poem-web / poem

A full-featured and easy-to-use web framework with the Rust programming language.
Apache License 2.0
3.62k stars 295 forks source link

build(deps): update quick-xml requirement from 0.31.0 to 0.32.0 #835

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 5 months ago

Updates the requirements on quick-xml to permit the latest version.

Release notes

Sourced from quick-xml's releases.

Support serve >=1.0.181, various serde fixes and async writer

What's Changed

MSRV bumped to 1.56! Crate now uses Rust 2021 edition.

:warning: BREAKING CHANGE! Serde's enum representation was changed (it was buggy anyway) to ensure compatibility with serde >= 1.0.181.

New Features

  • #545: Resolve well-known namespaces (xml and xmlns) to their appropriate URIs. Also, enforce namespace constraints related to these well-known namespaces.
  • #635: Add support for async ElementWriter operations.

Bug Fixes

  • #660: Fixed incorrect deserialization of xs:lists from empty tags (<tag/> or <tag></tag>). Previously an DeError::UnexpectedEof") was returned in that case.
  • #580: Fixed incorrect deserialization of vectors of newtypes from sequences of tags.
  • #661: More string handling of serialized primitive values (booleans, numbers, strings, unit structs, unit variants). <int>123<something-else/></int> is no longer valid content. Previously all data after 123 up to closing tag would be silently skipped.
  • #567: Fixed incorrect deserialization of vectors of enums from sequences of tags.
  • #671: Fixed deserialization of empty simpleTypes (for example, attributes) into Option fields: now they are always deserialized as Some("").

Misc Changes

  • #643: Bumped MSRV to 1.56. In practice the previous MSRV was incorrect in many cases.
  • #643: Adopted Rust 2021 edition.
  • #545: Added new Error variant -- Error::InvalidPrefixBind.
  • #651: Relax requirement for version of arbitrary dependency -- we're actually compatible with version 1.0.0 and up.
  • #649: Make features linkable and reference them in the docs.
  • #619: Allow to raise application errors in ElementWriter::write_inner_content (and newly added ElementWriter::write_inner_content_async of course).
  • #662: Get rid of some allocations during serde deserialization.
  • #665: Improve serialization of xs:lists when some elements serialized to an empty string.
  • #630: Fixed compatibility with serde >= 1.0.181

New Contributors

Full Changelog: https://github.com/tafia/quick-xml/compare/v0.30.0...v0.31.0

Changelog

Sourced from quick-xml's changelog.

0.31.0 -- 2023-10-22

MSRV bumped to 1.56! Crate now uses Rust 2021 edition.

Enum representation was changed (it was buggy anyway) to ensure compatibility with serde >= 1.0.181

New Features

  • #545: Resolve well-known namespaces (xml and xmlns) to their appropriate URIs. Also, enforce namespace constraints related to these well-known namespaces.
  • #635: Add support for async ElementWriter operations.

Bug Fixes

  • #660: Fixed incorrect deserialization of xs:lists from empty tags (<tag/> or <tag></tag>). Previously an DeError::UnexpectedEof") was returned in that case
  • #580: Fixed incorrect deserialization of vectors of newtypes from sequences of tags.
  • #661: More string handling of serialized primitive values (booleans, numbers, strings, unit structs, unit variants). <int>123<something-else/></int> is no longer valid content. Previously all data after 123 up to closing tag would be silently skipped.
  • #567: Fixed incorrect deserialization of vectors of enums from sequences of tags.
  • #671: Fixed deserialization of empty simpleTypes (for example, attributes) into Option fields: now they are always deserialized as Some("").

Misc Changes

  • #643: Bumped MSRV to 1.56. In practice the previous MSRV was incorrect in many cases.
  • #643: Adopted Rust 2021 edition.
  • #545: Added new Error variant -- Error::InvalidPrefixBind.
  • #651: Relax requirement for version of arbitrary dependency -- we're actually compatible with version 1.0.0 and up.
  • #649: Make features linkable and reference them in the docs.
  • #619: Allow to raise application errors in ElementWriter::write_inner_content (and newly added ElementWriter::write_inner_content_async of course).
  • #662: Get rid of some allocations during serde deserialization.
  • #665: Improve serialization of xs:lists when some elements serialized to an empty string.
  • #630: Fixed compatibility with serde >= 1.0.181

#545: tafia/quick-xml#545 #567: tafia/quick-xml#567 #580: tafia/quick-xml#580 #619: tafia/quick-xml#619 #630: tafia/quick-xml#630 #635: tafia/quick-xml#635 #643: tafia/quick-xml#643 #649: tafia/quick-xml#646 #651: tafia/quick-xml#651 #660: tafia/quick-xml#660 #661: tafia/quick-xml#661

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)