kjuulh/hyperlog
1
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects Releases 3 Wiki Activity

fix(deps): update rust crate sqlx to v0.8.1 #21

Merged
kjuulh merged 1 commits from renovate/all into main 2024-08-24 10:08:03 +02:00
Conversation 0 Commits 1 Files Changed 1 +42 -76
kjuulh commented 2024-08-24 10:07:54 +02:00
Owner
Copy Link

This PR contains the following updates:

Package Type Update Change
sqlx dependencies patch 0.8.0 -> 0.8.1

⚠️ Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

launchbadge/sqlx (sqlx)

v0.8.1

Compare Source

16 pull requests were merged this release cycle.

This release contains a fix for RUSTSEC-2024-0363.

Postgres users are advised to upgrade ASAP as a possible exploit has been demonstrated:
#​3440 (comment)

MySQL and SQLite do not appear to be exploitable, but upgrading is recommended nonetheless.

Added
  • [#​3421]]: correct spelling of `MySqlConnectOptions::no_engine_substitution()` \[\[[@​kolinfluence](https://github.com/kolinfluence)]]
-   Deprecates `MySqlConnectOptions::no_engine_subsitution()` (oops) in favor of the correctly spelled version.
Changed
  • [#​3376]]: doc: hide `spec_error` module \[\[[@​abonander](https://github.com/abonander)]]
-   This is a helper module for the macros and was not meant to be exposed.
-   It is not expected to receive any breaking changes for the 0.8.x release, but is not designed as a public API.
    Use at your own risk.

  • [#​3382]]: feat: bumped to `libsqlite3-sys=0.30.1` to support sqlite 3.46 \[\[[@​CommanderStorm](https://github.com/CommanderStorm)]]

  • [#​3385]]: chore(examples):Migrated the pg-chat example to ratatui \[\[[@​CommanderStorm](https://github.com/CommanderStorm)]]

  • [#​3399]]: Upgrade to rustls 0.23 \[\[[@​djc](https://github.com/djc)]]
-   RusTLS now has pluggable cryptography providers: `ring` (the existing implementation),
    and `aws-lc-rs` which has optional FIPS certification.
-   The existing features activating RusTLS (`runtime-tokio-rustls`, `runtime-async-std-rustls`, `tls-rustls`)
    enable the `ring` provider of RusTLS to match the existing behavior so this *should not* be a breaking change.
-   Switch to the `tls-rustls-aws-lc-rs` feature to use the `aws-lc-rs` provider.
    -   If using `runtime-tokio-rustls` or `runtime-async-std-rustls`,
        this will necessitate switching to the appropriate non-legacy runtime feature:
        `runtime-tokio` or `runtime-async-std`
-   See the RusTLS README for more details: <https://github.com/rustls/rustls?tab=readme-ov-file#cryptography-providers>
Fixed
  • [#&#8203;2786]]: fix(sqlx-cli): do not clean sqlx during prepare \[\[[@&#8203;cycraig](https://github.com/cycraig)]]

  • [#&#8203;3354]]: sqlite: fix inconsistent read-after-write \[\[[@&#8203;ckampfe](https://github.com/ckampfe)]]

  • [#&#8203;3371]]: Fix encoding and decoding of MySQL enums in `sqlx::Type` \[\[[@&#8203;alu](https://github.com/alu)]]

  • [#&#8203;3374]]: fix: usage of `node12` in `SQLx` action \[\[[@&#8203;hamirmahal](https://github.com/hamirmahal)]]

  • [#&#8203;3380]]: chore: replace structopt with clap in examples \[\[[@&#8203;tottoto](https://github.com/tottoto)]]

  • [#&#8203;3381]]: Fix CI after Rust 1.80, remove dead feature references \[\[[@&#8203;abonander](https://github.com/abonander)]]

  • [#&#8203;3384]]: chore(tests): fixed deprecation warnings \[\[[@&#8203;CommanderStorm](https://github.com/CommanderStorm)]]

  • [#&#8203;3386]]: fix(dependencys):bumped cargo_metadata to `v0.18.1` to avoid yanked `v0.14.3` \[\[[@&#8203;CommanderStorm](https://github.com/CommanderStorm)]]

  • [#&#8203;3389]]: fix(cli): typo in error for required DB URL \[\[[@&#8203;ods](https://github.com/ods)]]

  • [#&#8203;3417]]: Update version to 0.8 in README \[\[[@&#8203;soucosmo](https://github.com/soucosmo)]]

  • [#&#8203;3441]]: fix: audit protocol handling \[\[[@&#8203;abonander](https://github.com/abonander)]]
-   This addresses [RUSTSEC-2024-0363] and includes regression tests for MySQL, Postgres and SQLite.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [sqlx](https://github.com/launchbadge/sqlx) | dependencies | patch | `0.8.0` -> `0.8.1` | --- > ⚠️ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>launchbadge/sqlx (sqlx)</summary> ### [`v0.8.1`](https://github.com/launchbadge/sqlx/blob/HEAD/CHANGELOG.md#081---2024-08-23) [Compare Source](https://github.com/launchbadge/sqlx/compare/v0.8.0...v0.8.1) 16 pull requests were merged this release cycle. This release contains a fix for [RUSTSEC-2024-0363]. Postgres users are advised to upgrade ASAP as a possible exploit has been demonstrated: [#&#8203;3440 (comment)](https://github.com/launchbadge/sqlx/issues/3440#issuecomment-2307956901) MySQL and SQLite do not *appear* to be exploitable, but upgrading is recommended nonetheless. ##### Added - \[[#&#8203;3421]]: correct spelling of `MySqlConnectOptions::no_engine_substitution()` \[\[[@&#8203;kolinfluence](https://github.com/kolinfluence)]] - Deprecates `MySqlConnectOptions::no_engine_subsitution()` (oops) in favor of the correctly spelled version. ##### Changed - \[[#&#8203;3376]]: doc: hide `spec_error` module \[\[[@&#8203;abonander](https://github.com/abonander)]] - This is a helper module for the macros and was not meant to be exposed. - It is not expected to receive any breaking changes for the 0.8.x release, but is not designed as a public API. Use at your own risk. - \[[#&#8203;3382]]: feat: bumped to `libsqlite3-sys=0.30.1` to support sqlite 3.46 \[\[[@&#8203;CommanderStorm](https://github.com/CommanderStorm)]] - \[[#&#8203;3385]]: chore(examples):Migrated the pg-chat example to ratatui \[\[[@&#8203;CommanderStorm](https://github.com/CommanderStorm)]] - \[[#&#8203;3399]]: Upgrade to rustls 0.23 \[\[[@&#8203;djc](https://github.com/djc)]] - RusTLS now has pluggable cryptography providers: `ring` (the existing implementation), and `aws-lc-rs` which has optional FIPS certification. - The existing features activating RusTLS (`runtime-tokio-rustls`, `runtime-async-std-rustls`, `tls-rustls`) enable the `ring` provider of RusTLS to match the existing behavior so this *should not* be a breaking change. - Switch to the `tls-rustls-aws-lc-rs` feature to use the `aws-lc-rs` provider. - If using `runtime-tokio-rustls` or `runtime-async-std-rustls`, this will necessitate switching to the appropriate non-legacy runtime feature: `runtime-tokio` or `runtime-async-std` - See the RusTLS README for more details: <https://github.com/rustls/rustls?tab=readme-ov-file#cryptography-providers> ##### Fixed - \[[#&#8203;2786]]: fix(sqlx-cli): do not clean sqlx during prepare \[\[[@&#8203;cycraig](https://github.com/cycraig)]] - \[[#&#8203;3354]]: sqlite: fix inconsistent read-after-write \[\[[@&#8203;ckampfe](https://github.com/ckampfe)]] - \[[#&#8203;3371]]: Fix encoding and decoding of MySQL enums in `sqlx::Type` \[\[[@&#8203;alu](https://github.com/alu)]] - \[[#&#8203;3374]]: fix: usage of `node12` in `SQLx` action \[\[[@&#8203;hamirmahal](https://github.com/hamirmahal)]] - \[[#&#8203;3380]]: chore: replace structopt with clap in examples \[\[[@&#8203;tottoto](https://github.com/tottoto)]] - \[[#&#8203;3381]]: Fix CI after Rust 1.80, remove dead feature references \[\[[@&#8203;abonander](https://github.com/abonander)]] - \[[#&#8203;3384]]: chore(tests): fixed deprecation warnings \[\[[@&#8203;CommanderStorm](https://github.com/CommanderStorm)]] - \[[#&#8203;3386]]: fix(dependencys):bumped cargo_metadata to `v0.18.1` to avoid yanked `v0.14.3` \[\[[@&#8203;CommanderStorm](https://github.com/CommanderStorm)]] - \[[#&#8203;3389]]: fix(cli): typo in error for required DB URL \[\[[@&#8203;ods](https://github.com/ods)]] - \[[#&#8203;3417]]: Update version to 0.8 in README \[\[[@&#8203;soucosmo](https://github.com/soucosmo)]] - \[[#&#8203;3441]]: fix: audit protocol handling \[\[[@&#8203;abonander](https://github.com/abonander)]] - This addresses [RUSTSEC-2024-0363] and includes regression tests for MySQL, Postgres and SQLite. [#&#8203;2786]: https://github.com/launchbadge/sqlx/pull/2786 [#&#8203;3354]: https://github.com/launchbadge/sqlx/pull/3354 [#&#8203;3371]: https://github.com/launchbadge/sqlx/pull/3371 [#&#8203;3374]: https://github.com/launchbadge/sqlx/pull/3374 [#&#8203;3376]: https://github.com/launchbadge/sqlx/pull/3376 [#&#8203;3380]: https://github.com/launchbadge/sqlx/pull/3380 [#&#8203;3381]: https://github.com/launchbadge/sqlx/pull/3381 [#&#8203;3382]: https://github.com/launchbadge/sqlx/pull/3382 [#&#8203;3384]: https://github.com/launchbadge/sqlx/pull/3384 [#&#8203;3385]: https://github.com/launchbadge/sqlx/pull/3385 [#&#8203;3386]: https://github.com/launchbadge/sqlx/pull/3386 [#&#8203;3389]: https://github.com/launchbadge/sqlx/pull/3389 [#&#8203;3399]: https://github.com/launchbadge/sqlx/pull/3399 [#&#8203;3417]: https://github.com/launchbadge/sqlx/pull/3417 [#&#8203;3421]: https://github.com/launchbadge/sqlx/pull/3421 [#&#8203;3441]: https://github.com/launchbadge/sqlx/pull/3441 [RUSTSEC-2024-0363]: https://rustsec.org/advisories/RUSTSEC-2024-0363.html </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjQuMyIsInVwZGF0ZWRJblZlciI6IjM3LjQyNC4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
kjuulh added 1 commit 2024-08-24 10:07:54 +02:00
fix(deps): update rust crate sqlx to v0.8.1
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
8886af4a8f
kjuulh scheduled this pull request to auto merge when all checks succeed 2024-08-24 10:07:55 +02:00
kjuulh merged commit 8886af4a8f into main 2024-08-24 10:08:03 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: kjuulh/hyperlog#21
No description provided.
Delete Branch "renovate/all"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?