chore(deps): bump jaq-core from 1.5.1 to 3.0.0

[dependabot]

Bumps jaq-core from 1.5.1 to 3.0.0.

Release notes

Sourced from jaq-core's releases.

3.0

jaq is a jq clone with focus on correctness, speed, and simplicity.

The most outstanding change in jaq 3.0 is its multi-format support, allowing you to read and write several data formats such as YAML, CBOR, TOML, XML, CSV, TSV, and of course JSON. That means that among others, jaq can convert data from one format into another, while transforming data with a jq filter. This effectively makes it into a "Pandoc for structured data". Achieving this has been the main focus of the NLnet-founded "Polyglot jaq" project, which has been successfully finished. A huge thanks to NLnet for supporting jaq and, more generally, free software!

Other large user-facing changes include:

• Manual: jaq now has a full jq and jaq reference manual. This was a monumental effort into which I poured a lot of love, and I hope that you enjoy reading it as much as I enjoyed putting easter eggs into it. Bonus: You also get a man page. (For package maintainers: Man page build instructions can be found in docs/README.md.)
• Byte strings: You can now read strings that contain arbitrary contents, including invalid UTF-8 sequences. (When a string is read from a file, this takes only constant time, thanks to memory mapping.) You can then mark these strings as byte strings via tobytes, allowing you to index/slice them in constant time. This allows you to process arbitrary binary data efficiently with jaq --- as proof of concept, I implemented a little TAR decoder.
• Arbitrary values as object keys: Where jq supports only strings as object keys, jaq supports arbitrary values as object keys.
• Compatibility improvements: Although this release adds many new features to jaq that do not exist in jq, this release still increases compatibility with jq. For example, jaq now supports path/1 and many other path-related filters.

API:

• New jaq-all crate for easier "batteries-included" jaq usage
• Passing arbitrary data to native filters
• Optional thread-safe jaq_json::Val when enabling the sync feature, allowing for multithreaded usage of values, e.g. running multiple filters in parallel on the same value

Changes since 3.0-gamma:

• Support CSV/TSV, initiated by @​jack-faller #405
• Speed up length of text strings #417
• Update to codesnake 0.3 #413
• Store TermId as reference in Exn #411

See the release notes for alpha, beta, and gamma for more details on all changes since jaq 2.3.

3.0 gamma

This release increases jq compatibility, introduces a new format (raw0), and decreases memory consumption.

A preliminary version of this release has received a security audit by @​dnet from Radically Open Security (ROS). This release addresses the raised concerns. Thanks a lot to NLnet for having funded the security audit!

With the security audit being done, this concludes the NLnet-funded project Polyglot jaq, meaning that all goals set out in the beginning were achieved. Again, thanks so much to NLnet for having supported jaq development for about two years!

jq features

• Implement array-array indexing 01mf02/jaq#404
• Implement combinations 01mf02/jaq#390
• Make null | has($k) return false 01mf02/jaq#389

Formats

• Introduce raw0 format for zero-terminated strings by @​pjungkamp 01mf02/jaq#388
• Parse numbers starting with [+-]?\d+ 01mf02/jaq#380
• Transition from toml-edit to toml-span 01mf02/jaq#398

Corrections

• Address ROS audit 01mf02/jaq#395

... (truncated)

Commits

• 6cdaff0 Add .yml to list of recognised file extensions.
• ce0c7b2 Small correction in manual.
• 744922f Small corrections.
• 5eedcc4 Bump versions to 3.0!
• 136482b Replace serde by serde_core in jaq-json
• f7ef06a Update benchmark results.
• c4c4733 Merge pull request #415 from 01mf02/table-support
• c7b1850 Link issue for feedback.
• c0da08b Merge pull request #417 from 01mf02/length-str2
• f1ed503 Speed up length of valid UTF-8 text strings.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[mostafa]

Superseded by #145, which rolls this update into a single branch alongside the four other open dep PRs and the two open Dependabot security alerts.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.