Commit 71b7e21
chore: update dependencies (#181)
Resolve dependency CVEs and refresh outdated crates.
Security fixes:
- lettre 0.11.19 -> 0.11.22 (RUSTSEC-2026-0141: inverted-boolean bug
disabling TLS hostname verification on the boring-tls backend)
- rand 0.10.0 -> 0.10.1 (RUSTSEC-2026-0097: aliased mutable reference /
UB when a custom log logger calls rand::rng() during reseeding)
minor/patch bumps:
- tokio 1.48.0 -> 1.52.3
- uuid 1.18.1 -> 1.23.4
- reqwest 0.13.0 -> 0.13.4
- serde_json 1.0.145 -> 1.0.150
- chrono 0.4.42 -> 0.4.45
- log 0.4.28 -> 0.4.33
- url 2.5.7 -> 2.5.8
- tokio-util 0.7.17 -> 0.7.18
major bump:
- minreq 2.14.1 -> 3.0.0: renamed the https-native feature to
https-native-tls (3.0 feature rename); call site in rocket() uses only
get/with_timeout/send/json which are unchanged.
cargo audit reports no vulnerabilities. cargo fmt/clippy/test all pass
(127 tests).
Co-authored-by: dobby-yivi-agent[bot] <275734547+dobby-yivi-agent[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>1 parent b0bcef3 commit 71b7e21
2 files changed
Lines changed: 170 additions & 350 deletions
0 commit comments