dae7221342
The currently used versions of "wasmtime", "idna", "cap-std" and "cap-primitives" packages had low to moderate security issues. In this patch we update the dependencies to versions with these issues fixed. The update was performed by changing the "wasmtime" (and "wasmtime-wasi") version in rust/wasmtime_bindings/Cargo.toml and updating rust/Cargo.lock using the "cargo update" command with the affected package. To fix an issue with different dependencies having different versions of sub-dependencies, the package "smallvec" was also updated to "1.13.1". After the dependency update, the Rust code also needed to be updated because of the slightly changed API. One Wasm test case needed to be updated, as it was actually using an incorrect Wat module and not failing before. The crate also no longer allows multiple tables in Wasm modules by default - it is now enabled by setting the "gc" crate feature and configuring the Engine with config.wasm_reference_types(true). Fixes https://github.com/scylladb/scylladb/issues/23127 Closes scylladb/scylladb#23128
17 lines
414 B
TOML
17 lines
414 B
TOML
[package]
|
|
name = "wasmtime_bindings"
|
|
version = "0.1.0"
|
|
edition = "2021"
|
|
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
|
|
|
[dependencies]
|
|
cxx = { version = "1.0.83", features = ["c++20"] }
|
|
wasmtime-wasi = "24.0.2"
|
|
futures = "0.3.25"
|
|
anyhow = "1.0.66"
|
|
|
|
[dependencies.wasmtime]
|
|
version = "24.0.2"
|
|
default-features = false
|
|
features = ["async", "wat", "cranelift", "gc"]
|