From 6cb93cfe1c7ad119129db74d2d6d535b94b529a1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 13 Dec 2021 17:28:29 +0000
Subject: [PATCH] Bump serde_yaml from 0.8.21 to 0.8.23 (#1740)
Bumps [serde_yaml](https://github.com/dtolnay/serde-yaml) from 0.8.21 to 0.8.23.
Release notes
Sourced from serde_yaml's releases.
0.8.23
- Fix handling of YAML 1.1-style octals that begin with
+ or - sign (#228)
0.8.22
- Switch float serializer to use the same float formatting library as serde_json
Commits
44ba879 Release 0.8.23f850da3 Merge pull request #228 from dtolnay/octal983b5b3 Suppress blocks_in_if_conditions clippy lint57f2e66 Treat YAML 1.1 style octals with sign as string, not base 10 numberf424a15 Add test of cases that are NOT supposed to be numbers75a43c4 Merge pull request #218 from rukai/add_unit_struct_test1db8fdb Release 0.8.226b83603 Switch float serializer from dtoa to ryu7a02d73 Delete disabled borrowed string deserializer testeb31d62 Update from dtoa 0.4 to 1.0- Additional commits viewable in compare view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
Cargo.lock | 12 +++---------
boa_tester/Cargo.toml | 2 +-
2 files changed, 4 insertions(+), 10 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
index 9d88bda5256..d903c9d8aa9 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -354,12 +354,6 @@ dependencies = [
"winapi",
]
-[[package]]
-name = "dtoa"
-version = "0.4.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "56899898ce76aaf4a0f24d914c97ea6ed976d42fec6ad33fcbb0a1103e07b2b0"
-
[[package]]
name = "dyn-clone"
version = "1.0.4"
@@ -1211,12 +1205,12 @@ dependencies = [
[[package]]
name = "serde_yaml"
-version = "0.8.21"
+version = "0.8.23"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d8c608a35705a5d3cdc9fbe403147647ff34b921f8e833e49306df898f9b20af"
+checksum = "a4a521f2940385c165a24ee286aa8599633d162077a54bdcae2a6fd5a7bfa7a0"
dependencies = [
- "dtoa",
"indexmap",
+ "ryu",
"serde",
"yaml-rust",
]
diff --git a/boa_tester/Cargo.toml b/boa_tester/Cargo.toml
index 7c1bb8db230..2866ca3e0d9 100644
--- a/boa_tester/Cargo.toml
+++ b/boa_tester/Cargo.toml
@@ -18,7 +18,7 @@ vm = ["Boa/vm"]
Boa = { path = "../boa" }
structopt = "0.3.25"
serde = { version = "1.0.131", features = ["derive"] }
-serde_yaml = "0.8.21"
+serde_yaml = "0.8.23"
serde_json = "1.0.72"
bitflags = "1.3.2"
regex = "1.5.4"