Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update url version to v2.5.4 #3940

Merged
merged 2 commits into from
Dec 19, 2024
Merged

chore: update url version to v2.5.4 #3940

merged 2 commits into from
Dec 19, 2024

Conversation

ryota-sakamoto
Copy link
Contributor

@ryota-sakamoto ryota-sakamoto commented Dec 10, 2024
edited
Loading

Motivation and Context

idna 0.5.0 which url depends on has CVE-2024-12224 so we need to update the crate to v2.5.4.
https://rustsec.org/advisories/RUSTSEC-2024-0421

Description

This PR is to update the crate on aws-config, aws-inlineable and inlineable. Because all of them has dependency explicitly. Also I updated Cargo.toml and run cargo build on each of them to generate Cargo.lock.

Testing

Checklist

  • For changes to the smithy-rs codegen or runtime crates, I have created a changelog entry Markdown file in the .changelog directory, specifying "client," "server," or both in the applies_to key.
  • For changes to the AWS SDK, generated SDK code, or SDK runtime crates, I have created a changelog entry Markdown file in the .changelog directory, specifying "aws-sdk-rust" in the applies_to key.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@ryota-sakamoto ryota-sakamoto changed the title chore: update url version to v2.5.4 for aws-config chore: update url version to v2.5.4 Dec 10, 2024
@ryota-sakamoto ryota-sakamoto marked this pull request as ready for review December 10, 2024 13:49
@ryota-sakamoto ryota-sakamoto requested review from a team as code owners December 10, 2024 13:49
@landonxjames
Copy link
Contributor

Looks like most of the failures here are for error in core which should be fixed when #3936 is merged bumping our MSRV to a version that supports that.

@ryota-sakamoto
Copy link
Contributor Author

Sure, so I'm waiting for it and will update this PR after the merge.

@ryota-sakamoto ryota-sakamoto force-pushed the update-url-aws-config branch 2 times, most recently from 64da4f1 to df8505a Compare December 18, 2024 10:21
@ryota-sakamoto
chore: update url version to v2.5.4
40c446a 
Signed-off-by: Ryota Sakamoto <skmt@amazon.com>
@landonxjames
Copy link
Contributor

Canary run: https://github.com/smithy-lang/smithy-rs/actions/runs/12419318824

@landonxjames
Copy link
Contributor

Canary succeeded, merging

@landonxjames landonxjames added this pull request to the merge queue Dec 19, 2024
Merged via the queue into smithy-lang:main with commit c7b1038 Dec 19, 2024
40 of 42 checks passed
@ryota-sakamoto ryota-sakamoto deleted the update-url-aws-config branch December 20, 2024 01:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@landonxjames landonxjames landonxjames approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ryota-sakamoto @landonxjames