Please upgrade your hackney dependency when possible

[Trevoke]

Hello,

Recently, a CVE (Common Vulnerability and Exposure) was created for one of your dependencies, hackney.

Hackney is aware of this ( benoitc/hackney#751 ) and will create a release soon ( benoitc/hackney#753 (comment) ).

When the new hackney release comes out, please create a new tzdata release incorporating this security update.

Thank you!

[axelson]

FYI hackney now has an updated release published. Any version after 1.21.0 is "safe" although I would avoid 1.22.0 because it has a breaking change that was rolled back in 1.23.0.

[yastanotheruser]

How about making it optional?