mirror of
https://github.com/orhun/systeroid
synced 2024-10-15 20:02:20 +00:00
chore(deps): bump regex from 1.5.4 to 1.5.5 (#5)
Bumps [regex](https://github.com/rust-lang/regex) from 1.5.4 to 1.5.5. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p> <blockquote> <h1>1.5.5 (2022-03-08)</h1> <p>This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.</p> <ul> <li><a href="https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8">SECURITY #GHSA-m5pq-gvj9-9vr8</a>: Fixes a bug in the regex compiler where empty sub-expressions subverted the existing mitigations in place to enforce a size limit on compiled regexes. The Rust Security Response WG published an advisory about this: <a href="https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw">https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="d130381b15
"><code>d130381</code></a> 1.5.5</li> <li><a href="ae70b41d4f
"><code>ae70b41</code></a> security: fix denial-of-service bug in compiler</li> <li><a href="b92ffd5471
"><code>b92ffd5</code></a> cargo: use SPDX license format</li> <li><a href="f6e52dafde
"><code>f6e52da</code></a> syntax: fix 'unused' warnings</li> <li><a href="5197f21287
"><code>5197f21</code></a> fuzz: do not use inherits in Cargo.toml</li> <li><a href="3662851482
"><code>3662851</code></a> doc: fix typo</li> <li><a href="63ee6699a2
"><code>63ee669</code></a> syntax/doc: fix 'their' typo</li> <li><a href="d6bc7a4c3b
"><code>d6bc7a4</code></a> readme: remove broken badge</li> <li><a href="bd7466034f
"><code>bd74660</code></a> fuzz: try to fix build issue</li> <li><a href="bd0a14231b
"><code>bd0a142</code></a> readme: fix badges</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/1.5.4...1.5.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=cargo&previous-version=1.5.4&new-version=1.5.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
This commit is contained in:
parent
55f1dca9f5
commit
f59f8d2542
4
Cargo.lock
generated
4
Cargo.lock
generated
|
@ -581,9 +581,9 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "regex"
|
name = "regex"
|
||||||
version = "1.5.4"
|
version = "1.5.5"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461"
|
checksum = "1a11647b6b25ff05a515cb92c365cec08801e83423a235b51e231e1808747286"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"aho-corasick",
|
"aho-corasick",
|
||||||
"memchr",
|
"memchr",
|
||||||
|
|
|
@ -16,7 +16,7 @@ rust-version = "1.56.1"
|
||||||
gzip = ["flate2"]
|
gzip = ["flate2"]
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
regex = "1.5.4"
|
regex = "1.5.5"
|
||||||
globwalk = "0.8.1"
|
globwalk = "0.8.1"
|
||||||
thiserror = "1.0.29"
|
thiserror = "1.0.29"
|
||||||
flate2 = { version = "1.0.22", optional = true }
|
flate2 = { version = "1.0.22", optional = true }
|
||||||
|
|
Loading…
Reference in a new issue