Fix cargo audit issue on criterion (#1923)

* Depend on criterion 0.4.0 This updates criterion from 0.3.6 to 0.4.0 to avoid RUSTSEC-2021-0127 where criterion 0.3.6 depends upon an unmaintained crate `serde_cbor`. * Update CHANGELOG.next.toml Co-authored-by: Saito <[email protected]>
smithy-lang · Nov 1, 2022 · beb8a68 · beb8a68
1 parent e9f876a
commit beb8a68
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 3 deletions.
diff --git a/CHANGELOG.next.toml b/CHANGELOG.next.toml
@@ -73,3 +73,9 @@ message = "Fix cargo audit issue on chrono."
 references = ["smithy-rs#1907"]
 meta = { "breaking" = false, "tada" = false, "bug" = false, "target" = "all" }
 author = "ysaito1001"
+
+[[aws-sdk-rust]]
+message = "Fix cargo audit issue on criterion."
+references = ["smithy-rs#1923"]
+meta = { "breaking" = false, "tada" = false, "bug" = false }
+author = "ysaito1001"
diff --git a/...sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/IntegrationTestDependencies.kt b/...sdk-codegen/src/main/kotlin/software/amazon/smithy/rustsdk/IntegrationTestDependencies.kt
@@ -119,7 +119,7 @@ class S3TestDependencies(
 
 private val AsyncStd = CargoDependency("async-std", CratesIo("1.12.0"), scope = DependencyScope.Dev)
 private val AsyncStream = CargoDependency("async-stream", CratesIo("0.3.0"), DependencyScope.Dev)
-private val Criterion = CargoDependency("criterion", CratesIo("0.3.6"), scope = DependencyScope.Dev)
+private val Criterion = CargoDependency("criterion", CratesIo("0.4.0"), scope = DependencyScope.Dev)
 private val FuturesCore = CargoDependency("futures-core", CratesIo("0.3.0"), DependencyScope.Dev)
 private val FuturesUtil = CargoDependency("futures-util", CratesIo("0.3.0"), scope = DependencyScope.Dev)
 private val Hound = CargoDependency("hound", CratesIo("3.4.0"), DependencyScope.Dev)

diff --git a/aws/sdk/integration-tests/dynamodb/Cargo.toml b/aws/sdk/integration-tests/dynamodb/Cargo.toml
@@ -17,8 +17,7 @@ aws-smithy-protocol-test = { path = "../../build/aws-sdk/sdk/aws-smithy-protocol
 aws-smithy-async = { path = "../../build/aws-sdk/sdk/aws-smithy-async" }
 aws-types = { path = "../../build/aws-sdk/sdk/aws-types" }
 bytes = "1.0.0"
-# TODO(https://github.com/awslabs/smithy-rs/issues/1044) v3.6 has an unmaintained dependency, upgrade this when possible
-criterion = { version = "0.3.6" }
+criterion = { version = "0.4.0" }
 futures-util = "0.3.16"
 http = "0.2.0"
 serde_json = "1.0.0"