chore: update h2 to fix RUSTSEC-2024-0332

hyperium / tonic

A native gRPC client & server implementation with async/await support.

https://docs.rs/tonic

MIT License

9.35k stars 957 forks source link

chore: update h2 to fix RUSTSEC-2024-0332 #1675

Closed vigneshs-12 closed 1 month ago

vigneshs-12 commented 3 months ago

Update h2 crate to 0.3.26 to fix RUSTSEC-2024-0332 advisory.

rhinodavid commented 3 months ago

Would love to see this get merged.

djc commented 2 months ago

There's really no need to merge this -- the change is semver-compatible, so your downstream applications can upgrade to the new version without cooperation from tonic.

LucioFranco commented 2 months ago

@vigneshs-12 there is a ci failure that needs to be fixed first

djc commented 1 month ago

Going to close this, since downstream consumers can pick up the updated h2 version without waiting for us.