-
Notifications
You must be signed in to change notification settings - Fork 169
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Publish zerovec-derive v0.10.4 #5196
Comments
Yeah, what happened here is that:
|
Also fixing the advisory in rustsec/advisory-db#2007 |
PR for a new zerovec version in #5197, but we don't really need it now that the advisory is published? I'm going to mark this as closed unless tooling stays broken somehow. |
@Manishearth Thanks! |
FYI for anyone stumbling upon this: Github's advisory is not yet synced with the updated Rustsec advisory. Github still shows 0.10.4 as the patched version: GHSA-74r5-g7vc-j2v2 (archived) |
As far as Cargo.toml versions in the repo, they are by definition only snapshot versions. The only real versions are the tagged versions. I don't see the benefit of merging those changes into main. |
Cargo audit is currently flagging up https://rustsec.org/advisories/RUSTSEC-2024-0346.html which I believe is fixed on master? But not yet published.
The text was updated successfully, but these errors were encountered: