Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump the cargo group across 1 directory with 2 updates #145

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 23, 2024

Bumps the cargo group with 2 updates in the / directory: tauri and rustls.

Updates tauri from 1.6.0 to 1.6.2

Release notes

Sourced from tauri's releases.

tauri v1.6.2

Updating crates.io index

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 621 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (577 crate dependencies)
Crate:     atty
Version:   0.2.14
Warning:   unsound
Title:     Potential unaligned read
Date:      2021-07-04
ID:        RUSTSEC-2021-0145
URL:       https://rustsec.org/advisories/RUSTSEC-2021-0145
Dependency tree:
atty 0.2.14
└── clap 3.2.25
    └── tauri 1.6.2
        ├── tauri 1.6.2
        ├── restart 0.1.0
        └── app-updater 0.1.0

warning: 1 allowed warning found

[1.6.2]

Bug Fixes

  • e3b6d38d2(#9166) Fix basename(path, 'ext') JS API when removing all occurances of ext where it should only remove the last one.
  • 705da977a(#9529) Do not use JS optional chaining to prevent script errors on older webviews such as macOS 10.14.
Updating crates.io index
   Packaging tauri v1.6.2 (/home/runner/work/tauri/tauri/core/tauri)
    Updating crates.io index
   Verifying tauri v1.6.2 (/home/runner/work/tauri/tauri/core/tauri)
 Downloading crates ...
  Downloaded alloc-stdlib v0.2.2
  Downloaded cairo-sys-rs v0.15.1
  Downloaded atk-sys v0.15.1
  Downloaded cairo-rs v0.15.12
</tr></table> 

... (truncated)

Commits
  • f9638b6 fix(cli): append extension to app binary manually on rename (#9491)
  • aeddc40 fix(cli/info): fix crash when checking node version (#9411)
  • fe6f81f chore: fix clippy false positive (#9329)
  • 9dd67ab fix(cli): upgrade heck to better support Chinese/Japanese prodcut name on Lin...
  • dbe81b8 fix(bundler/nsis): Don't use /R flag on installation dir (#9282)
  • 017861e fix(bundler): Fix nsis resource paths on non-windows build systems. (#9281)
  • 77cc49a fix(cli): Clone Options struct after mutating it. (#9188)
  • e3b6d38 fix(core/path): remove suffix in basename only once (#9166)
  • b705f89 Apply Version Updates From Current Changes (v1) (#9074)
  • 97a0514 fix(cli): migrate to stable features of log crate (#9119)
  • Additional commits viewable in compare view

Updates rustls from 0.22.2 to 0.22.4

Commits
  • ae277be Prepare 0.22.4
  • 5374108 complete_io: bail out if progress is impossible
  • 00e695d Regression test for complete_io infinite loop bug
  • 0c6cd7e Don't specially handle unauthenticated close_notify alerts
  • a1e28cd Prepare 0.22.3
  • 114c476 suites.rs: fix nonsensical duplicated feature gate
  • ffd933a Fix new clippy::use_self warnings
  • fb6e70a dangerous_extract_secrets(): test ConnectionTrafficSecrets variant
  • 2d5c80e Return correct ConnectionTrafficSecrets variant when AES-256-GCM is negotia...
  • 77ffe49 tests: fix implied_bounds_in_impls clippy warn
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the cargo group with 2 updates in the / directory: [tauri](https://github.com/tauri-apps/tauri) and [rustls](https://github.com/rustls/rustls).


Updates `tauri` from 1.6.0 to 1.6.2
- [Release notes](https://github.com/tauri-apps/tauri/releases)
- [Commits](tauri-apps/tauri@tauri-v1.6...tauri-v1.6.2)

Updates `rustls` from 0.22.2 to 0.22.4
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](rustls/rustls@v/0.22.2...v/0.22.4)

---
updated-dependencies:
- dependency-name: tauri
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: rustls
  dependency-type: indirect
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels May 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file rust Pull requests that update Rust code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants