From b0e2ac67d13302e72f0ef6b64e4cc92c40b7409f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 1 Apr 2024 11:15:06 -0700
Subject: [PATCH] Bump the all-dependencies group with 3 updates (#167)

* Bump the all-dependencies group with 3 updates

Bumps the all-dependencies group with 3 updates: [serde_json](https://github.com/serde-rs/json), [syn](https://github.com/dtolnay/syn) and [tokio](https://github.com/tokio-rs/tokio).


Updates `serde_json` from 1.0.114 to 1.0.115
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.114...v1.0.115)

Updates `syn` from 2.0.55 to 2.0.57
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.55...2.0.57)

Updates `tokio` from 1.36.0 to 1.37.0
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.36.0...tokio-1.37.0)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* resolve security warning

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: William Lyles <26171886+wilyle@users.noreply.github.com>
---
 .github/workflows/security-audit.yml |  6 +++++-
 Cargo.lock                           | 12 ++++++------
 Cargo.toml                           |  6 +++---
 3 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/security-audit.yml b/.github/workflows/security-audit.yml
index 09d029fa..ae99ec11 100644
--- a/.github/workflows/security-audit.yml
+++ b/.github/workflows/security-audit.yml
@@ -20,8 +20,12 @@ jobs:
           submodules: recursive
       - name: Install Rust toolchain
         uses: ./.github/actions/install-rust-toolchain
+      # Ignored advisories:
+      # - https://rustsec.org/advisories/RUSTSEC-2024-0320 : yaml-rust is unmaintained
+      #   - This is a dependency of the config crate, which does not have a version without yaml-rust.
+      #     See https://github.com/mehcode/config-rs/issues/473 and https://github.com/eclipse-ibeji/freyja/issues/168
       - name: Cargo audit
         uses: actions-rs/cargo@v1
         with:
           command: audit
-          args: --deny warnings
\ No newline at end of file
+          args: --deny warnings --ignore RUSTSEC-2024-0320
\ No newline at end of file
diff --git a/Cargo.lock b/Cargo.lock
index d0451885..7d2bdc62 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1752,9 +1752,9 @@ dependencies = [
 
 [[package]]
 name = "serde_json"
-version = "1.0.114"
+version = "1.0.115"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c5f09b1bd632ef549eaa9f60a1f8de742bdbc698e6cee2095fc84dde5f549ae0"
+checksum = "12dc5c46daa8e9fdf4f5e71b6cf9a53f2487da0e86e55808e2d35539666497dd"
 dependencies = [
  "itoa",
  "ryu",
@@ -1838,9 +1838,9 @@ checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc"
 
 [[package]]
 name = "syn"
-version = "2.0.55"
+version = "2.0.57"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "002a1b3dbf967edfafc32655d0f377ab0bb7b994aa1d32c8cc7e9b8bf3ebb8f0"
+checksum = "11a6ae1e52eb25aab8f3fb9fca13be982a373b8f1157ca14b897a825ba4a2d35"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -1948,9 +1948,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
 
 [[package]]
 name = "tokio"
-version = "1.36.0"
+version = "1.37.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "61285f6515fa018fb2d1e46eb21223fff441ee8db5d0f1435e8ab4f5cdb80931"
+checksum = "1adbebffeca75fcfd058afa480fb6c0b81e165a0323f9c9d39c9697e37c46787"
 dependencies = [
  "backtrace",
  "bytes",
diff --git a/Cargo.toml b/Cargo.toml
index e3c4dfe7..8051588a 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -75,12 +75,12 @@ prost = "0.12"
 prost-types = "0.12"
 quote = "1.0.23"
 serde = { version = "1.0.196", features = ["derive"] }
-serde_json = "1.0.113"
+serde_json = "1.0.115"
 strum = "0.26.1"
 strum_macros = "0.26.2"
-syn = { version = "2.0.55", features = ["extra-traits", "full"] }
+syn = { version = "2.0.57", features = ["extra-traits", "full"] }
 time = "0.3.34"
-tokio = { version = "1.36", features = ["macros", "rt-multi-thread", "time", "sync", "test-util"] }
+tokio = { version = "1.37", features = ["macros", "rt-multi-thread", "time", "sync", "test-util"] }
 tokio-stream = { version = "0.1.15", features = ["net"] }
 tonic = "0.11.0"
 tonic-build = "0.11.0"