build(deps): bump the prod group with 14 updates

[dependabot]

Bumps the prod group with 14 updates:

Package	From	To
clap	4.4.18	4.5.0
chrono	0.4.33	0.4.34
indexmap	2.2.2	2.2.3
toml	0.8.9	0.8.10
thiserror	1.0.56	1.0.57
metrics	0.22.0	0.22.1
num-integer	0.1.45	0.1.46
metrics-exporter-prometheus	0.13.0	0.13.1
indicatif	0.17.7	0.17.8
tempfile	3.9.0	3.10.0
tonic	0.10.2	0.11.0
tonic-build	0.10.2	0.11.0
x25519-dalek	2.0.0	2.0.1
serde_with	3.6.0	3.6.1

Updates clap from 4.4.18 to 4.5.0

Changelog

Sourced from clap's changelog.

[4.5.0] - 2024-02-08

Compatibility

• Update MSRV to 1.74

Commits

• a751c5f chore: Release
• 9ec6c94 chore: Release
• 0735119 docs: Update changelog
• c4d3959 Merge pull request #5344 from epage/encode
• f750e57 fix(lex): Use new-ish OsStr API
• 1d9a554 Merge pull request #5343 from epage/msrv
• 4b45d36 chore: Update MSRV to 1.74
• 55b1f94 Merge pull request #5342 from epage/divan
• ea77b98 test(complete): Make it order independent
• b0fea2b test(bench): Switch to divan
• Additional commits viewable in compare view

Updates chrono from 0.4.33 to 0.4.34

Release notes

Sourced from chrono's releases.

0.4.34

Notable changes

• In chrono 0.4.34 we finished the work to make all methods const where doing so is supported by rust 1.61.
• We renamed the Duration type to TimeDelta. This removes the confusion between chrono's type and the later Duration type in the standard library. It will remain available under the old name as a type alias for compatibility.
• The Windows implementation of Local is rewritten. The new version avoids panics when the date is outside of the range supported by windows (the years 1601 to 30828), and gives more accurate results during DST transitions.
• The Display format of TimeDelta is modified to conform better to ISO 8601. Previously it converted all values greater than 24 hours to a value with days. This is not correct, as doing so changes the duration from an 'accurate' to a 'nominal' representation to use ISO 8601 terms.

Fixes

• Add missing range check in TimeDelta::milliseconds (#1385, thanks @​danwilliams)
• Remove check for DurationExceedsTimestamp in DurationRound (#1403, thanks @​joroKr21)
• Fix localized formatting with %X ((chronotope/pure-rust-locales#12, #1420)
• Windows: base implementation on GetTimeZoneInformationForYear (#1017)

Additions

• Add TimeDelta::try_milliseconds (#1385, thanks @​danwilliams)
• Add TimeDelta::new (#1337)
• Add StrftimeItems::{parse, parse_to_owned} and more documentation (#1184)
• More standard traits and documentation for format::Locale (via chronotope/pure-rust-locales#8)

Changes

• Rename Duration to TimeDelta, add type alias (#1406)
• Make TimeDelta methods const (#1337)
• Make remaining methods of NaiveDate, NaiveWeek, NaiveTime and NaiveDateTime const where possible (#1337)
• Make methods on DateTime const where possible (#1400)
• Make Display format of TimeDelta conform better to ISO 8601 (#1328)

Documentation

• Fix the formatting of timestamp_micros's Example doc (#1338 via #1386, thanks @​emikitas)
• Specify branch for GitHub Actions badge and fix link (#1388)
• Don't mention some deprecated methods in docs (#1395)
• Remove stray documentation from main (#1397)
• Improved documentation of TimeDelta constructors (#1385, thanks @​danwilliams)

Internal

• Switch branch names: 0.4.x releases are the main branch, work on 0.5 happens in the 0.5.x branch (#1390, #1402).
• Don't use deprecated method in impl Arbitrary for DateTime and set up CI test (#1336)
• Remove workaround for Rust < 1.61 (#1393)
• Bump codecov/codecov-action from 3 to 4 (#1404)
• Remove partial support for handling -0000 offset (#1411)
• Move TOO_LONG error out of parse_internal (#1419)

Thanks to all contributors on behalf of the chrono team, @​djc and @​pitdicker!

Commits

• dc19606 Prepare 0.4.34
• 58a2149 Add StrftimeItems::parse_to_owned
• 59eeb8c Add StrftimeItems::parse
• 79de122 Add more documentation to StrftimeItems::new_with_locale
• 5b7cf85 Add more documentation to StrftimeItems::new
• be6af79 Make Display format of TimeDelta conform better to ISO 8601
• d1cf0e9 Add test for issue 651
• 0ef34e4 Extend test to more distant dates
• fc67f3e Remove obsolete test
• acb693a Windows: rewrite using GetTimeZoneInformationForYear
• Additional commits viewable in compare view

Updates indexmap from 2.2.2 to 2.2.3

Changelog

Sourced from indexmap's changelog.

2.2.3

• Added move_index and swap_indices methods to IndexedEntry, OccupiedEntry, and RawOccupiedEntryMut, functioning like the existing methods on IndexMap.
• Added shift_insert methods on VacantEntry and RawVacantEntryMut, as well as shift_insert_hashed_nocheck on the latter, to insert the new entry at a particular index.
• Added shift_insert methods on IndexMap and IndexSet to insert a new entry at a particular index, or else move an existing entry there.

Commits

• 406bbdb Merge pull request #312 from cuviper/release-2.2.3
• 3b79b87 Release 2.2.3
• 8e6753c Merge pull request #310 from cuviper/shift_insert
• e3ff25b Merge pull request #311 from cuviper/test_debug
• 2a33977 Fully mask the "test_debug" code from normal builds
• 8c206ef Test shift_insert that moves
• 5debe73 IndexSet::swap_indices is O(1) too
• 4572493 Add IndexSet::shift_insert based on map's method
• 3b217ca Add IndexMap::shift_insert based on Entry
• 209e3e1 Document equivalence of move_index/swap_indices
• Additional commits viewable in compare view

Updates toml from 0.8.9 to 0.8.10

Commits

• 7f3e276 chore: Release
• 07c8c2c docs: Update changelog
• 10392d5 chore: Release
• 4592fe4 docs: Update changelog
• b7bd3a4 Merge pull request #675 from epage/dotted-key
• 89d1416 fix(edit): Preserve previous line decor on leaf key
• 4e89856 fix(edit): Don't include decor in Key's Display
• 35e5326 Merge pull request #674 from epage/refactor
• 0aca85b refactor(encode): Remove trait abstraction
• 16c8353 test(edit): Show dotted-key comment bug
• Additional commits viewable in compare view

Updates thiserror from 1.0.56 to 1.0.57

Release notes

Sourced from thiserror's releases.

1.0.57

• Generate more efficient Display impl for error message which do not contain any interpolated value (#286, thanks @​nyurik)

Commits

• 1d106b1 Release 1.0.57
• 8a5c4d1 Use write_str when args only consists of trailing comma
• f790bee Phrase flag in terms of whether core::fmt machinery is required
• d43b759 Ignore needless_raw_string_hashes pedantic clippy lint in test
• d09c418 Touch up PR 286
• 097251d Merge pull request #286 from nyurik/litstr
• cd79876 optimize by avoiding second fmt.value() call
• d7e738e Optimize simple literals for Display::fmt
• 0717de3 Update ui test suite to nightly-2024-02-08
• c7c7547 Update ui test suite to nightly-2024-01-31
• See full diff in compare view

Updates metrics from 0.22.0 to 0.22.1

Commits

• 5fd46a9 (cargo-release) version 0.22.1
• 35b9d86 woops
• f7e979a fix ahash MSRV nonsense
• 019bc0e (cargo-release) version 0.13.1
• f6c3592 (cargo-release) version 0.16.2
• 9a5d9dc fix pointless ahash MSRV bump
• 6eef32a (cargo-release) version 0.16.1
• fed20b3 update changelogs
• f50f914 Update indexmap to version 2 (#439)
• bc29c4f Update hashbrown to 0.14 (#438)
• Additional commits viewable in compare view

Updates num-integer from 0.1.45 to 0.1.46

Changelog

Sourced from num-integer's changelog.

Release 0.1.46 (2024-02-07)

• Upgrade to 2018 edition, MSRV 1.31
• The Integer::divides method is now properly deprecated, rather than just documented so.
• The new Integer::dec and inc methods change the value by one.

Contributors: @​aobatact, @​cuviper, @​hkBst, @​MiguelX413

Commits

• ede2d2c Merge pull request #62 from cuviper/release-0.1.46
• c7f506e Release 0.1.46
• 3ac8866 Merge pull request #42 from aobatact/master
• 736ec84 Add default fallback from divides to is_multiple_of
• 77324ee Merge pull request #53 from MiguelX413/master
• a51b3ff Mark Integer::divides as deprecated.
• 8682553 Add examples to dec/inc
• 9d4d68b Add Integer.dec() and Integer.inc()
• 9720c90 Merge pull request #61 from cuviper/ci
• 8bfce25 ci: Add a registry cache for git protocol
• Additional commits viewable in compare view

Updates metrics-exporter-prometheus from 0.13.0 to 0.13.1

Commits

• 45137b4 (cargo-release) version 0.13.1
• f4c0555 Add conversion from stdlib Cow to our internal Cow.
• e46c951 Change MetricKindMask to MetricKind.
• a14557a Merge pull request #163 from RAnders00/fix-prometheus-exporter-no-default-fea...
• 68fbbf8 Fix compile errors and warnings when compiling prometheus exporter without de...
• a3b289e (cargo-release) version 0.1.0
• bb45f68 (cargo-release) version 0.1.0
• 3615f1f (cargo-release) version 0.1.0
• 3279b19 (cargo-release) version 0.4.1
• f38e9e3 non-alpha version bumps
• Additional commits viewable in compare view

Updates indicatif from 0.17.7 to 0.17.8

Commits

• See full diff in compare view

Updates tempfile from 3.9.0 to 3.10.0

Changelog

Sourced from tempfile's changelog.

3.10.0

• Drop redox_syscall dependency, we now use rustix for Redox.
• Add Builder::permissions for setting the permissions on temporary files and directories (thanks to @​Byron).
• Update rustix to 0.38.31.
• Update fastrand to 2.0.1.

Commits

• 61531ea chore: release v3.10.0
• e246c4a chore: update deps (#275)
• 4a05e47 feat: Add Builder::permissions() method. (#273)
• 184ab8f fix: drop redox_syscall dependency (#272)
• See full diff in compare view

Updates tonic from 0.10.2 to 0.11.0

Changelog

Sourced from tonic's changelog.

0.11.0 (2024-02-08)

BREAKING CHANGES:

• Removed NamedService from the transport module, please import it via tonic::server::NamedService.
• MSRV bumped to 1.70.

Features

• Added zstd compression support.
• Added connection timeout for connecto_with_connector_lazy.
• Upgrade rustls to v0.22
• Feature gate server implementation for tonic-reflection.

Commits

• ea8cd3f chore: prepare v0.11.0 release (#1626)
• 209fcbe chore(ci): fix udeps warning errors (#1627)
• 4263f87 feat(tls): Implement AsMut for Certificate (#1621)
• 23106dd chore(tls): Update to rustls 0.22.0 (#1509)
• 2a2809b Update Cargo.toml (#1622)
• 4227468 Update helloworld-tutorial.md - Fix Clippy lints (#1617)
• 4859a73 Add connection timeout to connect_with_connector_lazy (#1619)
• 227b169 web: fix invalid bit header error message (#1618)
• c30cb78 chore(reflection): Make prost-types dependency optional (#1610)
• f714f42 Repair rust-analyzer for tonic files (#1604)
• Additional commits viewable in compare view

Updates tonic-build from 0.10.2 to 0.11.0

Changelog

Sourced from tonic-build's changelog.

0.11.0 (2024-02-08)

BREAKING CHANGES:

• Removed NamedService from the transport module, please import it via tonic::server::NamedService.
• MSRV bumped to 1.70.

Features

• Added zstd compression support.
• Added connection timeout for connecto_with_connector_lazy.
• Upgrade rustls to v0.22
• Feature gate server implementation for tonic-reflection.

Commits

• ea8cd3f chore: prepare v0.11.0 release (#1626)
• 209fcbe chore(ci): fix udeps warning errors (#1627)
• 4263f87 feat(tls): Implement AsMut for Certificate (#1621)
• 23106dd chore(tls): Update to rustls 0.22.0 (#1509)
• 2a2809b Update Cargo.toml (#1622)
• 4227468 Update helloworld-tutorial.md - Fix Clippy lints (#1617)
• 4859a73 Add connection timeout to connect_with_connector_lazy (#1619)
• 227b169 web: fix invalid bit header error message (#1618)
• c30cb78 chore(reflection): Make prost-types dependency optional (#1610)
• f714f42 Repair rust-analyzer for tonic files (#1604)
• Additional commits viewable in compare view

Updates x25519-dalek from 2.0.0 to 2.0.1

Commits

• 4ac84dd curve,ed,x: Bump patch version to reflect fix to nightly SIMD build (#621)
• ff1c309 Fix nightly build (#619)
• ba737a3 Update README.md (#613)
• 0b45e00 chore: typo fix (#608)
• ba7a073 doc: Fix markdown PR reference (#605)
• a2ff6ba {Signing,Verifying}KeyVisitor: visit_borrowed_bytes -> visit_bytes (#602)
• f08bbb7 ed: Prep to release v2.1.0 (#600)
• 04f811a ed: Add back SigningKey::to_scalar_bytes (#599)
• ac51ef6 ed25519: loosen signature crate dependency again (#598)
• 89aabac README.md: remove broken image (#595)
• Additional commits viewable in compare view

Updates serde_with from 3.6.0 to 3.6.1

Release notes

Sourced from serde_with's releases.

serde_with v3.6.1

Changed

• Eliminate dependency on serde's "derive" feature by @​dtolnay (#694) This allows parallel compilation of serde and serde_derive which can speed up the wallclock time. It requires that downstream crates do not use the "derive" feature either.

Commits

• 76cf252 Bump version to v3.6.1 (#696)
• 6872fa8 Bump version to v3.6.1
• 6211d20 Eliminate dependency on serde's "derive" feature (#694)
• 5e6a115 Eliminate dependency on serde's "derive" feature
• d145a45 Update ahash to 0.8.7 to accommodate stdsimd change in nightly (#695)
• 2b17850 Update ahash to 0.8.7 to accommodate stdsimd change in nightly
• caba452 Bump the github-actions group with 1 update (#693)
• 54a665d Bump the github-actions group with 1 update
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[arya2]

• Clap added some tests/benches and refactored some code, doesn't seem to affect Zebra's usage
• Chrono Duration was renamed to TimeDelta but is still available under the old name, handles some panics better with an expect! macro, makes check_add/sub_signed() and other functions into const fns
• Indexmap is mostly additive with the exception of some minor refactors, it may have new use cases for Zebra, or allow us to improve existing usage
• x25519-dalek changes are mostly formatting/cleanup, some changes are additive.

@upbqdn These commits may need a cryptographic review:

• dalek-cryptography/curve25519-dalek@8e0cef5
• dalek-cryptography/curve25519-dalek@a3a08b0

But everything else in x25519-dalek that Zebra uses looks fine. The changes in dalek-cryptography/curve25519-dalek@4373695 seem to only affect code behind the group feature flag, which Zebra doesn't use.

[upbqdn]

Thanks for the overview!