Break dependency on older vulnerable version of spin crate

Author: njhill

Cargo.lock

@@ -32,9 +32,8 @@ rustls-webpki = "^0.101.7" # Override to address WS-2023-0305, CVE-2018-16875
 rand = "^0.8.5"
 serde = "^1.0.173"
 serde_json = "^1.0.103"
-# Attempt to address WS-2023-0094
-# spin comes in via tonic->tokio-rustls->rustls->ring but this pins a specific old version 0.5.2 :(
-#spin = "=0.9.8"
+# Pin sct to avoid WS-2023-0094 in older 0.5.2 version of spin sub-dependency
+sct = "=0.7.1"
 thiserror = "^1.0.50"
 tokenizers = "0.14.1"
 tokio = { version = "1.34.0", features = ["rt", "rt-multi-thread", "parking_lot", "signal", "sync", "fs"] }