Closed sehkone closed 5 months ago
kimhanbeom
commented
6 months ago The current dependency for h2 is
warp 0.3.6/mockito 1.4.0 -> hyper 0.14.28 -> h2 0.3.25I checked the repositories for each crate and found that mockito has an updated version of hyper, but no release for that version yet. and warp, there is an issue and pr for hyper, but it doesn't seem to be progressing.
sehkone
commented
6 months ago The current dependency for
h2is
warp 0.3.6/mockito 1.4.0->hyper 0.14.28->h2 0.3.25I checked the repositories for each crate and found that
mockitohas an updated version ofhyper, but no release for that version yet. andwarp, there is an issue and pr forhyper, but it doesn't seem to be progressing.
mockito의 경우 hyper 새 버전 사용이 main 브랜치에는 업데이트가 되었는데 그걸 아직 릴리스하기 전이라는 말인가요?
kimhanbeom
commented
6 months ago @sehkone 네 맞습니다.
sehkone
commented
6 months ago Could you visit the GitHub pages for Warp and Mockito, and set up monitoring to alert you about any status changes?
sehkone
commented
6 months ago @kimhanbeom This should belong to the "pending" category in our to-do list project, which is the number 10 of our policy.
kimhanbeom
commented
5 months ago The cargo update fixes the current issue, so we don't have to wait for new releases of warp and mockito. I'll continue with the current issue.
Refer to https://github.com/aicers/giganto/security/dependabot/22
Even
cargo updatemight not fail in resolving the above, depending on the dependencies of the crates. If this is the case, please notify us about which crate causes it, and we will discuss it later.