From ddf49a9a529c7e44878b8a79a1c8066275c66a60 Mon Sep 17 00:00:00 2001
From: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Date: Tue, 11 Jul 2023 10:47:24 -0700
Subject: [PATCH] Fix dependencies

Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
---
 crates/client/Cargo.toml    | 11 -----------
 crates/runc/Cargo.toml      |  2 +-
 crates/snapshots/Cargo.toml | 11 -----------
 3 files changed, 1 insertion(+), 23 deletions(-)

diff --git a/crates/client/Cargo.toml b/crates/client/Cargo.toml
index 09624923..4d9c15b7 100644
--- a/crates/client/Cargo.toml
+++ b/crates/client/Cargo.toml
@@ -18,17 +18,6 @@ prost-types.workspace = true
 tokio = { workspace = true, optional = true }
 tower = { workspace = true, optional = true }
 
-# tonic v0.8.1 depends on axum-core v0.2.2, which has security vulnerability:
-#  = ID: RUSTSEC-2022-0055
-#  = Advisory: https://rustsec.org/advisories/RUSTSEC-2022-0055
-#  = `<bytes::Bytes as axum_core::extract::FromRequest>::from_request` would not, by
-#    default, set a limit for the size of the request body. That meant if a malicious
-#    peer would send a very large (or infinite) body your server might run out of
-#    memory and crash.
-#
-# This needs to be removed once newer version of tonic is released.
-axum-core = ">=0.2.8"
-
 [build-dependencies]
 tonic-build.workspace = true
 
diff --git a/crates/runc/Cargo.toml b/crates/runc/Cargo.toml
index 8a340cc7..a4c8b67a 100644
--- a/crates/runc/Cargo.toml
+++ b/crates/runc/Cargo.toml
@@ -23,7 +23,7 @@ path-absolutize = "3.0.11"
 rand = "0.8.4"
 serde = { version = "1.0.133", features = ["derive"] }
 serde_json = "1.0.74"
-tempfile = "3.3.0"
+tempfile = "3.6.0"
 thiserror = "1.0.30"
 time = { version = "0.3.7", features = ["serde", "std"] }
 uuid = { version = "1.0.0", features = ["v4"] }
diff --git a/crates/snapshots/Cargo.toml b/crates/snapshots/Cargo.toml
index c8be8132..ad137348 100644
--- a/crates/snapshots/Cargo.toml
+++ b/crates/snapshots/Cargo.toml
@@ -23,17 +23,6 @@ async-stream = "0.3.3"
 futures.workspace = true
 pin-utils = "0.1.0"
 
-# tonic v0.8.1 depends on axum-core v0.2.2, which has security vulnerability:
-#  = ID: RUSTSEC-2022-0055
-#  = Advisory: https://rustsec.org/advisories/RUSTSEC-2022-0055
-#  = `<bytes::Bytes as axum_core::extract::FromRequest>::from_request` would not, by
-#    default, set a limit for the size of the request body. That meant if a malicious
-#    peer would send a very large (or infinite) body your server might run out of
-#    memory and crash.
-#
-# This needs to be removed once newer version of tonic is released.
-axum-core = ">=0.2.8"
-
 [dev-dependencies]
 log = "0.4"
 async-stream = "0.3.2"