build(deps): Bump the cargo-minor-patch group across 1 directory with 10 updates#378
build(deps): Bump the cargo-minor-patch group across 1 directory with 10 updates#378dependabot[bot] wants to merge 1 commit into
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: fe5fae7429
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| [[package]] | ||
| name = "arc-swap" | ||
| version = "1.9.1" | ||
| version = "1.9.2" |
There was a problem hiding this comment.
The root /workspace/registry-stack/AGENTS.md says “Every commit needs a DCO sign-off: git commit -s,” but git log -1 --format=full 27079afe8d79a89f56af87f0cb43d36bf11e0205 has no Signed-off-by: trailer. In repositories that enforce DCO, this commit cannot merge as-is even though the lockfile change is mechanical, so please recreate or amend it with -s.
Useful? React with 👍 / 👎.
| [[package]] | ||
| name = "aws-lc-rs" | ||
| version = "1.17.0" | ||
| version = "1.17.1" |
There was a problem hiding this comment.
Add security notes for the AWS-LC bump
The root /workspace/registry-stack/AGENTS.md requires explicit review notes for changes to signing or credential issuance; this lockfile line updates aws-lc-rs, which crates/registry-platform-crypto/src/lib.rs uses for RSA signing and crates/registry-notary-server/src/state_plane/sensitive.rs uses for AEAD/HMAC state protection. The commit body only carries Dependabot release notes, so reviewers lack the required repo-specific security note/validation for the affected crypto paths; please add that note before merging.
Useful? React with 👍 / 👎.
… 10 updates Bumps the cargo-minor-patch group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [arc-swap](https://github.com/vorner/arc-swap) | `1.9.1` | `1.9.2` | | [aws-lc-rs](https://github.com/aws/aws-lc-rs) | `1.17.0` | `1.17.1` | | [bytes](https://github.com/tokio-rs/bytes) | `1.12.0` | `1.12.1` | | [clap](https://github.com/clap-rs/clap) | `4.6.1` | `4.6.2` | | [ryu-js](https://github.com/boa-dev/ryu-js) | `1.0.2` | `1.0.3` | | [time](https://github.com/time-rs/time) | `0.3.51` | `0.3.53` | | [tokio](https://github.com/tokio-rs/tokio) | `1.52.3` | `1.52.4` | | [toml](https://github.com/toml-rs/toml) | `1.1.2+spec-1.1.0` | `1.1.3+spec-1.1.0` | | [uuid](https://github.com/uuid-rs/uuid) | `1.23.4` | `1.24.0` | | [regex](https://github.com/rust-lang/regex) | `1.12.4` | `1.13.1` | Updates `arc-swap` from 1.9.1 to 1.9.2 - [Changelog](https://github.com/vorner/arc-swap/blob/master/CHANGELOG.md) - [Commits](https://github.com/vorner/arc-swap/commits) Updates `aws-lc-rs` from 1.17.0 to 1.17.1 - [Release notes](https://github.com/aws/aws-lc-rs/releases) - [Commits](aws/aws-lc-rs@v1.17.0...v1.17.1) Updates `bytes` from 1.12.0 to 1.12.1 - [Release notes](https://github.com/tokio-rs/bytes/releases) - [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md) - [Commits](tokio-rs/bytes@v1.12.0...v1.12.1) Updates `clap` from 4.6.1 to 4.6.2 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](clap-rs/clap@clap_complete-v4.6.1...clap_complete-v4.6.2) Updates `ryu-js` from 1.0.2 to 1.0.3 - [Release notes](https://github.com/boa-dev/ryu-js/releases) - [Changelog](https://github.com/boa-dev/ryu-js/blob/main/CHANGELOG.md) - [Commits](boa-dev/ryu-js@v1.0.2...v1.0.3) Updates `time` from 0.3.51 to 0.3.53 - [Release notes](https://github.com/time-rs/time/releases) - [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md) - [Commits](time-rs/time@v0.3.51...v0.3.53) Updates `tokio` from 1.52.3 to 1.52.4 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.52.3...tokio-1.52.4) Updates `toml` from 1.1.2+spec-1.1.0 to 1.1.3+spec-1.1.0 - [Commits](toml-rs/toml@toml-v1.1.2...toml-v1.1.3) Updates `uuid` from 1.23.4 to 1.24.0 - [Release notes](https://github.com/uuid-rs/uuid/releases) - [Commits](uuid-rs/uuid@v1.23.4...v1.24.0) Updates `regex` from 1.12.4 to 1.13.1 - [Release notes](https://github.com/rust-lang/regex/releases) - [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md) - [Commits](rust-lang/regex@1.12.4...1.13.1) --- updated-dependencies: - dependency-name: arc-swap dependency-version: 1.9.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: aws-lc-rs dependency-version: 1.17.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: bytes dependency-version: 1.12.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: clap dependency-version: 4.6.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: regex dependency-version: 1.13.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: cargo-minor-patch - dependency-name: ryu-js dependency-version: 1.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: time dependency-version: 0.3.53 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: tokio dependency-version: 1.52.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: toml dependency-version: 1.1.3+spec-1.1.0 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: uuid dependency-version: 1.24.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: cargo-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>
fe5fae7 to
5432ba0
Compare
Bumps the cargo-minor-patch group with 10 updates in the / directory:
1.9.11.9.21.17.01.17.11.12.01.12.14.6.14.6.21.0.21.0.30.3.510.3.531.52.31.52.41.1.2+spec-1.1.01.1.3+spec-1.1.01.23.41.24.01.12.41.13.1Updates
arc-swapfrom 1.9.1 to 1.9.2Changelog
Sourced from arc-swap's changelog.
Commits
Updates
aws-lc-rsfrom 1.17.0 to 1.17.1Release notes
Sourced from aws-lc-rs's releases.
... (truncated)
Commits
741dbf5Prepare aws-lc-rs v1.17.1 (#1164)e6d42b8Prepare aws-lc-sys v0.42.0 (#1162)bd7abf5Harden GitHub Actions workflows against script injection (#1161)93b0123Addwasm32-unknown-emscriptenbuild and test support (#1059)7b8a0e7feat(system-lib): auto-detect system AWS-LC from OPENSSL_* and pkg-config (#1...a95c524Prepare aws-lc-fips-sys v0.13.15 (#1158)00e016aBump actions/checkout from 6 to 7 (#1157)e7568defix(system-lib): gate system AWS-LC on a declared minimum version (#1152)dfe4525fix(builder): select flag dialect by compiler driver mode, not target ABI (#1...26838darsa: report specific key rejection for invalid sizes (#1153)Updates
bytesfrom 1.12.0 to 1.12.1Release notes
Sourced from bytes's releases.
Changelog
Sourced from bytes's changelog.
Commits
76c0fbbRelease bytes v1.12.1 (#838)924c82bHandle unwinding from Box::new (#837)Updates
clapfrom 4.6.1 to 4.6.2Release notes
Sourced from clap's releases.
Changelog
Sourced from clap's changelog.
Commits
0fe0be3chore: Release480af9ddocs: Update changelog2b3ddd0Merge pull request #6340 from liskin/fix-completion-escape7ffe739fix(complete): Do not suggest options after "--"d47fc4ftest(complete): Options suggested after escape (--)Updates
ryu-jsfrom 1.0.2 to 1.0.3Release notes
Sourced from ryu-js's releases.
Changelog
Sourced from ryu-js's changelog.
Commits
f8d6626Releasev1.0.3(#64)9a936cbMakeCursorstore unsigned integer len and index (#63)97e8180Bump actions/cache from 4 to 6 (#62)4beec89Fix panic in format64_to_fixed when rounding carries past all integer digits ...03bf0f3Sync upstream/main (#57)Updates
timefrom 0.3.51 to 0.3.53Release notes
Sourced from time's releases.
Changelog
Sourced from time's changelog.
Commits
0ae2f84v0.3.53 releasecea8c96Avoid issue withcookiecrate temporarily55e1f2bRequire private type to properly seal traits7cf4780v0.3.52 release0e5b04fFix trusted publishing workflow6e4140aSupport default values when parsing10ac36aAdd more doctests toTimestamp6b0d468Restore lexer depth on the unclosed-bracket error path0abc06dAdd trusted publishing43cf0c0Preferentially group shards by targetUpdates
tokiofrom 1.52.3 to 1.52.4Release notes
Sourced from tokio's releases.
Commits
efdba5fchore: prepare Tokio v1.52.4 (#8289)b0ba02eMerge 'tokio-1.51.4' into 'tokio-1.52.x' (#8288)7bcd2d3taskdump: remove crate disambiguators from output (#8288)f84b209chore: prepare Tokio v1.51.4 (#8286)eacb98eruntime: don't skip the driver whenbefore_parkschedules work (#8222)Updates
tomlfrom 1.1.2+spec-1.1.0 to 1.1.3+spec-1.1.0Commits
eb25160chore: Releasef36fb52docs: Update changelog3adbbb7fix(writer): Don't overflow (#1189)fb0c1b3fix(writer): Don't overflow5e70a70test(writer): Add overflow test771a975chore: Upgrade toml-test (#1186)28f6c9cchore: Upgrade toml-test30d75cachore(deps): Update Prek to v0.4.9 (#1185)17efe57chore(deps): Update Rust Stable to v1.97 (#1184)c9d0d54style: Make clippy happyUpdates
uuidfrom 1.23.4 to 1.24.0Release notes
Sourced from uuid's releases.
Commits
6a8aeabMerge pull request #896 from uuid-rs/cargo/v1.24.0e6db8ecprepare for 1.24.0 release606f236Merge pull request #892 from weifanglab/mainab848dbfeat(fmt): support encoding into MaybeUninit buffers5dc6b3dMerge pull request #895 from uuid-rs/cargo/v1.23.55a7dfe5prepare for 1.23.5 release9b4bfc8Merge pull request #894 from geeknoid/main5acc5a5perf: Optimize UUID hex parsing and formatting6fa1a1efeat(fmt): support encoding into MaybeUninit buffers1e5d867Merge pull request #891 from frostyplanet/docUpdates
regexfrom 1.12.4 to 1.13.1Changelog
Sourced from regex's changelog.
Commits
2b527591.13.1, redux40e98231.13.175fcb96changelog: 1.13.164ad0b6automata: fix bug in reverse suffix/inner optimizationfa91c31automata: fix a bug caught by Codex review30390ecautomata: formatting tweaks821a8ebautomata: refactor reverse suffix/inner search slightly10afd70automata: expose the extracted literals for inner literal extraction8c34f41automata: avoid reverse suffix optimization for non-leftmost-first5524f02test: add regression tests for failed reverse suffix/inner optimizations