From 5d4f5918752a873113863a17e91c16867b6f9bde Mon Sep 17 00:00:00 2001 From: Surya Date: Sat, 22 Apr 2023 13:53:35 +0100 Subject: [PATCH 1/2] fix RUSTSEC-2023-0034 by updating h2 (#3022) --- actix-http/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actix-http/Cargo.toml b/actix-http/Cargo.toml index 235e4e980..7c5f07f2d 100644 --- a/actix-http/Cargo.toml +++ b/actix-http/Cargo.toml @@ -82,7 +82,7 @@ tokio-util = { version = "0.7", features = ["io", "codec"] } tracing = { version = "0.1.30", default-features = false, features = ["log"] } # http2 -h2 = { version = "0.3.9", optional = true } +h2 = { version = "0.3.17", optional = true } # websockets local-channel = { version = "0.1", optional = true } From de1efa673f13c6263e04acbc6c61b948dfa35b07 Mon Sep 17 00:00:00 2001 From: Yuki Okushi Date: Mon, 24 Apr 2023 04:46:57 +0900 Subject: [PATCH 2/2] Refine GHA workflows (#3023) --- .github/workflows/bench.yml | 14 +++++--------- .github/workflows/ci-post-merge.yml | 24 ++++++++++-------------- .github/workflows/ci.yml | 6 ++---- 3 files changed, 17 insertions(+), 27 deletions(-) diff --git a/.github/workflows/bench.yml b/.github/workflows/bench.yml index a1a31fb8d..f8bf2abda 100644 --- a/.github/workflows/bench.yml +++ b/.github/workflows/bench.yml @@ -20,14 +20,10 @@ jobs: - uses: actions/checkout@v3 - name: Install Rust - uses: actions-rs/toolchain@v1 - with: - toolchain: nightly - profile: minimal - override: true + run: | + rustup set profile minimal + rustup install nightly + rustup override set nightly - name: Check benchmark - uses: actions-rs/cargo@v1 - with: - command: bench - args: --bench=server -- --sample-size=15 + run: cargo bench --bench=server -- --sample-size=15 diff --git a/.github/workflows/ci-post-merge.yml b/.github/workflows/ci-post-merge.yml index d47083575..8dd941e04 100644 --- a/.github/workflows/ci-post-merge.yml +++ b/.github/workflows/ci-post-merge.yml @@ -46,28 +46,24 @@ jobs: run: vcpkg install openssl:x64-windows - name: Install ${{ matrix.version }} - uses: actions-rs/toolchain@v1 - with: - toolchain: ${{ matrix.version }} - profile: minimal - override: true + run: | + rustup set profile minimal + rustup install ${{ matrix.version }} + rustup override set ${{ matrix.version }} - name: Install cargo-hack uses: taiki-e/install-action@cargo-hack - name: Generate Cargo.lock - uses: actions-rs/cargo@v1 - with: { command: generate-lockfile } + run: cargo generate-lockfile - name: Cache Dependencies - uses: Swatinem/rust-cache@v1.2.0 + uses: Swatinem/rust-cache@v2.2.1 - name: check minimal - uses: actions-rs/cargo@v1 - with: { command: ci-check-min } + run: cargo ci-check-min - name: check default - uses: actions-rs/cargo@v1 - with: { command: ci-check-default } + run: cargo ci-check-default - name: tests timeout-minutes: 60 @@ -107,7 +103,7 @@ jobs: - name: Generate Cargo.lock run: cargo generate-lockfile - name: Cache Dependencies - uses: Swatinem/rust-cache@v1.2.0 + uses: Swatinem/rust-cache@v2.2.1 - name: check feature combinations run: cargo ci-check-all-feature-powerset @@ -134,7 +130,7 @@ jobs: - name: Generate Cargo.lock run: cargo generate-lockfile - name: Cache Dependencies - uses: Swatinem/rust-cache@v1.3.0 + uses: Swatinem/rust-cache@v2.2.1 - name: Test with cargo-nextest run: cargo nextest run diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4c9149722..2d0b71616 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -62,12 +62,10 @@ jobs: cargo update -p=zstd-sys --precise=2.0.1+zstd.1.5.2 - name: check minimal - uses: actions-rs/cargo@v1 - with: { command: ci-check-min } + run: cargo ci-check-min - name: check default - uses: actions-rs/cargo@v1 - with: { command: ci-check-default } + run: cargo ci-check-default - name: tests timeout-minutes: 60