From 527dfa4893e67f14950ee634882c44c5b59c00d7 Mon Sep 17 00:00:00 2001 From: Divma Date: Tue, 8 Mar 2022 19:48:12 +0000 Subject: [PATCH] cargo audit updates (#3063) ## Issue Addressed Closes #3008 and updates `regex` to solve https://rustsec.org/advisories/RUSTSEC-2022-0013 --- Cargo.lock | 4 ++-- Makefile | 2 +- beacon_node/lighthouse_network/Cargo.toml | 2 +- common/account_utils/Cargo.toml | 2 +- common/lighthouse_version/Cargo.toml | 2 +- common/monitoring_api/Cargo.toml | 2 +- consensus/types/Cargo.toml | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 0ab7d42ae..fb75387bd 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4915,9 +4915,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.5.4" +version = "1.5.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461" +checksum = "1a11647b6b25ff05a515cb92c365cec08801e83423a235b51e231e1808747286" dependencies = [ "aho-corasick", "memchr", diff --git a/Makefile b/Makefile index 8507767c3..01fd45a4d 100644 --- a/Makefile +++ b/Makefile @@ -161,7 +161,7 @@ arbitrary-fuzz: # Runs cargo audit (Audit Cargo.lock files for crates with security vulnerabilities reported to the RustSec Advisory Database) audit: cargo install --force cargo-audit - cargo audit --ignore RUSTSEC-2020-0071 --ignore RUSTSEC-2020-0159 --ignore RUSTSEC-2022-0009 + cargo audit --ignore RUSTSEC-2020-0071 --ignore RUSTSEC-2020-0159 # Runs `cargo vendor` to make sure dependencies can be vendored for packaging, reproducibility and archival purpose. vendor: diff --git a/beacon_node/lighthouse_network/Cargo.toml b/beacon_node/lighthouse_network/Cargo.toml index f5f3b2214..6f746705d 100644 --- a/beacon_node/lighthouse_network/Cargo.toml +++ b/beacon_node/lighthouse_network/Cargo.toml @@ -35,7 +35,7 @@ tiny-keccak = "2.0.2" task_executor = { path = "../../common/task_executor" } rand = "0.7.3" directory = { path = "../../common/directory" } -regex = "1.3.9" +regex = "1.5.5" strum = { version = "0.21.0", features = ["derive"] } superstruct = "0.4.0" prometheus-client = "0.15.0" diff --git a/common/account_utils/Cargo.toml b/common/account_utils/Cargo.toml index 4b42e039d..02333ff59 100644 --- a/common/account_utils/Cargo.toml +++ b/common/account_utils/Cargo.toml @@ -18,6 +18,6 @@ serde_yaml = "0.8.13" slog = { version = "2.5.2", features = ["max_level_trace", "release_max_level_trace"] } types = { path = "../../consensus/types" } validator_dir = { path = "../validator_dir" } -regex = "1.3.9" +regex = "1.5.5" rpassword = "5.0.0" directory = { path = "../directory" } diff --git a/common/lighthouse_version/Cargo.toml b/common/lighthouse_version/Cargo.toml index 782344e9c..96ac26647 100644 --- a/common/lighthouse_version/Cargo.toml +++ b/common/lighthouse_version/Cargo.toml @@ -11,4 +11,4 @@ git-version = "0.3.4" target_info = "0.1.0" [dev-dependencies] -regex = "1" +regex = "1.5.5" diff --git a/common/monitoring_api/Cargo.toml b/common/monitoring_api/Cargo.toml index 4196f8cce..bfb5e7204 100644 --- a/common/monitoring_api/Cargo.toml +++ b/common/monitoring_api/Cargo.toml @@ -19,5 +19,5 @@ lighthouse_metrics = { path = "../lighthouse_metrics" } slog = "2.5.2" store = { path = "../../beacon_node/store" } lazy_static = "1.4.0" -regex = "1" +regex = "1.5.5" sensitive_url = { path = "../sensitive_url" } diff --git a/consensus/types/Cargo.toml b/consensus/types/Cargo.toml index acd6b03b9..31d08fde1 100644 --- a/consensus/types/Cargo.toml +++ b/consensus/types/Cargo.toml @@ -39,7 +39,7 @@ derivative = "2.1.1" rusqlite = { version = "0.25.3", features = ["bundled"], optional = true } arbitrary = { version = "1.0", features = ["derive"], optional = true } eth2_serde_utils = "0.1.1" -regex = "1.3.9" +regex = "1.5.5" lazy_static = "1.4.0" parking_lot = "0.11.1" itertools = "0.10.0"