From 157d738a152195596bdb2c3c304855728176974d Mon Sep 17 00:00:00 2001 From: Leonardo Lima Date: Thu, 12 Sep 2024 12:08:35 -0300 Subject: [PATCH] fix(RUSTSEC-2024-0370)!: bump `clap` to latest, removing transitive dependency on `proc-macro-error`. In #1593 it's mentioned that `proc-macro-error` is unmaintained for the past few years, with no fix other than using proc-macro-error2 instead. As on our scenario it's merely a transitive dependency of `clap`, through `clap_derive` feature, which in latest releases doesn't depend on `proc-macro-error` we can just bump it to latest. It's valid to note that by bumping it, both examples that relies on clap are no longer MSRV (1.63) compliant. --- example-crates/example_cli/Cargo.toml | 2 +- example-crates/example_wallet_rpc/Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/example-crates/example_cli/Cargo.toml b/example-crates/example_cli/Cargo.toml index 09f093ebf..290908a6a 100644 --- a/example-crates/example_cli/Cargo.toml +++ b/example-crates/example_cli/Cargo.toml @@ -12,7 +12,7 @@ bdk_file_store = { path = "../../crates/file_store" } bitcoin = { version = "0.32.0", features = ["base64"], default-features = false } anyhow = "1" -clap = { version = "3.2.23", features = ["derive", "env"] } +clap = { version = "4.5.17", features = ["derive", "env"] } rand = "0.8" serde = { version = "1", features = ["derive"] } serde_json = "1.0" diff --git a/example-crates/example_wallet_rpc/Cargo.toml b/example-crates/example_wallet_rpc/Cargo.toml index 558f43fed..15321a82e 100644 --- a/example-crates/example_wallet_rpc/Cargo.toml +++ b/example-crates/example_wallet_rpc/Cargo.toml @@ -10,5 +10,5 @@ bdk_wallet = { path = "../../crates/wallet", features = ["file_store"] } bdk_bitcoind_rpc = { path = "../../crates/bitcoind_rpc" } anyhow = "1" -clap = { version = "3.2.25", features = ["derive", "env"] } +clap = { version = "4.5.17", features = ["derive", "env"] } ctrlc = "2.0.1"