Bump regex from 1.5.4 to 1.5.6

[dependabot[bot]]

Bumps regex from 1.5.4 to 1.5.6.

Changelog

Sourced from regex's changelog.

1.5.6 (2022-05-20)

This release includes a few bug fixes, including a bug that produced incorrect matches when a non-greedy ? operator was used.

• [BUG #680](rust-lang/regex#680): Fixes a bug where [[:alnum:][:^ascii:]] dropped [:alnum:] from the class.
• [BUG #859](rust-lang/regex#859): Fixes a bug where Hir::is_match_empty returned false for \b.
• [BUG #862](rust-lang/regex#862): Fixes a bug where 'ab??' matches 'ab' instead of 'a' in 'ab'.

1.5.5 (2022-03-08)

This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.

• SECURITY #GHSA-m5pq-gvj9-9vr8: Fixes a bug in the regex compiler where empty sub-expressions subverted the existing mitigations in place to enforce a size limit on compiled regexes. The Rust Security Response WG published an advisory about this: https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw

Commits

• 9aef5b1 1.5.6
• 2931b07 syntax: bump minimum regex-syntax version to 0.6.26
• b41bde0 regex-syntax-0.6.26
• d98da65 changelog: 1.5.6
• 1c19619 syntax: fix literal extraction for 'ab??'
• 88a2a62 syntax: fix 'is_match_empty' predicate
• 72f09f1 syntax: fix ascii class union bug
• b537286 doc: fix some typos
• 258bdf7 changelog: 1.5.5
• d130381 1.5.5
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov[bot]]

Codecov Report

Merging #442 (edf328c) into master (b9fd556) will decrease coverage by 38.56%. The diff coverage is n/a.

@@             Coverage Diff             @@
##           master     #442       +/-   ##
===========================================
- Coverage   85.37%   46.80%   -38.57%     
===========================================
  Files          11       11               
  Lines        1641     4352     +2711     
===========================================
+ Hits         1401     2037      +636     
- Misses        240     2315     +2075     

Impacted Files	Coverage Δ
src/lib.rs	24.09% <0.00%> (-75.91%)	:arrow_down:
src/title.rs	86.08% <0.00%> (-12.18%)	:arrow_down:
src/message.rs	80.91% <0.00%> (-0.54%)	:arrow_down:
src/http.rs	97.63% <0.00%> (+0.29%)	:arrow_up:

:mega: Codecov can now indicate which changes are the most critical in Pull Requests. Learn more

[dependabot[bot]]

Superseded by #444.