Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Rust crate tempfile to v3.15.0 #1545

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update Rust crate tempfile to v3.15.0 #1545

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 1, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
tempfile (source) workspace.dependencies minor 3.8.1 -> 3.15.0

Release Notes

Stebalien/tempfile (tempfile)

v3.15.0

Compare Source

Re-seed the per-thread RNG from system randomness when we repeatedly fail to create temporary files (#​314). This resolves a potential DoS vector (#​178) while avoiding getrandom in the common case where it's necessary. The feature is optional but enabled by default via the getrandom feature.

For libc-free builds, you'll either need to disable this feature or opt-in to a different getrandom backend.

v3.14.0

Compare Source

  • Make the wasip2 target work (requires tempfile's "nightly" feature to be enabled). #​305.
  • Allow older windows-sys versions #​304.

v3.13.0

Compare Source

  • Add with_suffix constructors for easily creating new temporary files with a specific suffix (e.g., a specific file extension). Thanks to @​Borgerr.
  • Update dependencies (fastrand & rustix).

v3.12.0

Compare Source

  • Add a keep(keep: bool) function to builder that suppresses delete-on-drop behavior (thanks to @​RalfJung).
  • Update windows-sys from 0.52 to 0.59.

v3.11.0

Compare Source

  • Add the ability to override the default temporary directory. This API shouldn't be used in general, but there are some cases where it's unavoidable.

v3.10.1

Compare Source

  • Handle potential integer overflows in 32-bit systems when seeking/truncating "spooled" temporary files past 4GiB (2³²).
  • Handle a theoretical 32-bit overflow when generating a temporary file name larger than 4GiB. Now it'll panic (on allocation failure) rather than silently succeeding due to wraparound.

Thanks to @​stoeckmann for finding and fixing both of these issues.

v3.10.0

Compare Source

  • Drop redox_syscall dependency, we now use rustix for Redox.
  • Add Builder::permissions for setting the permissions on temporary files and directories (thanks to @​Byron).
  • Update rustix to 0.38.31.
  • Update fastrand to 2.0.1.

v3.9.0

Compare Source

  • Updates windows-sys to 0.52
  • Updates minimum rustix version to 0.38.25

Configuration

📅 Schedule: Branch creation - "after 8pm,before 6am" in timezone America/Los_Angeles, Automerge - "after 8pm,before 6am" in timezone America/Los_Angeles.

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Nov 1, 2024
@renovate renovate bot force-pushed the renovate/tempfile-3.x-lockfile branch from 8558037 to 0ea0479 Compare November 8, 2024 06:58
@renovate renovate bot changed the title Update Rust crate tempfile to v3.13.0 Update Rust crate tempfile to v3.14.0 Nov 8, 2024
@renovate renovate bot force-pushed the renovate/tempfile-3.x-lockfile branch from 0ea0479 to 94736ad Compare January 3, 2025 08:15
@renovate renovate bot changed the title Update Rust crate tempfile to v3.14.0 Update Rust crate tempfile to v3.15.0 Jan 3, 2025
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Jan 3, 2025

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Cargo.lock
Command failed: cargo update --config net.git-fetch-with-cli=true --manifest-path Cargo.toml --package [email protected] --precise 3.15.0
    Updating crates.io index
error: failed to select a version for `getrandom`.
    ... required by package `tempfile v3.15.0`
    ... which satisfies dependency `tempfile = "^3"` of package `crucible-agent v0.0.1 (/tmp/renovate/repos/github/oxidecomputer/crucible/agent)`
versions that meet the requirements `^0.2.15` are: 0.2.15

all possible versions conflict with previously selected packages.

  previously selected package `getrandom v0.2.11`
    ... which satisfies dependency `getrandom = "^0.2"` (locked to 0.2.11) of package `crucible-workspace-hack v0.1.0 (/tmp/renovate/repos/github/oxidecomputer/crucible/workspace-hack)`
    ... which satisfies dependency `crucible-workspace-hack = "^0.1.0"` (locked to 0.1.0) of package `agent-antagonist v0.1.0 (/tmp/renovate/repos/github/oxidecomputer/crucible/agent-antagonist)`

failed to select a version for `getrandom` which could resolve this conflict

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants