chore(deps): bump the cargo group across 2 directories with 11 updates

[dependabot]

Bumps the cargo group with 4 updates in the /api/web directory: tokio, warp, crossbeam-utils and h2.
Bumps the cargo group with 8 updates in the /src-tauri directory:

Package	From	To
tokio	1.21.2	1.24.2
crossbeam-utils	0.8.12	0.8.20
h2	0.3.14	0.3.26
time	0.1.44	0.1.45
tauri	1.1.1	1.1.4
bumpalo	3.11.0	3.16.0
bzip2	0.4.3	0.4.4
openssl	0.10.42	0.10.64

Updates tokio from 1.15.0 to 1.16.1

Release notes

Sourced from tokio's releases.

Tokio v1.16.1

1.16.1 (January 28, 2022)

This release fixes a bug in #4428 with the change #4437.

#4428: tokio-rs/tokio#4428 #4437: tokio-rs/tokio#4437

Tokio v1.16.0

Fixes a soundness bug in io::Take (#4428). The unsoundness is exposed when leaking memory in the given AsyncRead implementation and then overwriting the supplied buffer:

impl AsyncRead for Buggy {
    fn poll_read(
        self: Pin<&mut Self>,
        cx: &mut Context<'_>,
        buf: &mut ReadBuf<'_>
    ) -> Poll<Result<()>> {
      let new_buf = vec![0; 5].leak();
      *buf = ReadBuf::new(new_buf);
      buf.put_slice(b"hello");
      Poll::Ready(Ok(()))
    }
}

Also, this release includes improvements to the multi-threaded scheduler that can increase throughput by up to 20% in some cases (#4383).

Fixed

• io: soundness don't expose uninitialized memory when using io::Take in edge case (#4428)
• fs: ensure File::write results in a write syscall when the runtime shuts down (#4316)
• process: drop pipe after child exits in wait_with_output (#4315)
• rt: improve error message when spawning a thread fails (#4398)
• rt: reduce false-positive thread wakups in the multi-threaded scheduler (#4383)
• sync: don't inherit Send from parking_lot::*Guard (#4359)

Added

• net: TcpSocket::linger() and set_linger() (#4324)
• net: impl UnwindSafe for socket types (#4384)
• rt: impl UnwindSafe for JoinHandle (#4418)
• sync: watch::Receiver::has_changed() (#4342)
• sync: oneshot::Receiver::blocking_recv() (#4334)
• sync: RwLock blocking operations (#4425)

Unstable

... (truncated)

Commits

• 91b9850 chore: prepare Tokio v1.16.1 release (#4438)
• 3c46705 io: fix take pointer check (#4437)
• afd2189 chore: prepare Tokio v1.16 release (#4431)
• 986b88b chore: update year in LICENSE files (#4429)
• 257053e util: add spawn_pinned (#3370)
• 5af9e0d sync: add blocking lock methods to RwLock (#4425)
• 8f77ee8 net: add generic trait to combine UnixListener and TcpListener (#4385)
• 2747043 tests: enable running wasm32-unknown-unknown tests (#4421)
• 2a5071f feat: implement Framed::map_codec (#4427)
• 621790e io: fix take when using evil reader (#4428)
• Additional commits viewable in compare view

Updates warp from 0.3.2 to 0.3.3

Release notes

Sourced from warp's releases.

v0.3.3

• Fixes:
  • Fix fs filters path sanitization to reject colons on Windows.

Changelog

Sourced from warp's changelog.

v0.3.3 (September 27, 2022)

• Fixes:
  • Fix fs filters path sanitization to reject colons on Windows.

Commits

• 4e9c4fd v0.3.3
• 0074a0a fs: sanitize colons from file requests on windows
• 3cf1783 Fix test example so it doesn't fail (#988)
• 5723cac Use status code for trace filter message. (#981)
• 11169f2 Update tungstenite to 0.17.2 (#973)
• c4edf4c fix typo (#962)
• bcce741 updated tokio-util to 0.7 (#969)
• 3ff2eaf Update tokio-rustls to v0.23 (#927)
• 969d10a docs: fix Reject example compiler failure
• See full diff in compare view

Updates crossbeam-utils from 0.8.6 to 0.8.20

Release notes

Sourced from crossbeam-utils's releases.

crossbeam-utils 0.8.20

• Implement Display for CachePadded. (#1097)

crossbeam-utils 0.8.19

• Remove dependency on cfg-if. (#1072)

crossbeam-utils 0.8.18

• Relax the minimum supported Rust version to 1.60. (#1056)
• Improve scalability of AtomicCell fallback. (#1055)

crossbeam-utils 0.8.17

• Bump the minimum supported Rust version to 1.61. (#1037)
• Improve support for targets without atomic CAS or 64-bit atomic. (#1037)
• Always implement UnwindSafe and RefUnwindSafe for AtomicCell. (#1045)
• Improve compatibility with Miri, TSan, and loom. (#995, #1003)
• Improve compatibility with unstable oom=panic. (#1045)
• Improve implementation of CachePadded. (#1014, #1025)
• Update loom dependency to 0.7.

crossbeam-utils 0.8.16

• Improve implementation of CachePadded. (#967)

crossbeam-utils 0.8.15

• Add #[clippy::has_significant_drop] to ShardedLock{Read,Write}Guard. (#958)
• Improve handling of very large timeout. (#953)
• Soft-deprecate thread::scope() in favor of the more efficient std::thread::scope that stabilized on Rust 1.63. (#954)

crossbeam-utils 0.8.14

• Fix build script bug introduced in 0.8.13. (#932)

crossbeam-utils 0.8.13

• Improve support for custom targets. (#922)

crossbeam-utils 0.8.12

• Remove the dependency on the once_cell crate to restore the MSRV. (#913)
• Work around rust-lang#98302, which causes compile error on windows-gnu when LTO is enabled. (#913)

crossbeam-utils 0.8.11

• Bump the minimum supported Rust version to 1.38. (#877)

crossbeam-utils 0.8.10

• Fix unsoundness of AtomicCell on types containing niches. (#834) This fix contains breaking changes, but they are allowed because this is a soundness bug fix. See #834 for more.

crossbeam-utils 0.8.9

• Replace lazy_static with once_cell. (#817)

crossbeam-utils 0.8.8

• Fix a bug when unstable loom support is enabled. (#787)

... (truncated)

Commits

• 3f5d51f Prepare for the next release
• a9d236c Use setup-cross-toolchain-action instead of cross
• 4a514f4 Address unexpected_cfgs warning
• 91edb88 Add select_biased! macro (#1040)
• d1ab079 Fix clippy::assigning_clones warning
• 3045680 ci: Set timeout-minutes in all jobs
• 1dc72c8 Revert "ci: Pin nightly toolchain for sanitizers to nightly-2024-03-13"
• 39417a5 ci: Use taiki-e/checkout-action action
• 120a6dd Run cargo-careful in CI
• 2b06585 impl Display for CachePadded<T> (#1097)
• Additional commits viewable in compare view

Updates h2 from 0.3.9 to 0.3.21

Release notes

Sourced from h2's releases.

v0.3.21

What's Changed

• Fix opening of new streams over peer's max concurrent limit.
• Fix RecvStream to return data even if it has received a CANCEL stream error.
• Update MSRV to 1.63.

New Contributors

• @​DDtKey made their first contribution in hyperium/h2#703
• @​jwilm made their first contribution in hyperium/h2#707

v0.3.20

Bug Fixes

• Fix panic if a server received a request with a :status pseudo header in the 1xx range. (#695)
• Fix panic if a reset stream had pending push promises that were more than allowed. (#685)
• Fix potential flow control overflow by subtraction, instead returning a connection error. (#692)

New Contributors

• @​f0rki made their first contribution in hyperium/h2#690

v0.3.19

What's Changed

• Fix counting reset streams when triggered by a GOAWAY.
• Send too_many_resets in opaque debug data of GOAWAY when too many resets received.

New Contributors

• @​Herbstein made their first contribution in hyperium/h2#673
• @​foresterre made their first contribution in hyperium/h2#680

v0.3.18

What's Changed

• fix: pending-accept remotely-reset streams pattern was checking is_local by @​seanmonstar in hyperium/h2#676

v0.3.17

What's Changed

• Add Error::is_library() method to check if the originated inside h2.
• Add max_pending_accept_reset_streams(usize) option to client and server builders.
• Fix theoretical memory growth when receiving too many HEADERS and then RST_STREAM frames faster than an application can accept them off the queue. (CVE-2023-26964)

v0.3.16

What's Changed

• Set Protocol extension on requests when received Extended CONNECT requests.
• Remove B: Unpin + 'static bound requiremented of bufs
• Fix releasing of frames when stream is finished, reducing memory usage.
• Fix panic when trying to send data and connection window is available, but stream window is not.
• Fix spurious wakeups when stream capacity is not available.

... (truncated)

Changelog

Sourced from h2's changelog.

0.3.21 (August 21, 2023)

• Fix opening of new streams over peer's max concurrent limit.
• Fix RecvStream to return data even if it has received a CANCEL stream error.
• Update MSRV to 1.63.

0.3.20 (June 26, 2023)

• Fix panic if a server received a request with a :status pseudo header in the 1xx range.
• Fix panic if a reset stream had pending push promises that were more than allowed.
• Fix potential flow control overflow by subtraction, instead returning a connection error.

0.3.19 (May 12, 2023)

• Fix counting reset streams when triggered by a GOAWAY.
• Send too_many_resets in opaque debug data of GOAWAY when too many resets received.

0.3.18 (April 17, 2023)

• Fix panic because of opposite check in is_remote_local().

0.3.17 (April 13, 2023)

• Add Error::is_library() method to check if the originated inside h2.
• Add max_pending_accept_reset_streams(usize) option to client and server builders.
• Fix theoretical memory growth when receiving too many HEADERS and then RST_STREAM frames faster than an application can accept them off the queue. (CVE-2023-26964)

0.3.16 (February 27, 2023)

• Set Protocol extension on requests when received Extended CONNECT requests.
• Remove B: Unpin + 'static bound requiremented of bufs
• Fix releasing of frames when stream is finished, reducing memory usage.
• Fix panic when trying to send data and connection window is available, but stream window is not.
• Fix spurious wakeups when stream capacity is not available.

0.3.15 (October 21, 2022)

• Remove B: Buf bound on SendStream's parameter
• add accessor for StreamId u32

0.3.14 (August 16, 2022)

• Add Error::is_reset function.
• Bump MSRV to Rust 1.56.
• Return RST_STREAM(NO_ERROR) when the server early responds.

0.3.13 (March 31, 2022)

... (truncated)

Commits

• da38b1c v0.3.21
• ee04292 Fix opening new streams over max concurrent (#707)
• 9bd62a2 Test that client reacts correctly on rogue HEADERS (#667)
• da9f34b chore: fix up some clippy nags (#709)
• cdcc641 msrv: bump to 1.63 (#708)
• 633116e fix: do not ignore result of ensure_recv_open (#687)
• 46fb80b test: early server response with data (#703)
• 6a75f23 v0.3.20
• 0189722 Fix for a fuzzer-discovered integer underflow of the flow control window size...
• 478f7b9 Fix for invalid header panic corrected (#695)
• Additional commits viewable in compare view

Updates mio from 0.7.14 to 0.8.11

Release notes

Sourced from mio's releases.

Mio v0.8

This will Mio's last unstable version, the next version will be v1 and introduce a stable API.

The main change in this release is the removal of the TcpSocket type, it's replace by the socket2 crate.

See the change log for more changes.

Changelog

Sourced from mio's changelog.

0.8.11

• Fix receiving IOCP events after deregistering a Windows named pipe (tokio-rs/mio#1760, backport pr: tokio-rs/mio#1761).

0.8.10

Added

• Solaris support (tokio-rs/mio#1724).

0.8.9

Added

• ESP-IDF framework support (tokio-rs/mio#1692).
• AIX operating system support (tokio-rs/mio#1704).
• Vita support (tokio-rs/mio#1721).
• {UnixListener,UnixStream}:bind_addr (tokio-rs/mio#1630).
• mio_unsupported_force_poll_poll and mio_unsupported_force_waker_pipe unsupported configuration flags to force a specific poll or waker implementation (tokio-rs/mio#1684, tokio-rs/mio#1685, tokio-rs/mio#1692).

Fixed

• The pipe(2) based waker (swapped file descriptors) (tokio-rs/mio#1722).
• The duplicate waker check to work correctly with cloned Registrys. (tokio-rs/mio#1706).

0.8.8

Fixed

• Fix compilation on WASI (tokio-rs/mio#1676).

0.8.7

Added

• Add/fix support for tvOS and watchOS, Mio should now build for tvOS and

... (truncated)

Commits

• 0328bde Release v0.8.11
• 7084498 Fix warnings
• 90d4fe0 named-pipes: fix receiving IOCP events after deregister
• c710a30 Add v0.8.x to the CI
• c29e21c Release v0.8.10
• f6a20da Add Solaris operating system support (#1724)
• e80c3b2 Release v0.8.9
• 862786b Fix importing of IoSourceState
• 4034872 Add support for vita target
• 8eb4010 Fix receiver and sender fd in pipe based waker
• Additional commits viewable in compare view

Updates tungstenite from 0.14.0 to 0.17.3

Changelog

Sourced from tungstenite's changelog.

0.17.3

• Respect the case-sentitivity of the "Origin" header to keep compatibility with the older servers that use case-sensitive comparison.

0.17.2

• Fix panic when invalid manually constructed http::Request is passed to tungstenite.
• Downgrade the MSRV to 1.56 due to some other crates that rely on us not being quite ready for 1.58.

0.17.1

• Specify the minimum required Rust version.

0.17.0

• Update of dependencies (primarily sha1).
• Add support of the fragmented messages (allow the user to send the frames without composing the full message).
• Overhaul of the client's request generation process. Now the users are able to pass the constructed http::Request "as is" to tungstenite-rs, letting the library to check the correctness of the request and specifying their own headers (including its own key if necessary). No changes for those ones who used the client in a normal way by connecting using a URL/URI (most common use-case).

0.16.0

• Update of dependencies (primarily rustls, webpki-roots, rustls-native-certs).
• When the close frame is received, the reply that is automatically sent to the initiator has the same code (so we just echo the frame back). Previously a new close frame was created (i.e. the close code / reason was always the same regardless of what code / reason specified by the initiator). Now it’s more symmetrical and arguably more intuitive behavior (see #246 for more context).
• The internal ReadBuffer implementation uses heap instead of stack to store the buffer. This should solve issues with possible stack overflows in some scenarios (see #241 for more context).

0.15.0

• Allow selecting the method of loading root certificates if rustls is used as TLS implementation.
  • Two new feature flags rustls-tls-native-roots and rustls-tls-webpki-roots have been added that activate the respective method to load certificates.
  • The rustls-tls flag was removed to raise awareness of this change. Otherwise, compilation would have continue to work and potential errors (due to different or missing certificates) only occurred at runtime.
  • The new feature flags are additive. If both are enabled, both methods will be used to add certificates to the TLS configuration.
• Allow specifying a connector (for more fine-grained configuration of the TLS).

Commits

• 3bc195a Bump version and update the changelog
• fbac502 Merge pull request #287 from n3oney/master
• 80d0547 fix: uppercase origin header
• b8ccbcf chore: update the documentation
• bb546ac Merge pull request #273 from kangalioo/msrv-1.51
• fa70a37 Downgrade MSRV to 1.51
• aeed529 Merge pull request #271 from kazk/update-autobahn-expected
• c96dc7c Merge pull request #272 from kazk/fix-autobahn-scripts
• 8cc7e7e Fix autobahn scripts
• 1d9bdbc Update autobahn/expected-results.json for #246
• Additional commits viewable in compare view

Updates tokio from 1.21.2 to 1.24.2

Release notes

Sourced from tokio's releases.

Tokio v1.16.1

1.16.1 (January 28, 2022)

This release fixes a bug in #4428 with the change #4437.

#4428: tokio-rs/tokio#4428 #4437: tokio-rs/tokio#4437

Tokio v1.16.0

Fixes a soundness bug in io::Take (#4428). The unsoundness is exposed when leaking memory in the given AsyncRead implementation and then overwriting the supplied buffer:

impl AsyncRead for Buggy {
    fn poll_read(
        self: Pin<&mut Self>,
        cx: &mut Context<'_>,
        buf: &mut ReadBuf<'_>
    ) -> Poll<Result<()>> {
      let new_buf = vec![0; 5].leak();
      *buf = ReadBuf::new(new_buf);
      buf.put_slice(b"hello");
      Poll::Ready(Ok(()))
    }
}

Also, this release includes improvements to the multi-threaded scheduler that can increase throughput by up to 20% in some cases (#4383).

Fixed

• io: soundness don't expose uninitialized memory when using io::Take in edge case (#4428)
• fs: ensure File::write results in a write syscall when the runtime shuts down (#4316)
• process: drop pipe after child exits in wait_with_output (#4315)
• rt: improve error message when spawning a thread fails (#4398)
• rt: reduce false-positive thread wakups in the multi-threaded scheduler (#4383)
• sync: don't inherit Send from parking_lot::*Guard (#4359)

Added

• net: TcpSocket::linger() and set_linger() (#4324)
• net: impl UnwindSafe for socket types (#4384)
• rt: impl UnwindSafe for JoinHandle (#4418)
• sync: watch::Receiver::has_changed() (#4342)
• sync: oneshot::Receiver::blocking_recv() (#4334)
• sync: RwLock blocking operations (#4425)

Unstable

... (truncated)

Commits

• 91b9850 chore: prepare Tokio v1.16.1 release (#4438)
• 3c46705 io: fix take pointer check (#4437)
• afd2189 chore: prepare Tokio v1.16 release (#4431)
• 986b88b chore: update year in LICENSE files (#4429)
• 257053e util: add spawn_pinned (#3370)
• 5af9e0d sync: add blocking lock methods to RwLock (#4425)
• 8f77ee8 net: add generic trait to combine UnixListener and TcpListener (#4385)
• 2747043 tests: enable running wasm32-unknown-unknown tests (#4421)
• 2a5071f feat: implement Framed::map_codec (#4427)
• 621790e io: fix take when using evil reader (#4428)
• Additional commits viewable in compare view

Updates crossbeam-utils from 0.8.12 to 0.8.20

Release notes

Sourced from crossbeam-utils's releases.

crossbeam-utils 0.8.20

• Implement Display for CachePadded. (#1097)

crossbeam-utils 0.8.19

• Remove dependency on cfg-if. (#1072)

crossbeam-utils 0.8.18

• Relax the minimum supported Rust version to 1.60. (#1056)
• Improve scalability of AtomicCell fallback. (#1055)

crossbeam-utils 0.8.17

• Bump the minimum supported Rust version to 1.61. (#1037)
• Improve support for targets without atomic CAS or 64-bit atomic. (#1037)
• Always implement UnwindSafe and RefUnwindSafe for AtomicCell. (#1045)
• Improve compatibility with Miri, TSan, and loom. (#995, #1003)
• Improve compatibility with unstable oom=panic. (#1045)
• Improve implementation of CachePadded. (#1014, #1025)
• Update loom dependency to 0.7.

crossbeam-utils 0.8.16

• Improve implementation of CachePadded. (#967)

crossbeam-utils 0.8.15

• Add #[clippy::has_significant_drop] to ShardedLock{Read,Write}Guard. (#958)
• Improve handling of very large timeout. (#953)
• Soft-deprecate thread::scope() in favor of the more efficient std::thread::scope that stabilized on Rust 1.63. (#954)

crossbeam-utils 0.8.14

• Fix build script bug introduced in 0.8.13. (#932)

crossbeam-utils 0.8.13

• Improve support for custom targets. (#922)

crossbeam-utils 0.8.12

• Remove the dependency on the once_cell crate to restore the MSRV. (#913)
• Work around rust-lang#98302, which causes compile error on windows-gnu when LTO is enabled. (#913)

crossbeam-utils 0.8.11

• Bump the minimum supported Rust version to 1.38. (#877)

crossbeam-utils 0.8.10

• Fix unsoundness of AtomicCell on types containing niches. (#834) This fix contains breaking changes, but they are allowed because this is a soundness bug fix. See #834 for more.

crossbeam-utils 0.8.9

• Replace lazy_static with once_cell. (#817)

crossbeam-utils 0.8.8

• Fix a bug when unstable loom support is enabled. (#787)

... (truncated)

Commits

• 3f5d51f Prepare for the next release
• a9d236c Use setup-cross-toolchain-action instead of cross
• 4a514f4 Address unexpected_cfgs warning
• 91edb88 Add select_biased! macro (#1040)
• d1ab079 Fix clippy::assigning_clones warning
• 3045680 ci: Set timeout-minutes in all jobs
• 1dc72c8 Revert "ci: Pin nightly toolchain for sanitizers to nightly-2024-03-13"
• 39417a5 ci: Use taiki-e/checkout-action action
• 120a6dd Run cargo-careful in CI
• 2b06585 impl Display for CachePadded<T> (#1097)
• Additional commits viewable in compare view

Updates h2 from 0.3.14 to 0.3.26

Release notes

Sourced from h2's releases.

v0.3.21

What's Changed

• Fix opening of new streams over peer's max concurrent limit.
• Fix RecvStream to return data even if it has received a CANCEL stream error.
• Update MSRV to 1.63.

New Contributors

• @​DDtKey made their first contribution in hyperium/h2#703
• @​jwilm made their first contribution in hyperium/h2#707

v0.3.20

Bug Fixes

• Fix panic if a server received a request with a :status pseudo header in the 1xx range. (#695)
• Fix panic if a reset stream had pending push promises that were more than allowed. (#685)
• Fix potential flow control overflow by subtraction, instead returning a connection error. (#692)

New Contributors

• @​f0rki made their first contribution in hyperium/h2#690

v0.3.19

What's Changed

• Fix counting reset streams when triggered by a GOAWAY.
• Send too_many_resets in opaque debug data of GOAWAY when too many resets received.

New Contributors

• @​Herbstein made their first contribution in hyperium/h2#673
• @​foresterre made their first contribution in hyperium/h2#680

v0.3.18

What's Changed

• fix: pending-accept remotely-reset streams pattern was checking is_local by @​seanmonstar in hyperium/h2#676

v0.3.17

What's Changed

• Add Error::is_library() method to check if the originated inside h2.
• Add max_pending_accept_reset_streams(usize) option to client and server builders.
• Fix theoretical memory growth when receiving too many HEADERS and then RST_STREAM frames faster than an application can accept them off the queue. (CVE-2023-26964)

v0.3.16

What's Changed

• Set Protocol extension on requests when received Extended CONNECT requests.
• Remove B: Unpin + 'static bound requiremented of bufs
• Fix releasing of frames when stream is finished, reducing memory usage.
• Fix panic when trying to send data and connection window is available, but stream window is not.
• Fix spurious wakeups when stream capacity is not available.

... (truncated)

Changelog

Sourced from h2's changelog.

0.3.21 (August 21, 2023)

• Fix opening of new streams over peer's max concurrent limit.
• Fix RecvStream to return data even if it has received a CANCEL stream error.
• Update MSRV to 1.63.

0.3.20 (June 26, 2023)

• Fix panic if a server received a request with a :status pseudo header in the 1xx range.
• Fix panic if a reset stream had pending push promises that were more than allowed.
• Fix potential flow control overflow by subtraction, instead returning a connection error.

0.3.19 (May 12, 2023)

• Fix counting reset streams when triggered by a GOAWAY.
• Send too_many_resets in opaque debug data of GOAWAY when too many resets received.

0.3.18 (April 17, 2023)

• Fix panic because of opposite check in is_remote_local().

0.3.17 (April 13, 2023)

• Add Error::is_library() method to check if the originated inside h2.
• Add max_pending_accept_reset_streams(usize) option to client and server builders.
• Fix theoretical memory growth when receiving too many HEADERS and then RST_STREAM frames faster than an application can accept them off the queue. (CVE-2023-26964)

0.3.16 (February 27, 2023)

• Set Protocol extension on requests when received Extended CONNECT requests.
• Remove B: Unpin + 'static bound requiremented of bufs
• Fix releasing of frames when stream is finished, reducing memory usage.
• Fix panic when trying to send data and connection window is available, but stream window is not.
• Fix spurious wakeups when stream capacity is not available.

0.3.15 (October 21, 2022)

• Remove B: Buf bound on SendStream's parameter
• add accessor for StreamId u32

0.3.14 (August 16, 2022)

• Add Error::is_reset function.
• Bump MSRV to Rust 1.56.
• Return RST_STREAM(NO_ERROR) when the server early responds.

0.3.13 (March 31, 2022)

... (truncated)

Commits

• da38b1c v0.3.21
• ee04292 Fix opening new streams over max concurrent (#707)
• 9bd62a2 Test that client reacts correctly on rogue HEADERS (#667)
• da9f34b chore: fix up some clippy nags (#709)
• cdcc641 msrv: bump to 1.63 (#708)
• 633116e fix: do not ignore result of ensure_recv_open (#687)
• 46fb80b test: early server response with data (#703)
• 6a75f23 v0.3.20
• 0189722 Fix for a fuzzer-discovered integer underflow of the flow control window size...
• 478f7b9 Fix for invalid header panic corrected (#695)
• Additional commits viewable in compare view

Updates time from 0.1.44 to 0.1.45

Commits

• See full diff in compare view

Updates tauri from 1.1.1 to 1.1.4

Commits

• 1023326 fix(ci): update getPublishedVersion script
• 1cc51a2 fix(ci): update NPM token
• d9f6ddc fix(ci): remove covector filterPackages
• b6e866c chore: trigger release
• 6f07f90 chore: remove println
• b352f69 fix(core): IPC remote domain check bypassed by isolation iframe usage (#6691)
• 58ea0b4 feat(core): block remote URLs from accessing the IPC
• e4159d4 run covector version
• 2654c0f Merge pull request from GHSA-6mv3-wm7j-h4w5
• 7b64529 run covector version
• Additional commits viewable in compare view

Updates bumpalo from 3.11.0 to 3.16.0

Changelog

Sourced from bumpalo's changelog.

3.16.0

Released 2024-04-08.

Added

• Added an optional, off-by-default dependency on the serde crate. Enabling this dependency allows you to serialize Bumpalo's collection and box types. Deserialization is not implemented, due to constraints of the deserialization trait.

---

3.15.4

Released 2024-03-07.

Added

• Added the bumpalo::collections::Vec::extend_from_slices_copy method, which is a faster way to extend a vec from multiple slices when the element is Copy than calling extend_from_slice_copy N times.

---

3.15.3

Released 2024-02-22.

Added

• Added additional performance improvements to bumpalo::collections::Vec related to reserving capacity.

---

3.15.2

Released 2024-02-21.

Added

• Add a bumpalo::collections::Vec::extend_from_slice_copy method. This doesn't exist on the standard library's Vec but they have access to specialization, so their regular extend_from_slice has a specialization for Copy types. Using this new method for Copy types is a ~80x performance improvement over the plain extend_from_slice method.

---

... (truncated)

Commits

• 4eeab88 Bump to version 3.16.0
• d746a56 add serde serialization support (#210)
• 49c5a71 Bump to version 3.15.4
• 6a91333 Adds Vec::extend_from_slices_copy that accepts multiple slices (#240)
• 2ed8718 Bump to 3.15.3
• 1803cca Modifies RawVec reserve fn structure to improve inlining (#239)
• 2ffdfb3 Bump to version 3.15.2
• 54c88f0 Provides implementation of Vec::extend_from_slice optimized for T: Copy (...
• f8597ce Fix MSRV in Cargo.toml; bump to version 3.15.1
• bb660a3 Bump to version 3.15.0
• Additional commits viewable in compare view

Updates bzip2 from 0.4.3 to 0.4.4

Commits

• See full diff in compare view

Updates openssl from 0.10.42 to 0.10.64

Release notes

Sourced from openssl's releases.

openssl-v0.10.64

What's Changed

• Make _STACK opaque for LibreSSL >= 3.9.0 by @​botovq in sfackler/rust-openssl#2153
• enable x509 verify and groups list for boringssl by @​zh-jq in sfackler/rust-openssl#2155
• Cleanup some not-required Path::new invocations by @​alex in sfackler/rust-openssl#2158
• fixed a clippy (nightly) warning by @​alex in sfackler/rust-openssl#2161
• Bump actions versions by @​alex in sfackler/rust-openssl#2162
• Add support for setting the nonce type and digest on a PKEY_CTX by @​facutuesca in sfackler/rust-openssl#2144
• rebuild openssl-sys if the underlying openssl has changed by @​reaperhulk in sfackler/rust-openssl#2157
• Added binding for EVP_default_properties_enable_fips by @​alex in sfackler/rust-openssl#2168
• LibreSSL 3.9: fix CRYPTO_malloc/free signatures by ...

  Description has been truncated

[coderabbitai]

Important

Review Skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.