Closed bangtabil closed 1 week ago
Totals | |
---|---|
Change from base Build 8310295107: | 0.07% |
Covered Lines: | 5761 |
Relevant Lines: | 6101 |
Hey, I don't quite follow this - there aren't any code changes other than a version bump in the lockfile, so I'm not sure if this would actually fix the mentioned issue?
We only work with certificates in the chia-ssl
crate of chia_rs
, and I don't think we use the X509StoreRef::objects
method.
I see, the relevant issue is https://github.com/sfackler/rust-openssl/issues/2096?
Looks like CI is failing, so will have to look into that. And ideally bump whichever crate indirectly depends on OpenSSL as well.
this should also be addressed in the Cargo.toml
file, right?
Also, once addressed, we should remove this exception: https://github.com/Chia-Network/clvm_rs/blob/main/.github/workflows/dependency-review.yml#L22C24-L22C43
thanks for your contribution, this was merged into one big pr and included
Thanks! Included in #435.
This function returned a reference into an OpenSSL datastructure, but there was no way to ensure OpenSSL would not mutate the datastructure behind one's back.
Use of this function should be replaced with
X509StoreRef::all_certificates.