search

wisespace-io / binance-rs

Rust Library for the Binance API
Other
636 stars 287 forks source link

Update tungstenite requirement from 0.18.0 to 0.19.0 #213

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 1 year ago

Updates the requirements on tungstenite to permit the latest version.

Changelog

Sourced from tungstenite's changelog.

0.19.0

  • Update TLS dependencies.
  • Exchanging base64 for data-encoding.

0.18.0

  • Make handshake dependencies optional with a new handshake feature (now a default one!).
  • Return HTTP error responses (their HTTP body) upon non 101 status codes.

0.17.3

  • Respect the case-sentitivity of the "Origin" header to keep compatibility with the older servers that use case-sensitive comparison.

0.17.2

  • Fix panic when invalid manually constructed http::Request is passed to tungstenite.
  • Downgrade the MSRV to 1.56 due to some other crates that rely on us not being quite ready for 1.58.

0.17.1

  • Specify the minimum required Rust version.

0.17.0

  • Update of dependencies (primarily sha1).
  • Add support of the fragmented messages (allow the user to send the frames without composing the full message).
  • Overhaul of the client's request generation process. Now the users are able to pass the constructed http::Request "as is" to tungstenite-rs, letting the library to check the correctness of the request and specifying their own headers (including its own key if necessary). No changes for those ones who used the client in a normal way by connecting using a URL/URI (most common use-case).

0.16.0

  • Update of dependencies (primarily rustls, webpki-roots, rustls-native-certs).
  • When the close frame is received, the reply that is automatically sent to the initiator has the same code (so we just echo the frame back). Previously a new close frame was created (i.e. the close code / reason was always the same regardless of what code / reason specified by the initiator). Now it’s more symmetrical and arguably more intuitive behavior (see #246 for more context).
  • The internal ReadBuffer implementation uses heap instead of stack to store the buffer. This should solve issues with possible stack overflows in some scenarios (see #241 for more context).

0.15.0

  • Allow selecting the method of loading root certificates if rustls is used as TLS implementation.
    • Two new feature flags rustls-tls-native-roots and rustls-tls-webpki-roots have been added that activate the respective method to load certificates.
    • The rustls-tls flag was removed to raise awareness of this change. Otherwise, compilation would have continue to work and potential errors (due to different or missing certificates) only occurred at runtime.
    • The new feature flags are additive. If both are enabled, both methods will be used to add certificates to the TLS configuration.
  • Allow specifying a connector (for more fine-grained configuration of the TLS).

0.14.0

  • Use rustls-native-certs instead of webpki-root when rustls-tls feature is enabled.

... (truncated)

Commits
  • 869a67c Bump version
  • a873bef Merge pull request #345 from mlemesle/fix/webpki-error-variant
  • 1f6c62d Fix not compiling features rustls-tls-native-roots and rustls-tls-webpki-roots
  • 92d65e1 Update webpki-roots requirement from 0.22 to 0.23 (#343)
  • 67e25fd Merge pull request #341 from snapview/dependabot/cargo/rustls-0.21.0
  • 1422d47 Update rustls requirement from 0.20.0 to 0.21.0
  • 42b8797 Revert "Add permessage-deflate support"
  • edb2377 Add permessage-deflate support
  • e1033af Merge pull request #337 from A5rocks/fix-frame-display
  • 5125c59 Display correct payload in Frame::fmt
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 4 months ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.