search

zifeo / whiz

Modern DAG/tasks runner for multi-platform monorepos with live reloading, env management, pipes, and more in a tabbed view.
https://metatype.dev/docs/reference/ecosystem?utm_source=github&utm_medium=about&utm_campaign=whiz
Mozilla Public License 2.0
19 stars 14 forks source link

chore(deps): bump the deps group with 8 updates #96

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 10 months ago

Bumps the deps group with 8 updates:

Package From To
chrono 0.4.28 0.4.31
clap 4.4.2 4.4.6
indexmap 2.0.0 2.0.2
path-absolutize 3.1.0 3.1.1
regex 1.9.4 1.9.6
self_update 0.37.0 0.38.0
semver 1.0.18 1.0.19
shlex 1.1.0 1.2.0

Updates chrono from 0.4.28 to 0.4.31

Release notes

Sourced from chrono's releases.

0.4.31

Another maintenance release. It was not a planned effort to improve our support for UNIX timestamps, yet most PRs seem related to this.

Deprecations

  • Deprecate timestamp_nanos in favor of the non-panicking timestamp_nanos_opt (#1275)

Additions

  • Add DateTime::<Utc>::from_timestamp (#1279, thanks @​demurgos)
  • Add TimeZone::timestamp_micros (#1285, thanks @​emikitas)
  • Add DateTime<Tz>::timestamp_nanos_opt and NaiveDateTime::timestamp_nanos_opt (#1275)
  • Add UNIX_EPOCH constants (#1291)

Fixes

  • Format day of month in RFC 2822 without padding (#1272)
  • Don't allow strange leap seconds which are not on a minute boundary initialization methods (#1283) This makes many methods a little more strict:
    • NaiveTime::from_hms_milli
    • NaiveTime::from_hms_milli_opt
    • NaiveTime::from_hms_micro
    • NaiveTime::from_hms_micro_opt
    • NaiveTime::from_hms_nano
    • NaiveTime::from_hms_nano_opt
    • NaiveTime::from_num_seconds_from_midnight
    • NaiveTime::from_num_seconds_from_midnight_opt
    • NaiveDate::and_hms_milli
    • NaiveDate::and_hms_milli_opt
    • NaiveDate::and_hms_micro
    • NaiveDate::and_hms_micro_opt
    • NaiveDate::and_hms_nano
    • NaiveDate::and_hms_nano_opt
    • NaiveDateTime::from_timestamp
    • NaiveDateTime::from_timestamp_opt
    • TimeZone::timestamp
    • TimeZone::timestamp_opt
  • Fix underflow in NaiveDateTime::timestamp_nanos_opt (#1294, thanks @​crepererum)

Documentation

  • Add more documentation about the RFC 2822 obsolete date format (#1267)

Internal

  • Remove internal __doctest feature and doc_comment dependency (#1276)
  • CI: Bump actions/checkout from 3 to 4 (#1280)
  • Optimize NaiveDate::add_days for small values (#1214)
  • Upgrade pure-rust-locales to 0.7.0 (#1288, thanks @​jeremija wo did good improvements on pure-rust-locales)

Thanks to all contributors on behalf of the chrono team, @​djc and @​pitdicker!

0.4.30

In this release, we have decided to swap out the chrono::Duration type (which has been a re-export of time 0.1 Duration type) with our own definition, which exposes a strict superset of the time::Duration API. This helps avoid warnings about the [CVE-2020-26235] and [RUSTSEC-2020-0071] advisories for downstream users and allows us to improve the Duration API going forward.

... (truncated)

Commits
  • e730c6a Bump version to 0.4.31
  • 2afdde8 fix: underflow during datetime->nanos conversion
  • 46ad2c2 Add UNIX_EPOCH constants
  • 1df8db3 Add TimeZone::timestamp_micros
  • 861d4e1 Make TimeZone::timestamp_millis_opt use
  • 3c4846a Upgrade pure-rust-locales to 0.7.0
  • 6665804 Deny leap second if secs != 59 in from_num_seconds_from_midnight_opt
  • 61b7ffb Deny leap second if secs != 59 in from_hms_nano_opt
  • 202af6c Don't generate leap seconds that are not 60 in NaiveTime's Arbitrary impl
  • 60283ab Don't create strange leap seconds in tests
  • Additional commits viewable in compare view


Updates clap from 4.4.2 to 4.4.6

Release notes

Sourced from clap's releases.

v4.4.6

[4.4.6] - 2023-09-28

Internal

  • Upgrade anstream

v4.4.5

[4.4.5] - 2023-09-25

Fixes

  • (parser) When inferring subcommand name or long_flag, allow ambiguous-looking matches that unambiguously map back to the same command
  • (parser) When inferring subcommand long_flag, don't panic
  • (assert) Clarify what action is causing a positional that doesn't set values which is especially useful for derive users

v4.4.4

[4.4.4] - 2023-09-18

Internal

  • Update terminal_size to 0.3

v4.4.3

[4.4.3] - 2023-09-12

Documentation

  • (derive) Clarify use of attributes within the tutorial
  • Split sections in the builder and derive tutorials into separate modules
Changelog

Sourced from clap's changelog.

[4.4.6] - 2023-09-28

Internal

  • Upgrade anstream

[4.4.5] - 2023-09-25

Fixes

  • (parser) When inferring subcommand name or long_flag, allow ambiguous-looking matches that unambiguously map back to the same command
  • (parser) When inferring subcommand long_flag, don't panic
  • (assert) Clarify what action is causing a positional that doesn't set values which is especially useful for derive users

[4.4.4] - 2023-09-18

Internal

  • Update terminal_size to 0.3

[4.4.3] - 2023-09-12

Documentation

  • (derive) Clarify use of attributes within the tutorial
  • Split sections in the builder and derive tutorials into separate modules
Commits


Updates indexmap from 2.0.0 to 2.0.2

Changelog

Sourced from indexmap's changelog.

  • 2.0.2

    • The hashbrown dependency has been updated to version 0.14.1 to complete the support for Rust 1.63.

  • 2.0.1

    • MSRV: Rust 1.63.0 is now supported as well, pending publication of hashbrown's relaxed MSRV (or use cargo --ignore-rust-version).
Commits
  • 67e67dd Merge pull request #277 from cuviper/release-2.0.2
  • 9de727d Release 2.0.2 with complete MSRV 1.63
  • fbd129f Merge pull request #276 from cuviper/release-2.0.1
  • 9dcae76 Release 2.0.1 with rust-version = "1.63"
  • 2eaf59c Merge pull request #275 from cuviper/safe-swap
  • 8e03753 Use RawTable::get_many_mut for safe swap_indices
  • 0604c5b Merge pull request #273 from your-diary/docs/indexset
  • 77c58aa Improve explanation about IndexSet's complexity.
  • 9469a1b Merge pull request #272 from daxpedda/minimal-versions
  • 8360847 Test direct-minimal-versions
  • Additional commits viewable in compare view


Updates path-absolutize from 3.1.0 to 3.1.1

Commits
  • 0882f98 update MSRV
  • 9bbf46a Merge pull request #16 from magiclen/dependabot/github_actions/actions/checko...
  • cedbe6d Bump actions/checkout from 3 to 4
  • See full diff in compare view


Updates regex from 1.9.4 to 1.9.6

Changelog

Sourced from regex's changelog.

1.9.6 (2023-09-30)

This is a patch release that fixes a panic that can occur when the default regex size limit is increased to a large number.

  • BUG aa4e4c71: Fix a bug where computing the maximum haystack length for the bounded backtracker could result underflow and thus provoke a panic later in a search due to a broken invariant.

1.9.5 (2023-09-02)

This is a patch release that hopefully mostly fixes a performance bug that occurs when sharing a regex across multiple threads.

Issue #934 explains this in more detail. It is also noted in the crate documentation. The bug can appear when sharing a regex across multiple threads simultaneously, as might be the case when using a regex from a OnceLock, lazy_static or similar primitive. Usually high contention only results when using many threads to execute searches on small haystacks.

One can avoid the contention problem entirely through one of two methods. The first is to use lower level APIs from regex-automata that require passing state explicitly, such as meta::Regex::search_with. The second is to clone a regex and send it to other threads explicitly. This will not use any additional memory usage compared to sharing the regex. The only downside of this approach is that it may be less convenient, for example, it won't work with things like OnceLock or lazy_static or once_cell.

With that said, as of this release, the contention performance problems have been greatly reduced. This was achieved by changing the free-list so that it was sharded across threads, and that ensuring each sharded mutex occupies a single cache line to mitigate false sharing. So while contention may still impact performance in some cases, it should be a lot better now.

Because of the changes to how the free-list works, please report any issues you find with this release. That not only includes search time regressions but also significant regressions in memory usage. Reporting improvements is also welcome as well! If possible, provide a reproduction.

Bug fixes:

  • [BUG #934](rust-lang/regex#934): Fix a performance bug where high contention on a single regex led to massive slow downs.
Commits
  • 11b4443 1.9.6
  • 3dda425 deps: bump regex-automata to 0.3.9
  • 03f00bd regex-automata-0.3.9
  • e467408 changelog: 1.9.6
  • aa4e4c7 automata: fix unintended panic in max_haystack_len
  • 27a2538 automata: add some #[inline] annotations
  • 061ee81 readme: visually emphasize performance criteria difference
  • 8275c1b doc: fix a few typos
  • cdc0dbd readme: add section about performance and benchmarks
  • 4aaf389 ci: pin to memchr 2.6.2 for MSRV CI job
  • Additional commits viewable in compare view


Updates self_update from 0.37.0 to 0.38.0

Changelog

Sourced from self_update's changelog.

[0.38.0]

Added

Changed

  • Use self-replace to replace the current executable

Removed

Commits


Updates semver from 1.0.18 to 1.0.19

Release notes

Sourced from semver's releases.

1.0.19

Commits
  • 72a6b5a Release 1.0.19
  • 83abc7f Relocate comparator parse testing
  • 2d34e8f Touch up PR 299 test cases
  • 5e09329 More comprehensible excessive version comparator test
  • 473209f Merge pull request #299 from CXWorks/master
  • cb07901 Update actions/checkout@v3 -> v4
  • fff3f40 Revert "Temporarily disable -Zrandomize-layout due to rustc ICE"
  • 2399480 Temporarily disable -Zrandomize-layout due to rustc ICE
  • b074ea0 Resolve incorrect_partial_ord_impl_on_ord_type clippy lint
  • 2d50313 Add missed test cases
  • See full diff in compare view


Updates shlex from 1.1.0 to 1.2.0

Changelog

Sourced from shlex's changelog.

1.2.0

  • Adds bytes module to support operating directly on byte strings.
Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions