Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chore(deps): bump the crates-io group with 3 updates #18

Closed
wants to merge 1 commit into from
Closed

Chore(deps): bump the crates-io group with 3 updates #18

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 11, 2023
edited
Loading

Bumps the crates-io group with 3 updates: rustls, rustls-native-certs and yasna.

Updates rustls from 0.22.0 to 0.22.1

Release notes

Sourced from rustls's releases.

0.22.1

  • TLS 1.2 servers now remove session tickets after observing a failure to decrypt, preventing future resumption with the same unusable ticket.
  • The rustls_pki_types crate is now re-exported as rustls::pki_types.
  • The crate examples examples have been updated to use the rustls::pki_types re-export.
  • The quic::PacketKey and quic::HeaderProtectionKey traits are now Send + Sync.
  • Performance improvements to the MessageDeframer internals.
  • Small documentation improvements.

What's Changed

New Contributors

Full Changelog: rustls/rustls@v/0.22.0...v/0.22.1

Commits
  • 62751aa Cargo: version 0.22.0 -> 0.22.1
  • 87d5259 update examples to use pki_types re-export
  • 4226d1e Re-export the rustls-pki-types crate contents
  • d624506 suites: move Debug impl below inherent impl
  • 57071f7 quic: require that PacketKey and HeaderProtectionKey are Send + sync
  • f05fd1e crypto: explain TLS 1.2 version in TLS 1.3 message encrypters
  • 73f490f Batch discard operations
  • d4844a0 Introduce DeframerSliceBuffer
  • 0a44288 make append_hs generic
  • 7b33d8a make MessageDeframer unbuffered
  • Additional commits viewable in compare view

Updates rustls-native-certs from 0.6.3 to 0.7.0

Commits
  • 03974af Cargo: version 0.7.0-alpha.3 -> 0.7.0
  • 9338a53 docs: fixup README API description
  • f1bb7e8 docs: update README release history
  • 2b49028 Cargo: update dependencies
  • 4a6041d Cargo: remove version trailing zero components
  • 6e483d6 ci: add a doc checking job
  • 77ef060 lib: enable doc_auto_cfg
  • 058b351 docs: remove stale reference to Certificate new-type
  • 69e6f29 ci: consistently use checkout@v4 action
  • e394492 ci: add nightly clippy job
  • Additional commits viewable in compare view

Updates yasna from 0.3.2 to 0.5.2

Changelog

Sourced from yasna's changelog.

0.5.2 (2023-04-06)

  • Strip leading zeros and sometimes leading 255s in write_bigint_bytes

0.5.1 (2022-12-15)

  • Ensure yasna builds with -Z minimal-versions
  • Addition of {read,write}_bigint_bytes

0.5.0 (2022-02-02)

  • Fix overflow when reading length
  • Switch from chrono to time

0.4.0 (2021-04-28)

  • Increase MSRV to 1.36.0
  • Switch to Github actions for CI
  • no_std support (requiring alloc)
  • addition of default-off std feature to enable std-related features
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Chore(deps): bump the crates-io group with 3 updates
b974f2d 
Bumps the crates-io group with 3 updates: [rustls](https://github.com/rustls/rustls), [rustls-native-certs](https://github.com/rustls/rustls-native-certs) and [yasna](https://github.com/qnighy/yasna.rs).


Updates `rustls` from 0.22.0 to 0.22.1
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](rustls/rustls@v/0.22.0...v/0.22.1)

Updates `rustls-native-certs` from 0.6.3 to 0.7.0
- [Commits](rustls/rustls-native-certs@v/0.6.3...v/0.7.0)

Updates `yasna` from 0.3.2 to 0.5.2
- [Changelog](https://github.com/qnighy/yasna.rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/qnighy/yasna.rs/commits)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: crates-io
- dependency-name: rustls-native-certs
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crates-io
- dependency-name: yasna
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crates-io
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Dec 11, 2023
@codecov Codecov
Copy link

codecov bot commented Dec 11, 2023

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (6849c5c) 92.37% compared to head (b974f2d) 92.37%.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master      #18   +/-   ##
=======================================
  Coverage   92.37%   92.37%           
=======================================
  Files          16       16           
  Lines        1796     1796           
=======================================
  Hits         1659     1659           
  Misses        137      137

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@Taowyoo
Copy link
Collaborator

Taowyoo commented Dec 11, 2023

@dependabot ignore yasna

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 11, 2023

OK, I won't notify you about yasna again, unless you unignore it.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 11, 2023

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 11, 2023
@dependabot dependabot bot deleted the dependabot/cargo/crates-io-84657390ea branch December 11, 2023 17:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Taowyoo