Problem with ttrpc-compiler-0.4.0 release?

[jodh-intel]

The latest version of ttrpc-compiler in this repo is 0.4.0:

https://github.com/containerd/ttrpc-rust/blob/master/compiler/Cargo.toml#L3

... and that crate depends on prost 0.8:

• https://github.com/containerd/ttrpc-rust/blob/master/compiler/Cargo.toml#L17

However, ttrpc-compiler version 0.4.0 on crates.io depends on prost 0.5:

• https://docs.rs/crate/ttrpc-compiler/0.4.0/source/Cargo.toml

... and that version of prost contains a security issue which was fixed in version 0.8.0:

• https://github.com/tokio-rs/prost/releases/tag/v0.8.0

I'm guessing a new version of ttrpc-compiler have been created after #94 landed? Please can you make a new public release on crates.io so Kata Containers can upgrade to a safe version of this dependency?

/cc @egernst, @Tim-Zhang, @mxpv.

[Tim-Zhang]

@jodh-intel Thank you for your reminder, the release is scheduled https://github.com/containerd/ttrpc-rust/pull/114

[Tim-Zhang]

@jodh-intel 0.4.1 released

[jodh-intel]

Thanks very much @Tim-Zhang!