caizixian / notegraf

A graph-oriented notebook
https://notegraf.zcai.org
GNU Affero General Public License v3.0
9 stars 2 forks source link

Bump actix-web from 4.5.1 to 4.8.0 #749

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 5 months ago

Bumps actix-web from 4.5.1 to 4.8.0.

Release notes

Sourced from actix-web's releases.

actix-web: v4.8.0

Added

  • Add web::Html responder.
  • Add HttpRequest::full_url() method to get the complete URL of the request.

Fixed

  • Always remove port from return value of ConnectionInfo::realip_remote_addr() when handling IPv6 addresses. from the Forwarded header.
  • The UrlencodedError::ContentType variant (relevant to the Form extractor) now uses the 415 (Media Type Unsupported) status code in it's ResponseError implementation.
  • Apply HttpServer::max_connection_rate() setting when using rustls v0.22 or v0.23.

actix-web: v4.7.0

Added

  • Add #[scope] macro.
  • Add middleware::Identity type.
  • Add CustomizeResponder::add_cookie() method.
  • Add guard::GuardContext::app_data() method.
  • Add compat-routing-macros-force-pub crate feature which (on-by-default) which, when disabled, causes handlers to inherit their attached function's visibility.
  • Add compat crate feature group (on-by-default) which, when disabled, helps with transitioning to some planned v5.0 breaking changes, starting only with compat-routing-macros-force-pub.
  • Implement From<Box<dyn ResponseError>> for Error.

actix-web: v4.6.0

Added

  • Add unicode crate feature (on-by-default) to switch between regex and regex-lite as a trade-off between full unicode support and binary size.
  • Add rustls-0_23 crate feature.
  • Add HttpServer::{bind_rustls_0_23, listen_rustls_0_23}() builder methods.
  • Add HttpServer::tls_handshake_timeout() builder method for rustls-0_22 and rustls-0_23.

Changed

  • Update brotli dependency to 6.
  • Minimum supported Rust version (MSRV) is now 1.72.

Fixed

  • Avoid type confusion with rustls in some circumstances.
Commits
  • 4222f92 chore(actix-web): prepare release 4.8.0
  • d92a73e chore(actix-http): prepare release 3.8.0
  • c612b5c ci: fix checks
  • cbb55ba ci: use just for feature combos check
  • 643d645 Fix Rustls 0.22 & 0.23 are limited to 256 handshakes per second. (#3408)
  • 66905ef build(deps): bump taiki-e/install-action from 2.38.0 to 2.39.1 (#3404)
  • c076e34 build(deps): bump codecov/codecov-action from 4.4.1 to 4.5.0 (#3405)
  • 3ecaff5 build(deps): bump taiki-e/cache-cargo-install-action from 1.2.2 to 2.0.1 (#3406)
  • fa74ab3 remove references to StaticFiles (#3400)
  • 188206a feat: Html responder (#3399)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)