Upgrade to http/hyper v1.0 #3726
Conversation
|
now waiting on: hyperium/tonic#1740, then for opentelemetry to be updated with tonic 0.12. |
…y/surrealdb into upgrade-axum-to-0.7
Merge remote-tracking branch 'upstream/main' into upgrade-axum-to-0.7
There was a problem hiding this comment.
Approving the changes to dependencies. There are some minor updates to crates that we already trusted and that do not include any additional access to Rust APIs. New access seems reasonable. The new dependencies prost and quinn are both well maintained and widely used within the Rust ecosystem, the later has published security advisories in the past. For crates developed by Sean McArthur (AKA seanmonstar), we have agreed to trust the author on the grounds that we sponsor them and that they are personally known to SurrealDB and to the Rust community and have a history for publicly addressing security issues [1, 2, 3] as well as developing libraries that are well maintained and widely used.
What is the motivation?
The rust web ecosystem currently shifted as the hyper and http crates have stabilised on v1.0. SurrealDB should move onto these new standards to allow integration with new crates and allow better maintainability.
What does this change do?
bumps versions of http, hyper, axum and related crates and makes changes to account for the differences in their apis
What is your testing strategy?
This pr does not change any behaviour so relying on existing tests
Is this related to any issues?
Does this change need documentation?
Have you read the Contributing Guidelines?