build(deps): bump the extractor group across 1 directory with 3 updates

[dependabot[bot]]

Bumps the extractor group with 3 updates in the / directory: flate2, tree-sitter and clap.

Updates flate2 from 1.0.31 to 1.0.33

Release notes

Sourced from flate2's releases.

1.0.33 - fix minimal manifest versions

What's Changed

• Fix msrv: Run msrv checks with minimal versions by @​NobodyXu in rust-lang/flate2-rs#425

New Contributors

• @​NobodyXu made their first contribution in rust-lang/flate2-rs#425

Full Changelog: https://github.com/rust-lang/flate2-rs/compare/1.0.32...1.0.33

1.0.32 - turn panic into error

What's Changed

Fix

• Return error instead of packing on Z_MEM_ERROR by @​crazymerlyn in rust-lang/flate2-rs#423

Other

• prepare new release by @​Byron in rust-lang/flate2-rs#416
• update miniz_oxide dependency to 0.8.x by @​oyvindln in rust-lang/flate2-rs#420
• update maintenance guide with recent news by @​Byron in rust-lang/flate2-rs#419
• Check minimal version of Rust that compiles by @​jongiddy in rust-lang/flate2-rs#421
• Remove non-existent build in CI by @​jongiddy in rust-lang/flate2-rs#422

New Contributors

• @​crazymerlyn made their first contribution in rust-lang/flate2-rs#423

Full Changelog: https://github.com/rust-lang/flate2-rs/compare/1.0.31...1.0.32

Changelog

Sourced from flate2's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Commits

• 50852c6 Merge pull request #425 from NobodyXu/patch-1
• a2df1db bump tested MSRV to 1.63
• 66c6907 bump patch level for new release that builds with -Zminimal-versions
• a5d38e8 increase minimal versions of libz-ng-sys and libz-sys to their latest rel...
• 80fc1e5 Do not check msrv for feature zlib-rs
• b332bac Run msrv with different features
• f51da32 Run msrv CI on windows and macos
• 387b9c6 Fix msrv: Run msrv checks with minimal versions
• 367ec74 Merge pull request #423 from crazymerlyn/memerror
• 6084e47 Bump version
• Additional commits viewable in compare view

Updates tree-sitter from 0.22.6 to 0.23.0

Release notes

Sourced from tree-sitter's releases.

v0.23.0

[0.23.0] - 2024-08-26

Breaking

• Introduce tree-sitter-language crate for grammar crates to depend on (tree-sitter/tree-sitter#3069)
• Revert interning of a sequence or choice of a single rule (tree-sitter/tree-sitter#3548)
• bindings: Use capsules in python (tree-sitter/tree-sitter#3384)
• dsl: Support other JS runtimes (tree-sitter/tree-sitter#3355)

Features

• Add fuzz subcommand (tree-sitter/tree-sitter#3385)
• Allow external scanners to use the logger (tree-sitter/tree-sitter#3204)
• bindings: Add query constants to python
• bindings: Add node, python, swift tests (tree-sitter/tree-sitter#3178)
• bindings: Update npm scripts (tree-sitter/tree-sitter#3210)
• cli: Bump unicode data to v15.1.0
• cli: Add debug build flag (tree-sitter/tree-sitter#3279)
• cli: Attach helpful context when grammar.json cannot be found (tree-sitter/tree-sitter#3405)
• cli: Add --show-fields flag to test command (tree-sitter/tree-sitter#3502)
• lib: Add ts_query_end_byte_for_pattern (tree-sitter/tree-sitter#3451)
• lib: Support no_std
• zig: Update outdated path syntax (tree-sitter/tree-sitter#3383)

Bug Fixes

• Always reset to the first language when iterating over language attributes (tree-sitter/tree-sitter#3375)
• Better error when a supertype rule is invalid (tree-sitter/tree-sitter#3400)
• Intern a sequence or choice of a single element the same as the element itself
• Do not "absorb" rules that consist of a single terminal if the rule is hidden (tree-sitter/tree-sitter#2577)
• bindings: Update go bindings (tree-sitter/tree-sitter#3544)
• cli: Installation via authenticated proxy (tree-sitter/tree-sitter#3414)
• cli: Dedup preceding_auxiliary_symbols (tree-sitter/tree-sitter#3550)
• dsl: Improve error message when a rule function returns undefined (tree-sitter/tree-sitter#3452)
• generate: Rename cargo.toml template (tree-sitter/tree-sitter#3532)
• go: Update parser name in binding files, add to docs (tree-sitter/tree-sitter#3547)
• lib: A null clock must have tv_nsec be 0 as well (tree-sitter/tree-sitter#3372)
• lib: Restrict pattern_map optimization when a wildcard step has an immediate first child (tree-sitter/tree-sitter#3440)
• lib: An empty root node should not precede an empty range (tree-sitter/tree-sitter#3450)
• lib: Fix api header C++ interop (tree-sitter/tree-sitter#3534)
• make: Fail properly on Windows (tree-sitter/tree-sitter#3418)
• rust: Fetch CARGO_MANIFEST_DIR at runtime in build script (tree-sitter/tree-sitter#3352)
• rust: Fix new clippy warnings (tree-sitter/tree-sitter#3491)
• test: Multi-grammar corpus tests are now in the repo root (tree-sitter/tree-sitter#3342)
• wasm: Update test

Performance

• Hoist out common subexpressions in satisfies_text_predicates (tree-sitter/tree-sitter#3397)

... (truncated)

Changelog

Sourced from tree-sitter's changelog.

[0.23.0] - 2024-08-26

Breaking

• Introduce tree-sitter-language crate for grammar crates to depend on (tree-sitter/tree-sitter#3069)
• Revert interning of a sequence or choice of a single rule (tree-sitter/tree-sitter#3548)
• bindings: Use capsules in python (tree-sitter/tree-sitter#3384)
• dsl: Support other JS runtimes (tree-sitter/tree-sitter#3355)

Features

• Add fuzz subcommand (tree-sitter/tree-sitter#3385)
• Allow external scanners to use the logger (tree-sitter/tree-sitter#3204)
• bindings: Add query constants to python
• bindings: Add node, python, swift tests (tree-sitter/tree-sitter#3178)
• bindings: Update npm scripts (tree-sitter/tree-sitter#3210)
• cli: Bump unicode data to v15.1.0
• cli: Add debug build flag (tree-sitter/tree-sitter#3279)
• cli: Attach helpful context when grammar.json cannot be found (tree-sitter/tree-sitter#3405)
• cli: Add --show-fields flag to test command (tree-sitter/tree-sitter#3502)
• lib: Add ts_query_end_byte_for_pattern (tree-sitter/tree-sitter#3451)
• lib: Support no_std
• zig: Update outdated path syntax (tree-sitter/tree-sitter#3383)

Bug Fixes

• Always reset to the first language when iterating over language attributes (tree-sitter/tree-sitter#3375)
• Better error when a supertype rule is invalid (tree-sitter/tree-sitter#3400)
• Intern a sequence or choice of a single element the same as the element itself
• Do not "absorb" rules that consist of a single terminal if the rule is hidden (tree-sitter/tree-sitter#2577)
• bindings: Update go bindings (tree-sitter/tree-sitter#3544)
• cli: Installation via authenticated proxy (tree-sitter/tree-sitter#3414)
• cli: Dedup preceding_auxiliary_symbols (tree-sitter/tree-sitter#3550)
• dsl: Improve error message when a rule function returns undefined (tree-sitter/tree-sitter#3452)
• generate: Rename cargo.toml template (tree-sitter/tree-sitter#3532)
• go: Update parser name in binding files, add to docs (tree-sitter/tree-sitter#3547)
• lib: A null clock must have tv_nsec be 0 as well (tree-sitter/tree-sitter#3372)
• lib: Restrict pattern_map optimization when a wildcard step has an immediate first child (tree-sitter/tree-sitter#3440)
• lib: An empty root node should not precede an empty range (tree-sitter/tree-sitter#3450)
• lib: Fix api header C++ interop (tree-sitter/tree-sitter#3534)
• make: Fail properly on Windows (tree-sitter/tree-sitter#3418)
• rust: Fetch CARGO_MANIFEST_DIR at runtime in build script (tree-sitter/tree-sitter#3352)
• rust: Fix new clippy warnings (tree-sitter/tree-sitter#3491)
• test: Multi-grammar corpus tests are now in the repo root (tree-sitter/tree-sitter#3342)
• wasm: Update test

Performance

• Hoist out common subexpressions in satisfies_text_predicates (tree-sitter/tree-sitter#3397)

... (truncated)

Commits

• 12fb318 0.23.0
• fc4d7bd fix(cli): dedup preceding_auxiliary_symbols
• ff8b50c build(bindings): use language version in soname
• f9c4cb6 build(lib): include the minor in the soname
• 6ef7685 fix!: revert interning of a sequence or choice of a single rule
• 973b010 fix(go): update parser name in binding files, add to docs
• 2150c91 fix(bindings): update go bindings
• b5e4ef6 clone wasm store engine (#3542)
• 5364ac4 Merge pull request #3540 from clason/bump-wasmtime
• b0dab87 build(deps): bump wasmtime to v24.0.0
• Additional commits viewable in compare view

Updates clap from 4.5.15 to 4.5.16

Release notes

Sourced from clap's releases.

v4.5.16

[4.5.16] - 2024-08-15

Fixes

• (derive) Improve error messages when derive feature is missing

Changelog

Sourced from clap's changelog.

[4.5.16] - 2024-08-15

Fixes

• (derive) Improve error messages when derive feature is missing

Commits

• cedb1f0 chore: Release
• c22a510 docs(complete): Fix registration commands
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
cargo/adler2	2.0.0	Unknown	Unknown
cargo/cc	1.1.15	:green_circle: 6.3	Details Check Score Reason Code-Review :green_circle: 8 Found 14/16 approved changesets -- score normalized to 8 Maintained :green_circle: 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
cargo/clap	4.5.16	:green_circle: 5.8	Details Check Score Reason Code-Review :warning: 1 Found 2/13 approved changesets -- score normalized to 1 Maintained :green_circle: 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Security-Policy :warning: 0 security policy file not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 8 2 existing vulnerabilities detected
cargo/flate2	1.0.33	:green_circle: 7.2	Details Check Score Reason Code-Review :green_circle: 10 all changesets reviewed Maintained :green_circle: 10 29 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :green_circle: 10 project is fuzzed Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
cargo/miniz_oxide	0.8.0	:green_circle: 4.8	Details Check Score Reason Code-Review :green_circle: 3 Found 9/30 approved changesets -- score normalized to 3 Maintained :green_circle: 5 7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Packaging :warning: -1 packaging workflow not detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Fuzzing :green_circle: 10 project is fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
cargo/regex-syntax	0.8.4	:green_circle: 6.8	Details Check Score Reason Code-Review :warning: 2 Found 8/30 approved changesets -- score normalized to 2 Maintained :green_circle: 10 14 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :green_circle: 10 project is fuzzed Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
cargo/shlex	1.3.0	:green_circle: 4.2	Details Check Score Reason Code-Review :warning: 2 Found 5/18 approved changesets -- score normalized to 2 Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: 0 branch protection not enabled on development/release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Fuzzing :green_circle: 10 project is fuzzed Security-Policy :warning: 0 security policy file not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
cargo/tree-sitter	0.23.0	:green_circle: 4.8	Details Check Score Reason Code-Review :green_circle: 4 Found 11/26 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
cargo/tree-sitter-language	0.1.0	:green_circle: 4.8	Details Check Score Reason Code-Review :green_circle: 4 Found 11/26 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
cargo/tree-sitter	>= 0.20.0, < 0.24.0	:green_circle: 4.8	Details Check Score Reason Code-Review :green_circle: 4 Found 11/26 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected

Scanned Manifest Files

Cargo.lock

• adler2@2.0.0
• cc@1.1.15
• clap@4.5.16
• flate2@1.0.33
• miniz_oxide@0.8.0
• regex-syntax@0.8.4
• shlex@1.3.0
• tree-sitter@0.23.0
• tree-sitter-language@0.1.0
• adler@1.0.2
• cc@1.0.96
• clap@4.5.15
• flate2@1.0.31
• miniz_oxide@0.7.1
• regex-syntax@0.8.2
• tree-sitter@0.22.6

extractor/Cargo.toml

• tree-sitter@>= 0.20.0, < 0.24.0
• tree-sitter@>= 0.20.0, < 0.23.0

[dependabot[bot]]

Superseded by #153.