From 00c1efe36281a4307f4c27df75832d25f03180b0 Mon Sep 17 00:00:00 2001
From: Ash Beitz <8304894+ashbeitz@users.noreply.github.com>
Date: Mon, 15 Apr 2024 15:36:50 -0700
Subject: [PATCH] Update some dependencies and fix security audit

---
 .github/workflows/security-audit.yml | 5 ++++-
 Cargo.toml                           | 4 ++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/security-audit.yml b/.github/workflows/security-audit.yml
index 225632ac..ac32ecde 100644
--- a/.github/workflows/security-audit.yml
+++ b/.github/workflows/security-audit.yml
@@ -11,9 +11,12 @@ on:
     - cron: "0 0 * * *" # once a day at midnight UTC
     # NB: that cron trigger on GH actions runs only on the default branch
 jobs:
+  # Ignored advisories:
+  # - https://rustsec.org/advisories/RUSTSEC-2024-0320 : yaml-rust is unmaintained
+  #   - This is a dependency of the config crate, which does not have a version without yaml-rust.
   security_audit:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v1
       - run: |
-          cargo audit --deny warnings
+          cargo audit --deny warnings --ignore RUSTSEC-2024-0320
diff --git a/Cargo.toml b/Cargo.toml
index facbd89f..256d73d6 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -49,7 +49,7 @@ generic-json = "^0.7"
 http = "0.2.9"
 http-body = "0.4.5"
 hyper = "0.14.27"
-image = "0.24.3"
+image = "0.25.1"
 iref = "^3.1.2"
 lazy_static = "1.4.0"
 log = "^0.4"
@@ -58,7 +58,7 @@ parking_lot = "0.12.1"
 prost = "0.12"
 prost-types = "0.12"
 rand = "0.8.5"
-regex = " 1.9.3"
+regex = "1.10.4"
 sdl2 = "0.35.2"
 serde = "1.0.160"
 serde_derive = "1.0.163"