search

rustls / rustls-platform-verifier

A certificate verification library for rustls that uses the operating system's verifier
Apache License 2.0
57 stars 18 forks source link

build(deps): bump the crates-io group with 9 updates #85

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps the crates-io group with 9 updates:

Package From To
rustls 0.23.1 0.23.4
log 0.4.20 0.4.21
base64 0.21.3 0.22.0
once_cell 1.18.0 1.19.0
webpki-roots 0.26.0 0.26.1
core-foundation 0.9.3 0.9.4
core-foundation-sys 0.8.4 0.8.6
security-framework 2.9.2 2.10.0
security-framework-sys 2.9.1 2.10.0

Updates rustls from 0.23.1 to 0.23.4

Commits
  • 1dee8b1 Prepare 0.23.4
  • 3a03df6 Correct further dead_code warnings
  • d8a0f94 Fix new clippy::use_self warnings
  • 3185d7f examples: fix server acceptor alert write behaviour
  • b5a8cef server: add AcceptedAlert::write_all
  • e06c9fe server: improve AcceptedAlert::write documentation
  • a7d2ad6 Test that reproduces the problem
  • 9f3adc7 Map SignatureScheme::ECDSA_SHA1_Legacy to SignatureAlgorithm::ECDSA
  • d633942 Move MockServerVerifier to tests::common
  • 667482a Add path dependency for rustls-post-quantum
  • Additional commits viewable in compare view


Updates log from 0.4.20 to 0.4.21

Changelog

Sourced from log's changelog.

[0.4.21] - 2024-02-27

What's Changed

New Contributors

Commits
  • 3ccdc28 Merge pull request #617 from rust-lang/cargo/0.4.21
  • 6153cb2 prepare for 0.4.21 release
  • f0f7494 Merge pull request #613 from rust-lang/feat/kv-cleanup
  • 2b220bf clean up structured logging example
  • 646e9ab use original Visitor name for VisitValue
  • cf85c38 add needed subfeatures to kv_unstable
  • 73e9539 fix up capturing of :err
  • 31bb4b0 move error macros together
  • ad91711 support field shorthand in macros
  • 90a347b restore removed APIs as deprecated
  • Additional commits viewable in compare view


Updates base64 from 0.21.3 to 0.22.0

Changelog

Sourced from base64's changelog.

0.22.0

  • DecodeSliceError::OutputSliceTooSmall is now conservative rather than precise. That is, the error will only occur if the decoded output cannot fit, meaning that Engine::decode_slice can now be used with exactly-sized output slices. As part of this, Engine::internal_decode now returns DecodeSliceError instead of DecodeError, but that is not expected to affect any external callers.
  • DecodeError::InvalidLength now refers specifically to the number of valid symbols being invalid (i.e. len % 4 == 1), rather than just the number of input bytes. This avoids confusing scenarios when based on interpretation you could make a case for either InvalidLength or InvalidByte being appropriate.
  • Decoding is somewhat faster (5-10%)

0.21.7

  • Support getting an alphabet's contents as a str via Alphabet::as_str()

0.21.6

  • Improved introductory documentation and example

0.21.5

  • Add Debug and Clone impls for the general purpose Engine

0.21.4

  • Make encoded_len const, allowing the creation of arrays sized to encode compile-time-known data lengths
Commits
  • 5d70ba7 Merge pull request #269 from marshallpierce/mp/decode-precisely
  • efb6c00 Release notes
  • 2b91084 Add some tests to boost coverage
  • 9e9c7ab Engine::internal_decode now returns DecodeSliceError
  • a8a60f4 Decode main loop improvements
  • a25be06 Simplify leftover output writes
  • 9979cc3 Keep morsels as separate bytes
  • 37670c5 Bump dev toolchain version (#268)
  • 9652c78 v0.21.7
  • 08deccf provide as_str() method to return the alphabet characters (#264)
  • Additional commits viewable in compare view


Updates once_cell from 1.18.0 to 1.19.0

Changelog

Sourced from once_cell's changelog.

1.19.0

  • Use portable-atomic instead of atomic-polyfill, #251.
Commits


Updates webpki-roots from 0.26.0 to 0.26.1

Release notes

Sourced from webpki-roots's releases.

0.26.1

Removed trust anchors:

New trust anchors:

What's Changed

New Contributors

Full Changelog: https://github.com/rustls/webpki-roots/compare/v/0.26.0...v/0.26.1

Commits
  • 0ffea70 Cargo: version 0.26.0 -> 0.26.1
  • d34ca74 process upstream February root updates
  • eacbc6c Update rcgen requirement from 0.11.1 to 0.12.0
  • 0df3d50 create wepki-ccadb crate
  • 63aedbb create workspace with webpki-roots crate
  • 46b65aa doc: add example of how to use with rustls 0.22
  • See full diff in compare view


Updates core-foundation from 0.9.3 to 0.9.4

Commits
  • 795398a Bump the version of core-foundation and the dependency on core-foundation-sys
  • 64dd01a NSScreen (cocoa): Add maximumRefreshInterval and minimumRefreshInterval (#646)
  • 58972ae Update to 2018 edition. (#642)
  • eb41f50 Bump core-graphics-types version
  • 723886f Only import SInt32 on macOS. (#641)
  • 6484a6e ci: Update to actions/checkout@v4 (#640)
  • 3ff7cc2 docs: Fix various markdown issues. (#639)
  • c4f4ad2 feat: add link feature (#608)
  • fbde503 Bump cocoa-foundation version
  • 5be8e2c Bump core-text version (#638)
  • Additional commits viewable in compare view


Updates core-foundation-sys from 0.8.4 to 0.8.6

Commits


Updates security-framework from 2.9.2 to 2.10.0

Commits
  • 39e64d8 Attempt to get CI green again
  • ebcc98e Allow creating a SecAccessControl with a protection
  • ee077dc Update test
  • 7bb4b4a Bump min OS X version
  • 854b810 Clippy
  • 5bf85d6 security-framework::item::ItemSearchOptions: support trusted_only (#197)
  • 24b239b Added access_control field to GenerateKeyOptions
  • db0042e Use OSX_10_15 on docs.rs
  • 67a610e Fix memory leak in SecStaticCode::from_path()
  • 54d9050 Add missing targot os section
  • Additional commits viewable in compare view


Updates security-framework-sys from 2.9.1 to 2.10.0

Commits
  • 39e64d8 Attempt to get CI green again
  • ebcc98e Allow creating a SecAccessControl with a protection
  • ee077dc Update test
  • 7bb4b4a Bump min OS X version
  • 854b810 Clippy
  • 5bf85d6 security-framework::item::ItemSearchOptions: support trusted_only (#197)
  • 24b239b Added access_control field to GenerateKeyOptions
  • db0042e Use OSX_10_15 on docs.rs
  • 67a610e Fix memory leak in SecStaticCode::from_path()
  • 54d9050 Add missing targot os section
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
cpu commented 3 months ago

cpu self-assigned this now

I will work through vetting these updates when I have a chance.

dependabot[bot] commented 3 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.