Skip to content

Commit

Permalink
[master] Update vulnerable regex package (Azure#6070)
Browse files Browse the repository at this point in the history 
Component governance identified a vulnerability in thread_local, which
was a transitive dependency brought in by older regex versions.

This has the additional benefit of unifying our regex dependency
versions.

RUSTSEC advisory: https://rustsec.org/advisories/RUSTSEC-2022-0006.html

## Azure IoT Edge PR checklist:
  • Loading branch information
@onalante-msft
onalante-msft authored Feb 4, 2022
1 parent 4179221 commit cfeea7d
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 86 deletions.
119 changes: 34 additions & 85 deletions edgelet/Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion edgelet/iotedge/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ libc = "0.2"
log = "0.4"
nix = "0.23"
openssl = "0.10"
regex = "0.2"
regex = "1"
serde = "1.0"
serde_derive = "1.0"
serde_json = "1.0"
Expand Down

0 comments on commit cfeea7d

Please sign in to comment.