From aa93eaff09da0b5e35987406a65e052ca8eb9429 Mon Sep 17 00:00:00 2001
From: Stuart Langley <stuart@langleyclan.com>
Date: Wed, 19 Feb 2025 20:04:03 +1100
Subject: [PATCH] deps: bump url from 2.1 to 2.5 (#461)

idna versions less than version 1.0.3 are impacted
by RUSTSEC-2024-0421. Uprevving url to a version
greater than 2.5.4 will use a version of idna that
is not impacted by this vulnerability.

Co-authored-by: Roman Valls Guimera <brainstorm@users.noreply.github.com>
---
 Cargo.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Cargo.toml b/Cargo.toml
index 09ded34b9..50a79a2bc 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -31,7 +31,7 @@ regex = "1.3"
 serde = {version = "^1", optional = true, features = ["derive"]}
 serde_bytes = {version = "0.11", optional = true}
 thiserror = {version = "^2" }
-url = "2.1"
+url = "2.5"
 
 [features]
 bindgen = ["hts-sys/bindgen"]