1011: Bump time from 0.3.7 to 0.3.9 r=delta1 a=dependabot[bot]
Bumps [time](https://github.com/time-rs/time) from 0.3.7 to 0.3.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/time-rs/time/releases">time's releases</a>.</em></p>
<blockquote>
<h2>v0.3.9</h2>
<p>See the <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a> for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">time's changelog</a>.</em></p>
<blockquote>
<h2>0.3.9 [2022-03-22]</h2>
<h3>Added</h3>
<ul>
<li><code>time::serde::format_description!</code>
<ul>
<li>This macro is similar to <code>time::format_description!</code>, but it generates a module that can be used
in <code>#[serde(with = "foo")]</code>. This makes it far easier to serialize/deserialize a custom format.</li>
</ul>
</li>
<li><code>Date::replace_year</code></li>
<li><code>Date::replace_month</code></li>
<li><code>Date::replace_day</code></li>
<li><code>Time::replace_hour</code></li>
<li><code>Time::replace_minute</code></li>
<li><code>Time::replace_second</code></li>
<li><code>Time::replace_millisecond</code></li>
<li><code>Time::replace_microsecond</code></li>
<li><code>Time::replace_nanosecond</code></li>
<li><code>PrimitiveDateTime::replace_year</code></li>
<li><code>PrimitiveDateTime::replace_month</code></li>
<li><code>PrimitiveDateTime::replace_day</code></li>
<li><code>PrimitiveDateTime::replace_hour</code></li>
<li><code>PrimitiveDateTime::replace_minute</code></li>
<li><code>PrimitiveDateTime::replace_second</code></li>
<li><code>PrimitiveDateTime::replace_millisecond</code></li>
<li><code>PrimitiveDateTime::replace_microsecond</code></li>
<li><code>PrimitiveDateTime::replace_nanosecond</code></li>
<li><code>OffsetDateTime::replace_year</code></li>
<li><code>OffsetDateTime::replace_month</code></li>
<li><code>OffsetDateTime::replace_day</code></li>
<li><code>OffsetDateTime::replace_hour</code></li>
<li><code>OffsetDateTime::replace_minute</code></li>
<li><code>OffsetDateTime::replace_second</code></li>
<li><code>OffsetDateTime::replace_millisecond</code></li>
<li><code>OffsetDateTime::replace_microsecond</code></li>
<li><code>OffsetDateTime::replace_nanosecond</code></li>
<li><code>Parsed::offset_minute_signed</code></li>
<li><code>Parsed::offset_second_signed</code></li>
<li><code>Parsed::set_offset_minute_signed</code></li>
<li><code>Parsed::set_offset_second_signed</code></li>
<li><code>Parsed::with_offset_minute_signed</code></li>
<li><code>Parsed::with_offset_second_signed</code></li>
<li><code>error::InvalidVariant</code></li>
<li><code>impl FromStr</code> for <code>Weekday</code></li>
<li><code>impl FromStr</code> for <code>Month</code></li>
<li><code>impl Display for Duration</code></li>
</ul>
<h3>Deprecated</h3>
<p>The following methods have been deprecated in favor of the new, signed equivalent methods. The
pre-existing methods</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a957e12213"><code>a957e12</code></a> 0.3.9 release</li>
<li><a href="64172e9de4"><code>64172e9</code></a> v0.3.8 release</li>
<li><a href="e95ea6d251"><code>e95ea6d</code></a> Add tests for size, alignment, trait impls</li>
<li><a href="24c36afdc3"><code>24c36af</code></a> Performance improvement</li>
<li><a href="c0516544ec"><code>c051654</code></a> Move to tt-muncher parsing</li>
<li><a href="0a3cf3ce52"><code>0a3cf3c</code></a> Implement <code>Display</code> for <code>Duration</code></li>
<li><a href="dbec276ea3"><code>dbec276</code></a> Implement <code>FromStr</code> for <code>Weekday</code>, <code>Month</code></li>
<li><a href="460b7ab383"><code>460b7ab</code></a> Limit use of fields in <code>Parsed</code></li>
<li><a href="46bf135bd6"><code>46bf135</code></a> Store offset components properly</li>
<li><a href="5fde5ef8d8"><code>5fde5ef</code></a> Relocate some code, improve internals</li>
<li>Additional commits viewable in <a href="https://github.com/time-rs/time/compare/v0.3.7...v0.3.9">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
819: Bump thomaseizinger/keep-a-changelog-new-release from 1.2.1 to 1.3.0 r=delta1 a=dependabot[bot]
Bumps [thomaseizinger/keep-a-changelog-new-release](https://github.com/thomaseizinger/keep-a-changelog-new-release) from 1.2.1 to 1.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/thomaseizinger/keep-a-changelog-new-release/releases">thomaseizinger/keep-a-changelog-new-release's releases</a>.</em></p>
<blockquote>
<h2>1.3.0</h2>
<h3>Added</h3>
<ul>
<li>New optional <code>tag</code> argument allowing <code>v</code>-prefixed versions</li>
</ul>
<h3>Changed</h3>
<ul>
<li>The <code>version</code> argument is no longer required</li>
</ul>
<h3>Deprecated</h3>
<ul>
<li>The <code>version</code> argument will be replaced in favor of the <code>tag</code> argument</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/thomaseizinger/keep-a-changelog-new-release/blob/master/CHANGELOG.md">thomaseizinger/keep-a-changelog-new-release's changelog</a>.</em></p>
<blockquote>
<h2>[1.3.0] - 2021-10-12</h2>
<h3>Added</h3>
<ul>
<li>New optional <code>tag</code> argument allowing <code>v</code>-prefixed versions</li>
</ul>
<h3>Changed</h3>
<ul>
<li>The <code>version</code> argument is no longer required</li>
</ul>
<h3>Deprecated</h3>
<ul>
<li>The <code>version</code> argument will be replaced in favor of the <code>tag</code> argument</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="5bc2328934"><code>5bc2328</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/thomaseizinger/keep-a-changelog-new-release/issues/11">#11</a> from h4sh3d/add-tag-argument</li>
<li><a href="7e9f6cc8c3"><code>7e9f6cc</code></a> Document new tag argument</li>
<li><a href="576342e16c"><code>576342e</code></a> New tag argument to control prefix of version</li>
<li>See full diff in <a href="https://github.com/thomaseizinger/keep-a-changelog-new-release/compare/1.2.1...1.3.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
934: Don't wait for refund transaction to receive confirmations r=binarybaron a=binarybaron
Don't wait for refund transaction to receive confirmations to mitigate a scenario where the swap is stuck in `BtcCancelled` because it's not resumable.
Closes https://github.com/comit-network/xmr-btc-swap/issues/903
Co-authored-by: binarybaron <86064887+binarybaron@users.noreply.github.com>
894: Reduce `bitcoin_finality_confirmations` from 2 to 1 r=binarybaron a=binarybaron
Reduces `bitcoin_finality_confirmations` from 2 to 1. This lowers the total time needed for a swap by an average of 10 minutes
I'm aware that this has been proposed before (https://github.com/comit-network/xmr-btc-swap/pull/800) and was rejected.
> On the ASB, the bitcoin finality confirmations can be set to 1 using the config file. This will get you the swap reduction time you desire.
I believe this is not correct. There is no way for ASB operators to configure the `bitcoin_finality_confirmations` setting. Only the `target_block` can be configured manually, but this is only used for estimating the fee rate when a btc transaction is published and not for deciding when it is safe to assume that the transaction is finalized.
E.g the `config.toml` file of my (testate) asb
```
[data]
dir = "/root/.local/share/xmr-btc-swap/asb/testnet"
[network]
listen = ["/ip4/0.0.0.0/tcp/9939", "/ip4/0.0.0.0/tcp/9940/ws"]
external_addresses = ["/dnsaddr/unstoppableswap.net"]
rendezvous_point = "/dnsaddr/discover.unstoppableswap.net/p2p/12D3KooWA6cnqJpVnreBVnoro8midDL9Lpzmg8oJPoAGi7YYaamE"
[bitcoin]
electrum_rpc_url = "ssl://electrum.blockstream.info:60002"
target_block = 1 # My asb still waits for 2 confirmations on the btc lock tx
network = "Testnet"
[monero]
wallet_rpc_url = "http://127.0.0.1:38083/json_rpc"
network = "Stagenet"
[tor]
control_port = 9051
socks5_port = 9050
[maker]
min_buy_btc = 0.0001
max_buy_btc = 0.1
ask_spread = 0.00
price_ticker_ws_url = "wss://ws.kraken.com"
```
Co-authored-by: binarybaron <you@domain.com>
Don't wait for refund transaction to receive confirmations to mitigate a scenario where the swap is stuck in `BtcCancelled` because it's not resumable.
975: change to rino docker containers r=lescuer97 a=lescuer97
this is for updating from the melo tools dockers to the rino ones
Fixes#969
Co-authored-by: leonardo <leoescuer@protonmail.com>
966: update dependencies and update toolchain to 1.59 (stable) r=delta1 a=delta1
This PR updates the rust-toolchain to the current stable version 1.59, and fixes a number of new clippy warnings from that change.
This update to the toolchain introduced new clippy warnings indicating fields that are never read - these fields have been removed.
Also updates a few crates to the Rust 2021 edition.
And includes the following dependency updates:
- #967
- #964
- #959
- #974
- #957
- #954
- #950
- #949
- #872
- #882
Co-authored-by: Byron Hambly <bizzle@tari.com>
This commit updates the rust-toolchain to the current stable version
1.59, and fixes a number of new clippy warnings from that change.
Other changes:
- updates backoff to 0.4
- updates swap to 2021 edition
- updates comfy-table to 5.0
- updates monero-wallet to 2021 edition
- updates moneor-harness to 2021 edition
- updates bdk and rust_decimal
- updates tokio-util to 0.7
- updates workflow to use actions/setup-python@3
- updates pem and serde_with
- adds stable rust toolchain notice to readme
953: Adjust quote based on Bitcoin balance r=lescuer97 a=lescuer97
Fixes#939#963
Please comment in the new method for getting a Monero value, I had to allow clippy::cast_precision_loss to convert to a f64, for our use case I don't really thing we will lose much precision.
Please comment on the implementation of the check.
Co-authored-by: leonardo <leoescuer@protonmail.com>
951: Bump reqwest from 0.11.7 to 0.11.9 r=delta1 a=dependabot[bot]
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.7 to 0.11.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p>
<blockquote>
<h2>v0.11.9</h2>
<ul>
<li>Add <code>ClientBuilder::http09_responses(bool)</code> option to allow receiving HTTP/0.9 responses.</li>
<li>Fix HTTP/2 to retry requests interrupted by an HTTP/2 graceful shutdown.</li>
<li>Fix proxy loading from environment variables to ignore empty values.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/vsaase"><code>`@vsaase</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/pull/1423">seanmonstar/reqwest#1423</a></li>
</ul>
<h2>v0.11.8</h2>
<ul>
<li>Update internal webpki-roots dependency.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/complexspaces"><code>`@complexspaces</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/pull/1396">seanmonstar/reqwest#1396</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p>
<blockquote>
<h2>v0.11.9</h2>
<ul>
<li>Add <code>ClientBuilder::http09_responses(bool)</code> option to allow receiving HTTP/0.9 responses.</li>
<li>Fix HTTP/2 to retry requests interrupted by an HTTP/2 graceful shutdown.</li>
<li>Fix proxy loading from environment variables to ignore empty values.</li>
</ul>
<h2>v0.11.8</h2>
<ul>
<li>Update internal webpki-roots dependency.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="0fc1652975"><code>0fc1652</code></a> v0.11.9</li>
<li><a href="56ad99bebb"><code>56ad99b</code></a> Add HTTP/0.9 responses support</li>
<li><a href="7388b676df"><code>7388b67</code></a> Examples: allow passing URL via CLI</li>
<li><a href="a03ca5012d"><code>a03ca50</code></a> Fix HTTP/2: retry requests rejected by a graceful shutdown</li>
<li><a href="eb8e9d52c5"><code>eb8e9d5</code></a> do not accept empty or whitespace proxy address (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1423">#1423</a>)</li>
<li><a href="d4986e5583"><code>d4986e5</code></a> v0.11.8</li>
<li><a href="baffb9c004"><code>baffb9c</code></a> Update to webpki-roots 0.22 (<a href="https://github-redirect.dependabot.com/seanmonstar/reqwest/issues/1396">#1396</a>)</li>
<li>See full diff in <a href="https://github.com/seanmonstar/reqwest/compare/v0.11.7...v0.11.9">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
927: Bump time from 0.3.3 to 0.3.7 r=delta1 a=dependabot[bot]
Bumps [time](https://github.com/time-rs/time) from 0.3.3 to 0.3.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/time-rs/time/releases">time's releases</a>.</em></p>
<blockquote>
<h2>v0.3.7</h2>
<p>See the <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a> for details.</p>
<h2>v0.3.6</h2>
<p>See the <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a> for details.</p>
<h2>v0.3.5</h2>
<p>See the <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a> for details.</p>
<h2>v0.3.4</h2>
<p>No release notes provided.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">time's changelog</a>.</em></p>
<blockquote>
<h2>0.3.7 [2021-01-26]</h2>
<h3>Fixed</h3>
<p>Solaris and Illumos build again.</p>
<h2>0.3.6 [2022-01-20]</h2>
<h3>Added</h3>
<ul>
<li><code>Date::saturating_add</code></li>
<li><code>Date::saturating_sub</code></li>
<li><code>PrimitiveDateTime::saturating_add</code></li>
<li><code>PrimitiveDateTime::saturating_sub</code></li>
<li><code>OffsetDateTime::saturating_add</code></li>
<li><code>OffsetDateTime::saturating_sub</code></li>
<li><code>PrimitiveDatetime::MIN</code></li>
<li><code>PrimitiveDatetime::MAX</code></li>
<li><code>Rfc2822</code> format description</li>
<li>Serde support for well-known formats
<ul>
<li>This is placed behind the new <code>serde-well-known</code> feature flag.</li>
</ul>
</li>
</ul>
<h3>Changed</h3>
<ul>
<li>MacOS and FreeBSD are supported obtaining the local offset when single-threaded.
<ul>
<li>Starting with this version, this is delegated to the <code>num_threads</code> crate.</li>
</ul>
</li>
<li>Leap seconds are now parsed as the final nanosecond of the preceding second.</li>
<li>The minimum supported Rust version is now 1.53.0.</li>
<li>Deserializers for human readable formats will fall back to the binary format if the human readable
format fails to deserialize.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Deserialization will no longer fail when given a non-borrowed string.</li>
</ul>
<h2>0.3.5 [2021-11-12]</h2>
<h3>Added</h3>
<ul>
<li><code>Date::checked_add</code></li>
<li><code>Date::checked_sub</code></li>
<li><code>PrimitiveDateTime::checked_add</code></li>
<li><code>PrimitiveDateTime::checked_sub</code></li>
<li><code>OffsetDateTime::checked_add</code></li>
<li><code>OffsetDateTime::checked_sub</code></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Attempts to obtain the local UTC offset will now succeed on Linux if the process is
single-threaded. This does not affect other Unix platforms. As a reminder, the relevant methods</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="592ef915cf"><code>592ef91</code></a> v0.3.7 release</li>
<li><a href="deb8161b84"><code>deb8161</code></a> Update CI targets, powerset frequency</li>
<li><a href="83da427e50"><code>83da427</code></a> Fix Solaris/Illumos build</li>
<li><a href="4c63a8a492"><code>4c63a8a</code></a> Add 0.3.6 changelog section (<a href="https://github-redirect.dependabot.com/time-rs/time/issues/435">#435</a>)</li>
<li><a href="3ff4543511"><code>3ff4543</code></a> 0.3.6 release</li>
<li><a href="1dfb2682d9"><code>1dfb268</code></a> Mention, that Instant has no serde support</li>
<li><a href="2b9e193afa"><code>2b9e193</code></a> Bump license year</li>
<li><a href="bf5f830605"><code>bf5f830</code></a> Defer to <code>num_threads</code> for OS support</li>
<li><a href="f6baa3f07e"><code>f6baa3f</code></a> Use more correct feature gates</li>
<li><a href="eef9bafc1a"><code>eef9baf</code></a> Add test for multithreaded Unix systems</li>
<li>Additional commits viewable in <a href="https://github.com/time-rs/time/compare/v0.3.3...v0.3.7">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
928: Bump tokio from 1.12.0 to 1.16.1 r=delta1 a=dependabot[bot]
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.12.0 to 1.16.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p>
<blockquote>
<h2>Tokio v1.16.1</h2>
<h1>1.16.1 (January 28, 2022)</h1>
<p>This release fixes a bug in <a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4428">#4428</a> with the change <a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4437">#4437</a>.</p>
<p><a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4428">#4428</a>: <a href="https://github-redirect.dependabot.com/tokio-rs/tokio/pull/4428">tokio-rs/tokio#4428</a>
<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4437">#4437</a>: <a href="https://github-redirect.dependabot.com/tokio-rs/tokio/pull/4437">tokio-rs/tokio#4437</a></p>
<h2>Tokio v1.16.0</h2>
<p>Fixes a soundness bug in <code>io::Take</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4428">#4428</a>). The unsoundness is exposed when
leaking memory in the given <code>AsyncRead</code> implementation and then overwriting the
supplied buffer:</p>
<pre lang="rust"><code>impl AsyncRead for Buggy {
fn poll_read(
self: Pin<&mut Self>,
cx: &mut Context<'_>,
buf: &mut ReadBuf<'_>
) -> Poll<Result<()>> {
let new_buf = vec![0; 5].leak();
*buf = ReadBuf::new(new_buf);
buf.put_slice(b"hello");
Poll::Ready(Ok(()))
}
}
</code></pre>
<p>Also, this release includes improvements to the multi-threaded scheduler that
can increase throughput by up to 20% in some cases (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4383">#4383</a>).</p>
<h3>Fixed</h3>
<ul>
<li>io: <strong>soundness</strong> don't expose uninitialized memory when using <code>io::Take</code> in edge case (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4428">#4428</a>)</li>
<li>fs: ensure <code>File::write</code> results in a <code>write</code> syscall when the runtime shuts down (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4316">#4316</a>)</li>
<li>process: drop pipe after child exits in <code>wait_with_output</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4315">#4315</a>)</li>
<li>rt: improve error message when spawning a thread fails (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4398">#4398</a>)</li>
<li>rt: reduce false-positive thread wakups in the multi-threaded scheduler (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4383">#4383</a>)</li>
<li>sync: don't inherit <code>Send</code> from <code>parking_lot::*Guard</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4359">#4359</a>)</li>
</ul>
<h3>Added</h3>
<ul>
<li>net: <code>TcpSocket::linger()</code> and <code>set_linger()</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4324">#4324</a>)</li>
<li>net: impl <code>UnwindSafe</code> for socket types (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4384">#4384</a>)</li>
<li>rt: impl <code>UnwindSafe</code> for <code>JoinHandle</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4418">#4418</a>)</li>
<li>sync: <code>watch::Receiver::has_changed()</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4342">#4342</a>)</li>
<li>sync: <code>oneshot::Receiver::blocking_recv()</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4334">#4334</a>)</li>
<li>sync: <code>RwLock</code> blocking operations (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4425">#4425</a>)</li>
</ul>
<h3>Unstable</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="91b9850505"><code>91b9850</code></a> chore: prepare Tokio v1.16.1 release (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4438">#4438</a>)</li>
<li><a href="3c467056e9"><code>3c46705</code></a> io: fix take pointer check (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4437">#4437</a>)</li>
<li><a href="afd2189eec"><code>afd2189</code></a> chore: prepare Tokio v1.16 release (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4431">#4431</a>)</li>
<li><a href="986b88b3f1"><code>986b88b</code></a> chore: update year in LICENSE files (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4429">#4429</a>)</li>
<li><a href="257053e40b"><code>257053e</code></a> util: add <code>spawn_pinned</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/3370">#3370</a>)</li>
<li><a href="5af9e0db2b"><code>5af9e0d</code></a> sync: add blocking lock methods to <code>RwLock</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4425">#4425</a>)</li>
<li><a href="8f77ee8609"><code>8f77ee8</code></a> net: add generic trait to combine UnixListener and TcpListener (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4385">#4385</a>)</li>
<li><a href="2747043f6f"><code>2747043</code></a> tests: enable running wasm32-unknown-unknown tests (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4421">#4421</a>)</li>
<li><a href="2a5071fc2d"><code>2a5071f</code></a> feat: implement <code>Framed::map_codec</code> (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4427">#4427</a>)</li>
<li><a href="621790e165"><code>621790e</code></a> io: fix <code>take</code> when using evil reader (<a href="https://github-redirect.dependabot.com/tokio-rs/tokio/issues/4428">#4428</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.12.0...tokio-1.16.1">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
945: Bump dialoguer from 0.8.0 to 0.10.0 r=delta1 a=dependabot[bot]
Bumps [dialoguer](https://github.com/mitsuhiko/dialoguer) from 0.8.0 to 0.10.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/mitsuhiko/dialoguer/blob/master/CHANGELOG.md">dialoguer's changelog</a>.</em></p>
<blockquote>
<h2>0.10.0</h2>
<h3>Enhancements</h3>
<ul>
<li>Loosen some trait bounds</li>
<li>Improve keyboard interactions (<a href="https://github-redirect.dependabot.com/mitsuhiko/dialoguer/issues/141">#141</a>, <a href="https://github-redirect.dependabot.com/mitsuhiko/dialoguer/issues/162">#162</a>)</li>
<li>Added <code>max_length</code> to <code>MultiSelect</code>, <code>Select</code> and <code>Sort</code></li>
<li>Allow completion support for <code>Input::interact_text*</code> behind <code>completion</code> feature</li>
</ul>
<h3>Breaking</h3>
<ul>
<li>All prompts <code>*::new</code> will now don't report selected values unless <code>report(true)</code> is called on them.</li>
</ul>
<h2>0.9.0</h2>
<h3>Enhancements</h3>
<ul>
<li>Apply input validation to the default value too in <code>Input</code></li>
<li>Added <code>FuzzySelect</code> behind <code>fuzzy-select</code> feature</li>
<li>Allow history processing for <code>Input::interact_text*</code> behind <code>history</code> feature</li>
<li>Added <code>interact_*_opt</code> methods for <code>MultiSelect</code> and <code>Sort</code>.</li>
</ul>
<h3>Breaking</h3>
<ul>
<li>Updated MSRV to <code>1.51.0</code></li>
<li><code>Editor</code> is gated behind <code>editor</code> feature</li>
<li><code>Password</code>, <code>Theme::format_password_prompt</code> and <code>Theme::format_password_prompt_selection</code> are gated behind <code>password</code> feature</li>
<li>Remove <code>Select::paged()</code>, <code>Sort::paged()</code> and <code>MultiSelect::paged()</code> in favor of automatic paging based on terminal size</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="e93d99320d"><code>e93d993</code></a> Release 0.10.0</li>
<li><a href="c93224aec4"><code>c93224a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mitsuhiko/dialoguer/issues/162">#162</a> from craciuncezar/limit-visible-options-in-fuzzy-select</li>
<li><a href="dee84e93f3"><code>dee84e9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mitsuhiko/dialoguer/issues/169">#169</a> from bryanhitc/bryanhitc/fix-completion-buffer-overflow</li>
<li><a href="e4ffea8902"><code>e4ffea8</code></a> fix formatting and improve naming</li>
<li><a href="cb1e9a5ce6"><code>cb1e9a5</code></a> Fix buffer overflow for completion example</li>
<li><a href="252a183fe0"><code>252a183</code></a> Fix linting warnings</li>
<li><a href="f1e46a55e9"><code>f1e46a5</code></a> Add scroll functionality</li>
<li><a href="94a276d9e8"><code>94a276d</code></a> Limit the number of visible options in fuzzy select</li>
<li><a href="29da763bf7"><code>29da763</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mitsuhiko/dialoguer/issues/153">#153</a> from danieleades/refactor/clippy</li>
<li><a href="8fde6ae39b"><code>8fde6ae</code></a> lint examples and tests</li>
<li>Additional commits viewable in <a href="https://github.com/mitsuhiko/dialoguer/compare/0.8.0...v0.10.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
887: Bump torut from 0.2.0 to 0.2.1 r=delta1 a=dependabot[bot]
Bumps [torut](https://github.com/teawithsand/torut) from 0.2.0 to 0.2.1.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/teawithsand/torut/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
914: Bump tempfile from 3.2.0 to 3.3.0 r=delta1 a=dependabot[bot]
Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.2.0 to 3.3.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/Stebalien/tempfile/blob/master/NEWS">tempfile's changelog</a>.</em></p>
<blockquote>
<h1>3.3.0</h1>
<p>Features:</p>
<ul>
<li>Replace rand with fastrand for a significantly smaller dependency tree. Cryptographic randomness
isn't necessary for temporary file names, and isn't all that helpful either.</li>
<li>Add limited WASI support.</li>
<li>Add a function to extract the inner data from a <code>SpooledTempFile</code>.</li>
</ul>
<p>Bug Fixes:</p>
<ul>
<li>Make it possible to persist unnamed temporary files on linux by removing the <code>O_EXCL</code> flag.</li>
<li>Fix redox minimum crate version.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1a40687e06"><code>1a40687</code></a> release 3.3.0</li>
<li><a href="92638c61f3"><code>92638c6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/Stebalien/tempfile/issues/164">#164</a> from Stebalien/chore/cleanup</li>
<li><a href="92ae3e9d6e"><code>92ae3e9</code></a> chore: remove extern crates</li>
<li><a href="e49d9dffe8"><code>e49d9df</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/Stebalien/tempfile/issues/165">#165</a> from Stebalien/pr-116</li>
<li><a href="a5f535c95b"><code>a5f535c</code></a> fix: doc formatting</li>
<li><a href="ab67ccee85"><code>ab67cce</code></a> Add docs pointing out early dop pitfalls</li>
<li><a href="8d40916b41"><code>8d40916</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/Stebalien/tempfile/issues/163">#163</a> from Stebalien/chore/update-deps</li>
<li><a href="9a6321760b"><code>9a63217</code></a> chore: update fastrand</li>
<li><a href="09e0b4b1b4"><code>09e0b4b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/Stebalien/tempfile/issues/162">#162</a> from Stebalien/ref/replace-rand-with-fastrand</li>
<li><a href="e24fae3ac2"><code>e24fae3</code></a> chore: avoid allocation when generating temp names</li>
<li>Additional commits viewable in <a href="https://github.com/Stebalien/tempfile/compare/v3.2.0...v3.3.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
942: Fix failing CI tests due to deleted xmrto docker hub images r=delta1 a=binarybaron
Fix failing CI tests due to deleted xmrto docker hub images by moving to the docker images provided by melotools
This should have priority because the failing CI blocks all other PRs
Co-authored-by: binarybaron <86064887+binarybaron@users.noreply.github.com>
bors[bot]