Closed dnaka91 closed 9 months ago
As I was just being made aware of in #2301, there is a next
branch for the next breaking version of Twilight. Looking at it, I see that tokio-tungstenite
seems to be replaced with tokio-websockets
.
I assume this update isn't needed anymore then?
As I don't see it as breaking we could do this for the last version that we release with the changes that have accumulated. @Gelbpunkt What is your thought about it?
I didn't plan a new patch release before the next minor release (which I intend to do this December), so this is not a dependency update we should be making. tokio-tungstenite 0.20 uses a different version of rustls than 0.18, which is a crate that should definitely be avoided duplicating in the dependency tree and is a change too large for a patch release. See this comment for my rationale behind rejecting essentially the same PR (linked one and #2270).
Thanks for the input, I'll close this then. Sorry that I didn't see the previous PR which did essentially the same :bowing_man:
There has recently been a CVE for tungstenite which can be fixed by updating from v0.18 to the latest v0.20.1.