New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump patch version of lambda-http #556
Merged
calavera
merged 1 commit into
awslabs:main
from
ysaito1001:ysaito/bump-patch-version-of-lambda-http
Oct 28, 2022
Merged
Bump patch version of lambda-http #556
calavera
merged 1 commit into
awslabs:main
from
ysaito1001:ysaito/bump-patch-version-of-lambda-http
Oct 28, 2022
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit updates the version of `lambda-http` to 0.7.1. The crate now depends on `aws-lambda-events` 0.7.2 or higher whereas it previously depended on that of ^0.7. This crate currently does not compile against `aws-lambda-events` 0.7.0 or 0.7.1. In `aws-lambda-events` 0.7.0, the module `query_map` is private when it should be public for `lambda-http` to compile. Similarly, in `aws-lambda-events` 0.7.1, the trait bound `QueryMap: FromStr` is not satisfied so `lambda-http` does not compile either.
1 task
calavera
approved these changes
Oct 28, 2022
ysaito1001
pushed a commit
to smithy-lang/smithy-rs
that referenced
this pull request
Oct 28, 2022
This commit updates the version of `lambda_http` from 0.7.0 to 0.7.1 in the crates within the top-level `rust-runtime` workspace. These updates are needed to solve the issue described in awslabs/aws-lambda-rust-runtime#556
ysaito1001
added a commit
to smithy-lang/smithy-rs
that referenced
this pull request
Oct 31, 2022
* Avoid the chrono crate depending on the time crate This commit is in response to RUSTSEC-2020-0071 where there is a potential segfault in the time crate. The aws-smithy-types-convert crate now disables the default features of the chrono crate so that it will not depend on the time crate. * Depend on lambda_http without RUSTSEC-2020-0071 This commit updates the version of lambda_http used by aws-smithy-http-server and aws-smithy-http-server-python to 0.7.0. The prior version 0.6.0 of lambda_http used the chrono crate in a way that exposed a security issue described in RUSTSEC-2020-0071. By switching to 0.7.0 of lambda_http, those two crates do not exhibit vulnerabilities as reported by cargo audit. * Bump minor version of lambda_http in pokemon-service This commit updates the version of `lambda_http` used by `pokemon-service` from 0.6.0 to 0.7.0. This is in sync with the fact that both `aws-smithy-http-server` and `aws-smithy-http-server-python` now depend on 0.7.0 of `lambda_http`. Failing to do so would cause `pokemon-service` to fail to compile due to an error at `lambda_http::run(handler)` in the main function of the `pokemon-service-lambda` binary: the trait `Service<lambda_http::http::Request<lambda_http::Body>>` is not implemented for `LambdaHandler<aws_smithy_http_server::routing::Router>` * Depend on lambda-http 0.7.1 This commit updates the version of `lambda_http` from 0.7.0 to 0.7.1 in the crates within the top-level `rust-runtime` workspace. These updates are needed to solve the issue described in awslabs/aws-lambda-rust-runtime#556 * Update CHANGELOG.next.toml * Address #1907 Co-authored-by: Saito <awsaito@c889f3b5ddc4.ant.amazon.com> Co-authored-by: Zelda Hessler <zhessler@amazon.com>
aws-sdk-rust-ci
pushed a commit
to awslabs/aws-sdk-rust
that referenced
this pull request
Dec 14, 2022
* Avoid the chrono crate depending on the time crate This commit is in response to RUSTSEC-2020-0071 where there is a potential segfault in the time crate. The aws-smithy-types-convert crate now disables the default features of the chrono crate so that it will not depend on the time crate. * Depend on lambda_http without RUSTSEC-2020-0071 This commit updates the version of lambda_http used by aws-smithy-http-server and aws-smithy-http-server-python to 0.7.0. The prior version 0.6.0 of lambda_http used the chrono crate in a way that exposed a security issue described in RUSTSEC-2020-0071. By switching to 0.7.0 of lambda_http, those two crates do not exhibit vulnerabilities as reported by cargo audit. * Bump minor version of lambda_http in pokemon-service This commit updates the version of `lambda_http` used by `pokemon-service` from 0.6.0 to 0.7.0. This is in sync with the fact that both `aws-smithy-http-server` and `aws-smithy-http-server-python` now depend on 0.7.0 of `lambda_http`. Failing to do so would cause `pokemon-service` to fail to compile due to an error at `lambda_http::run(handler)` in the main function of the `pokemon-service-lambda` binary: the trait `Service<lambda_http::http::Request<lambda_http::Body>>` is not implemented for `LambdaHandler<aws_smithy_http_server::routing::Router>` * Depend on lambda-http 0.7.1 This commit updates the version of `lambda_http` from 0.7.0 to 0.7.1 in the crates within the top-level `rust-runtime` workspace. These updates are needed to solve the issue described in awslabs/aws-lambda-rust-runtime#556 * Update CHANGELOG.next.toml * Address smithy-lang/smithy-rs#1907 Co-authored-by: Saito <awsaito@c889f3b5ddc4.ant.amazon.com> Co-authored-by: Zelda Hessler <zhessler@amazon.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR updates the version of
lambda-http
to 0.7.1. The crate now depends onaws-lambda-events
0.7.2 or higher whereas it previously depended on that of ^0.7.This crate currently does not compile against
aws-lambda-events
0.7.0 or 0.7.1. Inaws-lambda-events
0.7.0, the modulequery_map
is private when it should be public forlambda-http
to compile. Similarly, inaws-lambda-events
0.7.1, the trait boundQueryMap: FromStr
is not satisfied solambda-http
does not compile either.It has been discovered as part of this test failure in CI for smithy-lang/smithy-rs#1907. The test was running
cargo minimal-versions check
within the top-level rust-runtime workspace.By submitting this pull request