Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the cargo group across 1 directory with 4 updates #19

Closed
wants to merge 1 commit into from
Closed

Bump the cargo group across 1 directory with 4 updates #19

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Apr 5, 2024

Bumps the cargo group with 4 updates in the / directory: hyper, tokio, unsafe-libyaml and zerocopy.

Updates hyper from 0.14.27 to 1.2.0

Release notes

Sourced from hyper's releases.

v1.2.0

Features

  • http1: support configurable max_headers(num) to client and server (#3523) (b1142448)
  • http2:
    • add config for max_local_error_reset_streams in server (#3530) (d7680e30)
    • add initial_max_send_streams method to HTTP/2 client builder (#3524) (fdfa60d9)
      • NOTE: The default for this will change in v1.3 to something conservative. If you have an environment where the server can always accept a large amount of concurrent streams, and depend on that for performance, you should set this option manually.
    • add max_pending_accept_reset_streams(num) back to HTTP/2 server builder (#3507 (a9fa893f)

Bug Fixes

  • http2: typo in trace logging (#3536) (79862ec2)
  • rt: Sleep::downcast_mut_pin() no longer extend lifetime (7206fe30, closes #3556)

Breaking Changes

  • The returned lifetime from Sleep::downcast_mut_pin() is no longer 'static. This shouldn't affect most usage. This sort of breaking change is needed because it is wrong. (7206fe30)

New Contributors

v1.1.0

Features

  • client: add http1::Connection without_shutdown() method (#3430) (210bfaa7)
  • http1: Add support for sending HTTP/1.1 Chunked Trailer Fields (#3375) (31b41807, closes #2719)
  • server: expose server::conn::http1::UpgradeableConnection (#3457) (6e3042a8)

Bug Fixes

New Contributors

... (truncated)

Changelog

Sourced from hyper's changelog.

v1.2.0 (2024-02-21)

Bug Fixes

  • http2: typo in trace logging (#3536) (79862ec2)
  • rt: Sleep::downcast_mut_pin() no longer extend lifetime (7206fe30, closes #3556)

Features

  • http1: support configurable max_headers(num) to client and server (#3523) (b1142448)
  • http2:
    • add config for max_local_error_reset_streams in server (#3530) (d7680e30)
    • add initial_max_send_streams method to HTTP/2 client builder (#3524) (fdfa60d9)
    • add max_pending_accept_reset_streams(num) back to HTTP/2 server builder (#3507 (a9fa893f)

Breaking Changes

  • The returned lifetime from Sleep::downcast_mut_pin() is no longer 'static. This shouldn't affect most usage. This sort of breaking change is needed because it is wrong.

(7206fe30)

v1.1.0 (2023-12-18)

Bug Fixes

Features

  • client: add http1::Connection without_shutdown() method (#3430) (210bfaa7)
  • http1: Add support for sending HTTP/1.1 Chunked Trailer Fields (#3375) (31b41807, closes #2719)
  • server: expose server::conn::http1::UpgradeableConnection (#3457) (6e3042a8)

v1.0.1 (2023-11-16)

This release "fixes" or adds a few things that should have been in 1.0.0, but were forgotten. Thus, it includes additions that would normally be a semver-minor release, but because it is so close to 1.0.0, it is released as a patch version.

Bug Fixes

... (truncated)

Commits
  • 198c1b9 v1.2.0
  • a7bdc60 refactor(lib): importing Unpin is not needed in 2021 edition
  • 00a703a chore(ci): update to cargo-check-external-types 0.1.11
  • b0c1395 refactor(error): resolve unused trait error
  • 7206fe3 fix(rt): Sleep::downcast_mut_pin() no longer extend lifetime
  • 90eb95f chore(lib): remove importing prelude trait in 2021 edition (#3546)
  • b114244 feat(http1): support configurable max_headers(num) to client and server (#3...
  • 7177770 chore(lib): update to 2021 edition
  • 7a0a640 docs(maintainers): add dswij (@​dswij) to triagers (#3540)
  • 79862ec fix(http2): typo in trace logging (#3536)
  • Additional commits viewable in compare view

Updates tokio from 1.34.0 to 1.37.0

Release notes

Sourced from tokio's releases.

Tokio v1.37.0

1.37.0 (March 28th, 2024)

Added

  • fs: add set_max_buf_size to tokio::fs::File (#6411)
  • io: add try_new and try_with_interest to AsyncFd (#6345)
  • sync: add forget_permits method to semaphore (#6331)
  • sync: add is_closed, is_empty, and len to mpsc receivers (#6348)
  • sync: add a rwlock() method to owned RwLock guards (#6418)
  • sync: expose strong and weak counts of mpsc sender handles (#6405)
  • sync: implement Clone for watch::Sender (#6388)
  • task: add TaskLocalFuture::take_value (#6340)
  • task: implement FromIterator for JoinSet (#6300)

Changed

  • io: make io::split use a mutex instead of a spinlock (#6403)

Fixed

  • docs: fix docsrs build without net feature (#6360)
  • macros: allow select with only else branch (#6339)
  • runtime: fix leaking registration entries when os registration fails (#6329)

Documented

  • io: document cancel safety of AsyncBufReadExt::fill_buf (#6431)
  • io: document cancel safety of AsyncReadExt's primitive read functions (#6337)
  • runtime: add doc link from Runtime to #[tokio::main] (#6366)
  • runtime: make the enter example deterministic (#6351)
  • sync: add Semaphore example for limiting the number of outgoing requests (#6419)
  • sync: fix missing period in broadcast docs (#6377)
  • sync: mark mpsc::Sender::downgrade with #[must_use] (#6326)
  • sync: reorder const_new before new_with (#6392)
  • sync: update watch channel docs (#6395)
  • task: fix documentation links (#6336)

Changed (unstable)

  • runtime: include task Id in taskdumps (#6328)
  • runtime: panic if unhandled_panic is enabled when not supported (#6410)

#6300: tokio-rs/tokio#6300 #6326: tokio-rs/tokio#6326 #6328: tokio-rs/tokio#6328 #6329: tokio-rs/tokio#6329 #6331: tokio-rs/tokio#6331 #6336: tokio-rs/tokio#6336 #6337: tokio-rs/tokio#6337

... (truncated)

Commits
  • 9c337ca chore: prepare Tokio v1.37.0 (#6435)
  • e542501 io: document cancel safety of AsyncBufReadExt::fill_buf (#6431)
  • 4601c84 stream: add next_many and poll_next_many to StreamMap (#6409)
  • deff252 util: document cancel safety of SinkExt::send and StreamExt::next (#6417)
  • 4565b81 sync: add a rwlock() method to owned RwLock guards (#6418)
  • 3ce4720 sync: add is_closed, is_empty, and len to mpsc receivers (#6348)
  • 8342e4b util: assert compatibility between LengthDelimitedCodec options (#6414)
  • 4c453e9 readme: add description about benchmarks (#6425)
  • 1846483 sync: expose strong and weak counts of mpsc sender handles (#6405)
  • baad270 sync: add Semaphore example for limiting the number of outgoing requests (#6419)
  • Additional commits viewable in compare view

Updates unsafe-libyaml from 0.2.9 to 0.2.11

Release notes

Sourced from unsafe-libyaml's releases.

0.2.11

  • Fix quadratic parse time for YAML containing deeply nested flow collections (#26)

0.2.10

  • Fix write to improperly aligned pointer in 32-bit targets (#21)
Commits
  • a7b8d1f Release 0.2.11
  • 7c42792 Merge pull request #27 from dtolnay/simplekeys
  • eb7de7e Fix quadratic behavior in yaml_parser_fetch_more_tokens
  • 7440d58 Merge pull request #25 from jayvdb/typos
  • b3496ce fix typos
  • 63131f5 Explicitly disable unsafe_op_in_unsafe_fn lint
  • 61f3ab8 Release 0.2.10
  • d90d7ab Clean up some redundant casts
  • 7755559 Merge pull request #24 from dtolnay/mallocalign
  • b8a0863 Fix insufficient alignment of malloc's return value on 32-bit
  • Additional commits viewable in compare view

Updates zerocopy from 0.7.26 to 0.7.32

Release notes

Sourced from zerocopy's releases.

v0.7.32

What's Changed

Full Changelog: google/zerocopy@v0.7.31...v0.7.32

v0.7.31

This release fixes the soundness issue described in #716. The affected versions will soon be yanked.

This release is also described in security advisories RUSTSEC-2023-0074 and GHSA-3mv5-343c-w2qg.

What's Changed

Full Changelog: google/zerocopy@v0.7.30...v0.7.31

v0.7.30

What's Changed

Full Changelog: google/zerocopy@v0.7.29...v0.7.30

v0.7.29

What's Changed

Full Changelog: google/zerocopy@v0.7.28...v0.7.29

v0.7.28

What's Changed

... (truncated)

Changelog

Sourced from zerocopy's changelog.

Changelog

Releases

We track releases and release notes using GitHub Releases.

Yanks and Regressions

0.2.2 through 0.2.8, 0.3.0 through 0.3.1, 0.4.0, 0.5.0, 0.6.0 through 0.6.5, 0.7.0 through 0.7.30

Security advisories for this bug have been published as RUSTSEC-2023-0074 and GHSA-3mv5-343c-w2qg.

In these versions, the Ref methods into_ref, into_mut, into_slice, and into_mut_slice were permitted in combination with the standard library cell::Ref and cell::RefMut types for Ref<B, T>'s B type parameter. These combinations are unsound, and may permit safe code to exhibit undefined behavior. Fixes have been published to each affected minor version which do not permit this code to compile.

See #716issue-716 for more details.

0.7.27, 0.7.28

These versions were briefly yanked due to a non-soundness regression reported in #672pull-672. After reconsidering our yanking policy in #679issue-679, we un-yanked these versions.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the cargo group across 1 directory with 4 updates
ad1288a 
Bumps the cargo group with 4 updates in the / directory: [hyper](https://github.com/hyperium/hyper), [tokio](https://github.com/tokio-rs/tokio), [unsafe-libyaml](https://github.com/dtolnay/unsafe-libyaml) and [zerocopy](https://github.com/google/zerocopy).


Updates `hyper` from 0.14.27 to 1.2.0
- [Release notes](https://github.com/hyperium/hyper/releases)
- [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md)
- [Commits](hyperium/hyper@v0.14.27...v1.2.0)

Updates `tokio` from 1.34.0 to 1.37.0
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.34.0...tokio-1.37.0)

Updates `unsafe-libyaml` from 0.2.9 to 0.2.11
- [Release notes](https://github.com/dtolnay/unsafe-libyaml/releases)
- [Commits](dtolnay/unsafe-libyaml@0.2.9...0.2.11)

Updates `zerocopy` from 0.7.26 to 0.7.32
- [Release notes](https://github.com/google/zerocopy/releases)
- [Changelog](https://github.com/google/zerocopy/blob/main/CHANGELOG.md)
- [Commits](google/zerocopy@v0.7.26...v0.7.32)

---
updated-dependencies:
- dependency-name: hyper
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: tokio
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: unsafe-libyaml
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: zerocopy
  dependency-type: indirect
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 5, 2024
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Apr 19, 2024

Superseded by #20.

@dependabot dependabot bot closed this Apr 19, 2024
@dependabot dependabot bot deleted the dependabot/cargo/cargo-8fec7afe17 branch April 19, 2024 19:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants