heroku / buildpacks-nodejs

Heroku's Cloud Native Buildpacks for Node.js applications.
BSD 3-Clause "New" or "Revised" License
2 stars 2 forks source link

Bump chrono from 0.4.28 to 0.4.31 #653

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps chrono from 0.4.28 to 0.4.31.

Release notes

Sourced from chrono's releases.

0.4.31

Another maintenance release. It was not a planned effort to improve our support for UNIX timestamps, yet most PRs seem related to this.

Deprecations

  • Deprecate timestamp_nanos in favor of the non-panicking timestamp_nanos_opt (#1275)

Additions

  • Add DateTime::<Utc>::from_timestamp (#1279, thanks @​demurgos)
  • Add TimeZone::timestamp_micros (#1285, thanks @​emikitas)
  • Add DateTime<Tz>::timestamp_nanos_opt and NaiveDateTime::timestamp_nanos_opt (#1275)
  • Add UNIX_EPOCH constants (#1291)

Fixes

  • Format day of month in RFC 2822 without padding (#1272)
  • Don't allow strange leap seconds which are not on a minute boundary initialization methods (#1283) This makes many methods a little more strict:
    • NaiveTime::from_hms_milli
    • NaiveTime::from_hms_milli_opt
    • NaiveTime::from_hms_micro
    • NaiveTime::from_hms_micro_opt
    • NaiveTime::from_hms_nano
    • NaiveTime::from_hms_nano_opt
    • NaiveTime::from_num_seconds_from_midnight
    • NaiveTime::from_num_seconds_from_midnight_opt
    • NaiveDate::and_hms_milli
    • NaiveDate::and_hms_milli_opt
    • NaiveDate::and_hms_micro
    • NaiveDate::and_hms_micro_opt
    • NaiveDate::and_hms_nano
    • NaiveDate::and_hms_nano_opt
    • NaiveDateTime::from_timestamp
    • NaiveDateTime::from_timestamp_opt
    • TimeZone::timestamp
    • TimeZone::timestamp_opt
  • Fix underflow in NaiveDateTime::timestamp_nanos_opt (#1294, thanks @​crepererum)

Documentation

  • Add more documentation about the RFC 2822 obsolete date format (#1267)

Internal

  • Remove internal __doctest feature and doc_comment dependency (#1276)
  • CI: Bump actions/checkout from 3 to 4 (#1280)
  • Optimize NaiveDate::add_days for small values (#1214)
  • Upgrade pure-rust-locales to 0.7.0 (#1288, thanks @​jeremija wo did good improvements on pure-rust-locales)

Thanks to all contributors on behalf of the chrono team, @​djc and @​pitdicker!

0.4.30

In this release, we have decided to swap out the chrono::Duration type (which has been a re-export of time 0.1 Duration type) with our own definition, which exposes a strict superset of the time::Duration API. This helps avoid warnings about the [CVE-2020-26235] and [RUSTSEC-2020-0071] advisories for downstream users and allows us to improve the Duration API going forward.

... (truncated)

Commits
  • e730c6a Bump version to 0.4.31
  • 2afdde8 fix: underflow during datetime->nanos conversion
  • 46ad2c2 Add UNIX_EPOCH constants
  • 1df8db3 Add TimeZone::timestamp_micros
  • 861d4e1 Make TimeZone::timestamp_millis_opt use
  • 3c4846a Upgrade pure-rust-locales to 0.7.0
  • 6665804 Deny leap second if secs != 59 in from_num_seconds_from_midnight_opt
  • 61b7ffb Deny leap second if secs != 59 in from_hms_nano_opt
  • 202af6c Don't generate leap seconds that are not 60 in NaiveTime's Arbitrary impl
  • 60283ab Don't create strange leap seconds in tests
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions