search

rustls / rustls-platform-verifier

A certificate verification library for rustls that uses the operating system's verifier
Apache License 2.0
57 stars 18 forks source link

build(deps): bump the crates-io group across 1 directory with 10 updates #107

Closed dependabot[bot] closed 2 weeks ago

dependabot[bot] commented 3 weeks ago

Bumps the crates-io group with 8 updates in the / directory:

Package From To
rustls 0.23.5 0.23.7
log 0.4.20 0.4.22
base64 0.21.3 0.22.1
once_cell 1.18.0 1.19.0
android_logger 0.13.3 0.14.1
webpki-roots 0.26.0 0.26.3
core-foundation 0.9.3 0.9.4
security-framework 2.10.0 2.11.0

Updates rustls from 0.23.5 to 0.23.7

Commits
  • e45fec4 Prepare 0.23.7
  • 2c72fb0 Test for more close_notify conditions
  • 7d4e809 Ignore duplicative send_close_notify calls
  • ced64bc read_tls refuse to read further data after close_notify alert
  • 386b6fd Correctly discard data after close_notify alert
  • 06dc1d5 deps: update cargo semver compatible deps
  • 252b5d3 Prepare 0.23.6
  • 55890f0 Test for junk in unbuffered input after close_notify
  • 972da7f Test app data after close_notify is ignored
  • 424bb31 Test for junk in deframer buffer after close_notify
  • Additional commits viewable in compare view


Updates log from 0.4.20 to 0.4.22

Changelog

Sourced from log's changelog.

[0.4.22] - 2024-06-27

What's Changed

New Contributors

Full Changelog: https://github.com/rust-lang/log/compare/0.4.21...0.4.22

[0.4.21] - 2024-02-27

What's Changed

New Contributors

Commits
  • d5ba2cf Merge pull request #634 from rust-lang/cargo/0.4.22
  • d1a8306 prepare for 0.4.22 release
  • 46894ef Merge pull request #633 from rust-lang/feat/panic-info
  • e0d389c Merge pull request #632 from rust-lang/feat/loosen-atomics
  • c9e5e13 use Location::caller() for file and line info
  • 507b672 loosen orderings for logger initialization
  • c879b01 Merge pull request #628 from Thomasdezeeuw/fix-warnings
  • 405fdb4 Merge pull request #627 from Thomasdezeeuw/check-features
  • 1307ade Remove unneeded import
  • 710560e Don't use --all-features in CI
  • Additional commits viewable in compare view


Updates base64 from 0.21.3 to 0.22.1

Changelog

Sourced from base64's changelog.

0.22.1

  • Correct the symbols used for the predefined alphabet::BIN_HEX.

0.22.0

  • DecodeSliceError::OutputSliceTooSmall is now conservative rather than precise. That is, the error will only occur if the decoded output cannot fit, meaning that Engine::decode_slice can now be used with exactly-sized output slices. As part of this, Engine::internal_decode now returns DecodeSliceError instead of DecodeError, but that is not expected to affect any external callers.
  • DecodeError::InvalidLength now refers specifically to the number of valid symbols being invalid (i.e. len % 4 == 1), rather than just the number of input bytes. This avoids confusing scenarios when based on interpretation you could make a case for either InvalidLength or InvalidByte being appropriate.
  • Decoding is somewhat faster (5-10%)

0.21.7

  • Support getting an alphabet's contents as a str via Alphabet::as_str()

0.21.6

  • Improved introductory documentation and example

0.21.5

  • Add Debug and Clone impls for the general purpose Engine

0.21.4

  • Make encoded_len const, allowing the creation of arrays sized to encode compile-time-known data lengths
Commits
  • e144006 v0.22.1
  • 64cca59 Merge pull request #271 from JobanSD/patch-1
  • 838355e Correct BinHex 4.0 alphabet according to specifications
  • bf15ccf Merge pull request #270 from marshallpierce/mp/clippy
  • fc6aabe Appease clippy
  • 9a518a2 Merge pull request #267 from bdura/patch-1
  • d96c80f Merge branch 'marshallpierce:master' into patch-1
  • 5d70ba7 Merge pull request #269 from marshallpierce/mp/decode-precisely
  • efb6c00 Release notes
  • 2b91084 Add some tests to boost coverage
  • Additional commits viewable in compare view


Updates once_cell from 1.18.0 to 1.19.0

Changelog

Sourced from once_cell's changelog.

1.19.0

  • Use portable-atomic instead of atomic-polyfill, #251.
Commits


Updates android_logger from 0.13.3 to 0.14.1

Commits


Updates webpki-roots from 0.26.0 to 0.26.3

Release notes

Sourced from webpki-roots's releases.

0.26.3

Removed trust anchors:

  • GLOBALTRUST 2020 CA has been removed due to a prolonged pattern of operational and compliance issues.

What's Changed

Full Changelog: https://github.com/rustls/webpki-roots/compare/v/0.26.2...v/0.26.3

0.26.2

New trust anchors:

What's Changed

Full Changelog: https://github.com/rustls/webpki-roots/compare/v/0.26.1...v/0.26.2

0.26.1

Removed trust anchors:

New trust anchors:

What's Changed

New Contributors

Full Changelog: https://github.com/rustls/webpki-roots/compare/v/0.26.0...v/0.26.1

Commits
  • a7b62a3 Cargo: version 0.26.2 -> 0.26.3
  • 31d0038 lib: remove GLOBALTRUST 2020
  • d541a7d webpki-ccadb: distrust any CA with a distrust after date
  • c9de4d6 Cargo: version 0.26.1 -> 0.26.2
  • 5f55bf0 add FIRMAPROFESIONAL CA ROOT-A WEB
  • e7c20c2 Upgrade to rcgen 0.13
  • 83cccd6 Update reqwest requirement from 0.11 to 0.12
  • 90de8af Update rustls requirement from 0.22 to 0.23
  • 0a4f749 Update x509-parser requirement from 0.15.1 to 0.16.0
  • d94d1b7 Accept upstream changes in CCADB metadata
  • Additional commits viewable in compare view


Updates core-foundation from 0.9.3 to 0.9.4

Commits
  • 795398a Bump the version of core-foundation and the dependency on core-foundation-sys
  • 64dd01a NSScreen (cocoa): Add maximumRefreshInterval and minimumRefreshInterval (#646)
  • 58972ae Update to 2018 edition. (#642)
  • eb41f50 Bump core-graphics-types version
  • 723886f Only import SInt32 on macOS. (#641)
  • 6484a6e ci: Update to actions/checkout@v4 (#640)
  • 3ff7cc2 docs: Fix various markdown issues. (#639)
  • c4f4ad2 feat: add link feature (#608)
  • fbde503 Bump cocoa-foundation version
  • 5be8e2c Bump core-text version (#638)
  • Additional commits viewable in compare view


Updates core-foundation-sys from 0.8.4 to 0.8.6

Commits


Updates security-framework from 2.10.0 to 2.11.0

Commits
  • f829e92 Bump
  • 8c89e67 Upgrade to bitflags 2
  • fedc8dc chore(doc): improve docs for subject item search option
  • 3619255 feat(search): add case-insensitive and subject item search options
  • 17f4078 Prefer keeping CFString
  • 3bf806d fixup: kSecAttrDescription -> kSecAttrComment for comment
  • 3a2b873 Add support for searching by access groups.
  • 588c313 Support account name, comment, description, service when adding items to the ...
  • See full diff in compare view


Updates security-framework-sys from 2.10.0 to 2.11.0

Commits
  • f829e92 Bump
  • 8c89e67 Upgrade to bitflags 2
  • fedc8dc chore(doc): improve docs for subject item search option
  • 3619255 feat(search): add case-insensitive and subject item search options
  • 17f4078 Prefer keeping CFString
  • 3bf806d fixup: kSecAttrDescription -> kSecAttrComment for comment
  • 3a2b873 Add support for searching by access groups.
  • 588c313 Support account name, comment, description, service when adding items to the ...
  • See full diff in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 2 weeks ago

Looks like these dependencies are updatable in another way, so this is no longer needed.