Merge branch 'develop' of github.com:evannetwork/vade-sidetree into d…

…evelop
evannetwork · Jul 24, 2023 · 126b00e · 126b00e
2 parents 2d7e798 + 60bb27d
commit 126b00e
Show file tree

Hide file tree

Showing 4 changed files with 105 additions and 45 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,12 @@
+version: 2
+updates:
+  - package-ecosystem: "cargo"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    # Raise pull requests for version updates
+    # to cargo against the `develop` branch
+    target-branch: "develop"
+    # Labels on pull requests for version updates only
+    labels:
+      - "cargo dependencies"
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -33,7 +33,7 @@ getrandom = { version = "0.2", features = ["js"] }
 log = "0.4.17" # pinned version for dependency of `async-std`
 libsecp256k1 = "0.5"
 multihash = "0.13"
-regex = { version = "1.3.7" }
+regex = { version = "1.5.5" }
 reqwest = { version = "0.11", default-features = false, features = ["json", "rustls-tls"], optional = true }
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
@@ -42,5 +42,5 @@ vade = "0.1.0"
 serde_jcs = "0.1"
 
 [dev-dependencies]
-tokio = { version = "=1.7.1", features = ["macros", "rt-multi-thread"] }
+tokio = { version = "=1.18.5", features = ["macros", "rt-multi-thread"] }
 serial_test = "0.5.1"
diff --git a/VERSIONS.md b/VERSIONS.md
@@ -23,6 +23,7 @@
 
 - Fix the correct payload for IETF json patches
 - fix in3 request list fallback payload
+- update dependencies for vulnerabilities
 
 ## v0.0.3