Bump the cargo group with 4 updates

[dependabot]

Bumps the cargo group with 4 updates: hyper, regex, bumpalo and generic-array.

Updates hyper from 0.10.16 to 0.14.15

Release notes

Sourced from hyper's releases.

v0.14.15

Bug Fixes

• client: cancel blocking DNS lookup if GaiFuture is dropped (174b553d)

Features

• http1: add http1_writev(bool) options to Client and Server builders, to allow forcing vectored writes (80627141)
• upgrade: allow http upgrades with any body type (ab469eb3)

New Contributors

• @​luqmana made their first contribution in hyperium/hyper#2680
• @​whentze made their first contribution in hyperium/hyper#2688
• @​ahmedsobeh made their first contribution in hyperium/hyper#2689

v0.14.14

Bug Fixes

• client:
  • make ResponseFuture implement Sync (bd6c35b9)
  • remove ipv6 square brackets before resolving (910e0268)

Features

• http2: always include original h2 error on broken pipe (6169db25)
• server: Remove Send + Sync requirement for Body in with_graceful_shutdown (1d553e52)

v0.14.13

Bug Fixes

• client: don't reuse a connection while still flushing (c88011da)
• server: convert panic to error if Connection::without_shutdown called on HTTP/2 conn (ea3e2282)

Features

• ffi: add hyper_request_set_uri_parts (a54689b9)
• lib:
  • Export more things with Cargo features (server, !http1, !http2) (0a4b56ac)
  • Export rt module independently of Cargo features (cf6f62c7)

v0.14.12

Bug Fixes

• ffi: on_informational callback had no headers (39b6d01a)
• http1: apply header title case for consecutive dashes (#2613) (684f2fa7)
• http2: improve errors emitted by HTTP2 Upgraded stream shutdown (#2622) (be08648e)

... (truncated)

Changelog

Sourced from hyper's changelog.

v0.14.15 (2021-11-16)

Bug Fixes

• client: cancel blocking DNS lookup if GaiFuture is dropped (174b553d

Features

• http1: add http1_writev(bool) options to Client and Server builders, to allow forcing vectored writes (80627141)
• upgrade: allow http upgrades with any body type (ab469eb3)

v0.14.14 (2021-10-22)

Bug Fixes

• client:
  • make ResponseFuture implement Sync (bd6c35b9)
  • remove ipv6 square brackets before resolving (910e0268)

Features

• h2: always include original h2 error on broken pipe (6169db25)
• server: Remove Send + Sync requirement for Body in with_graceful_shutdown (1d553e52)

v0.14.13 (2021-09-16)

Bug Fixes

• client: don't reuse a connection while still flushing (c88011da)
• server: convert panic to error if Connection::without_shutdown called on HTTP/2 conn (ea3e2282)

Features

• ffi: add hyper_request_set_uri_parts (a54689b9)
• lib:
  • Export more things with Cargo features (server, !http1, !http2) (0a4b56ac)
  • Export rt module independently of Cargo features (cf6f62c7)

v0.14.12 (2021-08-24)

Bug Fixes

... (truncated)

Commits

• d0b1d9e v0.14.15
• a1502e1 docs(http1): clarify HTTP1 preserve case option
• a12db28 docs(upgrade): add module documentation for HTTP upgrades
• 7f5e853 refactor(benches): make benchmark names more consistent
• 174b553 fit(client): cancel blocking DNS lookup if GaiFuture dropped (#2689)
• 913be88 docs(client): fix missing feature attrs in another doctest
• 3221f57 docs(body) fix doctest failing due to missing features
• 8062714 feat(http1): Add http1_writev(bool) to client and server Builders
• ab469eb feat(upgrade): allow http upgrades with any body type
• b5022f3 v0.14.14
• Additional commits viewable in compare view

Updates regex from 1.4.1 to 1.5.5

Changelog

Sourced from regex's changelog.

1.5.5 (2022-03-08)

This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.

• SECURITY #GHSA-m5pq-gvj9-9vr8: Fixes a bug in the regex compiler where empty sub-expressions subverted the existing mitigations in place to enforce a size limit on compiled regexes. The Rust Security Response WG published an advisory about this: https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw

1.5.4 (2021-05-06)

This release fixes another compilation failure when building regex. This time, the fix is for when the pattern feature is enabled, which only works on nightly Rust. CI has been updated to test this case.

• [BUG #772](rust-lang/regex#772): Fix build when pattern feature is enabled.

1.5.3 (2021-05-01)

This releases fixes a bug when building regex with only the unicode-perl feature. It turns out that while CI was building this configuration, it wasn't actually failing the overall build on a failed compilation.

• [BUG #769](rust-lang/regex#769): Fix build in regex-syntax when only the unicode-perl feature is enabled.

1.5.2 (2021-05-01)

This release fixes a performance bug when Unicode word boundaries are used. Namely, for certain regexes on certain inputs, it's possible for the lazy DFA to stop searching (causing a fallback to a slower engine) when it doesn't actually need to.

[PR #768](rust-lang/regex#768) fixes the bug, which was originally reported in ripgrep#1860.

1.5.1 (2021-04-30)

This is a patch release that fixes a compilation error when the perf-literal feature is not enabled.

... (truncated)

Commits

• d130381 1.5.5
• ae70b41 security: fix denial-of-service bug in compiler
• b92ffd5 cargo: use SPDX license format
• f6e52da syntax: fix 'unused' warnings
• 5197f21 fuzz: do not use inherits in Cargo.toml
• 3662851 doc: fix typo
• 63ee669 syntax/doc: fix 'their' typo
• d6bc7a4 readme: remove broken badge
• bd74660 fuzz: try to fix build issue
• bd0a142 readme: fix badges
• Additional commits viewable in compare view

Updates bumpalo from 3.9.1 to 3.16.0

Changelog

Sourced from bumpalo's changelog.

3.16.0

Released 2024-04-08.

Added

• Added an optional, off-by-default dependency on the serde crate. Enabling this dependency allows you to serialize Bumpalo's collection and box types. Deserialization is not implemented, due to constraints of the deserialization trait.

---

3.15.4

Released 2024-03-07.

Added

• Added the bumpalo::collections::Vec::extend_from_slices_copy method, which is a faster way to extend a vec from multiple slices when the element is Copy than calling extend_from_slice_copy N times.

---

3.15.3

Released 2024-02-22.

Added

• Added additional performance improvements to bumpalo::collections::Vec related to reserving capacity.

---

3.15.2

Released 2024-02-21.

Added

• Add a bumpalo::collections::Vec::extend_from_slice_copy method. This doesn't exist on the standard library's Vec but they have access to specialization, so their regular extend_from_slice has a specialization for Copy types. Using this new method for Copy types is a ~80x performance improvement over the plain extend_from_slice method.

---

... (truncated)

Commits

• 4eeab88 Bump to version 3.16.0
• d746a56 add serde serialization support (#210)
• 49c5a71 Bump to version 3.15.4
• 6a91333 Adds Vec::extend_from_slices_copy that accepts multiple slices (#240)
• 2ed8718 Bump to 3.15.3
• 1803cca Modifies RawVec reserve fn structure to improve inlining (#239)
• 2ffdfb3 Bump to version 3.15.2
• 54c88f0 Provides implementation of Vec::extend_from_slice optimized for T: Copy (...
• f8597ce Fix MSRV in Cargo.toml; bump to version 3.15.1
• bb660a3 Bump to version 3.15.0
• Additional commits viewable in compare view

Updates generic-array from 0.12.3 to 0.12.4

Changelog

Sourced from generic-array's changelog.

• 0.12.4

  • Fix unsoundness in the arr! macro.

• 0.12.0

  • Allow trailing commas in arr! macro.
  • BREAKING: Serialize GenericArray using serde tuples, instead of variable-length sequences. This may not be compatible with old serialized data.

• 0.11.0

  • BREAKING Redesign GenericSequence with an emphasis on use in generic type parameters.
  • Add MappedGenericSequence and FunctionalSequence
    • Implements optimized map, zip and fold for GenericArray, &GenericArray and &mut GenericArray
  • BREAKING Remove map_ref, zip_ref and map_slice
    • map_slice is now equivalent to GenericArray::from_iter(slice.iter().map(...))

• 0.10.0

  • Add GenericSequence, Lengthen, Shorten, Split and Concat traits.
  • Redefine transmute to avert errors.

• 0.9.0

  • Rewrite construction methods to be well-defined in panic situations, correctly dropping elements.
  • NoDrop crate replaced by ManuallyDrop as it became stable in Rust core.
  • Add optimized map/map_ref and zip/zip_ref methods to GenericArray

• 0.8.0

  • Implement AsRef, AsMut, Borrow, BorrowMut, Hash for GenericArray
  • Update serde to 1.0
  • Update typenum
  • Make macro arr! non-cloning
  • Implement From<[T; N]> up to N=32
  • Fix #45

• 0.7.0

  • Upgrade serde to 0.9
  • Make serde with no_std
  • Implement PartialOrd/Ord for GenericArray

• 0.6.0

  • Fixed #30
  • Implement Default for GenericArray
  • Implement LowerHex and UpperHex for GenericArray<u8, N>
  • Use precision formatting field in hex representation
  • Add as_slice, as_mut_slice
  • Remove GenericArray::new in favor of Default trait
  • Add from_slice and from_mut_slice
  • no_std and core for crate.

• 0.5.0

  • Update serde
  • remove no_std feature, fixed #19

• 0.4.0

  • Re-export typenum

• 0.3.0

  • Implement IntoIter for GenericArray
  • Add map method
  • Add optional serde (de)serialization support feature.

• < 0.3.0

... (truncated)

Commits

• 42843cd Bump version
• 59dad41 Fixed lifetime unsoundness in arr macro.
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[Taowyoo]

@dependabot show hyper ignore conditions

[dependabot]

No ignore conditions found for the dependency hyper

[Taowyoo]

@dependabot ignore hyper minor version

[dependabot]

OK, I won't notify you about version 0.14.x of hyper again, unless you unignore it.