Quoting DATABASE_URL content variable prevents an issue from the command
export. In case of a string (i.e. password) with given characters (i.e.
'('), it can make the command fail. Quoting it prevents that from
happening.
The issue happened on MacOS with an M1 chip.
Bumps [regex](https://github.com/rust-lang/regex) from 1.8.3 to 1.8.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's
changelog</a>.</em></p>
<blockquote>
<h1>1.8.4 (2023-06-05)</h1>
<p>This is a patch release that fixes a bug where <code>(?-u:\B)</code>
was allowed in
Unicode regexes, despite the fact that the current matching engines can
report
match offsets between the code units of a single UTF-8 encoded
codepoint. That
in turn means that match offsets that split a codepoint could be
reported,
which in turn results in panicking when one uses them to slice a
<code>&str</code>.</p>
<p>This bug occurred in the transition to <code>regex 1.8</code> because
the underlying
syntactical error that prevented this regex from compiling was
intentionally
removed. That's because <code>(?-u:\B)</code> will be permitted in
Unicode regexes in
<code>regex 1.9</code>, but the matching engines will guarantee to never
report match
offsets that split a codepoint. When the underlying syntactical error
was
removed, no code was added to ensure that <code>(?-u:\B)</code> didn't
compile in the
<code>regex 1.8</code> transition release. This release, <code>regex
1.8.4</code>, adds that code
such that <code>Regex::new(r"(?-u:\B)")</code> returns to the
<code>regex <1.8</code> behavior of
not compiling. (A <code>bytes::Regex</code> can still of course compile
it.)</p>
<p>Bug fixes:</p>
<ul>
<li>[BUG <a
href="https://redirect.github.com/rust-lang/regex/issues/1006">#1006</a>](<a
href="https://redirect.github.com/rust-lang/regex/issues/1006">rust-lang/regex#1006</a>):
Fix a bug where <code>(?-u:\B)</code> was allowed in Unicode regexes,
and in turn could
lead to match offsets that split a codepoint in
<code>&str</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5a34a39b72"><code>5a34a39</code></a>
1.8.4</li>
<li><a
href="407f6d3254"><code>407f6d3</code></a>
changelog: 1.8.4</li>
<li><a
href="b2ca9c16da"><code>b2ca9c1</code></a>
compile: make Regex::new(r"(?-u:\B)") fail again</li>
<li>See full diff in <a
href="https://github.com/rust-lang/regex/compare/1.8.3...1.8.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [clap](https://github.com/clap-rs/clap) from 4.3.1 to 4.3.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.2</h2>
<h2>[4.3.2] - 2023-06-05</h2>
<h3>Fixes</h3>
<ul>
<li><em>(derive)</em> Don't produce <code>unused_equalifications</code>
warnings when someone brings a clap type into scope</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.3.2] - 2023-06-05</h2>
<h3>Fixes</h3>
<ul>
<li><em>(derive)</em> Don't produce <code>unused_equalifications</code>
warnings when someone brings a clap type into scope</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="475e254d25"><code>475e254</code></a>
chore: Release</li>
<li><a
href="75e2060f05"><code>75e2060</code></a>
docs: Update changelog</li>
<li><a
href="468ab556a6"><code>468ab55</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4952">#4952</a>
from epage/derive</li>
<li><a
href="103ae5cf62"><code>103ae5c</code></a>
fix(derive): Don't warn when people bring types into scope</li>
<li><a
href="5661b6b508"><code>5661b6b</code></a>
style: Remove unused mut</li>
<li><a
href="e7729d1282"><code>e7729d1</code></a>
fix(derive): Mark all impls as automatically derived</li>
<li>See full diff in <a
href="https://github.com/clap-rs/clap/compare/clap_complete-v4.3.1...v4.3.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Broke up martin-mbtiles into multiple files
* Made all mbtiles functions take a `SqliteExecutor` -- this way they
can be used with any SQLX connection structs - either a pool connection
or an individual non-pooled connection.
* Simplified mbtiles bin a bit - I realized there is really no need to
pretty print the output for the single value retrieval. Easier to just
dump it to console as is.
* Bump martin-mbtiles to v0.2.0
* Minor fixes in tools docs, cargo.toml, and justfile
* MBTiles tool Integration tests and release publishing
Major thanks to the
[stackoverflow](https://stackoverflow.com/questions/76394665/how-to-pass-sqlx-connection-a-mut-trait-as-a-fn-parameter-in-rust/76395111)
quick reply by @cafce25 on how to use generic sql executor!
* Add functionality to retrieve a metadata value in an mbtiles file by
key; simple implementation for one of the items in #667
* Also, disable TTY in docker-up `just` target
- [x] add slack chat icon
- [x] merging maplibre/leaflet/mapbox demos into `using with clients`
- [x] cut off a lot contents
- [x] downgrade contents from h1 to h2
- [x] remove TOC .[GitHub will now automatically generate a table of
contents in the header when there are 2 or more
headings](https://github.blog/changelog/2021-04-13-table-of-contents-support-in-markdown-files/)
- [x] add link to the book in readme
---------
Co-authored-by: Yuri Astrakhan <yuriastrakhan@gmail.com>
Bumps [ctor](https://github.com/mmastrac/rust-ctor) from 0.2.1 to 0.2.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/mmastrac/rust-ctor/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to
4.17.21.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f299b52f39"><code>f299b52</code></a>
Bump to v4.17.21</li>
<li><a
href="c4847ebe7d"><code>c4847eb</code></a>
Improve performance of <code>toNumber</code>, <code>trim</code> and
<code>trimEnd</code> on large input strings</li>
<li><a
href="3469357cff"><code>3469357</code></a>
Prevent command injection through <code>_.template</code>'s
<code>variable</code> option</li>
<li><a
href="ded9bc6658"><code>ded9bc6</code></a>
Bump to v4.17.20.</li>
<li><a
href="63150ef764"><code>63150ef</code></a>
Documentation fixes.</li>
<li><a
href="00f0f62a97"><code>00f0f62</code></a>
test.js: Remove trailing comma.</li>
<li><a
href="846e434c7a"><code>846e434</code></a>
Temporarily use a custom fork of <code>lodash-cli</code>.</li>
<li><a
href="5d046f39cb"><code>5d046f3</code></a>
Re-enable Travis tests on <code>4.17</code> branch.</li>
<li><a
href="aa816b36d4"><code>aa816b3</code></a>
Remove <code>/npm-package</code>.</li>
<li><a
href="d7fbc52ee0"><code>d7fbc52</code></a>
Bump to v4.17.19</li>
<li>Additional commits viewable in <a
href="https://github.com/lodash/lodash/compare/4.17.11...4.17.21">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for
lodash since your current version.</p>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/martin/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [kind-of](https://github.com/jonschlinkert/kind-of) from 6.0.2 to
6.0.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jonschlinkert/kind-of/blob/master/CHANGELOG.md">kind-of's
changelog</a>.</em></p>
<blockquote>
<h2>[6.0.3] - 2020-01-16</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/31">#31</a>
for issue <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/30">#30</a></li>
</ul>
<h2>[6.0.0] - 2017-10-13</h2>
<ul>
<li>refactor code to be more performant</li>
<li>refactor benchmarks</li>
</ul>
<h2>[5.1.0] - 2017-10-13</h2>
<p><strong>Added</strong></p>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/15">#15</a>
from aretecode/patch-1</li>
<li>adds support and tests for string & array iterators</li>
</ul>
<p><strong>Changed</strong></p>
<ul>
<li>updates benchmarks</li>
</ul>
<h2>[5.0.2] - 2017-08-02</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/14">#14</a>
from struct78/master</li>
<li>Added <code>undefined</code> check</li>
</ul>
<h2>[5.0.0] - 2017-06-21</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/12">#12</a>
from aretecode/iterator</li>
<li>Set Iterator + Map Iterator</li>
<li>streamline <code>isbuffer</code>, minor edits</li>
</ul>
<h2>[4.0.0] - 2017-05-19</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/8">#8</a>
from tunnckoCore/master</li>
<li>update deps</li>
</ul>
<h2>[3.2.2] - 2017-05-16</h2>
<ul>
<li>fix version</li>
</ul>
<h2>[3.2.1] - 2017-05-16</h2>
<ul>
<li>add browserify</li>
</ul>
<h2>[3.2.0] - 2017-04-25</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/10">#10</a>
from ksheedlo/unrequire-buffer</li>
<li>add <code>promise</code> support and tests</li>
<li>Remove unnecessary <code>Buffer</code> check</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="abab085d65"><code>abab085</code></a>
6.0.3</li>
<li><a
href="a18459cd92"><code>a18459c</code></a>
run verb to generate README documentation</li>
<li><a
href="dc6bea5c4e"><code>dc6bea5</code></a>
only need to check <code>typeof val.constructor</code></li>
<li><a
href="1df992ce6d"><code>1df992c</code></a>
Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/31">#31</a>
from xiaofen9/master</li>
<li><a
href="975c13a7cf"><code>975c13a</code></a>
fix type checking vul in ctorName</li>
<li><a
href="4da96c0047"><code>4da96c0</code></a>
Delete FUNDING.yml</li>
<li><a
href="28266f233a"><code>28266f2</code></a>
Create FUNDING.yml</li>
<li>See full diff in <a
href="https://github.com/jonschlinkert/kind-of/compare/6.0.2...6.0.3">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for
kind-of since your current version.</p>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/martin/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [regex](https://github.com/rust-lang/regex) from 1.8.2 to 1.8.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's
changelog</a>.</em></p>
<blockquote>
<h1>1.8.3 (2023-05-25)</h1>
<p>This is a patch release that fixes a bug where the regex would report
a
match at every position even when it shouldn't. This could occur in a
very
small subset of regexes, usually an alternation of simple literals that
have particular properties. (See the issue linked below for a more
precise
description.)</p>
<p>Bug fixes:</p>
<ul>
<li>[BUG <a
href="https://redirect.github.com/rust-lang/regex/issues/999">#999</a>](<a
href="https://redirect.github.com/rust-lang/regex/issues/999">rust-lang/regex#999</a>):
Fix a bug where a match at every position is erroneously reported.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a1a9ebe707"><code>a1a9ebe</code></a>
1.8.3</li>
<li><a
href="710222d717"><code>710222d</code></a>
changelog: 1.8.3</li>
<li><a
href="40d883d405"><code>40d883d</code></a>
bug: fix complete literal optimization issue</li>
<li><a
href="d555d6122d"><code>d555d61</code></a>
fuzz: don't run on big haystacks</li>
<li><a
href="8afffabb86"><code>8afffab</code></a>
fuzz: OSS-fuzz build scripts into this repo</li>
<li>See full diff in <a
href="https://github.com/rust-lang/regex/compare/1.8.2...1.8.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
