Skip to content

Update dependencies (pin-project-lite + bytes)#57

Merged
matthunz merged 2 commits intomatthunz:masterfrom
Keruspe:bytes1
Feb 6, 2026
Merged

Update dependencies (pin-project-lite + bytes)#57
matthunz merged 2 commits intomatthunz:masterfrom
Keruspe:bytes1

Conversation

@Keruspe
Copy link
Contributor

@Keruspe Keruspe commented Jan 5, 2021

No description provided.

Keruspe added 2 commits January 5, 2021 15:37
@Keruspe
pin-project-lite: update to 0.2
5bd436d 
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
@Keruspe
bytes: update ot 1.0
83480d5 
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
@Keruspe Keruspe mentioned this pull request Jan 5, 2021
Closed
This was referenced Jan 6, 2021
Merged
Merged
@CorinJG CorinJG mentioned this pull request Mar 24, 2021
Merged
BatmanAoD
BatmanAoD reviewed Feb 3, 2026
View reviewed changes
Cargo.toml

[dependencies]
bytes = "0.5.4"
bytes = "1.0.0"
Copy link

@BatmanAoD BatmanAoD Feb 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
bytes = "1.0.0"
bytes = "1.11.1"

To resolve https://rustsec.org/advisories/RUSTSEC-2026-0007 (#59)

Copy link

@matthiasbeyer matthiasbeyer Feb 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The author seems to not maintain this repository anymore. I asked for contrib rights, but I am not sure whether they will respond.

@matthunz
Copy link
Owner

matthunz commented Feb 6, 2026

Thanks for catching this! I'll get an updated version out ASAP, I was originally stepping back from maintaining this as I noticed a few alternative crates (like async-codec) but it seems those aren't maintained anymore. So I'll try to keep this updated if it's still getting some use

@matthunz matthunz merged commit 94379cc into matthunz:master Feb 6, 2026
@matthunz matthunz mentioned this pull request Feb 6, 2026
Closed
@BatmanAoD
Copy link

BatmanAoD commented Feb 6, 2026

@matthunz Thank you! FWIW, I discovered this because your crate is used as a transitive dependency (via sse-codec) by the Poem webserver crate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@matthiasbeyer matthiasbeyer matthiasbeyer approved these changes

@BatmanAoD BatmanAoD BatmanAoD left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Keruspe @matthunz @BatmanAoD @matthiasbeyer