Update gix-tempfile requirement from =4.1.0 to =5.0.0

[dependabot]

Updates the requirements on gix-tempfile to permit the latest version.

Release notes

Sourced from gix-tempfile's releases.

gix-tempfile v5.0.0

Bug Fixes (BREAKING)

• Upgrade tempfile to 3.4, fixing a security issue. This is not really a breaking change, but a tactical major version increment to give cargo an escape hatch and let it use the vulnerable version for a little longer.

  This means this gix up until v0.40 can be used to pull in tempfile 3.3, and all future versions will use tempfile 3.4 (or 3.X) for that matter.

Commit Statistics

• 2 commits contributed to the release over the course of 1 calendar day.
• 2 days passed between releases.
• 1 commit was understood as conventional.
• 0 issues like '(#ID)' were seen in commit messages

Commit Details

• Uncategorized
  • Prepare changelogs prior to release (e06f5f5)
  • Upgrade tempfile to 3.4, fixing a security issue. (304b0c1)

Changelog

Sourced from gix-tempfile's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

0.23.0 (2023-02-24)

This release adds the new ein tool query analytics engine, which maintains a database of a git repository as acceleration data structure to run useful queries on. It's nothing more than an MVP, and was inspired by a program to accelerate Git-Heat-Map.

New Features

• ein tool query - a git analytics engine. A tool to build and efficiently maintain a database of information contained in a git repository, preferably the kind of information that is expensive to obtain, in order to facilitate queries that would be prohibitive without an accelerating data structure.
• gix tree entries with rev-spec support. Previously it wanted a tree-id, now it can derive it itself.

Commit Statistics

• 4 commits contributed to the release over the course of 7 calendar days.
• 7 days passed between releases.
• 2 commits were understood as conventional.
• 0 issues like '(#ID)' were seen in commit messages

Commit Details

• Uncategorized
  • Merge branch 'rename-tracking' (550144a)
  • ein tool query - a git analytics engine. (f8cc623)
  • gix tree entries with rev-spec support. (49520d1)
  • Fix journey tests; improve panic handling when --progress is used. (571121c)

0.22.1 (2023-02-17)

Bug Fixes

• re-enable local-time support for all binaries The time improved the way one can opt-in to potential unsoundness

... (truncated)

Commits

• 29a0870 Release gix-tempfile v5.0.0, gix-lock v5.0.0, gix-ref v0.27.0, gix-config v0....
• e06f5f5 prepare changelogs prior to release
• ee1e269 fix: it's no error if credential helpers don't receive context as input.
• 7f6e67d Merge branch '771_missing_negtive_in_error_message_returned_by_gix_discover'
• 85f8b28 Merge branch 'password-in-urls'
• 7830f1e feat!: HTTP transport uses url identity if username and password is set.
• 66602bb adjust to changes in gix-url
• c6897d9 feat!: support passwords in urls.
• d137a8c fix ssh helper invocation tests under Rust 1.68
• 61ee905 fix!: add missing 'not' in error messages
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #168 (20403f8) into master (9c6e2c9) will increase coverage by 0.21%.
The diff coverage is n/a.

@@             Coverage Diff             @@
##           master      #168      +/-   ##
===========================================
+ Coverage   99.78%   100.00%   +0.21%     
===========================================
  Files          22        22              
  Lines        1407      1407              
===========================================
+ Hits         1404      1407       +3     
+ Misses          3         0       -3     

see 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[dependabot]

Looks like gix-tempfile is no longer a dependency, so this is no longer needed.