fix: fix reqwest version to avoid vulnerability

biopragmatics · Aug 22, 2024 · d9b6414 · d9b6414
1 parent b7fae77
commit d9b6414
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/lib/Cargo.toml b/lib/Cargo.toml
@@ -19,7 +19,7 @@ serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 async-trait = "0.1"
 regex = "1.10"
-reqwest = { version = "0.12", default-features = false }
+reqwest = { version = "0.12.4", default-features = false } # on 0.12.4 to avoid vulnerability on 0.12.2
 sophia = { version = "0.8.0" }
 
 [dev-dependencies]

diff --git a/lib/src/api.rs b/lib/src/api.rs
@@ -601,7 +601,8 @@ impl Converter {
 
     /// Compresses a list of URIs to CURIEs
     pub fn compress_list(&self, uris: Vec<&str>, passthrough: bool) -> Vec<Option<String>> {
-        // TODO: fixed
+        // TODO: we might want to move passthrough to the converter builder (and use builder pattern to make it optional)
+        // So the user can choose if they want to use passthrough or not for non list functions too
         uris.into_iter()
             .map(|uri| match self.compress(uri) {
                 Ok(curie) => Some(curie),