Closed notmandatory closed 1 year ago
Base: 53.18% // Head: 53.18% // No change to project coverage :thumbsup:
Coverage data is based on head (
e23a892
) compared to base (b5f9177
). Patch has no changes to coverable lines.
:umbrella: View full report at Codecov.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.
Cargo audit output
$ cargo audit
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 458 security advisories (from /home/raj/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (281 crate dependencies)
Crate: rocksdb
Version: 0.14.0
Title: Out-of-bounds read when opening multiple column families with TTL
Date: 2022-05-11
ID: RUSTSEC-2022-0046
URL: https://rustsec.org/advisories/RUSTSEC-2022-0046
Solution: Upgrade to >=0.19.0
Dependency tree:
rocksdb 0.14.0
└── bdk 0.22.0
├── bdk-reserves 0.22.0
│ └── bdk-cli 0.6.0
└── bdk-cli 0.6.0
Crate: ansi_term
Version: 0.12.1
Warning: unmaintained
Title: ansi_term is Unmaintained
Date: 2021-08-18
ID: RUSTSEC-2021-0139
URL: https://rustsec.org/advisories/RUSTSEC-2021-0139
Dependency tree:
ansi_term 0.12.1
└── clap 2.34.0
└── structopt 0.3.26
└── bdk-cli 0.6.0
Crate: stdweb
Version: 0.4.20
Warning: unmaintained
Title: stdweb is unmaintained
Date: 2020-05-04
ID: RUSTSEC-2020-0056
URL: https://rustsec.org/advisories/RUSTSEC-2020-0056
Dependency tree:
stdweb 0.4.20
└── time 0.2.27
├── cookie_store 0.12.0
│ └── ureq 1.5.5
└── cookie 0.14.4
├── ureq 1.5.5
└── cookie_store 0.12.0
error: 1 vulnerability found!
warning: 2 allowed warnings found
Let's try to get these audit issues fixed in the next release. The two warning should be fixable with dependency version updates, maybe we could even do them in a 0.6.1 release. For the rocksdb issue how do you feel about removing the CBF support until we have the new Nakamoto node working in BDK?
ACK on removing CBF support in bdk-cli.. Hopefully nakamoto will start working with bdk soon and then we can add it back ointo bdk-cli..
Description
Bump version and update changelog file for version 0.6.0. Also updated Cargo.lock.
Once this is ACK'd I'll publish the repo to crates.io.
Checklists
All Submissions:
cargo fmt
andcargo clippy
before committing