search

vectordotdev / vector

A high-performance observability data pipeline.
https://vector.dev
Mozilla Public License 2.0
18.2k stars 1.6k forks source link

chore(deps): Bump the patches group with 2 updates #21838

Closed dependabot[bot] closed 1 day ago

dependabot[bot] commented 2 days ago

Bumps the patches group with 2 updates: h2 and schannel.

Updates h2 from 0.4.6 to 0.4.7

Release notes

Sourced from h2's releases.

v0.4.7

What's Changed

  • Fix treating HEADERS frames with a non-zero content-length but END_STREAM flag as malformed.
  • Fix notifying the stream task when automatically reset on receipt of a stream error.

New Contributors

Thanks

Full Changelog: https://github.com/hyperium/h2/compare/v0.4.6...v0.4.7

Changelog

Sourced from h2's changelog.

0.4.7 (November 19, 2024)

  • Fix treating HEADERS frames with a non-zero content-length but END_STREAM flag as malformed.
  • Fix notifying the stream task when automatically reset on receipt of a stream error.
Commits
  • cffea95 v0.4.7
  • 3ac6016 fix: notify_recv after send_reset() in reset_on_recv_stream_err() to ensure l...
  • 640db36 fix: HEADERS frame with non-zero content-length and END_STREAM is malformed (...
  • 87c9be0 ci: pin hashbrown for msrv job (#814)
  • 848885b improve ci/h2spec.sh (macOS compat, /tmp dir and overwrite) (#809)
  • 4d66d5d style: replace split_to and split_off with better alternatives
  • 77be664 chore(ci): use tokio-util 0.7.11 in MSRV check
  • See full diff in compare view


Updates schannel from 0.1.26 to 0.1.27

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions