This project is archived. Its data is read-only.

Unverified Commit beb8a687 authored Nov 01, 2022 by ysaito1001 Committed by GitHub Nov 01, 2022

Fix cargo audit issue on criterion (#1923)



* Depend on criterion 0.4.0

This updates criterion from 0.3.6 to 0.4.0 to avoid RUSTSEC-2021-0127
where criterion 0.3.6 depends upon an unmaintained crate `serde_cbor`.

* Update CHANGELOG.next.toml

Co-authored-by: Saito <awsaito@c889f3b5ddc4.ant.amazon.com>

parent e9f876a1

CHANGELOG.next.toml

+6 −0

Original line number	Diff line number	Diff line
		@@ -73,3 +73,9 @@ message = "Fix cargo audit issue on chrono."
		references = ["smithy-rs#1907"]
		meta = { "breaking" = false, "tada" = false, "bug" = false, "target" = "all" }
		author = "ysaito1001"

		[[aws-sdk-rust]]
		message = "Fix cargo audit issue on criterion."
		references = ["smithy-rs#1923"]
		meta = { "breaking" = false, "tada" = false, "bug" = false }
		author = "ysaito1001"

aws/sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/IntegrationTestDependencies.kt

+1 −1

Original line number	Diff line number	Diff line
		@@ -119,7 +119,7 @@ class S3TestDependencies(

		private val AsyncStd = CargoDependency("async-std", CratesIo("1.12.0"), scope = DependencyScope.Dev)
		private val AsyncStream = CargoDependency("async-stream", CratesIo("0.3.0"), DependencyScope.Dev)
		private val Criterion = CargoDependency("criterion", CratesIo("0.3.6"), scope = DependencyScope.Dev)
		private val Criterion = CargoDependency("criterion", CratesIo("0.4.0"), scope = DependencyScope.Dev)
		private val FuturesCore = CargoDependency("futures-core", CratesIo("0.3.0"), DependencyScope.Dev)
		private val FuturesUtil = CargoDependency("futures-util", CratesIo("0.3.0"), scope = DependencyScope.Dev)
		private val Hound = CargoDependency("hound", CratesIo("3.4.0"), DependencyScope.Dev)

aws/sdk/integration-tests/dynamodb/Cargo.toml

+1 −2

Original line number	Diff line number	Diff line
		@@ -17,8 +17,7 @@ aws-smithy-protocol-test = { path = "../../build/aws-sdk/sdk/aws-smithy-protocol
		aws-smithy-async = { path = "../../build/aws-sdk/sdk/aws-smithy-async" }
		aws-types = { path = "../../build/aws-sdk/sdk/aws-types" }
		bytes = "1.0.0"
		# TODO(https://github.com/awslabs/smithy-rs/issues/1044) v3.6 has an unmaintained dependency, upgrade this when possible
		criterion = { version = "0.3.6" }
		criterion = { version = "0.4.0" }
		futures-util = "0.3.16"
		http = "0.2.0"
		serde_json = "1.0.0"