devand
devand copied to clipboard
alepez
DevAndDev helps developers finding pair-programming partners.
Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) Commits See full diff in compare...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
> Potential segfault in the time crate | Details | | | ------------------- | ---------------------------------------------- | | Package | `time` | | Version | `0.1.43` | | URL | [https://github.com/time-rs/time/issues/293](https://github.com/time-rs/time/issues/293)...
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot] avatar"){kind=avatar}
Bumps [tokio](https://github.com/tokio-rs/tokio) from 0.1.22 to 1.8.4. Release notes Sourced from tokio's releases. Tokio v1.8.4 1.8.4 (November 15, 2021) This release backports a bugfix for a data race when sending and...
Bumps [comrak](https://github.com/kivikakk/comrak) from 0.7.0 to 0.10.1. Release notes Sourced from comrak's releases. 0.10.1 Changes since last release (https://github.com/kivikakk/comrak/compare/0.10.0...0.10.1) SECURITY: it was possible to smuggle unsafe URLs --- like javascript: ones...
> `cpuid-bool` has been renamed to `cpufeatures` | Details | | | ------------------- | ---------------------------------------------- | | Status | unmaintained | | Package | `cpuid-bool` | | Version | `0.2.0`...
> anymap is unmaintained. | Details | | | ------------------- | ---------------------------------------------- | | Status | unmaintained | | Package | `anymap` | | Version | `0.12.1` | | URL...
> `aesni` has been merged into the `aes` crate | Details | | | ------------------- | ---------------------------------------------- | | Status | unmaintained | | Package | `aesni` | | Version...
> `aes-soft` has been merged into the `aes` crate | Details | | | ------------------- | ---------------------------------------------- | | Status | unmaintained | | Package | `aes-soft` | | Version...
> Data race when sending and receiving after closing a `oneshot` channel | Details | | | ------------------- | ---------------------------------------------- | | Package | `tokio` | | Version | `0.1.22`...
> Lenient `hyper` header parsing of `Content-Length` could allow request smuggling | Details | | | ------------------- | ---------------------------------------------- | | Package | `hyper` | | Version | `0.12.36` |...