiaresf added the enhancement New feature or request label Mar 6, 2025
@abonander
Copy link
Collaborator

idna indirectly depended on by SQLx via the url crate is already upgraded to 1.0.3 (the latest version):

sqlx/Cargo.lock

Line 1875 in a92626d

name = "idna"

idna 0.4.0 is only indirectly depended on by the sqlx-example-postgres-axum-social example crate, via the validator crate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@abonander @academiaresf