Bumps [kind-of](https://github.com/jonschlinkert/kind-of) from 6.0.2 to
6.0.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jonschlinkert/kind-of/blob/master/CHANGELOG.md">kind-of's
changelog</a>.</em></p>
<blockquote>
<h2>[6.0.3] - 2020-01-16</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/31">#31</a>
for issue <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/30">#30</a></li>
</ul>
<h2>[6.0.0] - 2017-10-13</h2>
<ul>
<li>refactor code to be more performant</li>
<li>refactor benchmarks</li>
</ul>
<h2>[5.1.0] - 2017-10-13</h2>
<p><strong>Added</strong></p>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/15">#15</a>
from aretecode/patch-1</li>
<li>adds support and tests for string & array iterators</li>
</ul>
<p><strong>Changed</strong></p>
<ul>
<li>updates benchmarks</li>
</ul>
<h2>[5.0.2] - 2017-08-02</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/14">#14</a>
from struct78/master</li>
<li>Added <code>undefined</code> check</li>
</ul>
<h2>[5.0.0] - 2017-06-21</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/12">#12</a>
from aretecode/iterator</li>
<li>Set Iterator + Map Iterator</li>
<li>streamline <code>isbuffer</code>, minor edits</li>
</ul>
<h2>[4.0.0] - 2017-05-19</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/8">#8</a>
from tunnckoCore/master</li>
<li>update deps</li>
</ul>
<h2>[3.2.2] - 2017-05-16</h2>
<ul>
<li>fix version</li>
</ul>
<h2>[3.2.1] - 2017-05-16</h2>
<ul>
<li>add browserify</li>
</ul>
<h2>[3.2.0] - 2017-04-25</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/10">#10</a>
from ksheedlo/unrequire-buffer</li>
<li>add <code>promise</code> support and tests</li>
<li>Remove unnecessary <code>Buffer</code> check</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="abab085d65"><code>abab085</code></a>
6.0.3</li>
<li><a
href="a18459cd92"><code>a18459c</code></a>
run verb to generate README documentation</li>
<li><a
href="dc6bea5c4e"><code>dc6bea5</code></a>
only need to check <code>typeof val.constructor</code></li>
<li><a
href="1df992ce6d"><code>1df992c</code></a>
Merge pull request <a
href="https://redirect.github.com/jonschlinkert/kind-of/issues/31">#31</a>
from xiaofen9/master</li>
<li><a
href="975c13a7cf"><code>975c13a</code></a>
fix type checking vul in ctorName</li>
<li><a
href="4da96c0047"><code>4da96c0</code></a>
Delete FUNDING.yml</li>
<li><a
href="28266f233a"><code>28266f2</code></a>
Create FUNDING.yml</li>
<li>See full diff in <a
href="https://github.com/jonschlinkert/kind-of/compare/6.0.2...6.0.3">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for
kind-of since your current version.</p>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=kind-of&package-manager=npm_and_yarn&previous-version=6.0.2&new-version=6.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/martin/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [regex](https://github.com/rust-lang/regex) from 1.8.2 to 1.8.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's
changelog</a>.</em></p>
<blockquote>
<h1>1.8.3 (2023-05-25)</h1>
<p>This is a patch release that fixes a bug where the regex would report
a
match at every position even when it shouldn't. This could occur in a
very
small subset of regexes, usually an alternation of simple literals that
have particular properties. (See the issue linked below for a more
precise
description.)</p>
<p>Bug fixes:</p>
<ul>
<li>[BUG <a
href="https://redirect.github.com/rust-lang/regex/issues/999">#999</a>](<a
href="https://redirect.github.com/rust-lang/regex/issues/999">rust-lang/regex#999</a>):
Fix a bug where a match at every position is erroneously reported.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a1a9ebe707"><code>a1a9ebe</code></a>
1.8.3</li>
<li><a
href="710222d717"><code>710222d</code></a>
changelog: 1.8.3</li>
<li><a
href="40d883d405"><code>40d883d</code></a>
bug: fix complete literal optimization issue</li>
<li><a
href="d555d6122d"><code>d555d61</code></a>
fuzz: don't run on big haystacks</li>
<li><a
href="8afffabb86"><code>8afffab</code></a>
fuzz: OSS-fuzz build scripts into this repo</li>
<li>See full diff in <a
href="https://github.com/rust-lang/regex/compare/1.8.2...1.8.3">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=cargo&previous-version=1.8.2&new-version=1.8.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [criterion](https://github.com/bheisler/criterion.rs) from 0.4.0
to 0.5.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/bheisler/criterion.rs/blob/master/CHANGELOG.md">criterion's
changelog</a>.</em></p>
<blockquote>
<h2>[0.5.0] - 2023-05-23</h2>
<h3>Changed</h3>
<ul>
<li>Replaced lazy_static dependency with once_cell</li>
<li>Improved documentation of the <code>html_reports</code> feature</li>
<li>Replaced atty dependency with is-terminal</li>
<li>MSRV bumped to 1.64</li>
<li>Upgraded clap dependency to v4</li>
<li>Upgraded tempfile dependency to v3.5.0</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Quick mode (<code>--quick</code>) no longer outputs 1ms for measured
times over 5 seconds</li>
<li>Documentation updates</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4a560cb8d8"><code>4a560cb</code></a>
release version 0.5 (<a
href="https://redirect.github.com/bheisler/criterion.rs/issues/683">#683</a>)</li>
<li><a
href="3e2849ebf8"><code>3e2849e</code></a>
Post v0.4 CHANGELOG updates (<a
href="https://redirect.github.com/bheisler/criterion.rs/issues/680">#680</a>)</li>
<li><a
href="637010e50d"><code>637010e</code></a>
Bump clap to version 4 (<a
href="https://redirect.github.com/bheisler/criterion.rs/issues/679">#679</a>)</li>
<li><a
href="39d7e2f954"><code>39d7e2f</code></a>
Update to tempfile 3.5 (<a
href="https://redirect.github.com/bheisler/criterion.rs/issues/675">#675</a>)</li>
<li><a
href="8ab2752ccf"><code>8ab2752</code></a>
Fix typo in known_limitations.md (<a
href="https://redirect.github.com/bheisler/criterion.rs/issues/674">#674</a>)</li>
<li><a
href="a2112308ef"><code>a211230</code></a>
chore: replace atty with is-terminal (<a
href="https://redirect.github.com/bheisler/criterion.rs/issues/628">#628</a>)</li>
<li><a
href="a844eb226b"><code>a844eb2</code></a>
Bump MSRV to 1.60 for csv dependency (<a
href="https://redirect.github.com/bheisler/criterion.rs/issues/665">#665</a>)</li>
<li><a
href="2f53607378"><code>2f53607</code></a>
Use OR operator to specify multiple licenses (<a
href="https://redirect.github.com/bheisler/criterion.rs/issues/643">#643</a>)</li>
<li><a
href="86dcd7d323"><code>86dcd7d</code></a>
Fix bug where time over the maximum would be reported as 1ms in quick
mode. (...</li>
<li><a
href="2942aee124"><code>2942aee</code></a>
Remove unnecessary <code>pub</code> from example code (<a
href="https://redirect.github.com/bheisler/criterion.rs/issues/657">#657</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/bheisler/criterion.rs/compare/0.4.0...0.5.0">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=criterion&package-manager=cargo&previous-version=0.4.0&new-version=0.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [clap](https://github.com/clap-rs/clap) from 4.2.7 to 4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>[4.3.0] - 2023-05-19</h2>
<h3>Fixes</h3>
<ul>
<li><em>(assert)</em> Allow multiple, value-terminated, positional
arguments</li>
<li><em>(assert)</em> Clear up language on <code>last</code>
assertion</li>
<li><em>(parser)</em> Correctly assign values to arguments when using
multiple, value-termianted, positional arguments</li>
<li><em>(parser)</em> Ensure <code>value_terminator</code> has higher
precedence than <code>allow_hyphen_values</code></li>
<li><em>(help)</em> Only use next-line-help on subcommand list when
explicitly specified, not just with <code>--help</code></li>
<li><em>(help)</em> Correctly align possible values list</li>
<li><em>(help)</em> Don't waste code, vertical space in moving possible
value descriptions to next line</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.3.0] - 2023-05-19</h2>
<h3>Fixes</h3>
<ul>
<li><em>(assert)</em> Allow multiple, value-terminated, positional
arguments</li>
<li><em>(assert)</em> Clear up language on <code>last</code>
assertion</li>
<li><em>(parser)</em> Correctly assign values to arguments when using
multiple, value-termianted, positional arguments</li>
<li><em>(parser)</em> Ensure <code>value_terminator</code> has higher
precedence than <code>allow_hyphen_values</code></li>
<li><em>(help)</em> Only use next-line-help on subcommand list when
explicitly specified, not just with <code>--help</code></li>
<li><em>(help)</em> Correctly align possible values list</li>
<li><em>(help)</em> Don't waste code, vertical space in moving possible
value descriptions to next line</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9c3dc187cb"><code>9c3dc18</code></a>
chore: Release</li>
<li><a
href="077cf66fdc"><code>077cf66</code></a>
docs: Update changelog</li>
<li><a
href="5047bb40bd"><code>5047bb4</code></a>
chore: Release</li>
<li><a
href="22d3307727"><code>22d3307</code></a>
docs: Update changelog</li>
<li><a
href="fd63feb703"><code>fd63feb</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4926">#4926</a>
from epage/unsafe</li>
<li><a
href="3db3524943"><code>3db3524</code></a>
fix(lex)!: Remove unsafe safe method</li>
<li><a
href="8507a1dba3"><code>8507a1d</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4925">#4925</a>
from epage/term</li>
<li><a
href="a360fd8ac0"><code>a360fd8</code></a>
test(parser): Verify value terminator precedence</li>
<li><a
href="d5bea65711"><code>d5bea65</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4924">#4924</a>
from epage/term2</li>
<li><a
href="e1db168d69"><code>e1db168</code></a>
fix(parser): Ensure terminated positionals are assigned correctly</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/v4.2.7...clap_complete-v4.3.0">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.2.7&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- [ ] show lines and polygons
- [ ] show all layers regardless of their name
- [x] different color for each layer
- [x] make left sidebar resizable
- [x] add search box
- closes#536
This reverts commit c358ec53af, as well as
any other related changes to the docker github action.
It is clearly not working, while also not allowing us to build proper
releases quicker.
Several ways to fix:
* Use 3rd party CI service to just build multi-platform docker images
* Use cross-compilation wiht github actions
* (???)
See also #655, #603 and #505
Bumps [clap](https://github.com/clap-rs/clap) from 4.2.5 to 4.2.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.7</h2>
<h2>[4.2.7] - 2023-05-02</h2>
<h3>Fixes</h3>
<ul>
<li>Correctly track remaining length for iterators provided by
<code>ArgMatches</code></li>
</ul>
<h2>v4.2.6</h2>
<h2>[4.2.6] - 2023-05-02</h2>
<h3>Features</h3>
<ul>
<li><code>impl Eq<std::any::TypeId> for
clap_builder::util::AnyValueId</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.2.7] - 2023-05-02</h2>
<h3>Fixes</h3>
<ul>
<li>Correctly track remaining length for iterators provided by
<code>ArgMatches</code></li>
</ul>
<h2>[4.2.6] - 2023-05-02</h2>
<h3>Features</h3>
<ul>
<li><code>impl Eq<std::any::TypeId> for
clap_builder::util::AnyValueId</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="baaf5c64c1"><code>baaf5c6</code></a>
chore: Release</li>
<li><a
href="1e0d76b51f"><code>1e0d76b</code></a>
docs: Update changelog</li>
<li><a
href="7b40f43278"><code>7b40f43</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4875">#4875</a>
from epage/panic</li>
<li><a
href="937f1ed9c9"><code>937f1ed</code></a>
fix(parser): Update iterator sizes as we go</li>
<li><a
href="a7214540f6"><code>a721454</code></a>
chore: Release</li>
<li><a
href="4fec57764a"><code>4fec577</code></a>
docs: Update changelog</li>
<li><a
href="a2131aeaf6"><code>a2131ae</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4873">#4873</a>
from Molkars/master</li>
<li><a
href="be885673ab"><code>be88567</code></a>
docs(ref): Fix feature name</li>
<li><a
href="37507741c4"><code>3750774</code></a>
impl Eq<std::any::TypeId> for clap_builder::util::AnyValueId</li>
<li>See full diff in <a
href="https://github.com/clap-rs/clap/compare/v4.2.5...v4.2.7">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.2.5&new-version=4.2.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [flate2](https://github.com/rust-lang/flate2-rs) from 1.0.25 to
1.0.26.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/rust-lang/flate2-rs/commits">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=flate2&package-manager=cargo&previous-version=1.0.25&new-version=1.0.26)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [clap](https://github.com/clap-rs/clap) from 4.2.4 to 4.2.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.5</h2>
<h2>[4.2.5] - 2023-04-27</h2>
<h3>Fixes</h3>
<ul>
<li>Improve panic when a group requires a non-existent ID</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.2.5] - 2023-04-27</h2>
<h3>Fixes</h3>
<ul>
<li>Improve panic when a group requires a non-existent ID</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fa57ed3123"><code>fa57ed3</code></a>
chore: Release</li>
<li><a
href="9f6067f644"><code>9f6067f</code></a>
docs: Update changelog</li>
<li><a
href="9eaf8996a4"><code>9eaf899</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4867">#4867</a>
from epage/panic</li>
<li><a
href="6b23edc36a"><code>6b23edc</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4864">#4864</a>
from mattmadeofpasta/remove-redundant-test</li>
<li><a
href="185729a7dc"><code>185729a</code></a>
fix(builder): Assert earlier on bad requires/conflicts</li>
<li><a
href="e02644b9c2"><code>e02644b</code></a>
fix(usage): Provide more context in panic</li>
<li><a
href="296fec9186"><code>296fec9</code></a>
test(help): Remove redundant test</li>
<li><a
href="43591bc1ee"><code>43591bc</code></a>
chore: Release</li>
<li><a
href="9bda2ac8a0"><code>9bda2ac</code></a>
docs: Update changelog</li>
<li><a
href="c38b8ca66d"><code>c38b8ca</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4851">#4851</a>
from ClementTsang/update_mut_arg_docs</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/v4.2.4...v4.2.5">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.2.4&new-version=4.2.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [regex](https://github.com/rust-lang/regex) from 1.7.3 to 1.8.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's
changelog</a>.</em></p>
<blockquote>
<h1>1.8.1 (2023-04-21)</h1>
<p>This is a patch release that fixes a bug where a regex match could be
reported
where none was found. Specifically, the bug occurs when a pattern
contains some
literal prefixes that could be extracted <em>and</em> an optional word
boundary in the
prefix.</p>
<p>Bug fixes:</p>
<ul>
<li>[BUG <a
href="https://redirect.github.com/rust-lang/regex/issues/981">#981</a>](<a
href="https://redirect.github.com/rust-lang/regex/issues/981">rust-lang/regex#981</a>):
Fix a bug where a word boundary could interact with prefix literal
optimizations and lead to a false positive match.</li>
</ul>
<h1>1.8.0 (2023-04-20)</h1>
<p>This is a sizeable release that will be soon followed by another
sizeable
release. Both of them will combined close over 40 existing issues and
PRs.</p>
<p>This first release, despite its size, essentially represent
preparatory work
for the second release, which will be even bigger. Namely, this
release:</p>
<ul>
<li>Increases the MSRV to Rust 1.60.0, which was released about 1 year
ago.</li>
<li>Upgrades its dependency on <code>aho-corasick</code> to the recently
release 1.0
version.</li>
<li>Upgrades its dependency on <code>regex-syntax</code> to the
simultaneously released
<code>0.7</code> version. The changes to <code>regex-syntax</code>
principally revolve around a
rewrite of its literal extraction code and a number of simplifications
and
optimizations to its high-level intermediate representation (HIR).</li>
</ul>
<p>The second release, which will follow ~shortly after the release
above, will
contain a soup-to-nuts rewrite of every regex engine. This will be done
by
bringing <a
href="https://github.com/BurntSushi/regex-automata"><code>regex-automata</code></a>
into
this repository, and then changing the <code>regex</code> crate to be
nothing but an API
shim layer on top of <code>regex-automata</code>'s API.</p>
<p>These tandem releases are the culmination of about 3
years of on-and-off work that <a
href="https://redirect.github.com/rust-lang/regex/issues/656">began in
earnest in March
2020</a>.</p>
<p>Because of the scale of changes involved in these releases, I would
love to
hear about your experience. Especially if you notice undocumented
changes in
behavior or performance changes (positive <em>or</em> negative).</p>
<p>Most changes in the first release are listed below. For more details,
please
see the commit log, which reflects a linear and decently documented
history
of all changes.</p>
<p>New features:</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4e29fceace"><code>4e29fce</code></a>
1.8.1</li>
<li><a
href="8a7cb645cf"><code>8a7cb64</code></a>
deps: bump regex-syntax to 0.7.1</li>
<li><a
href="31c845296c"><code>31c8452</code></a>
regex-syntax-0.7.1</li>
<li><a
href="960aadeba0"><code>960aade</code></a>
changelog: 1.8.1</li>
<li><a
href="f003d72578"><code>f003d72</code></a>
impl: fix prefix literal matching bug</li>
<li><a
href="93316a3b1a"><code>93316a3</code></a>
doc: update MSRV in README</li>
<li><a
href="070374f287"><code>070374f</code></a>
release: 1.8.0</li>
<li><a
href="a73c61cecb"><code>a73c61c</code></a>
fuzz: get rid of 'named-profiles' feature</li>
<li><a
href="7cd75d22b5"><code>7cd75d2</code></a>
changelog: tweaks to 1.8 release entry</li>
<li><a
href="33898de870"><code>33898de</code></a>
syntax: fix bug in new alternation literal analysis</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-lang/regex/compare/1.7.3...1.8.1">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=cargo&previous-version=1.7.3&new-version=1.8.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [clap](https://github.com/clap-rs/clap) from 4.2.3 to 4.2.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.4</h2>
<h2>[4.2.4] - 2023-04-19</h2>
<h3>Documentation</h3>
<ul>
<li>Corrected docs for <code>Command::style</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.2.4] - 2023-04-19</h2>
<h3>Documentation</h3>
<ul>
<li>Corrected docs for <code>Command::style</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="60c8c3fc31"><code>60c8c3f</code></a>
chore: Release</li>
<li><a
href="e9b4c4769e"><code>e9b4c47</code></a>
docs: Update changelog</li>
<li><a
href="e429a9e98b"><code>e429a9e</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4845">#4845</a>
from epage/color</li>
<li><a
href="1ca073f212"><code>1ca073f</code></a>
docs(help): Fill in styles docs</li>
<li><a
href="6d5aaae5a9"><code>6d5aaae</code></a>
feat(help): Allow access to current Styles</li>
<li>See full diff in <a
href="https://github.com/clap-rs/clap/compare/v4.2.3...v4.2.4">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.2.3&new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [clap](https://github.com/clap-rs/clap) from 4.2.2 to 4.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.3</h2>
<h2>[4.2.3] - 2023-04-18</h2>
<h3>Features</h3>
<ul>
<li><code>Command::styles</code> for theming help/errors (behind
<code>unstable-styles</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.2.3] - 2023-04-18</h2>
<h3>Features</h3>
<ul>
<li><code>Command::styles</code> for theming help/errors (behind
<code>unstable-styles</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b99c50f7e9"><code>b99c50f</code></a>
chore: Release</li>
<li><a
href="3f46258b45"><code>3f46258</code></a>
docs: Update changelog</li>
<li><a
href="b0e0c596fe"><code>b0e0c59</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4843">#4843</a>
from epage/style</li>
<li><a
href="cbea23e3fc"><code>cbea23e</code></a>
style: Make clippy happy</li>
<li><a
href="5ca3b2fc5f"><code>5ca3b2f</code></a>
refactor(help): Shrink binary size</li>
<li><a
href="ec7040e8ba"><code>ec7040e</code></a>
style: Make clippy happy</li>
<li><a
href="57974bed7b"><code>57974be</code></a>
refactor(help): Future proof styling</li>
<li><a
href="e10e2ad249"><code>e10e2ad</code></a>
refactor(help): Split out separate usage style</li>
<li><a
href="8fd0a93bdc"><code>8fd0a93</code></a>
refactor(help): Clarify style meaning</li>
<li><a
href="7cf08e63cd"><code>7cf08e6</code></a>
refactor(help): Remove unused hint</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/v4.2.2...v4.2.3">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.2.2&new-version=4.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [clap](https://github.com/clap-rs/clap) from 4.2.1 to 4.2.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.2</h2>
<h2>[4.2.2] - 2023-04-13</h2>
<h3>Internal</h3>
<ul>
<li>Update dependencies</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.2.2] - 2023-04-13</h2>
<h3>Internal</h3>
<ul>
<li>Update dependencies</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6f409544ec"><code>6f40954</code></a>
chore: Release</li>
<li><a
href="6d5394dfc1"><code>6d5394d</code></a>
docs: Update changelog</li>
<li><a
href="d7f742ab87"><code>d7f742a</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4832">#4832</a>
from epage/update</li>
<li><a
href="9c85e1b295"><code>9c85e1b</code></a>
chore: Update anstyle/anstream</li>
<li><a
href="0deb42265d"><code>0deb422</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4823">#4823</a>
from epage/template</li>
<li><a
href="d34b51a2ed"><code>d34b51a</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/4821">#4821</a>
from Bfault/typo</li>
<li><a
href="13d79b7677"><code>13d79b7</code></a>
Fix typo</li>
<li><a
href="feddd124b0"><code>feddd12</code></a>
style: Move away from banned fns</li>
<li><a
href="d3d45e8344"><code>d3d45e8</code></a>
chore(pre): Mirror exclude in pre-commit</li>
<li><a
href="c99ef984de"><code>c99ef98</code></a>
chore(ci): Remove allow-print-in-tests due to MSRV</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/v4.2.1...v4.2.2">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.2.1&new-version=4.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [h2](https://github.com/hyperium/h2) from 0.3.16 to 0.3.17.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/hyperium/h2/releases">h2's
releases</a>.</em></p>
<blockquote>
<h2>v0.3.17</h2>
<h2>What's Changed</h2>
<ul>
<li>Add <code>Error::is_library()</code> method to check if the
originated inside <code>h2</code>.</li>
<li>Add <code>max_pending_accept_reset_streams(usize)</code> option to
client and server
builders.</li>
<li>Fix theoretical memory growth when receiving too many HEADERS and
then
RST_STREAM frames faster than an application can accept them off the
queue.
(CVE-2023-26964)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/hyperium/h2/blob/master/CHANGELOG.md">h2's
changelog</a>.</em></p>
<blockquote>
<h1>0.3.17 (April 13, 2023)</h1>
<ul>
<li>Add <code>Error::is_library()</code> method to check if the
originated inside <code>h2</code>.</li>
<li>Add <code>max_pending_accept_reset_streams(usize)</code> option to
client and server
builders.</li>
<li>Fix theoretical memory growth when receiving too many HEADERS and
then
RST_STREAM frames faster than an application can accept them off the
queue.
(CVE-2023-26964)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="af4bcacf6d"><code>af4bcac</code></a>
v0.3.17</li>
<li><a
href="d3f37e9fba"><code>d3f37e9</code></a>
feat: add <code>max_pending_accept_reset_streams(n)</code> options</li>
<li><a
href="5bc8e72e5f"><code>5bc8e72</code></a>
fix: limit the amount of pending-accept reset streams</li>
<li><a
href="8088ca658d"><code>8088ca6</code></a>
feat: add Error::is_library method</li>
<li><a
href="481c31d528"><code>481c31d</code></a>
chore: Use Cargo metadata for the MSRV build job</li>
<li><a
href="d3d50ef812"><code>d3d50ef</code></a>
chore: Replace unmaintained/outdated GitHub Actions</li>
<li><a
href="45b9bccdfc"><code>45b9bcc</code></a>
chore: set rust-version in Cargo.toml (<a
href="https://redirect.github.com/hyperium/h2/issues/664">#664</a>)</li>
<li>See full diff in <a
href="https://github.com/hyperium/h2/compare/v0.3.16...v0.3.17">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=h2&package-manager=cargo&previous-version=0.3.16&new-version=0.3.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/martin/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.95 to
1.0.96.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/json/releases">serde_json's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.96</h2>
<ul>
<li>Guarantee that <code>to_writer</code> only writes valid UTF-8
strings (<a
href="https://redirect.github.com/serde-rs/json/issues/1011">#1011</a>,
thanks <a
href="https://github.com/stepancheg"><code>@stepancheg</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="187f7dadc6"><code>187f7da</code></a>
Release 1.0.96</li>
<li><a
href="41199cce93"><code>41199cc</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1011">#1011</a>
from stepancheg/utf-8</li>
<li><a
href="cd5ed8204a"><code>cd5ed82</code></a>
Document to_writer only writes valid UTF-8 strings</li>
<li><a
href="ce53b862b9"><code>ce53b86</code></a>
Fix needless_borrow clippy lint in test</li>
<li>See full diff in <a
href="https://github.com/serde-rs/json/compare/v1.0.95...v1.0.96">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.95&new-version=1.0.96)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.49
to 0.10.50.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8395a89532"><code>8395a89</code></a>
Release openssl v0.10.50</li>
<li><a
href="b03b9ea09b"><code>b03b9ea</code></a>
Release openssl-sys v0.9.85</li>
<li><a
href="a03a346d91"><code>a03a346</code></a>
Merge pull request <a
href="https://redirect.github.com/sfackler/rust-openssl/issues/1874">#1874</a>
from vishwin/master</li>
<li><a
href="1a52fa61a4"><code>1a52fa6</code></a>
Bump LibreSSL to 3.7.2</li>
<li><a
href="f74b8e6f4e"><code>f74b8e6</code></a>
Merge pull request <a
href="https://redirect.github.com/sfackler/rust-openssl/issues/1871">#1871</a>
from haroldbruintjes/feature/cipher-inplace</li>
<li><a
href="edf3a165c7"><code>edf3a16</code></a>
Add in-place cipher update method</li>
<li><a
href="05ce5bc241"><code>05ce5bc</code></a>
Merge pull request <a
href="https://redirect.github.com/sfackler/rust-openssl/issues/1870">#1870</a>
from sfackler/alex-patch-1</li>
<li><a
href="b8559cbaf8"><code>b8559cb</code></a>
whoops</li>
<li><a
href="12a0de5839"><code>12a0de5</code></a>
Raise the minimum CC version</li>
<li>See full diff in <a
href="https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.49...openssl-v0.10.50">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=openssl&package-manager=cargo&previous-version=0.10.49&new-version=0.10.50)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde_yaml](https://github.com/dtolnay/serde-yaml) from 0.9.20 to
0.9.21.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/serde-yaml/releases">serde_yaml's
releases</a>.</em></p>
<blockquote>
<h2>0.9.21</h2>
<ul>
<li>Make <code>Tag::new</code> panic if given empty string, since YAML
has no syntax for an empty tag</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8057faddd6"><code>8057fad</code></a>
Release 0.9.21</li>
<li><a
href="19a7bd3d9b"><code>19a7bd3</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/serde-yaml/issues/371">#371</a>
from dtolnay/emptytag</li>
<li><a
href="ebb4b7af3a"><code>ebb4b7a</code></a>
Fix deserialization of tag !<%21></li>
<li><a
href="879a57fe91"><code>879a57f</code></a>
Factor out conversion function from libyaml Tag to tag string</li>
<li><a
href="e3b9a02a13"><code>e3b9a02</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/serde-yaml/issues/370">#370</a>
from dtolnay/emptytag</li>
<li><a
href="ef435495d1"><code>ef43549</code></a>
Treat Tag::new("!") as tag %21, instead of empty tag</li>
<li><a
href="221154cc1b"><code>221154c</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/serde-yaml/issues/369">#369</a>
from dtolnay/emptytag</li>
<li><a
href="39a866c695"><code>39a866c</code></a>
Reuse Tag visitor in Value's Deserialize impl</li>
<li><a
href="80e53a5166"><code>80e53a5</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/serde-yaml/issues/368">#368</a>
from dtolnay/emptytag</li>
<li><a
href="f668f71ea4"><code>f668f71</code></a>
Preserve location information better when parsing invalid tag</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/serde-yaml/compare/0.9.20...0.9.21">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_yaml&package-manager=cargo&previous-version=0.9.20&new-version=0.9.21)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde_yaml](https://github.com/dtolnay/serde-yaml) from 0.9.19 to
0.9.20.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/serde-yaml/releases">serde_yaml's
releases</a>.</em></p>
<blockquote>
<h2>0.9.20</h2>
<ul>
<li>Allow an empty YAML document to deserialize to <code>None</code> or
<code>Value::Null</code>, in addition to the previously supported empty
vector, empty map, and struct with no required fields</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f833329ea3"><code>f833329</code></a>
Release 0.9.20</li>
<li><a
href="2a25cb7ee9"><code>2a25cb7</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/serde-yaml/issues/365">#365</a>
from dtolnay/empty</li>
<li><a
href="0d98534dda"><code>0d98534</code></a>
Allow empty document to be deserialized using visit_none</li>
<li><a
href="c4ac687cee"><code>c4ac687</code></a>
Add test of deserializing empty document to Option</li>
<li><a
href="8353dbfc7f"><code>8353dbf</code></a>
Ignore similar_names pedantic clippy lint</li>
<li><a
href="234272f9d1"><code>234272f</code></a>
Update test_de to test multi-document mode</li>
<li><a
href="69b5272bb0"><code>69b5272</code></a>
Update test_error to test same errors in multi-document mode</li>
<li><a
href="48fc779b90"><code>48fc779</code></a>
Update fuzz crate gitignore to ignore coverage dir</li>
<li>See full diff in <a
href="https://github.com/dtolnay/serde-yaml/compare/0.9.19...0.9.20">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_yaml&package-manager=cargo&previous-version=0.9.19&new-version=0.9.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>