fix(RUSTSEC-2024-0370)!: bump `clap` to latest, removing transitive

dependency on `proc-macro-error`.

In #1593 it's mentioned that `proc-macro-error` is unmaintained for the
past few years, with no fix other than using proc-macro-error2 instead.

As on our scenario it's merely a transitive dependency of `clap`,
through `clap_derive` feature, which in latest releases doesn't depend on
`proc-macro-error` we can just bump it to latest.

It's valid to note that by bumping it, both examples that relies on clap
are no longer MSRV (1.63) compliant.

diff --git a/example-crates/example_cli/Cargo.toml b/example-crates/example_cli/Cargo.toml
index 09f093ebf2a271f95705d55ee32d0d1b0701b117..290908a6a00a08298a7a42e940c827b22aeb1a87 100644 (file)
--- a/example-crates/example_cli/Cargo.toml
+++ b/example-crates/example_cli/Cargo.toml
@@ -12,7 +12,7 @@ bdk_file_store = { path = "../../crates/file_store" }
 bitcoin = { version = "0.32.0", features = ["base64"], default-features = false }
 
 anyhow = "1"
-clap = { version = "3.2.23", features = ["derive", "env"] }
+clap = { version = "4.5.17", features = ["derive", "env"] }
 rand = "0.8"
 serde = { version = "1", features = ["derive"] }
 serde_json = "1.0"

diff --git a/example-crates/example_wallet_rpc/Cargo.toml b/example-crates/example_wallet_rpc/Cargo.toml
index 558f43feda4e066121e469eeb581c39342024faa..15321a82e4bb4c64706045ee2e928289083b928b 100644 (file)
--- a/example-crates/example_wallet_rpc/Cargo.toml
+++ b/example-crates/example_wallet_rpc/Cargo.toml
@@ -10,5 +10,5 @@ bdk_wallet = { path = "../../crates/wallet", features = ["file_store"] }
 bdk_bitcoind_rpc = { path = "../../crates/bitcoind_rpc" }
 
 anyhow = "1"
-clap = { version = "3.2.25", features = ["derive", "env"] }
+clap = { version = "4.5.17", features = ["derive", "env"] }
 ctrlc = "2.0.1"