Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update all non-major packages >= 1.0 #3194

Merged
merged 2 commits into from
Jun 13, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 31, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
clap dependencies patch 4.3.0 -> 4.3.3 age adoption passing confidence
dd-trace dependencies minor 3.21.0 -> 3.22.1 age adoption passing confidence
flate2 dependencies patch 1.0.24 -> 1.0.26 age adoption passing confidence
once_cell dev-dependencies minor 1.17.2 -> 1.18.0 age adoption passing confidence
once_cell dependencies minor 1.17.2 -> 1.18.0 age adoption passing confidence
regex dependencies patch 1.8.3 -> 1.8.4 age adoption passing confidence
rust-embed dependencies minor 6.6.1 -> 6.7.0 age adoption passing confidence
serde (source) dependencies patch 1.0.163 -> 1.0.164 age adoption passing confidence
tempfile (source) dev-dependencies minor 3.5.0 -> 3.6.0 age adoption passing confidence
typescript (source) devDependencies minor 5.0.4 -> 5.1.3 age adoption passing confidence
url dependencies minor 2.3.1 -> 2.4.0 age adoption passing confidence

Release Notes

clap-rs/clap

v4.3.3

Compare Source

Features
  • Command::defer for delayed initialization of subcommands to reduce startup times of large applications like deno

v4.3.2

Compare Source

Fixes
  • (derive) Don't produce unused_equalifications warnings when someone brings a clap type into scope

v4.3.1

Compare Source

Performance
  • (derive) Reduce the amount of generated code
DataDog/dd-trace-js

v3.22.1

Compare Source

Bug Fixes
  • pg: do not throw when query contains getter (#​3212)
  • esbuild: graceful continue when bundling dead code (#​3215)
Improvements
  • express: improve express regex middleware path parsing (#​3203)
  • core: include send-data missing headers and organize telemetry config variables (#​3055)
  • ci: add ability to create and publish .deb and .rpm packages (#​3189)

v3.22.0: 3.22.0

Compare Source

Features
  • waf: Support RC custom rules (#​3126)
  • waf: Update blocking page and status from RC (#​3195)
  • iast: Detect SSRF vulnerabilities (#​3115)
  • iast: Detect Insecure cookie vulnerabilities (#​3184)
Improvements
  • profiling: Use process as default strategy for oom export (#​3136)
  • tracer: Service Naming API (#​3161, #​2941, #​2961)
  • tracer: Cache integrations - Service Naming (#​3056)
  • tracer: More beautiful debug logs (#​3171)
  • tracer: postgres: DBM full service fallback w/ prepared statements (#​3186)
  • tracer: Make HTTP clients fit in the plugin hierarchy (#​3178)
  • ci-visibility: Extract code coverage from cypress (#​3159)
  • ci-visibility: Change gitlab's pipeline URL extraction (#​3183)
  • ci-visibility: Test skipping logic for cypress (#​3167)
  • waf: Update AppSec blocking templates (#​3181)
  • waf: Update AppSec rules to 1.7.1 (#​3185)
  • iast: Detect SQL injection with sequelize (#​3154)
Bug Fixes
  • iast: Fix evidence redaction (#​3160)
  • iast: Fix path traversal vulnerability detection on close file (#​3172)
  • ci-visibility: Fix cucumber parallel mode (#​3156)
  • ci-visibility: Remove git.properties error log (#​3179)
  • ci-visibility: Fix playwright@1.30.0 (#​3180)
  • waf: Fix ASM_DD batch update (#​3165)
rust-lang/flate2-rs

v1.0.26

Compare Source

What's Changed

New Contributors

Full Changelog: rust-lang/flate2-rs@1.0.25...1.0.26

v1.0.25

Compare Source

What's Changed

New Contributors

Full Changelog: rust-lang/flate2-rs@1.0.24...1.0.25

matklad/once_cell

v1.18.0

Compare Source

  • MSRV is updated to 1.60.0 to take advantage of dep: syntax for cargo features,
    removing "implementation details" from publicly visible surface.
rust-lang/regex

v1.8.4

Compare Source

==================
This is a patch release that fixes a bug where (?-u:\B) was allowed in
Unicode regexes, despite the fact that the current matching engines can report
match offsets between the code units of a single UTF-8 encoded codepoint. That
in turn means that match offsets that split a codepoint could be reported,
which in turn results in panicking when one uses them to slice a &str.

This bug occurred in the transition to regex 1.8 because the underlying
syntactical error that prevented this regex from compiling was intentionally
removed. That's because (?-u:\B) will be permitted in Unicode regexes in
regex 1.9, but the matching engines will guarantee to never report match
offsets that split a codepoint. When the underlying syntactical error was
removed, no code was added to ensure that (?-u:\B) didn't compile in the
regex 1.8 transition release. This release, regex 1.8.4, adds that code
such that Regex::new(r"(?-u:\B)") returns to the regex <1.8 behavior of
not compiling. (A bytes::Regex can still of course compile it.)

Bug fixes:

  • BUG #​1006:
    Fix a bug where (?-u:\B) was allowed in Unicode regexes, and in turn could
    lead to match offsets that split a codepoint in &str.
pyros2097/rust-embed

v6.7.0

serde-rs/serde

v1.0.164

Compare Source

Stebalien/tempfile

v3.6.0

Compare Source

  • Update windows-sys to 0.48.
  • Update rustix min version to 0.37.11
  • Forward some NamedTempFile and SpooledTempFile methods to the underlying File object for
    better performance (especially vectorized writes, etc.).
  • Implement AsFd and AsHandle.
  • Misc documentation fixes and code cleanups.
Microsoft/TypeScript

v5.1.3: TypeScript 5.1.3

Compare Source

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

servo/rust-url

v2.4.0

Compare Source

Crate version bump

  • data-url to 0.3.0
  • percent-encoding to 2.3.0
  • form_urlencoded to 1.2.0
  • idna to 0.4.0
  • url to 2.4.0

What's Changed

New Contributors

Full Changelog: servo/rust-url@v2.3.1...v2.4.0


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@github-actions
Copy link
Contributor

@renovate[bot], please consider creating a changeset entry in /.changesets/. These instructions describe the process and tooling.

@router-perf
Copy link

router-perf bot commented May 31, 2023

CI performance tests

  • const - Basic stress test that runs with a constant number of users
  • no-graphos - Basic stress test, no GraphOS.
  • step - Basic stress test that steps up the number of users over time
  • reload - Reload test over a long period of time at a constant rate of users
  • xlarge-request - Stress test with 10 MB request payload
  • large-request - Stress test with a 1 MB request payload
  • xxlarge-request - Stress test with 100 MB request payload

@renovate renovate bot force-pushed the renovate/all-non-major-gte-1.0 branch 4 times, most recently from cd02ce5 to b59e71c Compare June 1, 2023 18:31
@renovate renovate bot changed the title fix(deps): update rust crate flate2 to 1.0.26 fix(deps): update all non-major packages >= 1.0 Jun 1, 2023
@renovate renovate bot force-pushed the renovate/all-non-major-gte-1.0 branch 7 times, most recently from 8a96c8e to 99cd296 Compare June 4, 2023 14:47
@renovate
Copy link
Contributor Author

renovate bot commented Jun 4, 2023

⚠ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Cargo.lock
Command failed: docker run --rm --name=renovate_a_sidecar --label=renovate_a_child -v "/tmp/worker/65a18f/0fe777/repos/github/apollographql/router":"/tmp/worker/65a18f/0fe777/repos/github/apollographql/router" -v "/tmp/worker/65a18f/0fe777/cache":"/tmp/worker/65a18f/0fe777/cache" -e BUILDPACK_CACHE_DIR -e CONTAINERBASE_CACHE_DIR -w "/tmp/worker/65a18f/0fe777/repos/github/apollographql/router" ghcr.io/containerbase/sidecar bash -l -c "install-tool rust 1.70.0 && cargo update --manifest-path apollo-router/Cargo.toml --workspace"
install: WARNING: failed to run ldconfig. this may happen when not installing as root. run with --verbose to see the error
    Updating crates.io index
error: failed to select a version for `flate2`.
    ... required by package `deno_web v0.136.0`
    ... which satisfies dependency `deno_web = "^0.136.0"` of package `router-bridge v0.2.6+v2.4.7`
    ... which satisfies dependency `router-bridge = "^0.2.6"` of package `apollo-router v1.20.0 (/tmp/worker/65a18f/0fe777/repos/github/apollographql/router/apollo-router)`
    ... which satisfies path dependency `apollo-router` (locked to 1.20.0) of package `add-timestamp-header v0.1.0 (/tmp/worker/65a18f/0fe777/repos/github/apollographql/router/examples/add-timestamp-header/rhai)`
versions that meet the requirements `=1.0.24` are: 1.0.24

all possible versions conflict with previously selected packages.

  previously selected package `flate2 v1.0.26`
    ... which satisfies dependency `flate2 = "^1.0.26"` of package `apollo-router v1.20.0 (/tmp/worker/65a18f/0fe777/repos/github/apollographql/router/apollo-router)`
    ... which satisfies path dependency `apollo-router` (locked to 1.20.0) of package `add-timestamp-header v0.1.0 (/tmp/worker/65a18f/0fe777/repos/github/apollographql/router/examples/add-timestamp-header/rhai)`

failed to select a version for `flate2` which could resolve this conflict

File name: Cargo.lock
Command failed: docker run --rm --name=renovate_a_sidecar --label=renovate_a_child -v "/tmp/worker/65a18f/0fe777/repos/github/apollographql/router":"/tmp/worker/65a18f/0fe777/repos/github/apollographql/router" -v "/tmp/worker/65a18f/0fe777/cache":"/tmp/worker/65a18f/0fe777/cache" -e BUILDPACK_CACHE_DIR -e CONTAINERBASE_CACHE_DIR -w "/tmp/worker/65a18f/0fe777/repos/github/apollographql/router" ghcr.io/containerbase/sidecar bash -l -c "install-tool rust 1.70.0 && cargo update --manifest-path apollo-router-scaffold/Cargo.toml --workspace"
install: WARNING: failed to run ldconfig. this may happen when not installing as root. run with --verbose to see the error
    Updating crates.io index
error: failed to select a version for `flate2`.
    ... required by package `deno_web v0.136.0`
    ... which satisfies dependency `deno_web = "^0.136.0"` of package `router-bridge v0.2.6+v2.4.7`
    ... which satisfies dependency `router-bridge = "^0.2.6"` of package `apollo-router v1.20.0 (/tmp/worker/65a18f/0fe777/repos/github/apollographql/router/apollo-router)`
    ... which satisfies path dependency `apollo-router` (locked to 1.20.0) of package `add-timestamp-header v0.1.0 (/tmp/worker/65a18f/0fe777/repos/github/apollographql/router/examples/add-timestamp-header/rhai)`
versions that meet the requirements `=1.0.24` are: 1.0.24

all possible versions conflict with previously selected packages.

  previously selected package `flate2 v1.0.26`
    ... which satisfies dependency `flate2 = "^1.0.26"` of package `apollo-router v1.20.0 (/tmp/worker/65a18f/0fe777/repos/github/apollographql/router/apollo-router)`
    ... which satisfies path dependency `apollo-router` (locked to 1.20.0) of package `add-timestamp-header v0.1.0 (/tmp/worker/65a18f/0fe777/repos/github/apollographql/router/examples/add-timestamp-header/rhai)`

failed to select a version for `flate2` which could resolve this conflict

@renovate renovate bot force-pushed the renovate/all-non-major-gte-1.0 branch 14 times, most recently from 680fd84 to 187febd Compare June 7, 2023 10:39
@renovate renovate bot force-pushed the renovate/all-non-major-gte-1.0 branch 8 times, most recently from 6ce7a27 to 98f89b5 Compare June 9, 2023 15:25
@renovate renovate bot force-pushed the renovate/all-non-major-gte-1.0 branch 2 times, most recently from 5cdeec4 to 7db6322 Compare June 12, 2023 12:31
@renovate renovate bot force-pushed the renovate/all-non-major-gte-1.0 branch from 7db6322 to 6e2407a Compare June 12, 2023 12:53
@renovate
Copy link
Contributor Author

renovate bot commented Jun 12, 2023

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

@o0Ignition0o o0Ignition0o merged commit 20311e7 into dev Jun 13, 2023
@o0Ignition0o o0Ignition0o deleted the renovate/all-non-major-gte-1.0 branch June 13, 2023 10:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants