1347: build(deps): bump sqlx from 0.6.2 to 0.6.3 r=delta1 a=dependabot[bot] Bumps [sqlx](https://github.com/launchbadge/sqlx) from 0.6.2 to 0.6.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/launchbadge/sqlx/blob/v0.6.3/CHANGELOG.md">sqlx's changelog</a>.</em></p> <blockquote> <h3>0.6.3 - 2023-03-21</h3> <p>This is a hotfix to address the breakage caused by transitive dependencies upgrading to <code>syn = "2"</code>.</p> <p>We set <code>default-features = false</code> for our dependency on <code>syn = "1"</code> to be good crates.io citizens, but failed to enable the features we actually used, which went undetected because we transitively depended on <code>syn</code> with the default features enabled through other crates, and so they were also on for us because features are additive.</p> <p>When those other dependencies upgraded to <code>syn = "2"</code> it was no longer enabling those features for us, and so compilation broke for projects that don't also depend on <code>syn = "1"</code>, transitively or otherwise.</p> <p>There is no PR for this fix as there was no longer a dedicated development branch for <code>0.6</code>, but discussion can be found in [issue <a href="https://redirect.github.com/launchbadge/sqlx/issues/2418">#2418</a>].</p> <p>As of this release, the <code>0.7</code> release is in alpha and so development is no longer occurring against <code>0.6</code>. This fix will be forward-ported to <code>0.7</code>.</p> <p>[issue <a href="https://redirect.github.com/launchbadge/sqlx/issues/2418">#2418</a>]: <a href="https://redirect.github.com/launchbadge/sqlx/issues/2418">launchbadge/sqlx#2418</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="pull/1353/headbb064e3789
"><code>bb064e3</code></a> chore: CHANGELOG entry for 0.6.3</li> <li><a href="c6f8a41267
"><code>c6f8a41</code></a> fix: non-binding <code>let</code> in SQLite driver</li> <li><a href="7d4333e50d
"><code>7d4333e</code></a> fix(ci): backport change enabling CI on <code>*-dev</code></li> <li><a href="2ab9156f02
"><code>2ab9156</code></a> 0.6.3 hotfix: don't rely on transitive deps enabling <code>syn</code> features</li> <li>See full diff in <a href="https://github.com/launchbadge/sqlx/compare/v0.6.2...v0.6.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sqlx&package-manager=cargo&previous-version=0.6.2&new-version=0.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 1349: build(deps): bump reqwest from 0.11.15 to 0.11.16 r=delta1 a=dependabot[bot] Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.15 to 0.11.16. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p> <blockquote> <h2>v0.11.16</h2> <h2>What's Changed</h2> <ul> <li>Fix building docs on docs.rs by <a href="https://github.com/NobodyXu"><code>`@NobodyXu</code></a>` in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/1789">seanmonstar/reqwest#1789</a></li> <li>Set 'rust-version` in Cargo metadata and use it in the MSRV build job by <a href="https://github.com/nickelc"><code>`@nickelc</code></a>` in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/1793">seanmonstar/reqwest#1793</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p> <blockquote> <h2>v0.11.16</h2> <ul> <li>Chore: set MSRV in <code>Cargo.toml</code>.</li> <li>Docs: fix build on docs.rs</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="704766979f
"><code>7047669</code></a> v0.11.16</li> <li><a href="cc47ef1e26
"><code>cc47ef1</code></a> Set 'rust-version` in Cargo metadata and use it in the MSRV build job (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/1793">#1793</a>)</li> <li><a href="7fdd014d46
"><code>7fdd014</code></a> docs: Fix building on docs.rs (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/1789">#1789</a>)</li> <li><a href="bf7ff55649
"><code>bf7ff55</code></a> chore: update changelog for 0.11.15</li> <li>See full diff in <a href="https://github.com/seanmonstar/reqwest/compare/v0.11.15...v0.11.16">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=reqwest&package-manager=cargo&previous-version=0.11.15&new-version=0.11.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 1350: build(deps): bump serde_json from 1.0.94 to 1.0.96 r=delta1 a=dependabot[bot] Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.94 to 1.0.96. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.96</h2> <ul> <li>Guarantee that <code>to_writer</code> only writes valid UTF-8 strings (<a href="https://redirect.github.com/serde-rs/json/issues/1011">#1011</a>, thanks <a href="https://github.com/stepancheg"><code>`@stepancheg</code></a>)</li>` </ul> <h2>v1.0.95</h2> <ul> <li>Preserve f32 precision when serializing f32 -> serde_json::Value -> JSON string in "arbitrary_precision" mode (<a href="https://redirect.github.com/serde-rs/json/issues/1004">#1004</a>, <a href="https://redirect.github.com/serde-rs/json/issues/1005">#1005</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="187f7dadc6
"><code>187f7da</code></a> Release 1.0.96</li> <li><a href="41199cce93
"><code>41199cc</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1011">#1011</a> from stepancheg/utf-8</li> <li><a href="cd5ed8204a
"><code>cd5ed82</code></a> Document to_writer only writes valid UTF-8 strings</li> <li><a href="ce53b862b9
"><code>ce53b86</code></a> Fix needless_borrow clippy lint in test</li> <li><a href="4ea38c4001
"><code>4ea38c4</code></a> Release 1.0.95</li> <li><a href="731886c08e
"><code>731886c</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1005">#1005</a> from dtolnay/f32cast</li> <li><a href="c9bff92c1f
"><code>c9bff92</code></a> Fix PartialEq between Value and f32</li> <li><a href="06f3443c6e
"><code>06f3443</code></a> Eliminate f32-to-f64 casting in arbitrary_precision mode</li> <li><a href="b0990a51db
"><code>b0990a5</code></a> Add regression test for issue 1004</li> <li><a href="02e583360d
"><code>02e5833</code></a> Update fuzz crate gitignore to ignore coverage dir</li> <li>Additional commits viewable in <a href="https://github.com/serde-rs/json/compare/v1.0.94...v1.0.96">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.94&new-version=1.0.96)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 1351: build(deps): bump tempfile from 3.4.0 to 3.5.0 r=delta1 a=dependabot[bot] Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.4.0 to 3.5.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Stebalien/tempfile/blob/master/NEWS">tempfile's changelog</a>.</em></p> <blockquote> <h1>3.5.0</h1> <ul> <li>Update rustix from 0.36 to 0.37.1. This makes wasi work on rust stable</li> <li>Update <code>windows-sys</code>, <code>redox_syscall</code></li> <li>BREAKING: Remove the implementation of <code>Write for &NamedTempFile<F> where &F: Write</code>. Unfortunately, this can cause compile issues in unrelated code (<a href="https://redirect.github.com/Stebalien/tempfile/issues/224">Stebalien/tempfile#224</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/Stebalien/tempfile/commits">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tempfile&package-manager=cargo&previous-version=3.4.0&new-version=3.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 1352: build(deps): bump actions/checkout from 3.5.0 to 3.5.2 r=delta1 a=dependabot[bot] Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v3.5.2</h2> <h2>What's Changed</h2> <ul> <li>Fix: Use correct API url / endpoint in GHES by <a href="https://github.com/fhammerl"><code>`@fhammerl</code></a>` in <a href="https://redirect.github.com/actions/checkout/pull/1289">actions/checkout#1289</a> based on <a href="https://redirect.github.com/actions/checkout/issues/1286">#1286</a> by <a href="https://github.com/1newsr"><code>`@1newsr</code></a></li>` </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3.5.1...v3.5.2">https://github.com/actions/checkout/compare/v3.5.1...v3.5.2</a></p> <h2>v3.5.1</h2> <h2>What's Changed</h2> <ul> <li>Improve checkout performance on Windows runners by upgrading <code>`@actions/github</code>` dependency by <a href="https://github.com/BrettDong"><code>`@BrettDong</code></a>` in <a href="https://redirect.github.com/actions/checkout/pull/1246">actions/checkout#1246</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/BrettDong"><code>`@BrettDong</code></a>` made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1246">actions/checkout#1246</a></li> <li><a href="https://github.com/fhammerl"><code>`@fhammerl</code></a>` made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1284">actions/checkout#1284</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3.5.0...v3.5.1">https://github.com/actions/checkout/compare/v3.5.0...v3.5.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h2>v3.5.2</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li> </ul> <h2>v3.5.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="8e5e7e5ab8
"><code>8e5e7e5</code></a> Release v3.5.2 (<a href="https://redirect.github.com/actions/checkout/issues/1291">#1291</a>)</li> <li><a href="eb35239ec2
"><code>eb35239</code></a> Fix: convert baseUrl to serverApiUrl 'formatted' (<a href="https://redirect.github.com/actions/checkout/issues/1289">#1289</a>)</li> <li><a href="83b7061638
"><code>83b7061</code></a> Release v3.5.1 (<a href="https://redirect.github.com/actions/checkout/issues/1284">#1284</a>)</li> <li><a href="40a16ebeed
"><code>40a16eb</code></a> Improve checkout performance on Windows runners by upgrading <code>`@actions/github</code>` ...</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/v3.5.0...v3.5.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.5.0&new-version=3.5.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit
72e554a242
Loading…
Reference in New Issue