search

frewsxcv / rust-crates-index

Rust library for retrieving and interacting with the crates.io index
https://docs.rs/crates-index/
Apache License 2.0
72 stars 37 forks source link

Upgrade `gix` to version 0.63.0 #171

Closed smoelius closed 4 months ago

smoelius commented 4 months ago

The PR is pretty self-explanatory.

In one of my projects (cargo-unmaintained), I am seeing this Dependabot alert: https://github.com/advisories/GHSA-7w47-3wg8-547c

cargo-unmaintained relies on gix through crates-index only. So, I am hoping that this upgrade will cause the alert to go away.

Since this is not a RustSect advisory, I unfortunately do not know how to test that idea locally.

Byron commented 4 months ago

And here is the new release: https://github.com/frewsxcv/rust-crates-index/releases/tag/v2.10.0

smoelius commented 4 months ago

Thanks!