chore(deps): bump the cargo group across 1 directory with 6 updates #4

dependabot · 2024-05-23T14:15:43Z

Bumps the cargo group with 6 updates in the /src-tauri directory:

Package	From	To
bumpalo	`3.9.1`	`3.16.0`
h2	`0.3.13`	`0.3.21`
mio	`0.8.2`	`0.8.11`
openssl	`0.10.38`	`0.10.64`
rustc-serialize	`0.3.24`	`0.3.25`
tokio	`1.17.0`	`1.26.0`

Updates bumpalo from 3.9.1 to 3.16.0

Changelog

Sourced from bumpalo's changelog.

3.16.0

Released 2024-04-08.

Added

Added an optional, off-by-default dependency on the serde crate. Enabling this dependency allows you to serialize Bumpalo's collection and box types. Deserialization is not implemented, due to constraints of the deserialization trait.

3.15.4

Released 2024-03-07.

Added

Added the bumpalo::collections::Vec::extend_from_slices_copy method, which is a faster way to extend a vec from multiple slices when the element is Copy than calling extend_from_slice_copy N times.

3.15.3

Released 2024-02-22.

Added

Added additional performance improvements to bumpalo::collections::Vec related to reserving capacity.

3.15.2

Released 2024-02-21.

Added

Add a bumpalo::collections::Vec::extend_from_slice_copy method. This doesn't exist on the standard library's Vec but they have access to specialization, so their regular extend_from_slice has a specialization for Copy types. Using this new method for Copy types is a ~80x performance improvement over the plain extend_from_slice method.

... (truncated)

Commits

4eeab88 Bump to version 3.16.0
d746a56 add serde serialization support (#210)
49c5a71 Bump to version 3.15.4
6a91333 Adds Vec::extend_from_slices_copy that accepts multiple slices (#240)
2ed8718 Bump to 3.15.3
1803cca Modifies RawVec reserve fn structure to improve inlining (#239)
2ffdfb3 Bump to version 3.15.2
54c88f0 Provides implementation of Vec::extend_from_slice optimized for T: Copy (...
f8597ce Fix MSRV in Cargo.toml; bump to version 3.15.1
bb660a3 Bump to version 3.15.0
Additional commits viewable in compare view

Updates h2 from 0.3.13 to 0.3.21

Release notes

Sourced from h2's releases.

v0.3.21

What's Changed

Fix opening of new streams over peer's max concurrent limit.

Fix RecvStream to return data even if it has received a CANCEL stream error.

Update MSRV to 1.63.

New Contributors

@DDtKey made their first contribution in hyperium/h2#703

@jwilm made their first contribution in hyperium/h2#707

v0.3.20

Bug Fixes

Fix panic if a server received a request with a :status pseudo header in the 1xx range. (#695)

Fix panic if a reset stream had pending push promises that were more than allowed. (#685)

Fix potential flow control overflow by subtraction, instead returning a connection error. (#692)

New Contributors

@f0rki made their first contribution in hyperium/h2#690

v0.3.19

What's Changed

Fix counting reset streams when triggered by a GOAWAY.

Send too_many_resets in opaque debug data of GOAWAY when too many resets received.

New Contributors

@Herbstein made their first contribution in hyperium/h2#673

@foresterre made their first contribution in hyperium/h2#680

v0.3.18

What's Changed

fix: pending-accept remotely-reset streams pattern was checking is_local by @seanmonstar in hyperium/h2#676

v0.3.17

What's Changed

Add Error::is_library() method to check if the originated inside h2.

Add max_pending_accept_reset_streams(usize) option to client and server builders.

Fix theoretical memory growth when receiving too many HEADERS and then RST_STREAM frames faster than an application can accept them off the queue. (CVE-2023-26964)

v0.3.16

What's Changed

Set Protocol extension on requests when received Extended CONNECT requests.

Remove B: Unpin + 'static bound requiremented of bufs

Fix releasing of frames when stream is finished, reducing memory usage.

Fix panic when trying to send data and connection window is available, but stream window is not.

Fix spurious wakeups when stream capacity is not available.

... (truncated)

Changelog

Sourced from h2's changelog.

0.3.21 (August 21, 2023)

Fix opening of new streams over peer's max concurrent limit.

Fix RecvStream to return data even if it has received a CANCEL stream error.

Update MSRV to 1.63.

0.3.20 (June 26, 2023)

Fix panic if a server received a request with a :status pseudo header in the 1xx range.

Fix panic if a reset stream had pending push promises that were more than allowed.

Fix potential flow control overflow by subtraction, instead returning a connection error.

0.3.19 (May 12, 2023)

Fix counting reset streams when triggered by a GOAWAY.

Send too_many_resets in opaque debug data of GOAWAY when too many resets received.

0.3.18 (April 17, 2023)

Fix panic because of opposite check in is_remote_local().

0.3.17 (April 13, 2023)

Add Error::is_library() method to check if the originated inside h2.

Add max_pending_accept_reset_streams(usize) option to client and server builders.

Fix theoretical memory growth when receiving too many HEADERS and then RST_STREAM frames faster than an application can accept them off the queue. (CVE-2023-26964)

0.3.16 (February 27, 2023)

Set Protocol extension on requests when received Extended CONNECT requests.

Remove B: Unpin + 'static bound requiremented of bufs

Fix releasing of frames when stream is finished, reducing memory usage.

Fix panic when trying to send data and connection window is available, but stream window is not.

Fix spurious wakeups when stream capacity is not available.

0.3.15 (October 21, 2022)

Remove B: Buf bound on SendStream's parameter

add accessor for StreamId u32

0.3.14 (August 16, 2022)

Add Error::is_reset function.

Bump MSRV to Rust 1.56.

Return RST_STREAM(NO_ERROR) when the server early responds.

Commits

da38b1c v0.3.21
ee04292 Fix opening new streams over max concurrent (#707)
9bd62a2 Test that client reacts correctly on rogue HEADERS (#667)
da9f34b chore: fix up some clippy nags (#709)
cdcc641 msrv: bump to 1.63 (#708)
633116e fix: do not ignore result of ensure_recv_open (#687)
46fb80b test: early server response with data (#703)
6a75f23 v0.3.20
0189722 Fix for a fuzzer-discovered integer underflow of the flow control window size...
478f7b9 Fix for invalid header panic corrected (#695)
Additional commits viewable in compare view

Updates mio from 0.8.2 to 0.8.11

Changelog

Sourced from mio's changelog.

0.8.11

Fix receiving IOCP events after deregistering a Windows named pipe (tokio-rs/mio#1760, backport pr: tokio-rs/mio#1761).

0.8.10

Added

Solaris support (tokio-rs/mio#1724).

0.8.9

Added

ESP-IDF framework support (tokio-rs/mio#1692).

AIX operating system support (tokio-rs/mio#1704).

Vita support (tokio-rs/mio#1721).

{UnixListener,UnixStream}:bind_addr (tokio-rs/mio#1630).

mio_unsupported_force_poll_poll and mio_unsupported_force_waker_pipe unsupported configuration flags to force a specific poll or waker implementation (tokio-rs/mio#1684, tokio-rs/mio#1685, tokio-rs/mio#1692).

Fixed

The pipe(2) based waker (swapped file descriptors) (tokio-rs/mio#1722).

The duplicate waker check to work correctly with cloned Registrys. (tokio-rs/mio#1706).

0.8.8

Fixed

Fix compilation on WASI (tokio-rs/mio#1676).

0.8.7

Added

Add/fix support for tvOS and watchOS, Mio should now build for tvOS and

... (truncated)

Commits

0328bde Release v0.8.11
7084498 Fix warnings
90d4fe0 named-pipes: fix receiving IOCP events after deregister
c710a30 Add v0.8.x to the CI
c29e21c Release v0.8.10
f6a20da Add Solaris operating system support (#1724)
e80c3b2 Release v0.8.9
862786b Fix importing of IoSourceState
4034872 Add support for vita target
8eb4010 Fix receiver and sender fd in pipe based waker
Additional commits viewable in compare view

Updates openssl from 0.10.38 to 0.10.64

Release notes

Sourced from openssl's releases.

openssl-v0.10.64

What's Changed

Make _STACK opaque for LibreSSL >= 3.9.0 by @botovq in sfackler/rust-openssl#2153

enable x509 verify and groups list for boringssl by @zh-jq in sfackler/rust-openssl#2155

Cleanup some not-required Path::new invocations by @alex in sfackler/rust-openssl#2158

fixed a clippy (nightly) warning by @alex in sfackler/rust-openssl#2161

Bump actions versions by @alex in sfackler/rust-openssl#2162

Add support for setting the nonce type and digest on a PKEY_CTX by @facutuesca in sfackler/rust-openssl#2144

rebuild openssl-sys if the underlying openssl has changed by @reaperhulk in sfackler/rust-openssl#2157

Added binding for EVP_default_properties_enable_fips by @alex in sfackler/rust-openssl#2168

LibreSSL 3.9: fix CRYPTO_malloc/free signatures by @botovq in sfackler/rust-openssl#2170

Expose alias on X509 structs by @alex in sfackler/rust-openssl#2167

bump openssl and openssl-sys + changelogs by @reaperhulk in sfackler/rust-openssl#2175

Full Changelog: sfackler/rust-openssl@openssl-v0.10.63...openssl-v0.10.64

openssl-v0.10.63

What's Changed

Allow passing a passphrase callback when loading a public key by @alex in sfackler/rust-openssl#2135

Expose several additional ciphers for symmetry with symm by @alex in sfackler/rust-openssl#2140

brew: add [email protected] (for 3.0.x LTS releases) by @chenrui333 in sfackler/rust-openssl#2141

Add PKey::from_dhx by @alex in sfackler/rust-openssl#2142

Make X509_PURPOSE opaque for LibreSSL >= 3.9.0 by @botovq in sfackler/rust-openssl#2145

PEM parsing: check last error instead of first by @botovq in sfackler/rust-openssl#2148

Expose brainpool NIDs on libressl by @alex in sfackler/rust-openssl#2150

Add two methods to the PKCS7 API by @facutuesca in sfackler/rust-openssl#2111

add more boringssl methods by @zh-jq in sfackler/rust-openssl#2138

Release openssl v0.10.63 and openssl-sys v0.9.99 by @alex in sfackler/rust-openssl#2152

Full Changelog: sfackler/rust-openssl@openssl-v0.10.62...openssl-v0.10.63

openssl-v0.10.62

What's Changed

fixes #2119 -- use ErrorStack abstraction in X.509 error handling by @alex in sfackler/rust-openssl#2120

Fix building with latest BoringSSL by @alex in sfackler/rust-openssl#2121

Fix tests on macOS by @alex in sfackler/rust-openssl#2123

Upcoming API changes in LibreSSL 3.9 by @botovq in sfackler/rust-openssl#2124

Add rand_priv_bytes by @overvenus in sfackler/rust-openssl#2126

Add nid constant for curve brainpoolP320r1 by @nicklaswj in sfackler/rust-openssl#2129

Release openssl v0.10.62 and openssl-sys v0.9.98 by @alex in sfackler/rust-openssl#2133

New Contributors

@overvenus made their first contribution in sfackler/rust-openssl#2126

@nicklaswj made their first contribution in sfackler/rust-openssl#2129

Full Changelog: sfackler/rust-openssl@openssl-v0.10.61...openssl-v0.10.62

openssl v0.10.61

... (truncated)

Commits

4a19cd4 Merge pull request #2175 from reaperhulk/changelog
4e0e05a bump openssl and openssl-sys + changelogs
c2b124a Be explicit that aliases are not part of X.509 certificates
1abf4a5 Merge pull request #2167 from alex/expose-alias
a644ec2 Merge pull request #2170 from botovq/crypto-free
83940d1 LibreSSL 3.9: fix CRYPTO_malloc/free signatures
51fc569 Merge pull request #2168 from sfackler/alex-patch-1
3c53dee Added binding for EVP_default_properties_enable_fips
a12abe1 Expose alias on X509 structs
3acf2ef Merge pull request #2157 from reaperhulk/rebuild-if-changed
Additional commits viewable in compare view

Updates rustc-serialize from 0.3.24 to 0.3.25

Commits

See full diff in compare view

Updates tokio from 1.17.0 to 1.26.0

Release notes

Sourced from tokio's releases.

Tokio v1.26.0

Fixed

macros: fix empty join! and try_join! ([https://redirect.github.com/fix empty join! and try_join! tokio-rs/tokio#5504])

sync: don't leak tracing spans in mutex guards ([https://redirect.github.com/sync: don't leak tracing spans in mutex guards tokio-rs/tokio#5469])

sync: drop wakers after unlocking the mutex in Notify ([https://redirect.github.com/Drop wakers after unlocking the mutex in Notify tokio-rs/tokio#5471])

sync: drop wakers outside lock in semaphore ([https://redirect.github.com/Solve deadlock in Semaphore tokio-rs/tokio#5475])

Added

fs: add fs::try_exists ([https://redirect.github.com/Add fs::try_exists tokio-rs/tokio#4299])

net: add types for named unix pipes ([https://redirect.github.com/net: add types for named Unix pipes tokio-rs/tokio#5351])

sync: add MappedOwnedMutexGuard ([https://redirect.github.com/Add MappedOwnedMutexGuard tokio-rs/tokio#5474])

Changed

chore: update windows-sys to 0.45 ([https://redirect.github.com/chore: update windows-sys to 0.45 tokio-rs/tokio#5386])

net: use Message Read Mode for named pipes ([https://redirect.github.com/Named Pipes: Support Message Read Mode tokio-rs/tokio#5350])

sync: mark lock guards with #[clippy::has_significant_drop] ([https://redirect.github.com/Mark MutexGuard with #[clippy::has_significant_drop] tokio-rs/tokio#5422])

sync: reduce contention in watch channel ([https://redirect.github.com/Reduce contention in watch channel tokio-rs/tokio#5464])

time: remove cache padding in timer entries ([https://redirect.github.com/time: remove cache padding in timer entries tokio-rs/tokio#5468])

time: Improve Instant::now() perf with test-util ([https://redirect.github.com/time: Improve Instant::now() perf with test-util tokio-rs/tokio#5513])

Internal Changes

io: use poll_fn in copy_bidirectional ([https://redirect.github.com/Use poll_fn in copy_bidirectional tokio-rs/tokio#5486])

net: refactor named pipe builders to not use bitfields ([https://redirect.github.com/net: refactor named pipe builders to not use bitfields tokio-rs/tokio#5477])

rt: remove Arc from Clock ([https://redirect.github.com/rt: remove Arc from Clock tokio-rs/tokio#5434])

sync: make notify_waiters calls atomic ([https://redirect.github.com/sync: make notify_waiters calls atomic tokio-rs/tokio#5458])

time: don't store deadline twice in sleep entries ([https://redirect.github.com/remove double store of deadline, saving 128 bytes tokio-rs/tokio#5410])

Unstable

metrics: add a new metric for budget exhaustion yields ([https://redirect.github.com/metrics: add a new metric for budget exhaustion yields tokio-rs/tokio#5517])

Documented

io: improve AsyncFd example ([https://redirect.github.com/io: improve AsyncFd example tokio-rs/tokio#5481])

runtime: document the nature of the main future ([https://redirect.github.com/Document the nature of the main future tokio-rs/tokio#5494])

runtime: remove extra period in docs ([https://redirect.github.com/chore: remove unnecessary dot in comment tokio-rs/tokio#5511])

signal: updated Documentation for Signals ([https://redirect.github.com/Updated Documentation for Signals tokio-rs/tokio#5459])

sync: add doc aliases for blocking_* methods ([https://redirect.github.com/sync: add doc aliases for blocking_* methods tokio-rs/tokio#5448])

sync: fix docs for Send/Sync bounds in broadcast ([https://redirect.github.com/sync: fix docs for Send/Sync bounds in broadcast tokio-rs/tokio#5480])

sync: document drop behavior for channels ([https://redirect.github.com/sync: document drop behavior for channels tokio-rs/tokio#5497])

task: clarify what happens to spawned work during runtime shutdown ([https://redirect.github.com/clarify what happens to spawned work during runtime shutdown tokio-rs/tokio#5394])

task: clarify process::Command docs ([https://redirect.github.com/Clarify process::Command docs (fixing #5406) tokio-rs/tokio#5413])

task: fix wording with 'unsend' ([https://redirect.github.com/fix: fix wording with 'unsend' tokio-rs/tokio#5452])

time: document immediate completion guarantee for timeouts ([https://redirect.github.com/time: document immediate completion guarantee for timeouts tokio-rs/tokio#5509])

tokio: document supported platforms ([https://redirect.github.com/Document supported platforms tokio-rs/tokio#5483])

... (truncated)

Commits

a377240 chore: prepare for Tokio v1.26.0 release (#5521)
52da177 metrics: add a new metric for budget exhaustion yields (#5517)
ee1c940 time: Improve Instant::now() perf with test-util (#5513)
815d89a runtime: remove extra period in docs (#5511)
54aaf3d time: document immediate completion guarantee for timeouts (#5509)
5a3abe5 net: add types for named unix pipes (#5351)
d44b1ca io: ignore SplitByUtf8BoundaryIfWindows test on miri (#5507)
e23c6f3 signal: updated Documentation for Signals (#5459)
0a50cb3 net: fix test compilation failure (#5506)
2298679 runtime: document the nature of the main future (#5494)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the cargo group with 6 updates in the /src-tauri directory: | Package | From | To | | --- | --- | --- | | [bumpalo](https://github.com/fitzgen/bumpalo) | `3.9.1` | `3.16.0` | | [h2](https://github.com/hyperium/h2) | `0.3.13` | `0.3.21` | | [mio](https://github.com/tokio-rs/mio) | `0.8.2` | `0.8.11` | | [openssl](https://github.com/sfackler/rust-openssl) | `0.10.38` | `0.10.64` | | [rustc-serialize](https://github.com/rust-lang/rustc-serialize) | `0.3.24` | `0.3.25` | | [tokio](https://github.com/tokio-rs/tokio) | `1.17.0` | `1.26.0` | Updates `bumpalo` from 3.9.1 to 3.16.0 - [Changelog](https://github.com/fitzgen/bumpalo/blob/main/CHANGELOG.md) - [Commits](fitzgen/bumpalo@3.9.1...3.16.0) Updates `h2` from 0.3.13 to 0.3.21 - [Release notes](https://github.com/hyperium/h2/releases) - [Changelog](https://github.com/hyperium/h2/blob/master/CHANGELOG.md) - [Commits](hyperium/h2@v0.3.13...v0.3.21) Updates `mio` from 0.8.2 to 0.8.11 - [Release notes](https://github.com/tokio-rs/mio/releases) - [Changelog](https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md) - [Commits](tokio-rs/mio@v0.8.2...v0.8.11) Updates `openssl` from 0.10.38 to 0.10.64 - [Release notes](https://github.com/sfackler/rust-openssl/releases) - [Commits](sfackler/rust-openssl@openssl-v0.10.38...openssl-v0.10.64) Updates `rustc-serialize` from 0.3.24 to 0.3.25 - [Commits](https://github.com/rust-lang/rustc-serialize/commits) Updates `tokio` from 1.17.0 to 1.26.0 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.17.0...tokio-1.26.0) --- updated-dependencies: - dependency-name: bumpalo dependency-type: indirect dependency-group: cargo - dependency-name: h2 dependency-type: indirect dependency-group: cargo - dependency-name: mio dependency-type: indirect dependency-group: cargo - dependency-name: openssl dependency-type: indirect dependency-group: cargo - dependency-name: rustc-serialize dependency-type: indirect dependency-group: cargo - dependency-name: tokio dependency-type: indirect dependency-group: cargo ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels May 23, 2024

dependabot bot mentioned this pull request May 23, 2024

chore(deps): bump mio from 0.8.2 to 0.8.11 in /src-tauri in the cargo group #2

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the cargo group across 1 directory with 6 updates #4

chore(deps): bump the cargo group across 1 directory with 6 updates #4

dependabot bot commented on behalf of github May 23, 2024

chore(deps): bump the cargo group across 1 directory with 6 updates #4

Are you sure you want to change the base?

chore(deps): bump the cargo group across 1 directory with 6 updates #4

Conversation

dependabot bot commented on behalf of github May 23, 2024

3.16.0

Added

3.15.4

Added

3.15.3

Added

3.15.2

Added

v0.3.21

What's Changed

New Contributors

v0.3.20

Bug Fixes

New Contributors

v0.3.19

What's Changed

New Contributors

v0.3.18

What's Changed

v0.3.17

What's Changed

v0.3.16

What's Changed

0.3.21 (August 21, 2023)

0.3.20 (June 26, 2023)

0.3.19 (May 12, 2023)

0.3.18 (April 17, 2023)

0.3.17 (April 13, 2023)

0.3.16 (February 27, 2023)

0.3.15 (October 21, 2022)

0.3.14 (August 16, 2022)

0.8.11

0.8.10

Added

0.8.9

Added

Fixed

0.8.8

Fixed

0.8.7

Added

openssl-v0.10.64

What's Changed

openssl-v0.10.63

What's Changed

openssl-v0.10.62

What's Changed

New Contributors

openssl v0.10.61

Tokio v1.26.0

Fixed

Added

Changed

Internal Changes

Unstable

Documented