Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump regex from 1.4.3 to 1.5.5 in /ci/date-check #1364

Merged
merged 1 commit into from
Jun 6, 2022

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 6, 2022

Bumps regex from 1.4.3 to 1.5.5.

Changelog

Sourced from regex's changelog.

1.5.5 (2022-03-08)

This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.

1.5.4 (2021-05-06)

This release fixes another compilation failure when building regex. This time, the fix is for when the pattern feature is enabled, which only works on nightly Rust. CI has been updated to test this case.

1.5.3 (2021-05-01)

This releases fixes a bug when building regex with only the unicode-perl feature. It turns out that while CI was building this configuration, it wasn't actually failing the overall build on a failed compilation.

1.5.2 (2021-05-01)

This release fixes a performance bug when Unicode word boundaries are used. Namely, for certain regexes on certain inputs, it's possible for the lazy DFA to stop searching (causing a fallback to a slower engine) when it doesn't actually need to.

[PR #768](rust-lang/regex#768) fixes the bug, which was originally reported in ripgrep#1860.

1.5.1 (2021-04-30)

This is a patch release that fixes a compilation error when the perf-literal feature is not enabled.

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [regex](https://github.com/rust-lang/regex) from 1.4.3 to 1.5.5.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](rust-lang/regex@1.4.3...1.5.5)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 6, 2022
@JohnTitor
Copy link
Member

I wasn't aware that we had a lockfile and enabled dependabot, great :)

@JohnTitor JohnTitor merged commit 72a3895 into master Jun 6, 2022
@JohnTitor JohnTitor deleted the dependabot/cargo/ci/date-check/regex-1.5.5 branch June 6, 2022 23:40
@ehuss
Copy link
Contributor

ehuss commented Jun 7, 2022

I wasn't aware that we had a lockfile and enabled dependabot, great :)

Security alerts for Rust projects were just enabled today: https://github.blog/changelog/2022-06-06-dependency-graph-adds-vulnerability-alerting-support-for-rust/

@JohnTitor
Copy link
Member

Oh, cool! Thanks for the reference.

compiler-errors added a commit to compiler-errors/rust that referenced this pull request Jun 8, 2022
Update books

## nomicon

5 commits in 10d40c59a581c66d8ecd29ad18d410bf97ed524d..3a43983b76174342b7dbd3e12ea2c49f762e52be
2022-05-07 10:45:07 +0900 to 2022-05-30 17:01:30 +0900
- Changes for `c_unwind` (rust-lang/nomicon#365)
- Upgrade actions/checkout to v3 (rust-lang/nomicon#367)
- Clarification of borrowck (rust-lang/nomicon#354)
- Update the now stale warning about `PhantomData&lt;T&gt;` and dropck (rust-lang/nomicon#363)
- Minor language fixes (rust-lang/nomicon#364)

## reference

1 commits in b74825d8f88b685e239ade00f00de68ba4cd63d4..683bfe5cd64d589c6a1645312ab5f93b6385ccbb
2022-05-20 14:30:30 -0700 to 2022-05-27 11:54:20 -0700
- Reflect changes about unsizing casts in const context (rust-lang/reference#1221)

## book

58 commits in b4dd5f00b87190ad5ef42cbc2a88a783c6ae57ef..396fdb69de7fb18f24b15c7ad13491b1c1fa7231
2022-05-24 21:37:06 -0400 to 2022-06-08 10:02:35 -0400
- Make not-equals operator example consistent. Fixes rust-lang/book#3189.
- Propagate nostarch appendix edits to src
- Edits to edits to appendices
- Edits from nostarch for the appendices
- Propagate edits to chapter 20 to src
- Edits to edits of chapter 20
- Update reference to chapter 12 code that was changed
- Edits from nostarch to chapter 20
- Fix spelling mistake
- Propagate ch17 tech review changes to src
- Responses to tech review for ch17
- Chapter 17 tech review comments
- Update dependencies via `cargo update`
- Propagate changes from ch16 tech review to src
- Tech review comments and responses for chapter 16
- Println captures in chapter 15
- Propagate chapter 15 tech review edits to src
- Responses to tech review for chapter 15
- Tech review comments for chapter 15
- Merge branch 'ch14-tr'
- Upgrade to Rust 1.61
- Upgrade to Rust 1.60
- More little improvements to chapter 12
- Update references to ch12 to be Config::build instead of new
- Propagate ch12 tech review edits to src
- Responses to tech review of chapter 12
- Tech review comments of chapter 12
- Show directory layouts including integration test files
- Clarify that integration/doc tests aren't run if unit tests fail
- Propagate ch11 tech review edits to src
- Edits in response to tech review of chapter 11
- Comments from tech review in chapter 11
- Propagate other edits to nostarch
- Adjust listing so error output line numbers match
- Merge remote-tracking branch 'origin/pr/3153' into ch10-tr
- Reword a rewording about lifetimes of values vs references
- Merge remote-tracking branch 'origin/pr/3107' into ch10-tr
- Merge remote-tracking branch 'origin/pr/3104' into ch10-tr
- Propagate ch10 edits to src
- Edits in response to tech review
- Comments from tech review for chapter 10
- New dictionary entries
- Demonstrate a better expect message. Fixes rust-lang/book#2918.
- Propagate tech review ch9 edits to src
- Termination has stabilized! Fixes rust-lang/book#3116.
- Respond to tech review comments to chapter 9
- Comments from tech review on chapter 9
- Propagate changes for ch8 to src
- Clarify that split_whitespace returns an iterator
- Add type annotation in nostarch snapshot too
- Extra-clarity qualification
- Edits to chapter 8 in response to tech review
- Comments from tech review for chapter 8
- Propagate tech review edits to ch06 src
- Responses to tech review comments on chapter 6
- Chapter 6 after tech review
- Snapshot of chapter 1 for nostarch
- src: use TLSv1.3 if we're going to specify at all

## rust-by-example

4 commits in 2ed26865e8c29ef939dc913a97bd321cadd72a9a..dbb7e5e2345ee26199ffba218156b6009016a20c
2022-05-18 17:23:47 -0300 to 2022-06-02 16:30:51 -0300
- Fix typo in Traits → "impl Trait" (rust-lang/rust-by-example#1544)
- doc_testing.md: clarify tests vs doc-tests (rust-lang/rust-by-example#1547)
- unsafe::asm.md: add some explicit declarations (rust-lang/rust-by-example#1548)
- Update dsl.md to remove unnecessary braces (rust-lang/rust-by-example#1543)

## rustc-dev-guide

6 commits in 554c00e..6e4d643
2022-05-24 17:15:35 -0700 to 2022-06-08 08:06:32 +0900
- Make build scripts and proc macros work with the suggested rust-analyzer config (rust-lang/rustc-dev-guide#1365)
- improve rustc_interface examples a little (rust-lang/rustc-dev-guide#1362)
- Bump regex from 1.4.3 to 1.5.5 in /ci/date-check (rust-lang/rustc-dev-guide#1364)
- Clarify cargo fallback behavior for rustup link (rust-lang/rustc-dev-guide#1273)
- Update rustc-driver related examples
- Triage some date references related to traits

## embedded-book

1 commits in f7cefbb995eec8c6148f213235e9e2e03268e775..cbb494f96da3268c2925bdadc65ca83d42f2d4ef
2022-04-20 10:38:51 +0000 to 2022-05-26 06:58:43 +0000
- Add Chinese translation repository  (rust-embedded/book#318)
matthiaskrgr added a commit to matthiaskrgr/rust that referenced this pull request Jun 8, 2022
Update books

## nomicon

5 commits in 10d40c59a581c66d8ecd29ad18d410bf97ed524d..3a43983b76174342b7dbd3e12ea2c49f762e52be
2022-05-07 10:45:07 +0900 to 2022-05-30 17:01:30 +0900
- Changes for `c_unwind` (rust-lang/nomicon#365)
- Upgrade actions/checkout to v3 (rust-lang/nomicon#367)
- Clarification of borrowck (rust-lang/nomicon#354)
- Update the now stale warning about `PhantomData&lt;T&gt;` and dropck (rust-lang/nomicon#363)
- Minor language fixes (rust-lang/nomicon#364)

## reference

1 commits in b74825d8f88b685e239ade00f00de68ba4cd63d4..683bfe5cd64d589c6a1645312ab5f93b6385ccbb
2022-05-20 14:30:30 -0700 to 2022-05-27 11:54:20 -0700
- Reflect changes about unsizing casts in const context (rust-lang/reference#1221)

## book

58 commits in b4dd5f00b87190ad5ef42cbc2a88a783c6ae57ef..396fdb69de7fb18f24b15c7ad13491b1c1fa7231
2022-05-24 21:37:06 -0400 to 2022-06-08 10:02:35 -0400
- Make not-equals operator example consistent. Fixes rust-lang/book#3189.
- Propagate nostarch appendix edits to src
- Edits to edits to appendices
- Edits from nostarch for the appendices
- Propagate edits to chapter 20 to src
- Edits to edits of chapter 20
- Update reference to chapter 12 code that was changed
- Edits from nostarch to chapter 20
- Fix spelling mistake
- Propagate ch17 tech review changes to src
- Responses to tech review for ch17
- Chapter 17 tech review comments
- Update dependencies via `cargo update`
- Propagate changes from ch16 tech review to src
- Tech review comments and responses for chapter 16
- Println captures in chapter 15
- Propagate chapter 15 tech review edits to src
- Responses to tech review for chapter 15
- Tech review comments for chapter 15
- Merge branch 'ch14-tr'
- Upgrade to Rust 1.61
- Upgrade to Rust 1.60
- More little improvements to chapter 12
- Update references to ch12 to be Config::build instead of new
- Propagate ch12 tech review edits to src
- Responses to tech review of chapter 12
- Tech review comments of chapter 12
- Show directory layouts including integration test files
- Clarify that integration/doc tests aren't run if unit tests fail
- Propagate ch11 tech review edits to src
- Edits in response to tech review of chapter 11
- Comments from tech review in chapter 11
- Propagate other edits to nostarch
- Adjust listing so error output line numbers match
- Merge remote-tracking branch 'origin/pr/3153' into ch10-tr
- Reword a rewording about lifetimes of values vs references
- Merge remote-tracking branch 'origin/pr/3107' into ch10-tr
- Merge remote-tracking branch 'origin/pr/3104' into ch10-tr
- Propagate ch10 edits to src
- Edits in response to tech review
- Comments from tech review for chapter 10
- New dictionary entries
- Demonstrate a better expect message. Fixes rust-lang/book#2918.
- Propagate tech review ch9 edits to src
- Termination has stabilized! Fixes rust-lang/book#3116.
- Respond to tech review comments to chapter 9
- Comments from tech review on chapter 9
- Propagate changes for ch8 to src
- Clarify that split_whitespace returns an iterator
- Add type annotation in nostarch snapshot too
- Extra-clarity qualification
- Edits to chapter 8 in response to tech review
- Comments from tech review for chapter 8
- Propagate tech review edits to ch06 src
- Responses to tech review comments on chapter 6
- Chapter 6 after tech review
- Snapshot of chapter 1 for nostarch
- src: use TLSv1.3 if we're going to specify at all

## rust-by-example

4 commits in 2ed26865e8c29ef939dc913a97bd321cadd72a9a..dbb7e5e2345ee26199ffba218156b6009016a20c
2022-05-18 17:23:47 -0300 to 2022-06-02 16:30:51 -0300
- Fix typo in Traits → "impl Trait" (rust-lang/rust-by-example#1544)
- doc_testing.md: clarify tests vs doc-tests (rust-lang/rust-by-example#1547)
- unsafe::asm.md: add some explicit declarations (rust-lang/rust-by-example#1548)
- Update dsl.md to remove unnecessary braces (rust-lang/rust-by-example#1543)

## rustc-dev-guide

6 commits in 554c00e..6e4d643
2022-05-24 17:15:35 -0700 to 2022-06-08 08:06:32 +0900
- Make build scripts and proc macros work with the suggested rust-analyzer config (rust-lang/rustc-dev-guide#1365)
- improve rustc_interface examples a little (rust-lang/rustc-dev-guide#1362)
- Bump regex from 1.4.3 to 1.5.5 in /ci/date-check (rust-lang/rustc-dev-guide#1364)
- Clarify cargo fallback behavior for rustup link (rust-lang/rustc-dev-guide#1273)
- Update rustc-driver related examples
- Triage some date references related to traits

## embedded-book

1 commits in f7cefbb995eec8c6148f213235e9e2e03268e775..cbb494f96da3268c2925bdadc65ca83d42f2d4ef
2022-04-20 10:38:51 +0000 to 2022-05-26 06:58:43 +0000
- Add Chinese translation repository  (rust-embedded/book#318)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants