search

hrkfdn / ncspot

Cross-platform ncurses Spotify client written in Rust, inspired by ncmpc and the likes.
BSD 2-Clause "Simplified" License
5.09k stars 212 forks source link

chore(deps): bump the cargo group with 4 updates #1536

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps the cargo group with 4 updates: zbus, fern, libc and serde_json.

Updates zbus from 4.4.0 to 5.0.1

Release notes

Sourced from zbus's releases.

πŸ”– zbus 5.0.1

  • πŸ“Œ Don't pin zvariant_utils dep. We don't always release zvariant_utils together with other crates, so unlike the macros crates, the versions don't need to be tied together. This will also allow us to bring zvariant_utils improvements to users without having to release all dependent packages as well.

πŸ”– zbus_xml 5.0.0

  • πŸ‘½οΈ Require and adapt to zvariant 5.0.
  • ⬆️ Bump MSRV to 1.81.
  • ⬆️ Update quick-xml to 0.36.
  • ⬆️ Update serde to 1.0.200.
  • πŸ“ Correct logo URL in docs.
  • πŸ’„ Use the new logo in docs.
  • πŸ“„ Add LICENSE file to the subcrate. #694

πŸ”– zbus 5.0.0

  • πŸ‘½οΈ Adapt to zvariant 5.0 API. This brings in massive performance improvements to message encoding and decoding.
  • πŸ’₯ Breakinging changes:
    • Message body signature now mandatory.
    • proxy macro respects visibility. This includes all types generated by proxy. Unfortunately this means that the existing code will have to set the visiblity explicitly to pub if they were relying on the generated proxy to be public.
    • Drop support for DBUS_COOKIE_SHA1 auth mechanism. #727
      • It drags the sha1 crate as a dependency, which can be problematic for some users. #543
      • It makes the handshake more complex, not allowing to pipeline all the commands.
      • It's not widely used. If EXTERNAL is not an option, you might as well just use ANONYMOUS.
    • πŸ›‚ Only support one authentication method at a time. Now that we're down to only two authentication mechanisms with one of them being no-authentication, this really makes sense since we can just autodetect what authentication method to use for a specific socket type on a specific platform. This also simplifies the handshake logic and will allow us to pipeline the whole client-side handshake in the future, when we can drop the xdg-dbus-proxy workarounds. #781
    • Drop unnecessary lifetimes on genarated signal streams.
    • Streamline Message & message::Builder constructors. They should be named the same and take the same type of arguments.
    • proxy::Defaults now has typed values.
    • Rename proxy::ProxyDefault to proxy::Defaults.
    • πŸ”₯ Drop API deprecated in 4.0.
    • Minor changes in fdo API.
  • ✨ New features:
    • interface now generates a trait, Signals, that provides the same signal methods as user specifies but w/o the SignalEmitter argument (#871). The macro also generates 2 implementations of this trait for:
      • InterfaceRef, for emitting signals from outside the context of an interface method.
      • SignalEmitter, for emitting signals from inside an interface methods.
    • Add SignalContext::emit. Add a new method to SignalContext that allows emitting a signal for a given interface and singal name.
    • Add Connection::graceful_shutdown.
    • Add conn::AuthMechanism::as_str(). This gives you a static string representation of the

... (truncated)

Commits
  • 6201c05 πŸ”– zb,zm: Release 5.0.1
  • 405a432 πŸ”– zv,zd: Release 5.0.1
  • 1850dac πŸ”– Release 3.0.1
  • 992e5c2 πŸ“Œ zv,zd,zm: Don't pin zvariant_utils dep
  • c36d30f Merge pull request #1090 from zeenix/port-to-winnow
  • df6b4e1 ⬆️ zd,zm: Update proc-macro-crate to 3.2
  • 413f97e βž– zu: Drop now unneeded nom dependency
  • 1539496 ⚑️ zu: Switch from nom to winnow for signature parsing
  • d06ea47 βž• zu: Add a direct dep on winnow
  • 32bd4d0 🧐 zv: Benchmark for signature parsing
  • Additional commits viewable in compare view


Updates fern from 0.6.2 to 0.7.0

Changelog

Sourced from fern's changelog.

0.7.0 (2024-10-20)

  • Upgrade colored to version 2. This is a breaking change due to colored being exposed in the public API of fern. (thanks [@​faern] for doing the boilerplate here!)
  • Remove most of the unsoundness warning, and update it to reflect fern 0.7.0 fixing the issue.
Commits
  • 120231d Bump version to 0.7.0
  • 894a70c Update version numbers in source to 0.7.0.
  • cfc8e8f Merge pull request #140 from daboross/dross/upgrade-colored
  • f82c111 Update CHANGELOG.md
  • b78b76e Add new security warning for the fixed soundness issue.
  • fdd525c Revert "Add documentation warning about usage of 'colored'"
  • ee161a7 Upgrade colored dependency to ^2
  • 8236409 Merge pull request #139 from daboross/dross/new-msrv
  • 1ecc85a Satisfy new clippy lints.
  • 8263fe0 Update secondary MSRV test versions for optional dependencies.
  • Additional commits viewable in compare view


Updates libc from 0.2.159 to 0.2.161

Release notes

Sourced from libc's releases.

0.2.161

Fixed

0.2.160

Added

Changed

Fixed

Other

Changelog

Sourced from libc's changelog.

0.2.161 - 2024-10-17

Fixed

0.2.160 - 2024-10-17

Added

Changed

Fixed

Other

... (truncated)

Commits
  • 63b4a64 chore: release v0.2.161
  • 49f1ad7 Merge pull request #3984 from tgross35/backport-bsd-fix
  • ed784c3 unbreak OpenBSD after #3937
  • b72e9bc Merge pull request #3943 from rust-lang/release-plz-2024-09-25T01-38-49Z
  • bf6680d chore: release v0.2.160
  • a367628 Merge pull request #3982 from tgross35/backport-basil
  • 35f31f8 Sort linux-musl.txt
  • 1b22329 Add fnmatch.h
  • 31f746a Merge pull request #3980 from tgross35/backport-squash
  • f39e871 VxWorks Sched_param renamed, pthread functions and constants added
  • Additional commits viewable in compare view


Updates serde_json from 1.0.128 to 1.0.132

Release notes

Sourced from serde_json's releases.

1.0.132

  • Improve binary size and compile time for JSON array and JSON object deserialization by about 50% (#1205)
  • Improve performance of JSON array and JSON object deserialization by about 8% (#1206)

1.0.131

  • Implement Deserializer and IntoDeserializer for Map<String, Value> and &Map<String, Value> (#1135, thanks @​swlynch99)

1.0.130

  • Support converting and deserializing Number from i128 and u128 (#1141, thanks @​druide)

1.0.129

Commits
  • 86d933c Release 1.0.132
  • f45b422 Merge pull request #1206 from dtolnay/hasnext
  • f2082d2 Clearer order of comparisons
  • 0f54a1a Handle early return sooner on eof in seq or map
  • 2a4cb44 Rearrange 'match peek'
  • 4cb90ce Merge pull request #1205 from dtolnay/hasnext
  • b71ccd2 Reduce duplicative instantiation of logic in SeqAccess and MapAccess
  • a810ba9 Release 1.0.131
  • 0d084c5 Touch up PR 1135
  • b4954a9 Merge pull request #1135 from swlynch99/map-deserializer
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 1 month ago

Looks like these dependencies are updatable in another way, so this is no longer needed.