Update rust-embed version

agora-org / agora

File server that accepts Lightning Network payments for downloads

Creative Commons Zero v1.0 Universal

184 stars 26 forks source link

Update rust-embed version #274

Closed soenkehahn closed 2 years ago

soenkehahn commented 2 years ago

This fixes #270.

soenkehahn commented 2 years ago

I would argue that we don't need a test for this, since we shouldn't test rust-embed's behavior. Given that this is a bit scary, I could be convinced otherwise though. @casey

casey commented 2 years ago

I agree. Also, I think if we do #271, i.e. normalize and reject .. in the request handler, and write a test for that, we don't need to write a specific test for this vulnerability.

casey commented 2 years ago

Also LGTM