Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[chore]: Bump zeroize from 1.7.0 to 1.8.0 #4506

Merged
merged 1 commit into from
Apr 26, 2024
Merged

[chore]: Bump zeroize from 1.7.0 to 1.8.0 #4506

merged 1 commit into from
Apr 26, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 24, 2024

Bumps zeroize from 1.7.0 to 1.8.0.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
[chore]: Bump zeroize from 1.7.0 to 1.8.0
ab64033 
Bumps [zeroize](https://github.com/RustCrypto/utils) from 1.7.0 to 1.8.0.
- [Commits](RustCrypto/utils@zeroize-v1.7.0...zeroize-v1.8.0)

---
updated-dependencies:
- dependency-name: zeroize
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Apr 24, 2024
@github-actions github-actions bot added Chore This is a small task that can be done at any point in time and is easier than others iroha2-dev The re-implementation of a BFT hyperledger in RUST and removed Chore This is a small task that can be done at any point in time and is easier than others labels Apr 24, 2024
@nxsaken nxsaken merged commit b8eed15 into main Apr 26, 2024
10 of 14 checks passed
@dependabot dependabot bot deleted the dependabot/cargo/main/zeroize-1.8.0 branch April 26, 2024 13:02
@DCNick3
Copy link
Contributor

DCNick3 commented Apr 26, 2024

This version was yanked, this prevents smart contracts from being built

DCNick3 added a commit to DCNick3/iroha that referenced this pull request Apr 26, 2024
@DCNick3
Revert "[chore]: Bump zeroize from 1.7.0 to 1.8.0 (hyperledger#4506)"
1164e55 
This reverts commit b8eed15.

Signed-off-by: Nikita Strygin <dcnick3@users.noreply.github.com>
@mversic
Copy link
Contributor

mversic commented Apr 26, 2024

I just noticed this as well. Can dependabot recognize yanked versions? or was it just bad timing on our part

@DCNick3
Copy link
Contributor

DCNick3 commented Apr 26, 2024

It's probably the timing... Opened #4519 to revert it

@DCNick3
Copy link
Contributor

DCNick3 commented Apr 26, 2024

CI passed 2 days ago, yanked yesterday. So, yeah, it's the timing

@mversic
Copy link
Contributor

mversic commented Apr 26, 2024

wonderful how chaos always finds a way to penetrate

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mversic mversic mversic approved these changes

@s8sato s8sato Awaiting requested review from s8sato s8sato is a code owner

@SamHSmith SamHSmith Awaiting requested review from SamHSmith SamHSmith is a code owner

@outoftardis outoftardis Awaiting requested review from outoftardis outoftardis is a code owner

@Erigara Erigara Awaiting requested review from Erigara Erigara is a code owner

@0x009922 0x009922 Awaiting requested review from 0x009922 0x009922 is a code owner

@DCNick3 DCNick3 Awaiting requested review from DCNick3 DCNick3 is a code owner

@VAmuzing VAmuzing Awaiting requested review from VAmuzing

@Asem-Abdelhady Asem-Abdelhady Awaiting requested review from Asem-Abdelhady

@dima74 dima74 Awaiting requested review from dima74 dima74 is a code owner

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file iroha2-dev The re-implementation of a BFT hyperledger in RUST rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@DCNick3 @mversic @nxsaken