1011: Bump time from 0.3.7 to 0.3.9 r=delta1 a=dependabot[bot]
Bumps [time](https://github.com/time-rs/time) from 0.3.7 to 0.3.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/time-rs/time/releases">time's releases</a>.</em></p>
<blockquote>
<h2>v0.3.9</h2>
<p>See the <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a> for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">time's changelog</a>.</em></p>
<blockquote>
<h2>0.3.9 [2022-03-22]</h2>
<h3>Added</h3>
<ul>
<li><code>time::serde::format_description!</code>
<ul>
<li>This macro is similar to <code>time::format_description!</code>, but it generates a module that can be used
in <code>#[serde(with = "foo")]</code>. This makes it far easier to serialize/deserialize a custom format.</li>
</ul>
</li>
<li><code>Date::replace_year</code></li>
<li><code>Date::replace_month</code></li>
<li><code>Date::replace_day</code></li>
<li><code>Time::replace_hour</code></li>
<li><code>Time::replace_minute</code></li>
<li><code>Time::replace_second</code></li>
<li><code>Time::replace_millisecond</code></li>
<li><code>Time::replace_microsecond</code></li>
<li><code>Time::replace_nanosecond</code></li>
<li><code>PrimitiveDateTime::replace_year</code></li>
<li><code>PrimitiveDateTime::replace_month</code></li>
<li><code>PrimitiveDateTime::replace_day</code></li>
<li><code>PrimitiveDateTime::replace_hour</code></li>
<li><code>PrimitiveDateTime::replace_minute</code></li>
<li><code>PrimitiveDateTime::replace_second</code></li>
<li><code>PrimitiveDateTime::replace_millisecond</code></li>
<li><code>PrimitiveDateTime::replace_microsecond</code></li>
<li><code>PrimitiveDateTime::replace_nanosecond</code></li>
<li><code>OffsetDateTime::replace_year</code></li>
<li><code>OffsetDateTime::replace_month</code></li>
<li><code>OffsetDateTime::replace_day</code></li>
<li><code>OffsetDateTime::replace_hour</code></li>
<li><code>OffsetDateTime::replace_minute</code></li>
<li><code>OffsetDateTime::replace_second</code></li>
<li><code>OffsetDateTime::replace_millisecond</code></li>
<li><code>OffsetDateTime::replace_microsecond</code></li>
<li><code>OffsetDateTime::replace_nanosecond</code></li>
<li><code>Parsed::offset_minute_signed</code></li>
<li><code>Parsed::offset_second_signed</code></li>
<li><code>Parsed::set_offset_minute_signed</code></li>
<li><code>Parsed::set_offset_second_signed</code></li>
<li><code>Parsed::with_offset_minute_signed</code></li>
<li><code>Parsed::with_offset_second_signed</code></li>
<li><code>error::InvalidVariant</code></li>
<li><code>impl FromStr</code> for <code>Weekday</code></li>
<li><code>impl FromStr</code> for <code>Month</code></li>
<li><code>impl Display for Duration</code></li>
</ul>
<h3>Deprecated</h3>
<p>The following methods have been deprecated in favor of the new, signed equivalent methods. The
pre-existing methods</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a957e12213"><code>a957e12</code></a> 0.3.9 release</li>
<li><a href="64172e9de4"><code>64172e9</code></a> v0.3.8 release</li>
<li><a href="e95ea6d251"><code>e95ea6d</code></a> Add tests for size, alignment, trait impls</li>
<li><a href="24c36afdc3"><code>24c36af</code></a> Performance improvement</li>
<li><a href="c0516544ec"><code>c051654</code></a> Move to tt-muncher parsing</li>
<li><a href="0a3cf3ce52"><code>0a3cf3c</code></a> Implement <code>Display</code> for <code>Duration</code></li>
<li><a href="dbec276ea3"><code>dbec276</code></a> Implement <code>FromStr</code> for <code>Weekday</code>, <code>Month</code></li>
<li><a href="460b7ab383"><code>460b7ab</code></a> Limit use of fields in <code>Parsed</code></li>
<li><a href="46bf135bd6"><code>46bf135</code></a> Store offset components properly</li>
<li><a href="5fde5ef8d8"><code>5fde5ef</code></a> Relocate some code, improve internals</li>
<li>Additional commits viewable in <a href="https://github.com/time-rs/time/compare/v0.3.7...v0.3.9">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
819: Bump thomaseizinger/keep-a-changelog-new-release from 1.2.1 to 1.3.0 r=delta1 a=dependabot[bot]
Bumps [thomaseizinger/keep-a-changelog-new-release](https://github.com/thomaseizinger/keep-a-changelog-new-release) from 1.2.1 to 1.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/thomaseizinger/keep-a-changelog-new-release/releases">thomaseizinger/keep-a-changelog-new-release's releases</a>.</em></p>
<blockquote>
<h2>1.3.0</h2>
<h3>Added</h3>
<ul>
<li>New optional <code>tag</code> argument allowing <code>v</code>-prefixed versions</li>
</ul>
<h3>Changed</h3>
<ul>
<li>The <code>version</code> argument is no longer required</li>
</ul>
<h3>Deprecated</h3>
<ul>
<li>The <code>version</code> argument will be replaced in favor of the <code>tag</code> argument</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/thomaseizinger/keep-a-changelog-new-release/blob/master/CHANGELOG.md">thomaseizinger/keep-a-changelog-new-release's changelog</a>.</em></p>
<blockquote>
<h2>[1.3.0] - 2021-10-12</h2>
<h3>Added</h3>
<ul>
<li>New optional <code>tag</code> argument allowing <code>v</code>-prefixed versions</li>
</ul>
<h3>Changed</h3>
<ul>
<li>The <code>version</code> argument is no longer required</li>
</ul>
<h3>Deprecated</h3>
<ul>
<li>The <code>version</code> argument will be replaced in favor of the <code>tag</code> argument</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="5bc2328934"><code>5bc2328</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/thomaseizinger/keep-a-changelog-new-release/issues/11">#11</a> from h4sh3d/add-tag-argument</li>
<li><a href="7e9f6cc8c3"><code>7e9f6cc</code></a> Document new tag argument</li>
<li><a href="576342e16c"><code>576342e</code></a> New tag argument to control prefix of version</li>
<li>See full diff in <a href="https://github.com/thomaseizinger/keep-a-changelog-new-release/compare/1.2.1...1.3.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
934: Don't wait for refund transaction to receive confirmations r=binarybaron a=binarybaron
Don't wait for refund transaction to receive confirmations to mitigate a scenario where the swap is stuck in `BtcCancelled` because it's not resumable.
Closes https://github.com/comit-network/xmr-btc-swap/issues/903
Co-authored-by: binarybaron <86064887+binarybaron@users.noreply.github.com>
894: Reduce `bitcoin_finality_confirmations` from 2 to 1 r=binarybaron a=binarybaron
Reduces `bitcoin_finality_confirmations` from 2 to 1. This lowers the total time needed for a swap by an average of 10 minutes
I'm aware that this has been proposed before (https://github.com/comit-network/xmr-btc-swap/pull/800) and was rejected.
> On the ASB, the bitcoin finality confirmations can be set to 1 using the config file. This will get you the swap reduction time you desire.
I believe this is not correct. There is no way for ASB operators to configure the `bitcoin_finality_confirmations` setting. Only the `target_block` can be configured manually, but this is only used for estimating the fee rate when a btc transaction is published and not for deciding when it is safe to assume that the transaction is finalized.
E.g the `config.toml` file of my (testate) asb
```
[data]
dir = "/root/.local/share/xmr-btc-swap/asb/testnet"
[network]
listen = ["/ip4/0.0.0.0/tcp/9939", "/ip4/0.0.0.0/tcp/9940/ws"]
external_addresses = ["/dnsaddr/unstoppableswap.net"]
rendezvous_point = "/dnsaddr/discover.unstoppableswap.net/p2p/12D3KooWA6cnqJpVnreBVnoro8midDL9Lpzmg8oJPoAGi7YYaamE"
[bitcoin]
electrum_rpc_url = "ssl://electrum.blockstream.info:60002"
target_block = 1 # My asb still waits for 2 confirmations on the btc lock tx
network = "Testnet"
[monero]
wallet_rpc_url = "http://127.0.0.1:38083/json_rpc"
network = "Stagenet"
[tor]
control_port = 9051
socks5_port = 9050
[maker]
min_buy_btc = 0.0001
max_buy_btc = 0.1
ask_spread = 0.00
price_ticker_ws_url = "wss://ws.kraken.com"
```
Co-authored-by: binarybaron <you@domain.com>
Don't wait for refund transaction to receive confirmations to mitigate a scenario where the swap is stuck in `BtcCancelled` because it's not resumable.
975: change to rino docker containers r=lescuer97 a=lescuer97
this is for updating from the melo tools dockers to the rino ones
Fixes#969
Co-authored-by: leonardo <leoescuer@protonmail.com>
966: update dependencies and update toolchain to 1.59 (stable) r=delta1 a=delta1
This PR updates the rust-toolchain to the current stable version 1.59, and fixes a number of new clippy warnings from that change.
This update to the toolchain introduced new clippy warnings indicating fields that are never read - these fields have been removed.
Also updates a few crates to the Rust 2021 edition.
And includes the following dependency updates:
- #967
- #964
- #959
- #974
- #957
- #954
- #950
- #949
- #872
- #882
Co-authored-by: Byron Hambly <bizzle@tari.com>
This commit updates the rust-toolchain to the current stable version
1.59, and fixes a number of new clippy warnings from that change.
Other changes:
- updates backoff to 0.4
- updates swap to 2021 edition
- updates comfy-table to 5.0
- updates monero-wallet to 2021 edition
- updates moneor-harness to 2021 edition
- updates bdk and rust_decimal
- updates tokio-util to 0.7
- updates workflow to use actions/setup-python@3
- updates pem and serde_with
- adds stable rust toolchain notice to readme
953: Adjust quote based on Bitcoin balance r=lescuer97 a=lescuer97
Fixes#939#963
Please comment in the new method for getting a Monero value, I had to allow clippy::cast_precision_loss to convert to a f64, for our use case I don't really thing we will lose much precision.
Please comment on the implementation of the check.
Co-authored-by: leonardo <leoescuer@protonmail.com>
951: Bump reqwest from 0.11.7 to 0.11.9 r=delta1 a=dependabot[bot]
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.7 to 0.11.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p>
<blockquote>
<h2>v0.11.9</h2>
<ul>
<li>Add <code>ClientBuilder::http09_responses(bool)</code> option to allow receiving HTTP/0.9 responses.</li>
<li>Fix HTTP/2 to retry requests interrupted by an HTTP/2 graceful shutdown.</li>
<li>Fix proxy loading from environment variables to ignore empty values.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/vsaase"><code>`@vsaase</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/pull/1423">seanmonstar/reqwest#1423</a></li>
</ul>
<h2>v0.11.8</h2>
<ul>
<li>Update internal webpki-roots dependency.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/complexspaces"><code>`@complexspaces</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/pull/1396">seanmonstar/reqwest#1396</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p>
<blockquote>
<h2>v0.11.9</h2>
<ul>
<li>Add <code>ClientBuilder::http09_responses(bool)</code> option to allow receiving HTTP/0.9 responses.</li>
<li>Fix HTTP/2 to retry requests interrupted by an HTTP/2 graceful shutdown.</li>
<li>Fix proxy loading from environment variables to ignore empty values.</li>
</ul>
<h2>v0.11.8</h2>
<ul>
<li>Update internal webpki-roots dependency.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="0fc1652975"><code>0fc1652</code></a> v0.11.9</li>
<li><a href="56ad99bebb"><code>56ad99b</code></a> Add HTTP/0.9 responses support</li>
<li><a href="7388b676df"><code>7388b67</code></a> Examples: allow passing URL via CLI</li>
<li><a href="a03ca5012d"><code>a03ca50</code></a> Fix HTTP/2: retry requests rejected by a graceful shutdown</li>
<li><a href="eb8e9d52c5"><code>eb8e9d5</code></a> do not accept empty or whitespace proxy address (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1423">#1423</a>)</li>
<li><a href="d4986e5583"><code>d4986e5</code></a> v0.11.8</li>
<li><a href="baffb9c004"><code>baffb9c</code></a> Update to webpki-roots 0.22 (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1396">#1396</a>)</li>
<li>See full diff in <a href="https://github.com/seanmonstar/reqwest/compare/v0.11.7...v0.11.9">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
927: Bump time from 0.3.3 to 0.3.7 r=delta1 a=dependabot[bot]
Bumps [time](https://github.com/time-rs/time) from 0.3.3 to 0.3.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/time-rs/time/releases">time's releases</a>.</em></p>
<blockquote>
<h2>v0.3.7</h2>
<p>See the <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a> for details.</p>
<h2>v0.3.6</h2>
<p>See the <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a> for details.</p>
<h2>v0.3.5</h2>
<p>See the <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a> for details.</p>
<h2>v0.3.4</h2>
<p>No release notes provided.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">time's changelog</a>.</em></p>
<blockquote>
<h2>0.3.7 [2021-01-26]</h2>
<h3>Fixed</h3>
<p>Solaris and Illumos build again.</p>
<h2>0.3.6 [2022-01-20]</h2>
<h3>Added</h3>
<ul>
<li><code>Date::saturating_add</code></li>
<li><code>Date::saturating_sub</code></li>
<li><code>PrimitiveDateTime::saturating_add</code></li>
<li><code>PrimitiveDateTime::saturating_sub</code></li>
<li><code>OffsetDateTime::saturating_add</code></li>
<li><code>OffsetDateTime::saturating_sub</code></li>
<li><code>PrimitiveDatetime::MIN</code></li>
<li><code>PrimitiveDatetime::MAX</code></li>
<li><code>Rfc2822</code> format description</li>
<li>Serde support for well-known formats
<ul>
<li>This is placed behind the new <code>serde-well-known</code> feature flag.</li>
</ul>
</li>
</ul>
<h3>Changed</h3>
<ul>
<li>MacOS and FreeBSD are supported obtaining the local offset when single-threaded.
<ul>
<li>Starting with this version, this is delegated to the <code>num_threads</code> crate.</li>
</ul>
</li>
<li>Leap seconds are now parsed as the final nanosecond of the preceding second.</li>
<li>The minimum supported Rust version is now 1.53.0.</li>
<li>Deserializers for human readable formats will fall back to the binary format if the human readable
format fails to deserialize.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Deserialization will no longer fail when given a non-borrowed string.</li>
</ul>
<h2>0.3.5 [2021-11-12]</h2>
<h3>Added</h3>
<ul>
<li><code>Date::checked_add</code></li>
<li><code>Date::checked_sub</code></li>
<li><code>PrimitiveDateTime::checked_add</code></li>
<li><code>PrimitiveDateTime::checked_sub</code></li>
<li><code>OffsetDateTime::checked_add</code></li>
<li><code>OffsetDateTime::checked_sub</code></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Attempts to obtain the local UTC offset will now succeed on Linux if the process is
single-threaded. This does not affect other Unix platforms. As a reminder, the relevant methods</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="592ef915cf"><code>592ef91</code></a> v0.3.7 release</li>
<li><a href="deb8161b84"><code>deb8161</code></a> Update CI targets, powerset frequency</li>
<li><a href="83da427e50"><code>83da427</code></a> Fix Solaris/Illumos build</li>
<li><a href="4c63a8a492"><code>4c63a8a</code></a> Add 0.3.6 changelog section (<a href="https://github-redirect.dependabot.com/time-rs/time/issues/435">#435</a>)</li>
<li><a href="3ff4543511"><code>3ff4543</code></a> 0.3.6 release</li>
<li><a href="1dfb2682d9"><code>1dfb268</code></a> Mention, that Instant has no serde support</li>
<li><a href="2b9e193afa"><code>2b9e193</code></a> Bump license year</li>
<li><a href="bf5f830605"><code>bf5f830</code></a> Defer to <code>num_threads</code> for OS support</li>
<li><a href="f6baa3f07e"><code>f6baa3f</code></a> Use more correct feature gates</li>
<li><a href="eef9bafc1a"><code>eef9baf</code></a> Add test for multithreaded Unix systems</li>
<li>Additional commits viewable in <a href="https://github.com/time-rs/time/compare/v0.3.3...v0.3.7">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
928: Bump tokio from 1.12.0 to 1.16.1 r=delta1 a=dependabot[bot]
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.12.0 to 1.16.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p>
<blockquote>
<h2>Tokio v1.16.1</h2>
<h1>1.16.1 (January 28, 2022)</h1>
<p>This release fixes a bug in <a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4428">#4428</a> with the change <a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4437">#4437</a>.</p>
<p><a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4428">#4428</a>: <a href="https://github-redirect.dependabot.com/tokio-rs/tokio/pull/4428">tokio-rs/tokio#4428</a>
<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4437">#4437</a>: <a href="https://github-redirect.dependabot.com/tokio-rs/tokio/pull/4437">tokio-rs/tokio#4437</a></p>
<h2>Tokio v1.16.0</h2>
<p>Fixes a soundness bug in <code>io::Take</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4428">#4428</a>). The unsoundness is exposed when
leaking memory in the given <code>AsyncRead</code> implementation and then overwriting the
supplied buffer:</p>
<pre lang="rust"><code>impl AsyncRead for Buggy {
fn poll_read(
self: Pin<&mut Self>,
cx: &mut Context<'_>,
buf: &mut ReadBuf<'_>
) -> Poll<Result<()>> {
let new_buf = vec![0; 5].leak();
*buf = ReadBuf::new(new_buf);
buf.put_slice(b"hello");
Poll::Ready(Ok(()))
}
}
</code></pre>
<p>Also, this release includes improvements to the multi-threaded scheduler that
can increase throughput by up to 20% in some cases (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4383">#4383</a>).</p>
<h3>Fixed</h3>
<ul>
<li>io: <strong>soundness</strong> don't expose uninitialized memory when using <code>io::Take</code> in edge case (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4428">#4428</a>)</li>
<li>fs: ensure <code>File::write</code> results in a <code>write</code> syscall when the runtime shuts down (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4316">#4316</a>)</li>
<li>process: drop pipe after child exits in <code>wait_with_output</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4315">#4315</a>)</li>
<li>rt: improve error message when spawning a thread fails (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4398">#4398</a>)</li>
<li>rt: reduce false-positive thread wakups in the multi-threaded scheduler (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4383">#4383</a>)</li>
<li>sync: don't inherit <code>Send</code> from <code>parking_lot::*Guard</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4359">#4359</a>)</li>
</ul>
<h3>Added</h3>
<ul>
<li>net: <code>TcpSocket::linger()</code> and <code>set_linger()</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4324">#4324</a>)</li>
<li>net: impl <code>UnwindSafe</code> for socket types (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4384">#4384</a>)</li>
<li>rt: impl <code>UnwindSafe</code> for <code>JoinHandle</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4418">#4418</a>)</li>
<li>sync: <code>watch::Receiver::has_changed()</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4342">#4342</a>)</li>
<li>sync: <code>oneshot::Receiver::blocking_recv()</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4334">#4334</a>)</li>
<li>sync: <code>RwLock</code> blocking operations (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4425">#4425</a>)</li>
</ul>
<h3>Unstable</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="91b9850505"><code>91b9850</code></a> chore: prepare Tokio v1.16.1 release (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4438">#4438</a>)</li>
<li><a href="3c467056e9"><code>3c46705</code></a> io: fix take pointer check (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4437">#4437</a>)</li>
<li><a href="afd2189eec"><code>afd2189</code></a> chore: prepare Tokio v1.16 release (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4431">#4431</a>)</li>
<li><a href="986b88b3f1"><code>986b88b</code></a> chore: update year in LICENSE files (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4429">#4429</a>)</li>
<li><a href="257053e40b"><code>257053e</code></a> util: add <code>spawn_pinned</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/3370">#3370</a>)</li>
<li><a href="5af9e0db2b"><code>5af9e0d</code></a> sync: add blocking lock methods to <code>RwLock</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4425">#4425</a>)</li>
<li><a href="8f77ee8609"><code>8f77ee8</code></a> net: add generic trait to combine UnixListener and TcpListener (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4385">#4385</a>)</li>
<li><a href="2747043f6f"><code>2747043</code></a> tests: enable running wasm32-unknown-unknown tests (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4421">#4421</a>)</li>
<li><a href="2a5071fc2d"><code>2a5071f</code></a> feat: implement <code>Framed::map_codec</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4427">#4427</a>)</li>
<li><a href="621790e165"><code>621790e</code></a> io: fix <code>take</code> when using evil reader (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4428">#4428</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.12.0...tokio-1.16.1">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
945: Bump dialoguer from 0.8.0 to 0.10.0 r=delta1 a=dependabot[bot]
Bumps [dialoguer](https://github.com/mitsuhiko/dialoguer) from 0.8.0 to 0.10.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/mitsuhiko/dialoguer/blob/master/CHANGELOG.md">dialoguer's changelog</a>.</em></p>
<blockquote>
<h2>0.10.0</h2>
<h3>Enhancements</h3>
<ul>
<li>Loosen some trait bounds</li>
<li>Improve keyboard interactions (<a href="https://github-redirect.dependabot.com/mitsuhiko/dialoguer/issues/141">#141</a>, <a href="https://github-redirect.dependabot.com/mitsuhiko/dialoguer/issues/162">#162</a>)</li>
<li>Added <code>max_length</code> to <code>MultiSelect</code>, <code>Select</code> and <code>Sort</code></li>
<li>Allow completion support for <code>Input::interact_text*</code> behind <code>completion</code> feature</li>
</ul>
<h3>Breaking</h3>
<ul>
<li>All prompts <code>*::new</code> will now don't report selected values unless <code>report(true)</code> is called on them.</li>
</ul>
<h2>0.9.0</h2>
<h3>Enhancements</h3>
<ul>
<li>Apply input validation to the default value too in <code>Input</code></li>
<li>Added <code>FuzzySelect</code> behind <code>fuzzy-select</code> feature</li>
<li>Allow history processing for <code>Input::interact_text*</code> behind <code>history</code> feature</li>
<li>Added <code>interact_*_opt</code> methods for <code>MultiSelect</code> and <code>Sort</code>.</li>
</ul>
<h3>Breaking</h3>
<ul>
<li>Updated MSRV to <code>1.51.0</code></li>
<li><code>Editor</code> is gated behind <code>editor</code> feature</li>
<li><code>Password</code>, <code>Theme::format_password_prompt</code> and <code>Theme::format_password_prompt_selection</code> are gated behind <code>password</code> feature</li>
<li>Remove <code>Select::paged()</code>, <code>Sort::paged()</code> and <code>MultiSelect::paged()</code> in favor of automatic paging based on terminal size</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="e93d99320d"><code>e93d993</code></a> Release 0.10.0</li>
<li><a href="c93224aec4"><code>c93224a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mitsuhiko/dialoguer/issues/162">#162</a> from craciuncezar/limit-visible-options-in-fuzzy-select</li>
<li><a href="dee84e93f3"><code>dee84e9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mitsuhiko/dialoguer/issues/169">#169</a> from bryanhitc/bryanhitc/fix-completion-buffer-overflow</li>
<li><a href="e4ffea8902"><code>e4ffea8</code></a> fix formatting and improve naming</li>
<li><a href="cb1e9a5ce6"><code>cb1e9a5</code></a> Fix buffer overflow for completion example</li>
<li><a href="252a183fe0"><code>252a183</code></a> Fix linting warnings</li>
<li><a href="f1e46a55e9"><code>f1e46a5</code></a> Add scroll functionality</li>
<li><a href="94a276d9e8"><code>94a276d</code></a> Limit the number of visible options in fuzzy select</li>
<li><a href="29da763bf7"><code>29da763</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mitsuhiko/dialoguer/issues/153">#153</a> from danieleades/refactor/clippy</li>
<li><a href="8fde6ae39b"><code>8fde6ae</code></a> lint examples and tests</li>
<li>Additional commits viewable in <a href="https://github.com/mitsuhiko/dialoguer/compare/0.8.0...v0.10.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
887: Bump torut from 0.2.0 to 0.2.1 r=delta1 a=dependabot[bot]
Bumps [torut](https://github.com/teawithsand/torut) from 0.2.0 to 0.2.1.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/teawithsand/torut/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot]