From be4caa588c1fe15d53c6c5d15892b489a4c99907 Mon Sep 17 00:00:00 2001
From: Alexandru Vasile <60601340+lexnv@users.noreply.github.com>
Date: Wed, 11 Dec 2024 17:25:46 +0200
Subject: [PATCH 1/2] ci: Ensure cargo-machete is working with rust version
 from CI (#303)

Signed-off-by: Alexandru Vasile <alexandru.vasile@parity.io>
---
 .github/workflows/ci.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8fbb1588..62b8c80a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -61,6 +61,13 @@ jobs:
       - name: Checkout sources
         uses: actions/checkout@v4
 
+      - name: Install Rust stable toolchain
+        uses: actions-rs/toolchain@v1
+        with:
+          profile: minimal
+          toolchain: stable
+          override: true
+
       - name: Rust Cache
         uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
         with:

From 4df9f141adee36a87349573cc8a22a9e24855658 Mon Sep 17 00:00:00 2001
From: Alexandru Vasile <60601340+lexnv@users.noreply.github.com>
Date: Wed, 11 Dec 2024 18:10:35 +0200
Subject: [PATCH 2/2] chore: Update hickory-resolver to version 0.24.2 (#304)

Update hickory resolver to latest release version to avoid the following
security incident:
- https://rustsec.org/advisories/RUSTSEC-2024-0421.html

The incident is not impacting substrate based chains, because we use
`crypto/noise` on top of connections. Therefore, malicious nodes cannot
impersonate other peerIDs.

Signed-off-by: Alexandru Vasile <alexandru.vasile@parity.io>
---
 Cargo.lock | 4 ++--
 Cargo.toml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 1036dd46..308bbfb6 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1942,9 +1942,9 @@ dependencies = [
 
 [[package]]
 name = "hickory-resolver"
-version = "0.24.1"
+version = "0.24.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "28757f23aa75c98f254cf0405e6d8c25b831b32921b050a66692427679b1f243"
+checksum = "0a2e2aba9c389ce5267d31cf1e4dace82390ae276b0b364ea55630b1fa1b44b4"
 dependencies = [
  "cfg-if",
  "futures-util",
diff --git a/Cargo.toml b/Cargo.toml
index a7937e32..1dd2a51e 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -43,7 +43,7 @@ tokio-tungstenite = { version = "0.20.0", features = ["rustls-tls-native-roots"]
 tokio-util = { version = "0.7.11", features = ["compat", "io", "codec"] }
 tokio = { version = "1.26.0", features = ["rt", "net", "io-util", "time", "macros", "sync", "parking_lot"] }
 tracing = { version = "0.1.40", features = ["log"] }
-hickory-resolver = "0.24.1"
+hickory-resolver = "0.24.2"
 uint = "0.9.5"
 unsigned-varint = { version = "0.8.0", features = ["codec"] }
 url = "2.4.0"