Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: bump nix to 0.23 #13701

Merged
merged 1 commit into from
Feb 17, 2022
Merged

chore: bump nix to 0.23 #13701

merged 1 commit into from
Feb 17, 2022

Conversation

littledivy
Copy link
Member

As advised by cargo audit

$ cargo audit
Crate:         nix
Version:       0.22.1
Title:         Out-of-bounds write in nix::unistd::getgrouplist
Date:          2021-09-27
ID:            RUSTSEC-2021-0119
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0119
Solution:      Upgrade to ^0.20.2 OR ^0.21.2 OR ^0.22.2 OR >=0.23.0
Dependency tree:
nix 0.22.1
├── rustyline 9.0.0
│   └── deno 1.19.0
├── deno_runtime 0.45.0
│   └── deno 1.19.0
└── deno 1.19.0

I think we should also add a actions-rs/audit-check job in the CI workflow

@littledivy littledivy merged commit 6a5a3f6 into denoland:main Feb 17, 2022
@littledivy littledivy deleted the cargo_audit branch February 17, 2022 14:01
dsherret pushed a commit to dsherret/deno that referenced this pull request Feb 24, 2022
@littledivy @dsherret
chore: bump nix to 0.23 (denoland#13701)
abc39b2
dsherret pushed a commit that referenced this pull request Feb 24, 2022
@littledivy @dsherret
chore: bump nix to 0.23 (#13701)
ecb6bde
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bartlomieju bartlomieju bartlomieju approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@littledivy @bartlomieju