Skip to content

Bump the cargo group with 4 updates #121

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the cargo group with 4 updates #121

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 17, 2025
edited
Loading

Bumps the cargo group with 4 updates: git2, reqwest, tokio and tempfile.

Updates git2 from 0.20.0 to 0.20.1

Changelog

Sourced from git2's changelog.

0.20.1 - 2025-03-17

0.20.0...0.20.1

Added

  • Added Repository::branch_upstream_merge() #1131
  • Added Index::conflict_get() #1134
  • Added Index::conflict_remove() #1133
  • Added opts::set_cache_object_limit() #1118
  • Added Repo::merge_file_from_index() and associated MergeFileOptions and MergeFileResult. #1062

Changed

  • The url dependency minimum raised to 2.5.4 #1128
  • Changed the tracing callback to abort the process if the callback panics instead of randomly detecting the panic in some other function. #1121
  • Credential helper config (loaded with CredentialHelper::config) now checks for helpers that start with something that looks like an absolute path, rather than checking for a / or \ anywhere in the helper string (which resolves an issue if the helper had arguments with / or \). #1137

Fixed

  • Fixed panic in Remote::url_bytes if the url is empty. #1120
  • Fixed incorrect lifetimes on Patch::delta, Patch::hunk, and Patch::line_in_hunk. The return values must not outlive the Patch. #1141
  • Bumped requirement to libgit2-sys 0.18.1, which fixes linking of advapi32 on Windows. #1143
Commits
  • 62d353e Merge pull request #1144 from ehuss/bump-version
  • 8980c61 Bump versions of git2 and libgit2-sys
  • 1e1687e Merge pull request #1137 from aibaars/fix-credential-helper
  • 258d3b6 Merge pull request #1062 from MikeJerred/master
  • d1b40aa Drop lifetime for MergeFileResult
  • 197106b Drop Copy/Clone from git_merge_file_result
  • 8381b72 Make MergeFileOptions::raw pub(crate)
  • 3cc3e25 fix: type mismatch error
  • e1e933b fix: mark to_raw as unsafe
  • b76c8be fix: use correct typings for git_merge_file_flag_t
  • Additional commits viewable in compare view

Updates reqwest from 0.12.12 to 0.12.14

Release notes

Sourced from reqwest's releases.

v0.12.14

What's Changed

Full Changelog: seanmonstar/reqwest@v0.12.13...v0.12.14

v0.12.13

What's Changed

  • Add Form::into_reader() for blocking multipart forms.
  • Add Form::into_stream() for async multipart forms.
  • Add support for SOCKS4a proxies.
  • Fix decoding responses with multiple zstd frames.
  • Fix RequestBuilder::form() from overwriting a previously set Content-Type header, like the other builder methods.
  • Fix cloning of request timeout in blocking::Request.
  • Fix http3 synchronization of connection creation, reducing unneccesary extra connections.
  • Fix Windows system proxy to use ProxyOverride as a NO_PROXY value.
  • Fix blocking read to correctly reserve and zero read buffer.
  • (wasm) Add support for request timeouts.
  • (wasm) Fix Error::is_timeout() to return true when from a request timeout.

New Contributors

Thanks!

Full Changelog: seanmonstar/reqwest@v0.12.12...v0.12.13

Changelog

Sourced from reqwest's changelog.

v0.12.14

  • Fix missing fetch_mode_no_cors(), marking as deprecated when not on WASM.

v0.12.13

  • Add Form::into_reader() for blocking multipart forms.
  • Add Form::into_stream() for async multipart forms.
  • Add support for SOCKS4a proxies.
  • Fix decoding responses with multiple zstd frames.
  • Fix RequestBuilder::form() from overwriting a previously set Content-Type header, like the other builder methods.
  • Fix cloning of request timeout in blocking::Request.
  • Fix http3 synchronization of connection creation, reducing unneccesary extra connections.
  • Fix Windows system proxy to use ProxyOverride as a NO_PROXY value.
  • Fix blocking read to correctly reserve and zero read buffer.
  • (wasm) Add support for request timeouts.
  • (wasm) Fix Error::is_timeout() to return true when from a request timeout.
Commits
  • cf50f11 v0.12.14
  • f63c631 re-add fetch_mode_no_cors shim when not in wasm, but deprecated (#2598)
  • e44e371 v0.12.13
  • e83e138 Added osv-scanner.toml file to ignore npm packages in wasm examples during vu...
  • 7e85d2f ci: pin once-cell in msrv job (#2594)
  • c4a9fb0 test HTTP connection reuse with new zstd fix (#2587)
  • 6f9d0ee fix: support HTTP responses containing multiple ZSTD frames (#2583)
  • 44ac897 perf(decoder): compile-time validation of decoder header value (#2580)
  • 0bcba46 chore: remove empty wasm shell function (#2573)
  • 00b15b9 fix using Windows ProxyOverride registry value as a NO_PROXY (#2559)
  • Additional commits viewable in compare view

Updates tokio from 1.44.0 to 1.44.1

Release notes

Sourced from tokio's releases.

Tokio v1.44.1

1.44.1 (March 13th, 2025)

Fixed

  • rt: skip defer queue in block_in_place context (#7216)

#7216: tokio-rs/tokio#7216

Commits

Updates tempfile from 3.18.0 to 3.19.0

Changelog

Sourced from tempfile's changelog.

3.19.0

  • Remove direct dependency on cfg-if. It's still in the tree, but we didn't really need to use it in this crate.
  • Add an unstable feature (unstable-windows-keep-open-tempfile) to test a potential fix to #339.
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the cargo group with 4 updates
875bf0d 
Bumps the cargo group with 4 updates: [git2](https://github.com/rust-lang/git2-rs), [reqwest](https://github.com/seanmonstar/reqwest), [tokio](https://github.com/tokio-rs/tokio) and [tempfile](https://github.com/Stebalien/tempfile).


Updates `git2` from 0.20.0 to 0.20.1
- [Changelog](https://github.com/rust-lang/git2-rs/blob/master/CHANGELOG.md)
- [Commits](rust-lang/git2-rs@git2-0.20.0...git2-0.20.1)

Updates `reqwest` from 0.12.12 to 0.12.14
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/v0.12.14/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.12.12...v0.12.14)

Updates `tokio` from 1.44.0 to 1.44.1
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.44.0...tokio-1.44.1)

Updates `tempfile` from 3.18.0 to 3.19.0
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](Stebalien/tempfile@v3.18.0...v3.19.0)

---
updated-dependencies:
- dependency-name: git2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: reqwest
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: tempfile
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Mar 17, 2025
@codecov
Copy link

codecov bot commented Mar 17, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 97.58%. Comparing base (ae35567) to head (875bf0d).
Report is 17 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #121   +/-   ##
=======================================
  Coverage   97.58%   97.58%           
=======================================
  Files          14       14           
  Lines        3430     3430           
=======================================
  Hits         3347     3347           
  Misses         83       83

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@codspeed-hq
Copy link

codspeed-hq bot commented Mar 18, 2025

CodSpeed Performance Report

Merging #121 will not alter performance

Comparing dependabot/cargo/cargo-bcfa1acb8f (875bf0d) with main (ae35567)

Summary

✅ 1 untouched benchmarks

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 24, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Mar 24, 2025
@dependabot dependabot bot deleted the dependabot/cargo/cargo-bcfa1acb8f branch March 24, 2025 22:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant