Skip to content

Commit

Permalink
Cargo: update clap from 2 to 4
Browse files Browse the repository at this point in the history 
Update clap from 2.34.0 to 4.4.6, because clap both 2 and 3 rely on a
unmaintained lib atty, which causes security issues.
https://github.com/flatcar/update-ssh-keys/security/dependabot/3

To do that, it is required to turn on `cargo` features of clap, because
clap 4 does not expose macros like clap_version by default.
  • Loading branch information
@dongsupark
dongsupark committed Oct 24, 2023
1 parent cfabe0e commit 860e7e6
Show file tree
Hide file tree
Showing 2 changed files with 136 additions and 55 deletions.
188 changes: 135 additions & 53 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 1 addition & 2 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,12 @@ description = "A tool for managing authorized SSH keys"
version = "0.4.2-alpha.0"

[dependencies]
# Private dependencies.
clap = "2.33"
fs2 = "0.4"
# Public dependencies, exposed through library API.
error-chain = { version = "0.12", default-features = false }
openssh-keys = { git = "https://github.com/pothos/openssh-keys", branch = "add-sk-keys" }
users = "0.9"
clap = { version = "4.4.6", features = ["cargo"] }

[[bin]]
name = "update-ssh-keys"
Expand Down

0 comments on commit 860e7e6

Please sign in to comment.