Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Audits](https://github.com/near/near-sdk-rs/actions/runs/4690517670/jobs/8376852068?pr=1010) in `near-sdk` highlight a security vulnerability [RUSTSEC-2023-0001](https://rustsec.org/advisories/RUSTSEC-2023-0001) that affects the Windows platform. As far as I could tell, we're not directly impacted by this, but the severity suggests we make an upstream dep update. #8309 (comment) pinned `tokio` to `1.18` and suggested not updating the minor version unconsciously. Whereas #8472 required a bump to `1.19`, which has no versions that patch this vulnerability. This PR seizes the opportunity to re-pin the minor version to the latest, after which subsequent updates can uphold the bump requirement outlined in #8309.
- Loading branch information