Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the rustls group with 2 updates #108

Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the rustls group with 2 updates #108

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 26, 2024
edited
Loading

Updates the requirements on hyper-rustls and tokio-rustls to permit the latest version.
Updates hyper-rustls to 0.27.0

Release notes

Sourced from hyper-rustls's releases.

0.27.0

Changed

  • Rustls updated to 0.23
  • Default cryptography provider changed to aws-lc-rs to match upstream Rustls project. Note that this has some implications on platform support and build-time tool requirements such as cmake on all platforms and nasm on Windows. Support for ring continues to be available: set the ring crate feature.

Added

  • New with_platform_verifier connector builder fns for using rustls-platform-verifier for certificate verification. Requires the optional rustls-platform-verifier feature be enabled.
  • New HttpsConnector::builder fn for conveniently constructing a ConnectorBuilder.

Changelog

New Contributors

Full Changelog: rustls/hyper-rustls@v/0.26.0...v/0.27.0

Commits
  • 0d38794 Cargo: version 0.26.0 -> 0.27.0
  • c9e25c4 ci: add ring build to test phase
  • 731d19e Cargo: update Rustls & associated crates to 0.23
  • ccd5ec1 examples: fix redundant Vec import
  • 4030f86 feat: add a builder() method to HttpsConnector
  • 68c7d05 Cargo.toml: add aws-lc-rs feature as crypto backend
  • 3582863 Add built-in support for rustls-platform-verifier
  • 9bb9d59 Bump MSRV to 1.64 for rustls-platform-verifier
  • See full diff in compare view

Updates tokio-rustls to 0.26.0

Release notes

Sourced from tokio-rustls's releases.

v/0.26.0

Additions

Fixes

  • Ignoring NotConnected error in poll_shutdown - by @​djc in #42
  • Check for ErrorKind::WouldBlock in MidHandshake::SendAlert poll - by @​jbr in #47
  • Check for ErrorKind::WouldBlock in LayzConfigAcceptor - by @​jbr in #48
  • Fix for SendAlert io::ErrorKind - by @​jbr in #52
  • Fix for alert.write poll - by @​jbr in #51

What's Changed

Full Changelog: rustls/tokio-rustls@v/0.25.0...v/0.26.0

Commits
  • 82b4a3e Cargo: 0.25.0 -> 0.26.0 (#59)
  • 5665342 Add an aws-lc-rs feature as an alias for aws_lc_rs (#57)
  • 3a153ac Forward vectored writes (#45)
  • 925a87f Ensure examples use re-exported rustls types outside of the tokio-rustls cont...
  • caf4e82 fix: Rename feature to aws_lc_rs
  • d26502c fix: Check for ErrorKind::WouldBlock in LazyConfigAcceptor (#48)
  • 330d287 feat: change default crypto provider to match rustls' (#50)
  • 214a2b4 fix: correctly poll alert.write until it finishes
  • 48ec73b fix: SendAlert io::ErrorKind should be InvalidData
  • 4a4a448 fix: check for ErrorKind::WouldBlock in MidHandshake::SendAlert poll (#47)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Mar 26, 2024
@dependabot dependabot bot requested a review from omjadas March 26, 2024 20:38
@dependabot
chore(deps): bump the rustls group with 2 updates
03f9ad2 
Updates the requirements on [hyper-rustls](https://github.com/rustls/hyper-rustls) and [tokio-rustls](https://github.com/rustls/tokio-rustls) to permit the latest version.

Updates `hyper-rustls` to 0.27.0
- [Release notes](https://github.com/rustls/hyper-rustls/releases)
- [Commits](rustls/hyper-rustls@v/0.26.0...v/0.27.0)

Updates `tokio-rustls` to 0.26.0
- [Release notes](https://github.com/rustls/tokio-rustls/releases)
- [Commits](rustls/tokio-rustls@v/0.25.0...v/0.26.0)

---
updated-dependencies:
- dependency-name: hyper-rustls
  dependency-type: direct:production
  dependency-group: rustls
- dependency-name: tokio-rustls
  dependency-type: direct:production
  dependency-group: rustls
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/rustls-afe42a3949 branch from c19d1a2 to 03f9ad2 Compare March 31, 2024 20:56
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 10, 2024

Superseded by #111.

@dependabot dependabot bot closed this Apr 10, 2024
@dependabot dependabot bot deleted the dependabot/cargo/rustls-afe42a3949 branch April 10, 2024 21:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@omjadas omjadas Awaiting requested review from omjadas

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants