[cargo](deps): Bump the deps group with 14 updates

[dependabot[bot]]

Bumps the deps group with 14 updates:

Package	From	To
reqwest	0.12.2	0.12.3
base64	0.21.7	0.22.0
cc	1.0.90	1.0.91
getrandom	0.2.12	0.2.13
h2	0.4.3	0.4.4
pest	2.7.8	2.7.9
pest_derive	2.7.8	2.7.9
pest_generator	2.7.8	2.7.9
pest_meta	2.7.8	2.7.9
rustls-pemfile	1.0.4	2.1.2
rustversion	1.0.14	1.0.15
security-framework	2.9.2	2.10.0
strsim	0.11.0	0.11.1
winreg	0.50.0	0.52.0

Updates reqwest from 0.12.2 to 0.12.3

Release notes

Sourced from reqwest's releases.

v0.12.3

What's Changed

• Add FromStr for dns::Name.
• Add ClientBuilder::built_in_webpki_certs(bool) to enable them separately.
• Add ClientBuilder::built_in_native_certs(bool) to enable them separately.
• Fix sending content-length: 0 for GET requests.
• Fix response body content_length() to return value when timeout is configured.
• Fix ClientBuilder::resolve() to use lowercase domain names.

New Contributors

• @​zuisong made their first contribution in seanmonstar/reqwest#2207
• @​djc made their first contribution in seanmonstar/reqwest#2222
• @​krant made their first contribution in seanmonstar/reqwest#2226
• @​Kriskras99 made their first contribution in seanmonstar/reqwest#2236

Full Changelog: https://github.com/seanmonstar/reqwest/compare/v0.12.2...v0.12.3

Changelog

Sourced from reqwest's changelog.

v0.12.3

• Add FromStr for dns::Name.
• Add ClientBuilder::built_in_webpki_certs(bool) to enable them separately.
• Add ClientBuilder::built_in_native_certs(bool) to enable them separately.
• Fix sending content-length: 0 for GET requests.
• Fix response body content_length() to return value when timeout is configured.
• Fix ClientBuilder::resolve() to use lowercase domain names.

Commits

• 0720159 v0.12.3
• 9209695 Remove duplicate example for ClientBuilder::default_headers (#2236)
• e3a1565 fix: use lower case domain string when using resolve and resolve_to_addrs...
• b4c491a feat: allow fine-grained root certs for rustls (#2232)
• cf4295d chore: update winreg to 0.52.0 (#2226)
• db25e80 chore: upgrade base64 to 0.22 (#2224)
• 13e27b7 fix: response body timeout forwards the size hint
• 872af0c refactor: upgrade to rustls-pemfile 2 (#2222)
• 68a3f58 fix: stop sending content-length: 0 for GET requests (#2207)
• 14e46ff FromStr trait implementation for Name (#2212)
• See full diff in compare view

Updates base64 from 0.21.7 to 0.22.0

Changelog

Sourced from base64's changelog.

0.22.0

• DecodeSliceError::OutputSliceTooSmall is now conservative rather than precise. That is, the error will only occur if the decoded output cannot fit, meaning that Engine::decode_slice can now be used with exactly-sized output slices. As part of this, Engine::internal_decode now returns DecodeSliceError instead of DecodeError, but that is not expected to affect any external callers.
• DecodeError::InvalidLength now refers specifically to the number of valid symbols being invalid (i.e. len % 4 == 1), rather than just the number of input bytes. This avoids confusing scenarios when based on interpretation you could make a case for either InvalidLength or InvalidByte being appropriate.
• Decoding is somewhat faster (5-10%)

Commits

• 5d70ba7 Merge pull request #269 from marshallpierce/mp/decode-precisely
• efb6c00 Release notes
• 2b91084 Add some tests to boost coverage
• 9e9c7ab Engine::internal_decode now returns DecodeSliceError
• a8a60f4 Decode main loop improvements
• a25be06 Simplify leftover output writes
• 9979cc3 Keep morsels as separate bytes
• 37670c5 Bump dev toolchain version (#268)
• See full diff in compare view

Updates cc from 1.0.90 to 1.0.91

Release notes

Sourced from cc's releases.

1.0.91

What's Changed

• Update windows-bindgen requirement from 0.54 to 0.55 by @​dependabot in rust-lang/cc-rs#999
• Fix: Accept non utf-8 characters in compiler and archiver by @​NobodyXu in rust-lang/cc-rs#998
• CI: Add automatic publish on tag creation by @​NobodyXu in rust-lang/cc-rs#978
• feat: Query rustc for clang target triples instead of hardcoding them by @​NobodyXu in rust-lang/cc-rs#1004
• Fix safety comment for LibraryHandle::get_proc_address by @​NobodyXu in rust-lang/cc-rs#1010
• Fix compile family detection: Use C macros instead of $compiler -v by @​NobodyXu in rust-lang/cc-rs#1000
• refactor: Optimize code based on cargo clippy suggestions by @​InventiveCoder in rust-lang/cc-rs#1013
• Fix regression in compiler family detection by @​russelltg in rust-lang/cc-rs#1014
• Also shim llvm-ar in the clang_android test on non-Windows by @​dpaoliello in rust-lang/cc-rs#1016
• Fix caching of supported compiler flag by @​NobodyXu in rust-lang/cc-rs#1002
• fix llvm-ar as archiver for msvc targets; fix clang-cl detection; fix assembler output flag detection; add clang/clang-cl windows CI by @​russelltg in rust-lang/cc-rs#1015
• fix(env_tool): return None if env is empty by @​cathaysia in rust-lang/cc-rs#1021
• Release cc 1.0.91 by @​NobodyXu in rust-lang/cc-rs#1024

New Contributors

• @​InventiveCoder made their first contribution in rust-lang/cc-rs#1013
• @​russelltg made their first contribution in rust-lang/cc-rs#1014
• @​cathaysia made their first contribution in rust-lang/cc-rs#1021

Full Changelog: https://github.com/rust-lang/cc-rs/compare/1.0.90...1.0.91

Commits

• c9b0850 Release cc 1.0.91 (#1024)
• d902ed3 fix(env_tool): return None if env is empty (#1021)
• fd912ec fix llvm-ar as archiver for msvc targets; fix clang-cl detection; fix assembl...
• be62f4a Fix caching of supported compiler flag (#1002)
• bbae474 Also shim llvm-ar in the clang_android test on non-Windows (#1016)
• 0195ebf Fix regression in compiler family detection (#1014)
• 30c6b72 refactor: Optimize code based on cargo clippy suggestions (#1013)
• f36d6a7 Fix compile family detection: Use C macros instead of $compiler -v (#1000)
• 77a54a9 Fix safety comment for LibraryHandle::get_proc_address (#1010)
• abf67d7 feat: Query rustc for clang target triples instead of hardcoding them (#1004)
• Additional commits viewable in compare view

Updates getrandom from 0.2.12 to 0.2.13

Changelog

Sourced from getrandom's changelog.

[0.2.13] - 2024-04-06

Added

• linux_disable_fallback crate feature to disable /dev/urandom-based fallback on Linux and Android targets. Enabling this feature bumps minimum supported Linux kernel version to 3.17 and Android API level to 23 (Marshmallow). #396

Changed

• Disable /dev/urandom fallback for Linux targets outside of the following target_arches: aarch64, arm, powerpc, powerpc64, s390x, x86, x86_64 #396
• Do not catch EPERM error code on Android while checking availability of the getrandom syscall #396

#396: rust-random/getrandom#396

Commits

• 968dd48 Release v0.2.13 (#405)
• 8ffd43e Conditionally disable file fallback for Android and Linux (#396)
• 6b7bcb5 Replace man7.org links with manned.org (#404)
• 5f0701f CI: Run tests on aarch64-apple-darwin and aarch64-apple-ios-sim. (#398)
• 489eeee Fix nightly build by removing redundant use (#399)
• d102c36 Use doc_auto_cfg instead of doc_cfg (#392)
• 2e4bb4d Correct comments regarding LazyUsize (#391)
• See full diff in compare view

Updates h2 from 0.4.3 to 0.4.4

Release notes

Sourced from h2's releases.

v0.4.4

Fixes

• Limit number of CONTINUATION frames for misbehaving connections.

See https://seanmonstar.com/blog/hyper-http2-continuation-flood/ for more info.

Changelog

Sourced from h2's changelog.

0.4.4 (April 3, 2024)

• Limit number of CONTINUATION frames for misbehaving connections.

Commits

• 51fe05a v0.4.4
• e76bd74 fix: limit number of CONTINUATION frames allowed
• See full diff in compare view

Updates pest from 2.7.8 to 2.7.9

Commits

• f60b518 bump version to 2.7.9 (#1002)
• 9d25248 Remove unnecessary unsafe functions (#998)
• 9f9094e feat: support additional parsing error information (rule call stacks and (un)...
• 30c7094 fix: do not generate empty docstring for Rule (#987)
• See full diff in compare view

Updates pest_derive from 2.7.8 to 2.7.9

Release notes

Sourced from pest_derive's releases.

v2.7.9

What's Changed

• fix: do not generate empty docstring for Rule by @​sunng87 in pest-parser/pest#987
• feat: support better error reporting by @​EmirVildanov in pest-parser/pest#965
• Remove unnecessary unsafe functions by @​djkoloski in pest-parser/pest#998

New Contributors

• @​djkoloski made their first contribution in pest-parser/pest#998

Full Changelog: https://github.com/pest-parser/pest/compare/v2.7.8...v2.7.9

Warning: Semantic Versioning

Note that the node tag feature in 2.6.0 was a technically semver-breaking change even though it is a backwards-compatible / non-breaking change in the meta-grammar. There may be similar non-breaking changes to the meta-grammar between minor versions in the future. These non-breaking changes, however, may translate into semver-breaking changes due to the additional variants propagated from the generated Rule enum.

This new feature caused issues in some Cargo version resolution situations where Cargo mixed different versions of pest dependencies. For this reason, these "grammar non-breaking but semver-breaking" changes are now available only under the "grammar-extras" feature flag. If you would like to use node tags (or other future grammar features), you can do so by enabling this flag on the pest_derive crate in your Cargo.toml:

...
pest_derive = { version = "2.7", features = ["grammar-extras"] }

Commits

• f60b518 bump version to 2.7.9 (#1002)
• 9d25248 Remove unnecessary unsafe functions (#998)
• 9f9094e feat: support additional parsing error information (rule call stacks and (un)...
• 30c7094 fix: do not generate empty docstring for Rule (#987)
• See full diff in compare view

Updates pest_generator from 2.7.8 to 2.7.9

Release notes

Sourced from pest_generator's releases.

v2.7.9

What's Changed

• fix: do not generate empty docstring for Rule by @​sunng87 in pest-parser/pest#987
• feat: support better error reporting by @​EmirVildanov in pest-parser/pest#965
• Remove unnecessary unsafe functions by @​djkoloski in pest-parser/pest#998

New Contributors

• @​djkoloski made their first contribution in pest-parser/pest#998

Full Changelog: https://github.com/pest-parser/pest/compare/v2.7.8...v2.7.9

Warning: Semantic Versioning

Note that the node tag feature in 2.6.0 was a technically semver-breaking change even though it is a backwards-compatible / non-breaking change in the meta-grammar. There may be similar non-breaking changes to the meta-grammar between minor versions in the future. These non-breaking changes, however, may translate into semver-breaking changes due to the additional variants propagated from the generated Rule enum.

This new feature caused issues in some Cargo version resolution situations where Cargo mixed different versions of pest dependencies. For this reason, these "grammar non-breaking but semver-breaking" changes are now available only under the "grammar-extras" feature flag. If you would like to use node tags (or other future grammar features), you can do so by enabling this flag on the pest_derive crate in your Cargo.toml:

...
pest_derive = { version = "2.7", features = ["grammar-extras"] }

Commits

• f60b518 bump version to 2.7.9 (#1002)
• 9d25248 Remove unnecessary unsafe functions (#998)
• 9f9094e feat: support additional parsing error information (rule call stacks and (un)...
• 30c7094 fix: do not generate empty docstring for Rule (#987)
• See full diff in compare view

Updates pest_meta from 2.7.8 to 2.7.9

Release notes

Sourced from pest_meta's releases.

v2.7.9

What's Changed

• fix: do not generate empty docstring for Rule by @​sunng87 in pest-parser/pest#987
• feat: support better error reporting by @​EmirVildanov in pest-parser/pest#965
• Remove unnecessary unsafe functions by @​djkoloski in pest-parser/pest#998

New Contributors

• @​djkoloski made their first contribution in pest-parser/pest#998

Full Changelog: https://github.com/pest-parser/pest/compare/v2.7.8...v2.7.9

Warning: Semantic Versioning

Note that the node tag feature in 2.6.0 was a technically semver-breaking change even though it is a backwards-compatible / non-breaking change in the meta-grammar. There may be similar non-breaking changes to the meta-grammar between minor versions in the future. These non-breaking changes, however, may translate into semver-breaking changes due to the additional variants propagated from the generated Rule enum.

This new feature caused issues in some Cargo version resolution situations where Cargo mixed different versions of pest dependencies. For this reason, these "grammar non-breaking but semver-breaking" changes are now available only under the "grammar-extras" feature flag. If you would like to use node tags (or other future grammar features), you can do so by enabling this flag on the pest_derive crate in your Cargo.toml:

...
pest_derive = { version = "2.7", features = ["grammar-extras"] }

Commits

• f60b518 bump version to 2.7.9 (#1002)
• 9d25248 Remove unnecessary unsafe functions (#998)
• 9f9094e feat: support additional parsing error information (rule call stacks and (un)...
• 30c7094 fix: do not generate empty docstring for Rule (#987)
• See full diff in compare view

Updates rustls-pemfile from 1.0.4 to 2.1.2

Release notes

Sourced from rustls-pemfile's releases.

2.1.2

Dependency updates.

What's Changed

• Bump base64 from 0.21.5 to 0.22.0 by @​dependabot in rustls/pemfile#44
• Cargo: version 2.1.1 -> 2.1.2 by @​alex in rustls/pemfile#45
• Delete obsolete release history section by @​ctz in rustls/pemfile#46

New Contributors

• @​alex made their first contribution in rustls/pemfile#45

Full Changelog: https://github.com/rustls/pemfile/compare/v/2.1.1...v/2.1.2

2.1.1

Headlines

• Leading whitespace in PEM document bodies is now trimmed in addition to trailing whitespace.

What's Changed

• Trim leading contiguous whitespace, fix nightly clippy warns by @​cpu in rustls/pemfile#41
• v2.1.1 preparation by @​cpu in rustls/pemfile#42

Full Changelog: https://github.com/rustls/pemfile/compare/v/2.1.0...v/2.1.1

2.1.0

Headlines

• Adds the csr function and the Item::Csr variant to support loading DER encoded Certificate Signing Requests (CSRs) from PEM inputs.

What's Changed

• add certificate signing request by @​Tudyx in rustls/pemfile#37
• Cargo: version 2.0.0 -> 2.1.0 by @​cpu in rustls/pemfile#38

New Contributors

• @​Tudyx made their first contribution in rustls/pemfile#37

Full Changelog: https://github.com/rustls/pemfile/compare/v/2.0.0...v/2.1.0

2.0.0

Headlines

• Improving API stability. This crate now uses types from rustls-pki-types; we expect this to reduce the number of breaking changes in rustls ecosystem. As part of this, the Item enum's variants got renamed from Item::{RSAKey, PKCS8Key, ECKey} to Item::{Pkcs1Key, Pkcs8Key, Sec1Key}.
• no_std support. This crate can now work optionally without std: use the new read_one_from_slice API.

What's Changed

• Switch to using the pki-types crate by @​djc in rustls/pemfile#24
• Bump version to 2.0.0-alpha.0 by @​djc in rustls/pemfile#25
• 2.0.0-alpha.1: take pki-types 0.2 by @​ctz in rustls/pemfile#26
• Add private_key() helper by @​djc in rustls/pemfile#27
• Bump actions/checkout from 3 to 4 by @​dependabot in rustls/pemfile#28

... (truncated)

Commits

• 7ba4ab7 Delete obsolete release history section
• 07686b2 Cargo: version 2.1.1 -> 2.1.2
• 48ab234 Fixed warnings from rust nightly
• d7b1215 Bump base64 from 0.21.5 to 0.22.0
• 77a6c99 Cargo: version 2.1.0 -> 2.1.1
• 09a08fd proj: add Cargo.lock, use --locked in CI
• 95152b4 pemfile: also trim leading contiguous content whitespace
• fc3414f lib: clean up no_std and use of std in test code
• e2d220a Cargo: version 2.0.0 -> 2.1.0
• de3d0ae add certificate signing request
• Additional commits viewable in compare view

Updates rustversion from 1.0.14 to 1.0.15

Release notes

Sourced from rustversion's releases.

1.0.15

• Recognize $RUSTC_WRAPPER environment variable (#47)

Commits

• 70ca5ad Release 1.0.15
• 0fa74f5 Merge pull request #47 from dtolnay/rustcwrapper
• 51f46e2 Apply RUSTC_WRAPPER
• df7e51d Explicitly install a Rust toolchain for cargo-outdated job
• 5e54059 Test docs.rs documentation build in CI
• 5f73c91 Update actions/checkout@v3 -> v4
• 2a58661 Resolve ignored_unit_patterns pedantic clippy lint
• f4bbc8f Resolve redundant_guards clippy lint
• dda672e Revert "Temporarily disable -Zrandomize-layout due to rustc ICE"
• f9d72db Temporarily disable -Zrandomize-layout due to rustc ICE
• See full diff in compare view

Updates security-framework from 2.9.2 to 2.10.0

Commits

• 39e64d8 Attempt to get CI green again
• ebcc98e Allow creating a SecAccessControl with a protection
• ee077dc Update test
• 7bb4b4a Bump min OS X version
• 854b810 Clippy
• 5bf85d6 security-framework::item::ItemSearchOptions: support trusted_only (#197)
• 24b239b Added access_control field to GenerateKeyOptions
• db0042e Use OSX_10_15 on docs.rs
• 67a610e Fix memory leak in SecStaticCode::from_path()
• 54d9050 Add missing targot os section
• Additional commits viewable in compare view

Updates strsim from 0.11.0 to 0.11.1

Release notes

Sourced from strsim's releases.

Release 0.11.1

Fixed

• Drop MSRV down to 1.56 which was mistakenly changed in 0.11.0

Changelog

Sourced from strsim's changelog.

[0.11.1] - (2024-04-03)

Fixed

• Drop MSRV down to 1.56 which was mistakenly changed in 0.11.0

Commits

• f72cd1c publish 0.11.1
• 680fa50 Use rust-version field of Cargo.toml (#72)
• d84fd91 Drop MSRV down to 1.56 (#71)
• 7beabcb fix ci workflow warnings (#70)
• f71334a Create SECURITY.md
• See full diff in compare view

Updates winreg from 0.50.0 to 0.52.0

Release notes

Sourced from winreg's releases.

0.52.0 (windows-rs)

• Breaking change: .commit() and .rollback() now consume the transaction (#62)
• Add RegKey::rename_subkey() method (#58)
• Make serialization modules public (#59)
• Fix UB in FromRegValue for u32 and u64 (#61)

0.51.0 (windows-sys)

• Breaking change: fix std::fmt::Display implementation for RegValue (#52)
• Add RegKey::encode_transacted() method (pullrequest #55), fixes #54)

Changelog

Sourced from winreg's changelog.

0.52.0

• Breaking change: .commit() and .rollback() now consume the transaction (#62)
• Add RegKey::rename_subkey() method (#58)
• Make serialization modules public (#59)
• Fix UB in FromRegValue for u32 and u64 (#61)

0.14.0

• Breaking change: increase MSRV to 1.34
• Fix UB in FromRegValue for u32 and u64 (#61)

0.13.0

• Breaking change: .commit() and .rollback() now consume the transaction (#62)
• Add RegKey::rename_subkey() method (#58)
• Make serialization modules public (#59)

0.12.0, 0.51.0

• Breaking change: fix std::fmt::Display implementation for RegValue (#52)
• Add RegKey::encode_transacted() method (pullrequest #55, fixes #54)

Commits

• 1c56127 Merge branch 'winapi'. Bump version to 0.52.0
• 4b0ba3e Bump version to 0.14.0
• 7634148 Fix UB in FromRegValue for u32 and u64
• 9aea2ad Bump version to 0.13.0
• 5312581 Fix build with rust 1.31
• ecda498 Make serialization modules public.
• 0fd5bb8 .commit() and .rollback() now consume the transaction
• fa2f1c8 Add RegKey::rename_subkey() method
• fc6521e Fix build with rust 1.46
• 60c4210 Merge branch 'winapi'
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 82.65%. Comparing base (e15cc5e) to head (86e2004).

Additional details and impacted files

```diff @@ Coverage Diff @@ ## master #49 +/- ## ======================================= Coverage 82.65% 82.65% ======================================= Files 7 7 Lines 3176 3176 ======================================= Hits 2625 2625 Misses 551 551 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.