build(deps): ensure persistent bump of openssl from 0.10.32 to 0.10.48 #2365
Labels
dependencies
Pull requests that update a dependency file
good-first-issue
Good for newcomers
good-first-issue-300-advanced
Keychain
Tasks/bugs related to the Keychain plugin core interfaces or any of the implementations themselves.
P3
Priority 3: Medium
rust
Pull requests that update Rust code
Security
Related to existing or potential security vulnerabilities
Description
Upgrade dependencies in the Cargo.toml file not just the lock file as it was done by #2344 to remedy the same issue.
"ensure persistent" bump means that if the lockfile is deleted and regenerated the old openssl will be used once again without the necessary upgrades in the cargo.toml as well.
build(deps): bump openssl from 0.10.32 to 0.10.48 in ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/rust/gen #2344
The other PR opened by the robot which only uses the lock file to force the use of the newer versions: https://github.com/hyperledger/cacti/pull/2344/files
Acceptance Criteria
./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/rust/gen/Cargo.toml
is updatedThe text was updated successfully, but these errors were encountered: