Project

General

Profile

Actions

Task #5928

open

Task #5994: tracking: rust: update dependencies

rust/bendy: update to address RUSTSEC-2020-0036

Added by Jason Ish over 1 year ago. Updated 26 days ago.

Status:
Assigned
Priority:
Low
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

Bendy 0.3.3 uses the failure crate which is no longer been maintained and been assigned RUSTSEC-2020-0036. There should be no risk, this is just an advisory that it is unmaintained.

Bendy 0.4 will use a new maintained error crate but is still in beta.

Bendy homepage: https://github.com/P3KI/bendy

Actions #1

Updated by Victor Julien over 1 year ago

  • Parent task set to #5994
Actions #2

Updated by Philippe Antoine over 1 year ago

  • Target version changed from 7.0.0-rc2 to 7.0.0
Actions #3

Updated by Juliana Fajardini Reichow over 1 year ago

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Jason Ish
Actions #4

Updated by Jason Ish over 1 year ago

  • Description updated (diff)
Actions #5

Updated by Victor Julien over 1 year ago

  • Target version changed from 7.0.0 to 7.0.1
Actions #6

Updated by Jason Ish over 1 year ago

  • Target version changed from 7.0.1 to 7.0.2

Pushing forward to 7.0.2.

Actions #7

Updated by Jason Ish about 1 year ago

  • Target version changed from 7.0.2 to 7.0.3
Actions #8

Updated by Philippe Antoine 11 months ago

Bendy 0.4 is still beta2 for one year...

Should we use another crate ?

Actions #9

Updated by Victor Julien 11 months ago

  • Target version changed from 7.0.3 to 7.0.4
Actions #10

Updated by Victor Julien 9 months ago

  • Target version changed from 7.0.4 to 7.0.5
Actions #11

Updated by Jason Ish 8 months ago

  • Target version changed from 7.0.5 to 7.0.6
Actions #12

Updated by Victor Julien 7 months ago

  • Target version changed from 7.0.6 to 7.0.7
Actions #13

Updated by Victor Julien 5 months ago

Can we replace the crate by something that is supported in master and then see about a possible backport @Jason Ish?

Actions #14

Updated by Philippe Antoine 4 months ago

From the dev meeting today : A solution could be to remove usage of bendy, and do our own needed decoding...

Actions #15

Updated by Jason Ish 4 months ago

Victor Julien wrote in #note-13:

Can we replace the crate by something that is supported in master and then see about a possible backport @Jason Ish?

There is one that appears to more maintained: https://github.com/toby/serde-bencode

Actions #16

Updated by Jason Ish 4 months ago

  • Target version changed from 7.0.7 to 7.0.8
Actions #17

Updated by Jason Ish 26 days ago

  • Target version changed from 7.0.8 to 7.0.9

Pushing forward, no sign of a new release coming.

Actions

Also available in: Atom PDF