You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@teaclave.apache.org by "dependabot[bot]" <no...@github.com.INVALID> on 2022/10/18 03:21:27 UTC
[apache/incubator-teaclave] Bump regex from 1.5.4 to 1.6.0 in /examples/rust/builtin_echo (PR #659)
Bumps [regex](https://github.com/rust-lang/regex) from 1.5.4 to 1.6.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p>
<blockquote>
<h1>1.6.0 (2022-07-05)</h1>
<p>This release principally includes an upgrade to Unicode 14.</p>
<p>New features:</p>
<ul>
<li>[FEATURE <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/832">#832</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/pull/832">rust-lang/regex#832</a>):
Clarify that <code>Captures::len</code> includes all groups, not just matching groups.</li>
<li>[FEATURE <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/857">#857</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/pull/857">rust-lang/regex#857</a>):
Add an <code>ExactSizeIterator</code> impl for <code>SubCaptureMatches</code>.</li>
<li>[FEATURE <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/861">#861</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/pull/861">rust-lang/regex#861</a>):
Improve <code>RegexSet</code> documentation examples.</li>
<li>[FEATURE <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/877">#877</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/877">rust-lang/regex#877</a>):
Upgrade to Unicode 14.</li>
</ul>
<p>Bug fixes:</p>
<ul>
<li>[BUG <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/792">#792</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/792">rust-lang/regex#792</a>):
Fix error message rendering bug.</li>
</ul>
<h1>1.5.6 (2022-05-20)</h1>
<p>This release includes a few bug fixes, including a bug that produced incorrect
matches when a non-greedy <code>?</code> operator was used.</p>
<ul>
<li>[BUG <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/680">#680</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/680">rust-lang/regex#680</a>):
Fixes a bug where <code>[[:alnum:][:^ascii:]]</code> dropped <code>[:alnum:]</code> from the class.</li>
<li>[BUG <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/859">#859</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/859">rust-lang/regex#859</a>):
Fixes a bug where <code>Hir::is_match_empty</code> returned <code>false</code> for <code>\b</code>.</li>
<li>[BUG <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/862">#862</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/862">rust-lang/regex#862</a>):
Fixes a bug where 'ab??' matches 'ab' instead of 'a' in 'ab'.</li>
</ul>
<h1>1.5.5 (2022-03-08)</h1>
<p>This releases fixes a security bug in the regex compiler. This bug permits a
vector for a denial-of-service attack in cases where the regex being compiled
is untrusted. There are no known problems where the regex is itself trusted,
including in cases of untrusted haystacks.</p>
<ul>
<li><a href="https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8">SECURITY #GHSA-m5pq-gvj9-9vr8</a>:
Fixes a bug in the regex compiler where empty sub-expressions subverted the
existing mitigations in place to enforce a size limit on compiled regexes.
The Rust Security Response WG published an advisory about this:
<a href="https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw">https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/rust-lang/regex/commit/fc9ee6a249f2d594713c16b1646670924b33334d"><code>fc9ee6a</code></a> 1.6.0</li>
<li><a href="https://github.com/rust-lang/regex/commit/8ddc8ece4bd3ca4cdd068c6895f44fd57b682951"><code>8ddc8ec</code></a> deps: bump regex-syntax to 0.6.27</li>
<li><a href="https://github.com/rust-lang/regex/commit/8c0eccd0c6e775eae8a258d6bd43aca2e5ff92e5"><code>8c0eccd</code></a> regex-syntax-0.6.27</li>
<li><a href="https://github.com/rust-lang/regex/commit/dee5c25d8e4f030182bf61ca56b8819ae0c2f7f2"><code>dee5c25</code></a> changelog: 1.6.0</li>
<li><a href="https://github.com/rust-lang/regex/commit/9ca3099037dcb2faf1b49e6493f4c758532f2da1"><code>9ca3099</code></a> regex: fix clippy lints up to rust 1.41.1</li>
<li><a href="https://github.com/rust-lang/regex/commit/de838287bb9ebd554c078ee75a8e69a59f6e3820"><code>de83828</code></a> syntax: fix clippy lints up to rust 1.41.1</li>
<li><a href="https://github.com/rust-lang/regex/commit/b87cd88476a0eb4c0187321a6ab42c7644531b67"><code>b87cd88</code></a> syntax: include only the start of the character class on error</li>
<li><a href="https://github.com/rust-lang/regex/commit/9d1478cfb5616a4f289c015fffaf7f6228b72b56"><code>9d1478c</code></a> doc: fix typos</li>
<li><a href="https://github.com/rust-lang/regex/commit/7d21662735ffdf585ca6bff773d997fe44a4f868"><code>7d21662</code></a> doc: clarify Captures::len includes non-matching captures</li>
<li><a href="https://github.com/rust-lang/regex/commit/5e98788947b28da3da27f4e156b877eb0cb1593e"><code>5e98788</code></a> perf: use is_match_at instead of shortest_match_at</li>
<li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/1.5.4...1.6.0">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=cargo&previous-version=1.5.4&new-version=1.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/incubator-teaclave/network/alerts).
</details>
You can view, comment on, or merge this pull request online at:
https://github.com/apache/incubator-teaclave/pull/659
-- Commit Summary --
* Bump regex from 1.5.4 to 1.6.0 in /examples/rust/builtin_echo
-- File Changes --
M examples/rust/builtin_echo/Cargo.lock (10)
-- Patch Links --
https://github.com/apache/incubator-teaclave/pull/659.patch
https://github.com/apache/incubator-teaclave/pull/659.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/pull/659
You are receiving this because you are subscribed to this thread.
Message ID: <apache/incubator-teaclave/pull/659@github.com>
Re: [apache/incubator-teaclave] Bump regex from 1.5.4 to 1.6.0 in /examples/rust/builtin_echo (PR #659)
Posted by Mingshen Sun <no...@github.com.INVALID>.
Merged #659 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/pull/659#event-7617702334
You are receiving this because you are subscribed to this thread.
Message ID: <ap...@github.com>
Re: [apache/incubator-teaclave] Bump regex from 1.5.4 to 1.6.0 in /examples/rust/builtin_echo (PR #659)
Posted by Mingshen Sun <no...@github.com.INVALID>.
@dependabot rebase?
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/pull/659#issuecomment-1281824533
You are receiving this because you are subscribed to this thread.
Message ID: <ap...@github.com>