From bc6f49db663bca1fcca7996bf393c034ef688a2a Mon Sep 17 00:00:00 2001
From: PatStiles <33334338+PatStiles@users.noreply.github.com>
Date: Tue, 24 Sep 2024 17:27:33 -0300
Subject: [PATCH] fix(audit): Batcher contains unmaintained and yanked crates
 (#995)

---
 batcher/Cargo.lock                  | 12 ++++++------
 batcher/aligned-batcher/Cargo.toml  |  4 ++--
 batcher/aligned-batcher/src/lib.rs  |  2 +-
 batcher/aligned-batcher/src/main.rs |  6 +++---
 operator_tracker/Cargo.lock         |  8 +-------
 operator_tracker/Cargo.toml         |  2 +-
 operator_tracker/src/main.rs        |  4 ++--
 7 files changed, 16 insertions(+), 22 deletions(-)

diff --git a/batcher/Cargo.lock b/batcher/Cargo.lock
index 61542f74b..da8d300ef 100644
--- a/batcher/Cargo.lock
+++ b/batcher/Cargo.lock
@@ -102,7 +102,7 @@ dependencies = [
  "bytes",
  "ciborium",
  "clap",
- "dotenv",
+ "dotenvy",
  "env_logger",
  "ethers 2.0.14 (git+https://github.com/yetanotherco/ethers-rs.git?tag=v2.0.15-fix-reconnections)",
  "futures-util",
@@ -1933,10 +1933,10 @@ dependencies = [
 ]
 
 [[package]]
-name = "dotenv"
-version = "0.15.0"
+name = "dotenvy"
+version = "0.15.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "77c90badedccf4105eca100756a0b1289e191f6fcbdadd3cee1d2f614f97da8f"
+checksum = "1aaf95b3e5c8f23aa320147307562d361db0ae0d51242340f558153b4eb2439b"
 
 [[package]]
 name = "downcast-rs"
@@ -7333,9 +7333,9 @@ checksum = "e91b56cd4cadaeb79bbf1a5645f6b4f8dc5bde8834ad5894a8db35fda9efa1fe"
 
 [[package]]
 name = "unicode-normalization"
-version = "0.1.23"
+version = "0.1.24"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a56d1686db2308d901306f92a263857ef59ea39678a5458e7cb17f01415101f5"
+checksum = "5033c97c4262335cded6d6fc3e5c18ab755e1a3dc96376350f3d8e9f009ad956"
 dependencies = [
  "tinyvec",
 ]
diff --git a/batcher/aligned-batcher/Cargo.toml b/batcher/aligned-batcher/Cargo.toml
index 3099c7ce1..9db779649 100644
--- a/batcher/aligned-batcher/Cargo.toml
+++ b/batcher/aligned-batcher/Cargo.toml
@@ -15,9 +15,9 @@ clap = { version = "4.5.4", features = ["derive"] }
 sha3 = "0.10.8"
 aws-config = "1.4.0"
 aws-sdk-s3 = "1.29.0"
-bytes = "1.6.0"
+bytes = "1.7.1"
 hex = "0.4.3"
-dotenv = "0.15.0"
+dotenvy = "0.15.0"
 anyhow = "1.0.83"
 ethers = { tag = "v2.0.15-fix-reconnections", features = [
     "ws",
diff --git a/batcher/aligned-batcher/src/lib.rs b/batcher/aligned-batcher/src/lib.rs
index 31d8f1620..570d3cdd1 100644
--- a/batcher/aligned-batcher/src/lib.rs
+++ b/batcher/aligned-batcher/src/lib.rs
@@ -3,7 +3,7 @@ extern crate core;
 use aligned_sdk::communication::serialization::{cbor_deserialize, cbor_serialize};
 use aligned_sdk::eth::batcher_payment_service::SignatureData;
 use config::NonPayingConfig;
-use dotenv::dotenv;
+use dotenvy::dotenv;
 use ethers::contract::ContractError;
 use ethers::signers::Signer;
 use serde::Serialize;
diff --git a/batcher/aligned-batcher/src/main.rs b/batcher/aligned-batcher/src/main.rs
index 404c3714d..376cd425a 100644
--- a/batcher/aligned-batcher/src/main.rs
+++ b/batcher/aligned-batcher/src/main.rs
@@ -1,4 +1,4 @@
-extern crate dotenv;
+extern crate dotenvy;
 
 use std::sync::Arc;
 
@@ -32,8 +32,8 @@ async fn main() -> Result<(), BatcherError> {
     let port = cli.port.unwrap_or(8080);
 
     match cli.env_file {
-        Some(env_file) => dotenv::from_filename(env_file).ok(),
-        None => dotenv::dotenv().ok(),
+        Some(env_file) => dotenvy::from_filename(env_file).ok(),
+        None => dotenvy::dotenv().ok(),
     };
 
     env_logger::Builder::from_env(Env::default().default_filter_or("info")).init();
diff --git a/operator_tracker/Cargo.lock b/operator_tracker/Cargo.lock
index e04bc77b8..bf72102dd 100644
--- a/operator_tracker/Cargo.lock
+++ b/operator_tracker/Cargo.lock
@@ -794,12 +794,6 @@ dependencies = [
  "winapi",
 ]
 
-[[package]]
-name = "dotenv"
-version = "0.15.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "77c90badedccf4105eca100756a0b1289e191f6fcbdadd3cee1d2f614f97da8f"
-
 [[package]]
 name = "dotenvy"
 version = "0.15.7"
@@ -2259,7 +2253,7 @@ dependencies = [
  "argh",
  "axum",
  "base64 0.22.1",
- "dotenv",
+ "dotenvy",
  "env_logger",
  "ethers",
  "log",
diff --git a/operator_tracker/Cargo.toml b/operator_tracker/Cargo.toml
index 3f59e9911..72720faf5 100644
--- a/operator_tracker/Cargo.toml
+++ b/operator_tracker/Cargo.toml
@@ -14,5 +14,5 @@ log = "0.4.22"
 base64 = "0.22.1"
 env_logger = "0.11.5"
 regex = "1.10.6"
-dotenv = "0.15.0"
+dotenvy = "0.15.0"
 argh = "0.1.12"
diff --git a/operator_tracker/src/main.rs b/operator_tracker/src/main.rs
index a54f094dc..67230c173 100644
--- a/operator_tracker/src/main.rs
+++ b/operator_tracker/src/main.rs
@@ -46,9 +46,9 @@ async fn main() {
     let args: Args = argh::from_env();
 
     if let Some(env_file) = args.env_file {
-        dotenv::from_filename(env_file).expect("Failed to load env file");
+        dotenvy::from_filename(env_file).expect("Failed to load env file");
     } else {
-        dotenv::dotenv().expect("Failed to load env file");
+        dotenvy::dotenv().expect("Failed to load env file");
     }
 
     env_logger::init();