From 134bc136f099189b1b9d4000af4e109cc85b3800 Mon Sep 17 00:00:00 2001
From: Ronny Chan <ronny.chan@okta.com>
Date: Thu, 12 Jan 2023 17:22:51 -0500
Subject: [PATCH] fix: revert pinning smallvec to 1.10.0

Tried to manually patch `smallvec` to a non-vulnerable version but this causes downstream dependencies to be unable to resolve a version not equal to 1.10.0

Regardless I don't think cargo is able to resolve the _ancient_ version of `smallvec` used by `tokio-proto` anyways. We'll need to accept the risk for this vuln until we're ready to move to fred 5/6.
---
 Cargo.toml | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 80e0b853..c67b60b8 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -33,10 +33,6 @@ tokio-proto = "0.1.1"
 tokio-io = "0.1.12"
 rand = "0.8.5"
 
-# https://oktainc.atlassian.net/browse/OKTA-558567
-# manually patch smallvec dependency
-smallvec = "=1.10.0"
-
 [dev-dependencies]
 hyper = "0.11"