build(deps): bump the crates-io group across 1 directory with 5 updates #305

dependabot · 2024-12-23T19:31:38Z

Bumps the crates-io group with 5 updates in the / directory:

Package	From	To
aws-lc-rs	`1.11.1`	`1.12.0`
bzip2	`0.4.4`	`0.5.0`
rcgen	`0.13.1`	`0.13.2`
serde	`1.0.215`	`1.0.216`
serde_json	`1.0.133`	`1.0.134`

Updates aws-lc-rs from 1.11.1 to 1.12.0

Release notes

Sourced from aws-lc-rs's releases.

aws-lc-rs v1.12.0

What's Changed

Update aws-lc-fips-sys to AWS-LC FIPS v3.0 🎉 — @justsmth in #626

Please see our blog post for information about the numerous improvements!

If your project requires FIPS compliance, please consult your local FIPS experts about whether you should upgrade.

If needed, see the Cargo Book section on Specifying Dependencies for guidance on how to remain on an older versions of aws-lc-rs.

The APIs for ML-KEM, kbkdf and sskdf are now stable — @justsmth in #628

Please migrate any use of these algorithms from the unstable module to the new stable APIs.

See our updated API documentation.

Support for AES-192 — @justsmth in #622

Add ability to prepare the next operation and its associated nonce for OpeningKey and SealingKey — @skmcgrail in #619

Update aws-lc-sys to AWS-LC v1.41.1 — @justsmth in #627

See also the release notes for 1.41.0 and 1.40.0.

Build improvements

Fix i686-pc-windows-gnu external bindgen by @justsmth in #621

Warn unsupported compiler on FIPS build by @justsmth in #618

Improve bindgen-cli error handling by @justsmth in #625

Issues being resolved

Build failure with gcc-15 — #623

Linkage error when cross-compiling for i686-pc-windows-gnu — #620

aws-lc/crypto/err/err.c:186:17: error: implicit declaration of function ‘strdup’ — #610

::aead::{SealingKey, OpeningKey} how to prepend nonce to packet? — #570

Other merged PRs

Include new AWS-LC header files for FIPS bindings. by @justsmth in #629

Fix rustls integ test by @justsmth in #631

Fix s2n-quic integ test by @justsmth in #630

CI cleanup by @justsmth in #634

Update Readme on FIPS version changes by @justsmth in #636

Full Changelog: v1.11.1...v1.12.0

Commits

c4b8050 Update Readme on FIPS version changes (#636)
14d2457 CI cleanup (#634)
ca788c7 Fix s2n-quic integ test (#630)
3151d7f Fix rustls integ test (#631)
809cd7d Stabilize ML-KEM & KDFs; bump to v1.12.0 (#628)
c75bc5c Support for AES 192 (#622)
0a697c5 Improve bindgen-cli error handling (#625)
3e83854 Include new AWS-LC header files for FIPS bindings. (#629)
6666b4c Update aws-lc-sys to v0.24.0, aligns w/ AWS-LC v1.41.1 (#627)
3d3da2b Update aws-lc-fips-sys to v0.13.0, align w/ AWS-LC-FIPS-3.0.0 (#626)
Additional commits viewable in compare view

Updates bzip2 from 0.4.4 to 0.5.0

Release notes

Sourced from bzip2's releases.

Version 0.5.0

The 0.5.0 release is the first release in ~2 years. It sets an msrv of 1.65.0 and pins the 2021 edition. If the msrv or edition are a problem for your project: just stick with the 0.4.4 release.

The repository has moved from @alexcrichton to @trifectatechfoundation, which takes on its maintainership from this point forward.

The main new feature of this release is the libbz2-rs-sys feature flag, which uses the pure rust https://github.com/trifectatechfoundation/libbzip2-rs implementation of bzip2. Being all rust, and using (by default) the rust allocator infrastructure, cross-compilation (e.g. to webassembly) should be much easier.

Besides that, the documentation was modernized (we can cross-link now) and several bugs were fixed.

What's Changed

update partial_io to version 0.5.4 by @folkertdev in trifectatechfoundation/bzip2-rs#108

Remove tokio support by @folkertdev in trifectatechfoundation/bzip2-rs#109

support libbz2-rs-sys by @folkertdev in trifectatechfoundation/bzip2-rs#110

set msrv to 1.65.0 by @folkertdev in trifectatechfoundation/bzip2-rs#111

set the edition to 2021 by @folkertdev in trifectatechfoundation/bzip2-rs#112

fix clippy warnings by @folkertdev in trifectatechfoundation/bzip2-rs#113

update documentation by @folkertdev in trifectatechfoundation/bzip2-rs#114

Don't enable the stdio feature for the rust implementation of bzip2 by @bjorn3 in trifectatechfoundation/bzip2-rs#117

Fix infinite loop after invalid data by @jongiddy in trifectatechfoundation/bzip2-rs#99

prepare release 0.5.0 by @folkertdev in trifectatechfoundation/bzip2-rs#115

New Contributors

@folkertdev made their first contribution in trifectatechfoundation/bzip2-rs#108

@bjorn3 made their first contribution in trifectatechfoundation/bzip2-rs#117

@jongiddy made their first contribution in trifectatechfoundation/bzip2-rs#99

Full Changelog: trifectatechfoundation/bzip2-rs@0.4.4...v0.5.0

Commits

bdb6e22 prepare release 0.5.0
5a425ed struct BzDecoder: document exit on error logic
dece038 Fix infinite loop after invalid data
090227a Add CI for using the rust implementation of bzip2
c83aef6 Don't enable the stdio feature for the rust implementation of bzip2
ab518cf Create SECURITY.md
fe3a545 Merge pull request #114 from trifectatechfoundation/doc-link-fixes
c03d510 update the README
28aadcc add links in the documentation comments
403f0af Merge pull request #113 from trifectatechfoundation/clippy-fixes
Additional commits viewable in compare view

Updates rcgen from 0.13.1 to 0.13.2

Release notes

Sourced from rcgen's releases.

0.13.2

Several improvements to the capabilities available when working with certificate signing requests.

What's Changed

Clarify internal data dependencies for signing APIs by @djc in rustls/rcgen#269

error: feature-gate ExternalError by @cpu in rustls/rcgen#271

Pass extended key usage parameters when importing CertificateSigningRequestParams by @uglyoldbob in rustls/rcgen#264

ci: update cargo-check-external-types toolchain, fix build by @cpu in rustls/rcgen#276

Revert "ci: temp. pin nightly to avoid ICE" by @cpu in rustls/rcgen#277

Expose algorithm field on PublicKey by @rickvanprim in rustls/rcgen#281

Update semver-compatible dependencies by @djc in rustls/rcgen#283

crl: avoid markdown footnotes by @cpu in rustls/rcgen#284

Disable default features for aws-lc-rs by @daxpedda in rustls/rcgen#286

Add KeyUsage support to CSR generation by @lvkv in rustls/rcgen#287

Fix compilation issues of OpenSSL tests on 32-bit architectures by @decathorpe in rustls/rcgen#290

Enable signing without private key by @djc in rustls/rcgen#291

Clarify CSR signing docs by @lvkv in rustls/rcgen#295

ci: adjust nightly for cargo-check-external-types by @cpu in rustls/rcgen#297

Add PKCS#10 attributes to CSR serializer by @lvkv in rustls/rcgen#296

Bump codecov/codecov-action from 4 to 5 by @dependabot in rustls/rcgen#299

Update README.md example to match what's in lib.rs by @ghenry in rustls/rcgen#298

rcgen: 0.13.1 -> 0.13.2 by @lvkv in rustls/rcgen#303

Commits

447322c rcgen: 0.13.1 -> 0.13.2
12d6533 Remove extern crate example in docs.
72369d3 Update README.md example to match what's in lib.rs
1b4a355 Bump codecov/codecov-action from 4 to 5
331b8fd Add PKCS#10 attributes to CSR serializer
349ffe4 Add CertificateParams::write_extension_request_attribute for cleanup
57a8066 Fix: Write CSR attributes as an implicit set
ad9b094 Fix: Don't forget to write EKUs in CSRs
5811e47 Fix: Don't write SANs in CSRs if none are present
d3dea5e Add more CSR roundtrip unit tests
Additional commits viewable in compare view

Updates serde from 1.0.215 to 1.0.216

Release notes

Sourced from serde's releases.

v1.0.216

Mark all generated impls with #[automatically_derived] to exclude from code coverage (#2866, #2868, thanks @tdittr)

Commits

ad8dd41 Release 1.0.216
f91d2ed Merge pull request #2868 from dtolnay/automaticallyderived
9497463 Mark all generated trait impls as #[automatically_derived]
46e9ecf Merge pull request #2866 from tdittr/mark-visitors-as-generated
e9c399c Mark generated impl de::Visitor blocks as #[automatically_derived]
b9dbfcb Switch out fnv in favor of foldhash in test
c270e27 Use BuildHasher instead of Hasher in collection macros
0307f60 Resolve question_mark clippy lint in build script
See full diff in compare view

Updates serde_json from 1.0.133 to 1.0.134

Release notes

Sourced from serde_json's releases.

v1.0.134

Add RawValue associated constants for literal null, true, false (#1221, thanks @bheylin)

Commits

b2a1415 Release 1.0.134
9875785 Tweak wording of NULL/TRUE/FALSE documentation
4aa05b9 Merge pull request #1222 from dtolnay/rawvalueassoc
f42c7c7 Move RawValue associated constants into same impl block as public functions
96576ba Merge pull request #1221 from bheylin/add-const-raw-values-for-null-and-bools
4db66fb Add 'static lifetime to const's
9c9aa1f Add literal 'null', 'true' and 'false' consts to RawValue struct.
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the crates-io group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [aws-lc-rs](https://github.com/aws/aws-lc-rs) | `1.11.1` | `1.12.0` | | [bzip2](https://github.com/trifectatechfoundation/bzip2-rs) | `0.4.4` | `0.5.0` | | [rcgen](https://github.com/rustls/rcgen) | `0.13.1` | `0.13.2` | | [serde](https://github.com/serde-rs/serde) | `1.0.215` | `1.0.216` | | [serde_json](https://github.com/serde-rs/json) | `1.0.133` | `1.0.134` | Updates `aws-lc-rs` from 1.11.1 to 1.12.0 - [Release notes](https://github.com/aws/aws-lc-rs/releases) - [Commits](aws/aws-lc-rs@v1.11.1...v1.12.0) Updates `bzip2` from 0.4.4 to 0.5.0 - [Release notes](https://github.com/trifectatechfoundation/bzip2-rs/releases) - [Commits](trifectatechfoundation/bzip2-rs@0.4.4...v0.5.0) Updates `rcgen` from 0.13.1 to 0.13.2 - [Release notes](https://github.com/rustls/rcgen/releases) - [Commits](rustls/rcgen@v0.13.1...v0.13.2) Updates `serde` from 1.0.215 to 1.0.216 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](serde-rs/serde@v1.0.215...v1.0.216) Updates `serde_json` from 1.0.133 to 1.0.134 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](serde-rs/json@v1.0.133...v1.0.134) --- updated-dependencies: - dependency-name: aws-lc-rs dependency-type: direct:production update-type: version-update:semver-minor dependency-group: crates-io - dependency-name: bzip2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: crates-io - dependency-name: rcgen dependency-type: direct:production update-type: version-update:semver-patch dependency-group: crates-io - dependency-name: serde dependency-type: direct:production update-type: version-update:semver-patch dependency-group: crates-io - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch dependency-group: crates-io ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-12-23T21:46:53Z

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Dec 23, 2024

djc closed this Dec 23, 2024

dependabot bot deleted the dependabot/cargo/crates-io-69630605e7 branch December 23, 2024 21:46

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the crates-io group across 1 directory with 5 updates #305

build(deps): bump the crates-io group across 1 directory with 5 updates #305

dependabot bot commented on behalf of github Dec 23, 2024

dependabot bot commented on behalf of github Dec 23, 2024

build(deps): bump the crates-io group across 1 directory with 5 updates #305

build(deps): bump the crates-io group across 1 directory with 5 updates #305

Conversation

dependabot bot commented on behalf of github Dec 23, 2024

aws-lc-rs v1.12.0

What's Changed

Build improvements

Issues being resolved

Other merged PRs

Version 0.5.0

What's Changed

New Contributors

0.13.2

What's Changed

v1.0.216

v1.0.134

dependabot bot commented on behalf of github Dec 23, 2024