Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): update boring requirement from 2.1.0 to 3.0.4 #176

Closed
wants to merge 1 commit into from
Closed

build(deps): update boring requirement from 2.1.0 to 3.0.4 #176

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 15, 2023

Updates the requirements on boring to permit the latest version.

Changelog

Sourced from boring's changelog.

2.1.0

  • 2022-09-16 Update changelogs and bump version numbers
  • 2022-09-07 Fix clippy warnings
  • 2022-09-07 Remove uses of mem::uninitialized
  • 2022-08-08 Remove T: Debug bound
  • 2022-08-08 hyper-boring: Impl debug for MaybeHttpsStream
  • 2022-07-28 boring: Expose PKey::private_key_to_der_pkcs8(_passphrase)
  • 2022-07-25 boring-sys: Use the Android NDK sysroot when running bindgen
  • 2022-07-01 boring: Fix memory leak in Deriver
  • 2022-06-22 Add minimal cross-compilation support for Windows and AArch64 Linux
  • 2022-06-17 MSVC generator hack should be only applied to MSVC
  • 2022-06-07 chore: update to bindgen 1.60
  • 2021-12-30 ci: Test builds for iOS targets
  • 2021-12-30 ci: Don't run tests when targeting iOS
  • 2022-01-01 boring-sys: Disable alignment tests for iOS ARM64 targets
  • 2021-12-30 boring-sys: Configure "rustc-cdylib-link-arg" only for macOS targets
  • 2021-12-30 boring-sys: Pass "-isysroot" to bindgen for iOS builds
  • 2021-12-30 boring-sys: Support "aarch64-apple-ios-sim" targets
  • 2021-12-30 boring-sys: Use TARGET to determine iOS CMake params
  • 2021-12-30 boring-sys: Pull iOS CMake params into a function
  • 2021-12-30 boring-sys: Pull Android CMake params into a function
  • 2022-06-02 boring-sys: Save time by not building the bssl CLI utility
  • 2022-04-28 ssl/test: fix UT expectations accordingly with boringssl change
  • 2022-04-27 Update boringssl deps for quiche 0.12.0 compatibility
  • 2022-02-12 boring: BigNumRef::to_vec_padded()
  • 2022-01-31 Add fips-3678 feature (#52)
  • 2021-12-30 boring: Suppress Clippy warnings about missing safety docs
  • 2021-12-16 Add/update changelogs
  • 2021-12-16 Bump versions for release
  • 2021-10-06 Remove PasswordCallback
  • 2021-11-04 Relax constraints on Display for tokio-boring::HandshakeError
  • 2021-11-02 boring-sys: Disable unnecessary bindgen dependencies
  • 2021-08-10 Remove unused and deprecated tempdir dependency
  • 2021-08-09 Remove unused *Ref parameters to macro
  • 2021-08-09 Update dependencies
  • 2021-08-12 Switch to 2018 edition in boring
  • 2021-08-12 Run `cargo fix --edition
  • 2021-07-30 Remove unused attribute
  • 2021-06-14 Remove unused dependency on bytes
  • 2021-07-29 Update bindgen to 0.59 and bytes to 1
  • 2021-07-30 Merge pull request #46 from cloudflare/jnelson/rust-1.54
  • 2021-07-29 Fix clippy warnings for 1.54
  • 2021-07-28 Update documentation for tokio-boring
  • 2021-07-28 Merge pull request #43 from cloudflare/jnelson/submodule
  • 2021-07-28 Merge pull request #37 from Evrard-Nil/allow-pre-built-binaries
  • 2021-07-27 Fetch git submodule automatically
  • 2021-07-28 Merge pull request #42 from cloudflare/jnelson/warnings
  • 2021-07-27 Ignore bindgen warnings until they're fixed upstream
  • 2021-06-01 pre-built binaries: Update readme and fix clippy
  • 2021-05-18 Check for env var for pre-built binaries of bssl

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): update boring requirement from 2.1.0 to 3.0.4
8dbbd9e 
Updates the requirements on [boring](https://github.com/cloudflare/boring) to permit the latest version.
- [Release notes](https://github.com/cloudflare/boring/releases)
- [Changelog](https://github.com/cloudflare/boring/blob/master/RELEASE_NOTES)
- [Commits](cloudflare/boring@v2.1.0...v2.1.0)

---
updated-dependencies:
- dependency-name: boring
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Aug 15, 2023
hawkw added a commit to hawkw/kubert that referenced this pull request Aug 15, 2023
@hawkw
chore: update boringssl deps to v3.x
9efceda 
This branch updates the dependencies on `boring`, `tokio-boring`, and
`hyper-boring` to v3.0.0. This dependency update does not appear to
contain any breaking changes to the APIs currently used by Kubert, so
the only reason this dependency bump had to be performed manually is
because the `tokio-boring` and `hyper-boring` deps depend on `boring`,
so the three crates must have their versions bumped atomically.

Because `boring-sys` v3.0 updates its dependency on `foreign-types` to
the same major as `openssl-sys`, we no longer need to allow multiple
versions of that crate in `deny.toml`.

Closes olix0r#174
Closes olix0r#175
Closes olix0r#176
@hawkw hawkw mentioned this pull request Aug 15, 2023
Merged
@olix0r olix0r closed this in #178 Aug 15, 2023
@olix0r olix0r closed this in 15075e1 Aug 15, 2023
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 15, 2023

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/cargo/boring-3.0.4 branch August 15, 2023 19:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants