bbemis017
commented
6 months ago Can we also add H2 to this list of dependencies that need to be upgraded since GHSA-q6cp-qfwq-4gcv is flagging the h2 version the sdk currently uses
Closed cretz closed 6 months ago
bbemis017
commented
6 months ago Can we also add H2 to this list of dependencies that need to be upgraded since GHSA-q6cp-qfwq-4gcv is flagging the h2 version the sdk currently uses
bbemis017
commented
3 months ago Are there any updates on when the next python sdk could be release to include the dependency updates?/
cretz
commented
3 months ago No updates here on specific release timelines, but hopefully soon.
Describe the solution you'd like
Even though we are unaffected by the vulnerabilities, security scans show our current rustls and mio versions as of this writing have vulnerabilities. Update them (and any other things as needed).