Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the minor group with 3 updates #180

Closed
wants to merge 1 commit into from
Closed

Bump the minor group with 3 updates #180

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 4, 2024
edited

Bumps the minor group with 3 updates: tempfile, pulldown-cmark and syntect.

Updates tempfile from 3.9.0 to 3.10.1

Changelog

Sourced from tempfile's changelog.

3.10.1

  • Handle potential integer overflows in 32-bit systems when seeking/truncating "spooled" temporary files past 4GiB (2³²).
  • Handle a theoretical 32-bit overflow when generating a temporary file name larger than 4GiB. Now it'll panic (on allocation failure) rather than silently succeeding due to wraparound.

Thanks to @​stoeckmann for finding and fixing both of these issues.

3.10.0

  • Drop redox_syscall dependency, we now use rustix for Redox.
  • Add Builder::permissions for setting the permissions on temporary files and directories (thanks to @​Byron).
  • Update rustix to 0.38.31.
  • Update fastrand to 2.0.1.
Commits

Updates pulldown-cmark from 0.9.6 to 0.10.0

Release notes

Sourced from pulldown-cmark's releases.

v0.10.0

This is a huge release after a a long time without a major release, with many bugfixes and several new features. Thanks to all people involved!

Breaking Changes

New Features

Bugfixes

... (truncated)

Commits
  • 42bff71 chore: specify version of pulldown-cmark-escape in Cargo.toml
  • f874c08 Merge pull request #841 from notriddle/notriddle/link-ref-def-title
  • 55fd2d3 Reject opening parens within (/) link titles
  • 67a1407 Merge pull request #838 from raphlinus/fix-526
  • f575d4b chore: update fuzz and fuzzer dependencies
  • 9cac975 fix: move fuzzer and fuzz to parent dir and fix fuzzer runs inside workspace
  • a917492 feat: separate escape.rs in another crate
  • 76eb589 Merge pull request #837 from notriddle/notriddle/tables
  • 7f0ff33 Implement missing cell cutoff to stop quadratic results
  • 74456d3 Merge pull request #836 from GuillaumeGomez/old-footnote-improvement
  • Additional commits viewable in compare view

Updates syntect from 5.1.0 to 5.2.0

Release notes

Sourced from syntect's releases.

v5.2.0

Improvements

  • Eliminate syntect library's dependency on serde's "derive" feature. Increases build parallelism.
  • Add parsing of gutterSettings.

Dependencies

  • Update regex-syntax to 0.8.
Changelog

Sourced from syntect's changelog.

Version 5.2.0 (2024-02-07)

Improvements

  • Eliminate syntect library's dependency on serde's "derive" feature. Increases build parallelism.
  • Add parsing of gutterSettings.

Dependencies

  • Update regex-syntax to 0.8.
Commits
  • 1651081 Merge pull request #518 from Enselic/prepare-release
  • 6c365b4 Prepare for v5.2.0
  • 5a9c472 Merge pull request #517 from Enselic/release-v2
  • 5548e47 Automate the release process with a GitHub Actions workflow
  • 2d2f22b Merge pull request #516 from Enselic/fix-node
  • f665482 Merge pull request #506 from timhillgit/parse_gutterSettings
  • 2900d85 workflows: actions/checkout@v3 -> v4
  • 3a712ec Merge pull request #513 from Enselic/revert-bitflags
  • 5404691 Revert to bitflags 1.0.4 to not break semver
  • fbabe18 Merge pull request #511 from dtolnay-contrib/derive
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Mar 4, 2024
@dependabot dependabot bot mentioned this pull request Mar 4, 2024
Closed
@mgeisler
Copy link
Collaborator

mgeisler commented Mar 7, 2024

Okay, this doesn't compile, so it looks like we need some manual work here to handle the update. We can leave this open in the meantime to remind us about the update 😄

@kdarkhan
Copy link
Collaborator

kdarkhan commented Mar 7, 2024

Yeah, this won't work until we have pulldown-cmark-to-cmark upgraded.

@dependabot
Bump the minor group with 3 updates
a0ec986 
Bumps the minor group with 3 updates: [tempfile](https://github.com/Stebalien/tempfile), [pulldown-cmark](https://github.com/raphlinus/pulldown-cmark) and [syntect](https://github.com/trishume/syntect).


Updates `tempfile` from 3.9.0 to 3.10.1
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](Stebalien/tempfile@v3.9.0...v3.10.1)

Updates `pulldown-cmark` from 0.9.6 to 0.10.0
- [Release notes](https://github.com/raphlinus/pulldown-cmark/releases)
- [Commits](pulldown-cmark/pulldown-cmark@v0.9.6...v0.10.0)

Updates `syntect` from 5.1.0 to 5.2.0
- [Release notes](https://github.com/trishume/syntect/releases)
- [Changelog](https://github.com/trishume/syntect/blob/master/CHANGELOG.md)
- [Commits](trishume/syntect@v5.1.0...v5.2.0)

---
updated-dependencies:
- dependency-name: tempfile
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor
- dependency-name: pulldown-cmark
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor
- dependency-name: syntect
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/minor-4267af5022 branch from 1dc58ed to a0ec986 Compare March 11, 2024 09:20
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 8, 2024

Superseded by #182.

@dependabot dependabot bot closed this Apr 8, 2024
@dependabot dependabot bot deleted the dependabot/cargo/minor-4267af5022 branch April 8, 2024 09:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mgeisler @kdarkhan