rumba icon indicating copy to clipboard operation
rumba copied to clipboard
verified publisher icon mdn

build(deps): bump sqlx from 0.7.4 to 0.8.6

Open caugner opened this issue 1 week ago • 0 comments

Description

Also bumps:

  • pgvector from 0.3.4 to 0.4.1 (for sqlx 0.8 compatibility)
  • event-listener from 5.1.0 to 5.4.1

Removes transitive dependencies no longer needed by sqlx 0.8:

  • hashlink
  • sqlformat
  • unicode_categories

Adds new transitive dependency:

  • webpki-roots

Motivation

Fixes security vulnerability GHSA-xmrp-424f-vfpx (SQL Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts).

Additional details

Related issues and pull requests

caugner avatar Jan 12 '26 11:01 caugner