Upgrade idna for RUSTSEC-2024-0421 (#3654)

element-hq · Dec 10, 2024 · bcd1e25 · bcd1e25
1 parent fef81b8
commit bcd1e25
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 39 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -350,7 +350,7 @@ default-features = false
 
 # URL manipulation
 [workspace.dependencies.url]
-version = "2.5.2"
+version = "2.5.4"
 features = ["serde"]
 
 # ULID support

diff --git a/crates/handlers/Cargo.toml b/crates/handlers/Cargo.toml
@@ -109,6 +109,6 @@ zxcvbn = "3.1.0"
 [dev-dependencies]
 insta.workspace = true
 tracing-subscriber.workspace = true
-cookie_store = "0.21.1"
+cookie_store = { version = "0.21.1", default-features = false, features = ["serde_json"] }
 sqlx.workspace = true
 wiremock.workspace = true
diff --git a/deny.toml b/deny.toml
@@ -63,8 +63,6 @@ skip = [
     # a few dependencies depend on the 1.x version of thiserror
     { name = "thiserror", version = "1.0.69" },
     { name = "thiserror-impl", version = "1.0.69" },
-    # url and cookie-store depend on this old version of idna
-    { name = "idna", version = "0.5.0" },
     # axum-macros, sqlx-macros and sea-query-attr use an old version
     { name = "heck", version = "0.4.1" },
     # wasmtime -> cranelift is depending on this old version