Skip to content

Commit

Permalink
security: unpin serde version.
Browse files Browse the repository at this point in the history
As the consensus was concluded across the rust community, this
PR serde-rs/serde#2590 phases out precompiled
blobs from serde_derive.

Signed-off-by: Soc Virnyl Estela <socvirnyl.estela@gmail.com>
  • Loading branch information
Soc Virnyl Estela committed Aug 22, 2023
1 parent a57bf73 commit 69c7aae
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion rypper-reader/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -25,5 +25,5 @@ md-5 = "0.10"
regex = "1.9.1"
# Pin to the most recent version before 1.0.172
# https://github.com/serde-rs/serde/issues/2538 is a security risk.
serde = { version = "1.0.171, <1.0.172", features = ["derive", "alloc"] }
serde = { version = ">=1.0.184", features = ["derive", "alloc"] }

0 comments on commit 69c7aae

Please sign in to comment.