Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update glommi version, transitive CVE in aHash dependency #5

Closed
JBartscher opened this issue Dec 12, 2024 · 2 comments · Fixed by #6
Closed

Update glommi version, transitive CVE in aHash dependency #5

JBartscher opened this issue Dec 12, 2024 · 2 comments · Fixed by #6

Comments

@JBartscher
Copy link

Hey I tried to run helixdb and got an error that a transitive dependency of glommi (aHash) has some issues.
I found this #163 Issue in the aHash repository. Which is why all versions prior to 0.7.7 are yanked. I couldnt get it to work (I am relativly new to rust) so I am not opening a PR which might break stuff but I would appreaciate it if you could look into the Issue as I realy like the idea of helixdb.
@waynexia waynexia mentioned this issue Dec 16, 2024
Merged
@waynexia
Copy link
Owner

Thanks for reporting! I opened PR #6 to update deps version as well as the rust toolchain. Please check it out!

BTW, I only make sure all existing tests can pass. But I didn't confirm all the logic works the same as under the old version. There may be some implicit changes that I wasn't aware of.

@waynexia
Copy link
Owner

Closed due to the PR is merged. Feel free to reopen it if there is still any problem on your side.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: update toolchain to nightly-2024-10-19 waynexia/helixdb
2 participants
@JBartscher @waynexia