Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the cargo group with 4 updates #626

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 22, 2024

Bumps the cargo group with 4 updates: hyper, regex, bumpalo and generic-array.

Updates hyper from 0.10.16 to 0.14.15

Release notes

Sourced from hyper's releases.

v0.14.15

Bug Fixes

  • client: cancel blocking DNS lookup if GaiFuture is dropped (174b553d)

Features

  • http1: add http1_writev(bool) options to Client and Server builders, to allow forcing vectored writes (80627141)
  • upgrade: allow http upgrades with any body type (ab469eb3)

New Contributors

v0.14.14

Bug Fixes

  • client:
    • make ResponseFuture implement Sync (bd6c35b9)
    • remove ipv6 square brackets before resolving (910e0268)

Features

  • http2: always include original h2 error on broken pipe (6169db25)
  • server: Remove Send + Sync requirement for Body in with_graceful_shutdown (1d553e52)

v0.14.13

Bug Fixes

  • client: don't reuse a connection while still flushing (c88011da)
  • server: convert panic to error if Connection::without_shutdown called on HTTP/2 conn (ea3e2282)

Features

  • ffi: add hyper_request_set_uri_parts (a54689b9)
  • lib:
    • Export more things with Cargo features (server, !http1, !http2) (0a4b56ac)
    • Export rt module independently of Cargo features (cf6f62c7)

v0.14.12

Bug Fixes

  • ffi: on_informational callback had no headers (39b6d01a)
  • http1: apply header title case for consecutive dashes (#2613) (684f2fa7)
  • http2: improve errors emitted by HTTP2 Upgraded stream shutdown (#2622) (be08648e)

... (truncated)

Changelog

Sourced from hyper's changelog.

v0.14.15 (2021-11-16)

Bug Fixes

  • client: cancel blocking DNS lookup if GaiFuture is dropped (174b553d

Features

  • http1: add http1_writev(bool) options to Client and Server builders, to allow forcing vectored writes (80627141)
  • upgrade: allow http upgrades with any body type (ab469eb3)

v0.14.14 (2021-10-22)

Bug Fixes

  • client:
    • make ResponseFuture implement Sync (bd6c35b9)
    • remove ipv6 square brackets before resolving (910e0268)

Features

  • h2: always include original h2 error on broken pipe (6169db25)
  • server: Remove Send + Sync requirement for Body in with_graceful_shutdown (1d553e52)

v0.14.13 (2021-09-16)

Bug Fixes

  • client: don't reuse a connection while still flushing (c88011da)
  • server: convert panic to error if Connection::without_shutdown called on HTTP/2 conn (ea3e2282)

Features

  • ffi: add hyper_request_set_uri_parts (a54689b9)
  • lib:
    • Export more things with Cargo features (server, !http1, !http2) (0a4b56ac)
    • Export rt module independently of Cargo features (cf6f62c7)

v0.14.12 (2021-08-24)

Bug Fixes

... (truncated)

Commits
  • d0b1d9e v0.14.15
  • a1502e1 docs(http1): clarify HTTP1 preserve case option
  • a12db28 docs(upgrade): add module documentation for HTTP upgrades
  • 7f5e853 refactor(benches): make benchmark names more consistent
  • 174b553 fit(client): cancel blocking DNS lookup if GaiFuture dropped (#2689)
  • 913be88 docs(client): fix missing feature attrs in another doctest
  • 3221f57 docs(body) fix doctest failing due to missing features
  • 8062714 feat(http1): Add http1_writev(bool) to client and server Builders
  • ab469eb feat(upgrade): allow http upgrades with any body type
  • b5022f3 v0.14.14
  • Additional commits viewable in compare view

Updates regex from 1.4.1 to 1.5.5

Changelog

Sourced from regex's changelog.

1.5.5 (2022-03-08)

This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.

1.5.4 (2021-05-06)

This release fixes another compilation failure when building regex. This time, the fix is for when the pattern feature is enabled, which only works on nightly Rust. CI has been updated to test this case.

1.5.3 (2021-05-01)

This releases fixes a bug when building regex with only the unicode-perl feature. It turns out that while CI was building this configuration, it wasn't actually failing the overall build on a failed compilation.

1.5.2 (2021-05-01)

This release fixes a performance bug when Unicode word boundaries are used. Namely, for certain regexes on certain inputs, it's possible for the lazy DFA to stop searching (causing a fallback to a slower engine) when it doesn't actually need to.

[PR #768](rust-lang/regex#768) fixes the bug, which was originally reported in ripgrep#1860.

1.5.1 (2021-04-30)

This is a patch release that fixes a compilation error when the perf-literal feature is not enabled.

... (truncated)

Commits

Updates bumpalo from 3.9.1 to 3.16.0

Changelog

Sourced from bumpalo's changelog.

3.16.0

Released 2024-04-08.

Added

  • Added an optional, off-by-default dependency on the serde crate. Enabling this dependency allows you to serialize Bumpalo's collection and box types. Deserialization is not implemented, due to constraints of the deserialization trait.

3.15.4

Released 2024-03-07.

Added

  • Added the bumpalo::collections::Vec::extend_from_slices_copy method, which is a faster way to extend a vec from multiple slices when the element is Copy than calling extend_from_slice_copy N times.

3.15.3

Released 2024-02-22.

Added

  • Added additional performance improvements to bumpalo::collections::Vec related to reserving capacity.

3.15.2

Released 2024-02-21.

Added

  • Add a bumpalo::collections::Vec::extend_from_slice_copy method. This doesn't exist on the standard library's Vec but they have access to specialization, so their regular extend_from_slice has a specialization for Copy types. Using this new method for Copy types is a ~80x performance improvement over the plain extend_from_slice method.

... (truncated)

Commits
  • 4eeab88 Bump to version 3.16.0
  • d746a56 add serde serialization support (#210)
  • 49c5a71 Bump to version 3.15.4
  • 6a91333 Adds Vec::extend_from_slices_copy that accepts multiple slices (#240)
  • 2ed8718 Bump to 3.15.3
  • 1803cca Modifies RawVec reserve fn structure to improve inlining (#239)
  • 2ffdfb3 Bump to version 3.15.2
  • 54c88f0 Provides implementation of Vec::extend_from_slice optimized for T: Copy (...
  • f8597ce Fix MSRV in Cargo.toml; bump to version 3.15.1
  • bb660a3 Bump to version 3.15.0
  • Additional commits viewable in compare view

Updates generic-array from 0.12.3 to 0.12.4

Changelog

Sourced from generic-array's changelog.

  • 0.12.4

    • Fix unsoundness in the arr! macro.
  • 0.12.0

    • Allow trailing commas in arr! macro.
    • BREAKING: Serialize GenericArray using serde tuples, instead of variable-length sequences. This may not be compatible with old serialized data.
  • 0.11.0

    • BREAKING Redesign GenericSequence with an emphasis on use in generic type parameters.
    • Add MappedGenericSequence and FunctionalSequence
      • Implements optimized map, zip and fold for GenericArray, &GenericArray and &mut GenericArray
    • BREAKING Remove map_ref, zip_ref and map_slice
      • map_slice is now equivalent to GenericArray::from_iter(slice.iter().map(...))
  • 0.10.0

    • Add GenericSequence, Lengthen, Shorten, Split and Concat traits.
    • Redefine transmute to avert errors.
  • 0.9.0

    • Rewrite construction methods to be well-defined in panic situations, correctly dropping elements.
    • NoDrop crate replaced by ManuallyDrop as it became stable in Rust core.
    • Add optimized map/map_ref and zip/zip_ref methods to GenericArray
  • 0.8.0

    • Implement AsRef, AsMut, Borrow, BorrowMut, Hash for GenericArray
    • Update serde to 1.0
    • Update typenum
    • Make macro arr! non-cloning
    • Implement From<[T; N]> up to N=32
    • Fix #45
  • 0.7.0

    • Upgrade serde to 0.9
    • Make serde with no_std
    • Implement PartialOrd/Ord for GenericArray
  • 0.6.0

    • Fixed #30
    • Implement Default for GenericArray
    • Implement LowerHex and UpperHex for GenericArray<u8, N>
    • Use precision formatting field in hex representation
    • Add as_slice, as_mut_slice
    • Remove GenericArray::new in favor of Default trait
    • Add from_slice and from_mut_slice
    • no_std and core for crate.
  • 0.5.0

    • Update serde
    • remove no_std feature, fixed #19
  • 0.4.0

    • Re-export typenum
  • 0.3.0

    • Implement IntoIter for GenericArray
    • Add map method
    • Add optional serde (de)serialization support feature.
  • < 0.3.0

... (truncated)

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependency rust Pull requests that update Rust code labels Jul 22, 2024
@dependabot dependabot bot force-pushed the dependabot/cargo/cargo-8e01a3c911 branch from 2dc53fa to ed3cadd Compare August 15, 2024 14:16
@Taowyoo
Copy link
Collaborator

Taowyoo commented Sep 3, 2024

@dependabot show hyper ignore conditions

Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 3, 2024

No ignore conditions found for the dependency hyper

@Taowyoo
Copy link
Collaborator

Taowyoo commented Sep 3, 2024

@dependabot ignore hyper minor version

Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 3, 2024

OK, I won't notify you about version 0.14.x of hyper again, unless you unignore it.

Bumps the cargo group with 4 updates: [hyper](https://github.com/hyperium/hyper), [regex](https://github.com/rust-lang/regex), [bumpalo](https://github.com/fitzgen/bumpalo) and [generic-array](https://github.com/fizyk20/generic-array).


Updates `hyper` from 0.10.16 to 0.14.15
- [Release notes](https://github.com/hyperium/hyper/releases)
- [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md)
- [Commits](hyperium/hyper@v0.10.16...v0.14.15)

Updates `regex` from 1.4.1 to 1.5.5
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](rust-lang/regex@1.4.1...1.5.5)

Updates `bumpalo` from 3.9.1 to 3.16.0
- [Changelog](https://github.com/fitzgen/bumpalo/blob/main/CHANGELOG.md)
- [Commits](fitzgen/bumpalo@3.9.1...3.16.0)

Updates `generic-array` from 0.12.3 to 0.12.4
- [Release notes](https://github.com/fizyk20/generic-array/releases)
- [Changelog](https://github.com/fizyk20/generic-array/blob/0.12.4/CHANGELOG.md)
- [Commits](fizyk20/generic-array@0.12.3...0.12.4)

---
updated-dependencies:
- dependency-name: hyper
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: regex
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: bumpalo
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: generic-array
  dependency-type: indirect
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/cargo/cargo-8e01a3c911 branch from ed3cadd to 0b6c218 Compare September 3, 2024 19:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependency rust Pull requests that update Rust code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant