build(deps): bump the cargo group across 1 directory with 3 updates#148
build(deps): bump the cargo group across 1 directory with 3 updates#148dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the cargo group with 3 updates in the / directory: [rkyv](https://github.com/rkyv/rkyv), [rand](https://github.com/rust-random/rand) and [rustls-webpki](https://github.com/rustls/webpki). Updates `rkyv` from 0.8.15 to 0.8.16 - [Release notes](https://github.com/rkyv/rkyv/releases) - [Commits](rkyv/rkyv@0.8.15...0.8.16) Updates `rand` from 0.10.0 to 0.10.1 - [Release notes](https://github.com/rust-random/rand/releases) - [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md) - [Commits](rust-random/rand@0.10.0...0.10.1) Updates `rustls-webpki` from 0.103.10 to 0.103.13 - [Release notes](https://github.com/rustls/webpki/releases) - [Commits](rustls/webpki@v/0.103.10...v/0.103.13) --- updated-dependencies: - dependency-name: rkyv dependency-version: 0.8.16 dependency-type: direct:production dependency-group: cargo - dependency-name: rand dependency-version: 0.10.1 dependency-type: direct:production dependency-group: cargo - dependency-name: rustls-webpki dependency-version: 0.103.13 dependency-type: indirect dependency-group: cargo ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: a48890728e
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| "rayon", | ||
| "ring", | ||
| "rkyv 0.8.15", | ||
| "rkyv 0.8.16", |
There was a problem hiding this comment.
Regenerate Buck metadata for the rkyv bump
This Cargo lock update moves the Cargo build to rkyv 0.8.16, but the Buck2 build path is still pinned to the old vendored crate: BUCK still depends on //third-party/rust/crates/rkyv/0.8.15:rkyv, and buckal.snap still records rkyv@0.8.15/hashbrown@0.16.1 with no 0.8.16/0.17.1 entries. Since this repo's PR/build docs require buck2 build //:git_internal via generated Buck metadata, production Buck builds will continue compiling 0.8.15 and miss this dependency update unless cargo buckal migrate (or equivalent vendored metadata regeneration) is included.
Useful? React with 👍 / 👎.
|
Dependabot attempted to update this pull request, but because the branch |
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
Bumps the cargo group with 3 updates in the / directory: rkyv, rand and rustls-webpki.
Updates
rkyvfrom 0.8.15 to 0.8.16Commits
47ebe03Release 0.8.165828cf5Hardenclear()impls against panicking drops7f93b33Remove unnecessaryOrdbound on MapKV impl71eb72aFix hashbrown-0_16 impl, update features lists7f18f92Update to hashbrown 0.17 (#659)d3c20a8feat: implementNoUndeffor[T]whereT: NoUndef. (#656)985b023Fix compilation for 32-bit systems using 64-bit pointers18941fbAddinto_partsandfrom_partsforAlignedVec(#653)Updates
randfrom 0.10.0 to 0.10.1Changelog
Sourced from rand's changelog.
Commits
27ff4cbPrepare v0.10.1: deprecate featurelog(#1763)98d0638make_rng: document panic and add #[track_caller] (#1761)54e5eaaFix doc error (#1758)1ce4c08Bump itoa from 1.0.17 to 1.0.18 in the all-deps group (#1756)ccb734bdocs: fix typo in doc comment (#1754)357eb7dBump libc from 0.2.182 to 0.2.183 in the all-deps group (#1753)5e77fe5Fix trait references in documentation (#1752)da89185Bump the all-deps group with 3 updates (#1751)50516ffBump the all-deps group with 2 updates (#1749)fd71de9Bump the all-deps group with 2 updates (#1747)Updates
rustls-webpkifrom 0.103.10 to 0.103.13Release notes
Sourced from rustls-webpki's releases.
Commits
2879b2cPrepare 0.103.132c49773Improve tests for padding ofBitStringFlags4e3c0b3Correct validation of BIT STRING constraints39c91d2Actually fail closed for URI matching against excluded subtrees27131d4Bump version to 0.103.126ecb876Clean up stuttery enum variant names318b3e6Ignore wildcard labels when matching name constraints1219622Rewrite constraint matching to avoid permissive catch-all branch57bc62cBump version to 0.103.11d0fa01eAllow parsing trust anchors with unknown criticial extensionsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.