depends: non-qt bumps for 0.12

[theuni]

These are all of the possible bumps for 0.12, qt and openssl excluded. I'm not advocating taking all of these, just listing them all in one place for discussion. Each is a separate commit so that the undesired ones can be easily dropped.

• boost 1.55.0 to 1.58.0: This one's been discussed and I think we're in favor of taking it.
• qrencode 3.4.3 to 3.4.4: changelog - I can't find specifically what changed, need to compare the sources.
• protobuf 2.5.0 to 2.6.1: changelog1, changelog2 - This one may be risky, might be better to just leave it alone
• ccache to 3.1.9 to 3.2.2: changelog - Looks good
• miniupnpc 1.9.20140701 to 1.9.20150609: changelog

[fanquake]

This should show you the qrencode changes. fukuchi/libqrencode@055f441...3.4

[luke-jr]

Probably should wait until we're closer to rc1 before bumping, in case there's more fixes?

[laanwj]

@luke-jr Bumping sooner has the advantage over doing it last-minute that at least the new versions can get some longer testing.

[laanwj]

I'm fine with upgrading all of those.

Though I agree that libprotobuf is the most risky of the bunch.

[theuni]

@luke-jr Yes, I agree with @laanwj. Bumping these early means they get more testing. If obvious bugfixes come in closer to release, we can certainly still pull them in.

[jonasschnelli]

Also agreed with @laanwj to take this in as soon as possible.
Tried a gitian build with this PR: https://builds.jonasschnelli.ch/pulls/6373/

[laanwj]

ACK

[Diapolo]

The protobuf update seems to cause warnings:

protobuf-2.6.1\dist\include\google\protobuf\wire_format_lite_inl.h:383: Warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
     for (int i = 0; i < new_entries; ++i) {
                       ^