search

svenstaro / miniserve

🌟 For when you really just want to serve some files over HTTP right now!
MIT License
5.95k stars 289 forks source link

Bump the all-dependencies group across 1 directory with 4 updates #1430

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps the all-dependencies group with 4 updates in the / directory: http, rustls, rustls-pemfile and reqwest.

Updates http from 0.2.12 to 1.1.0

Release notes

Sourced from http's releases.

v1.1.0

What's Changed

  • Add methods to allow trying to allocate in the HeaderMap, returning an error if oversize instead of panicking.
  • Add Extensions::get_or_insert() method.
  • Implement From<Uri> for uri::Builder.
  • Fix HeaderName::from_lowercase that could allow NUL bytes in some cases.

New Contributors

Full Changelog: https://github.com/hyperium/http/compare/v1.0.0...v1.1.0

v1.0.0

What's Changed

  • Implement Clone for Request, Response, and Extensions. This breaking change requires that all extensions now implement Clone.
  • Add a default-on std feature. Disabling it currently is not supported.
  • Fix MIRI warnings in HeaderMap::iter().

New Contributors

Changelog

Sourced from http's changelog.

1.1.0 (March 4, 2024)

  • Add methods to allow trying to allocate in the HeaderMap, returning an error if oversize instead of panicking.
  • Add Extensions::get_or_insert() method.
  • Implement From<Uri> for uri::Builder.
  • Fix HeaderName::from_lowercase that could allow NUL bytes in some cases.

1.0.0 (November 15, 2023)

  • Implement Clone for Request, Response, and Extensions. This breaking change requires that all extensions now implement Clone.
  • Add a default-on std feature. Disabling it currently is not supported.
  • Fix MIRI warnings in HeaderMap::iter().

0.2.10 (November 10, 2023)

  • Fix parsing of Authority to handle square brackets in incorrect order.
  • Fix HeaderMap::with_capacity() to handle arithmetic overflow.

0.2.9 (February 17, 2023)

  • Add HeaderName constants for cache-status and cdn-cache-control.
  • Implement Hash for PathAndQuery.
  • Re-export HeaderName at crate root.

0.2.8 (June 6, 2022)

  • Fix internal usage of uninitialized memory to use MaybeUninit inside HeaderName.

0.2.7 (April 28, 2022)

  • MSRV bumped to 1.49.
  • Add extend() method to Extensions.
  • Add From<Authority> and From<PathAndQuery> impls for Uri.
  • Make HeaderName::from_static a const fn.

0.2.6 (December 30, 2021)

  • Upgrade internal itoa dependency to 1.0.

0.2.5 (September 21, 2021)

  • Add is_empty() and len() methods to Extensions.
  • Add version_ref() method to request::Builder.
  • Implement TryFrom<Vec<u8>> and TryFrom<String> for Authority, Uri, PathAndQuery, and HeaderName.
  • Make HeaderValue::from_static a const fn.

0.2.4 (April 4, 2021)

  • Fix Uri parsing to allow {, ", and } in paths.

... (truncated)

Commits
  • 3fe7267 v1.1.0
  • 96dc52f fix: HeaderName::from_lowercase allowing NUL bytes in some cases
  • caa8b4f feat: add HeaderMap::try_ methods to handle capacity overflow
  • 63102bc chore(lib): remove importing prelude AsRef trait
  • c03cc8b chore(header): allow clippy::should_implement_trait rule for HeaderValue::fro...
  • 4785cdd refactor(header): rename method to follow naming convention
  • 63e7d63 doc(header): add panics and safety section to document
  • b8ddea7 refactor(header): add comment and lint allowing to panic in const context wor...
  • fe1932d refactor(status): remove redundant static lifetime
  • 79f8da5 refactor(header): ownership is not needed to iterate
  • Additional commits viewable in compare view


Updates rustls from 0.20.9 to 0.21.12

Commits
  • 3633152 Cargo: v0.21.11 -> v0.21.12
  • 0baaeba proj: MSRV 1.61 -> 1.63
  • 6fd691a tls13: fix clippy::unnecessary_lazy_evaluations finding
  • 6da5337 Test for illegal IP address in server name extension
  • 75f8857 Ignore server_name extension containing IP address
  • 7b8d1db Prepare 0.21.11
  • ebcb478 complete_io: bail out if progress is impossible
  • 20f35df Regression test for complete_io infinite loop bug
  • 2f2aae1 Don't specially handle unauthenticated close_notify alerts
  • e163587 Don't deny warnings from nightly clippy
  • Additional commits viewable in compare view


Updates rustls-pemfile from 1.0.4 to 2.1.2

Release notes

Sourced from rustls-pemfile's releases.

2.1.2

Dependency updates.

What's Changed

New Contributors

Full Changelog: https://github.com/rustls/pemfile/compare/v/2.1.1...v/2.1.2

2.1.1

Headlines

  • Leading whitespace in PEM document bodies is now trimmed in addition to trailing whitespace.

What's Changed

Full Changelog: https://github.com/rustls/pemfile/compare/v/2.1.0...v/2.1.1

2.1.0

Headlines

  • Adds the csr function and the Item::Csr variant to support loading DER encoded Certificate Signing Requests (CSRs) from PEM inputs.

What's Changed

New Contributors

Full Changelog: https://github.com/rustls/pemfile/compare/v/2.0.0...v/2.1.0

2.0.0

Headlines

  • Improving API stability. This crate now uses types from rustls-pki-types; we expect this to reduce the number of breaking changes in rustls ecosystem. As part of this, the Item enum's variants got renamed from Item::{RSAKey, PKCS8Key, ECKey} to Item::{Pkcs1Key, Pkcs8Key, Sec1Key}.
  • no_std support. This crate can now work optionally without std: use the new read_one_from_slice API.

What's Changed

... (truncated)

Commits
  • 7ba4ab7 Delete obsolete release history section
  • 07686b2 Cargo: version 2.1.1 -> 2.1.2
  • 48ab234 Fixed warnings from rust nightly
  • d7b1215 Bump base64 from 0.21.5 to 0.22.0
  • 77a6c99 Cargo: version 2.1.0 -> 2.1.1
  • 09a08fd proj: add Cargo.lock, use --locked in CI
  • 95152b4 pemfile: also trim leading contiguous content whitespace
  • fc3414f lib: clean up no_std and use of std in test code
  • e2d220a Cargo: version 2.0.0 -> 2.1.0
  • de3d0ae add certificate signing request
  • Additional commits viewable in compare view


Updates reqwest from 0.11.27 to 0.12.4

Release notes

Sourced from reqwest's releases.

v0.12.4

What's Changed

  • Add zstd support, enabled with zstd Cargo feature (thanks @​paolobarbolini!)
  • Add ClientBuilder::read_timeout(Duration), which applies the duration for each read operation. The timeout resets after a successful read.

New Contributors

v0.12.3

What's Changed

  • Add FromStr for dns::Name.
  • Add ClientBuilder::built_in_webpki_certs(bool) to enable them separately.
  • Add ClientBuilder::built_in_native_certs(bool) to enable them separately.
  • Fix sending content-length: 0 for GET requests.
  • Fix response body content_length() to return value when timeout is configured.
  • Fix ClientBuilder::resolve() to use lowercase domain names.

New Contributors

Full Changelog: https://github.com/seanmonstar/reqwest/compare/v0.12.2...v0.12.3

v0.12.2

What's Changed

  • Fix missing ALPN when connecting to socks5 proxy with rustls.
  • Fix TLS version limits with rustls.
  • Fix not detected ALPN h2 from server with native-tls.

New Contributors

Full Changelog: https://github.com/seanmonstar/reqwest/compare/v0.12.1...v0.12.2

v0.12.1

What's Changed

  • Fix ClientBuilder::interface() when no TLS is enabled.
  • Fix TlsInfo::peer_certificate() being truncated with rustls.
  • Fix panic if http2 feature disabled but TLS negotiated h2 in ALPN.
  • Fix Display for Error to not include its source error.

New Contributors

Full Changelog: https://github.com/seanmonstar/reqwest/compare/v0.12.0...v0.12.1

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.12.4

  • Add zstd support, enabled with zstd Cargo feature.
  • Add ClientBuilder::read_timeout(Duration), which applies the duration for each read operation. The timeout resets after a successful read.

v0.12.3

  • Add FromStr for dns::Name.
  • Add ClientBuilder::built_in_webpki_certs(bool) to enable them separately.
  • Add ClientBuilder::built_in_native_certs(bool) to enable them separately.
  • Fix sending content-length: 0 for GET requests.
  • Fix response body content_length() to return value when timeout is configured.
  • Fix ClientBuilder::resolve() to use lowercase domain names.

v0.12.2

  • Fix missing ALPN when connecting to socks5 proxy with rustls.
  • Fix TLS version limits with rustls.
  • Fix not detected ALPN h2 from server with native-tls.

v0.12.1

  • Fix ClientBuilder::interface() when no TLS is enabled.
  • Fix TlsInfo::peer_certificate() being truncated with rustls.
  • Fix panic if http2 feature disabled but TLS negotiated h2 in ALPN.
  • Fix Display for Error to not include its source error.

v0.12.0

  • Upgrade to hyper, http, and http-body v1.
  • Add better support for converting to and from http::Request and http::Response.
  • Add http2 optional cargo feature, default on.
  • Add charset optional cargo feature, default on.
  • Add macos-system-configuration cargo feature, default on.
  • Change all optional dependencies to no longer be exposed as implicit features.
  • Add ClientBuilder::interface(str) to specify the local interface to bind to.
  • Experimental: disables the http3 feature temporarily.
Commits
  • de5dbb1 v0.12.4
  • 0f126f5 tests: fix blocking test about empty bodies and content-length
  • 1073881 feat: add zstd support (#1866)
  • 1af8945 feat: add ClientBuilder::read_timeout(dur) (#2241)
  • e99da85 refactor: fix warnings related to mutability of self (#2245)
  • 0720159 v0.12.3
  • 9209695 Remove duplicate example for ClientBuilder::default_headers (#2236)
  • e3a1565 fix: use lower case domain string when using resolve and resolve_to_addrs...
  • b4c491a feat: allow fine-grained root certs for rustls (#2232)
  • cf4295d chore: update winreg to 0.52.0 (#2226)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 3 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.