forked from containerd/rust-extensions
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Cargo.toml
40 lines (35 loc) · 1.25 KB
/
Cargo.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
[package]
name = "containerd-snapshots"
version = "0.1.0"
authors = ["Maksym Pavlenko <[email protected]>", "The containerd Authors"]
keywords = ["containerd", "server", "grpc", "containers"]
categories = ["api-bindings", "asynchronous"]
description = "Remote snapshotter extension for containerd"
edition.workspace = true
license.workspace = true
repository.workspace = true
homepage.workspace = true
[dependencies]
thiserror = "1.0"
tonic = "0.8"
prost = "0.11"
prost-types = "0.11"
tokio = { version = "1.18", features = ["sync"] }
tokio-stream = "0.1.8"
# tonic v0.8.1 depends on axum-core v0.2.2, which has security vulnerability:
# = ID: RUSTSEC-2022-0055
# = Advisory: https://rustsec.org/advisories/RUSTSEC-2022-0055
# = `<bytes::Bytes as axum_core::extract::FromRequest>::from_request` would not, by
# default, set a limit for the size of the request body. That meant if a malicious
# peer would send a very large (or infinite) body your server might run out of
# memory and crash.
#
# This needs to be removed once newer version of tonic is released.
axum-core = ">=0.2.8"
[dev-dependencies]
log = "0.4"
async-stream = "0.3.2"
futures = "0.3.17"
simple_logger = { version = "4.0", default-features = false }
[build-dependencies]
tonic-build = "0.8"