Sourced from chrono's releases.

0.4.21 is a bugfix release that mainly fixes one regression from 0.4.20:

• Fall back to UTC in case no timezone is found. Unfortunately this is a regression from the changes we made in 0.4.20 where we now parse the timezone database ourselves. Before 0.4.20, TimeZone::now() fell back to UTC in the case it could not find the current timezone, but the new implementation panicked in that case.
• Correctly detect timezone on Android (also #756). Android does have the timezone database installed, but it's in a different path, and it does not use /etc/localtime to keep track of the current timezone. Instead we now use the iana-time-zone crate as a dependency, since it already has quite a bit of logic for finding the current timezone on a host of platforms.

Additionally, there is a documentation fix that reverts an incorrect guarantee:

• Document that %Y can have a negative value, both in formatting and in parsing (#760, thanks to @​alex)

0.4.20

chrono is a date and time library for Rust and 0.4.20 is the first chrono release since Sep 2020. There has been a long hiatus since the previous maintainer was no longer able to spend much time on the crate; thanks to @​quodlibetor for their stewardship of the chrono crate for many years! The new maintainers are @​djc and @​esheppa. Our first priority has been fixing the soundness issues with calls to localtime_r() as first reported in #499 and the RUSTSEC-2020-0159 advisory. In order to do this we adapted code from the tz-rs crate maintained by @​x-hgg-x for use within chrono -- thanks for working on that! With the new implementation, chrono uses safe Rust code to parse the timezone data files on Unix platforms directly instead of relying on libc.

Due to compatibility reasons, this release does not yet remove the time 0.1 dependency, though chrono 0.4.20 does not depend on the vulnerable parts of the time 0.1.x versions. In a future 0.5 release, we will remove the time dependency.

The minimum supported Rust version for 0.4.20 is 1.32.0, which is intentionally still quite conservative. If you are using chrono 0.4 with a Rust version older than 1.52, we'd like to hear from you since we'd like to further modernize the code base to ease maintenance.

Fixes

• Fix unsound call to localtime_r() by parsing timezone files in Rust on Unix (#677 and #728)
• Allow RFC 2822 parser to deal with comments (#733 then #737, thanks to @​Finomnis)
• Avoid panicking during parsing (#686, thanks to @​botahamec)
• Avoid panics when rounding durations (#659, thanks to @​ARBaart)
• Fix Duration::abs() behavior in case of negative durations with nanoseconds (#734, thanks to @​abreis)

Additions

• Make ParserErrorKind public and available through ParseError::kind() (#588, thanks to @​sbrocket)
• Expose associated MIN and MAX const values in favor of free-standing consts (#726)
• Add (optional) support for rkyv (#644 and #701, thanks to @​dovahcrow)
• Support month-based calculations against NaiveDate (#732 with follow up in #752, thanks to @​avantgardnerio)
• Add NaiveWeek type to facilitate week-based calculations (#666, thanks to @​sestrella)
• Add NaiveDateTime::and_local_timezone() method (#711, thanks to @​botahamec)
• Add DateTime::from_local() method (#572, thanks to @​retrhelo)
• Extend serde integration for NaiveDateTime (#664, thanks to @​nickelc)
• Implement DoubleEndedIterator for NaiveDateDaysIterator/NaiveDateWeeksIterator (#697, thanks to @​teobouvard)
• Implement std::iter::Sum for Duration (#522, thanks to @​jakevossen5)
• Add years_since() method to DateTime/Date (#557 then #707, thanks to @​yozhgoor)
• Implement AddAssign/SubAssign for DateTime/Date (#698, thanks to @​MrGunflame)
• Fix imports on WASM targets (#672, thanks to @​danielalvsaaker)
• Implement std::error::Error for ParseWeekdayError (#745)

Non-functional improvements

• Improve CI to better exercise WASM targets (#662, thanks to @​AmateurECE)
• More WASM testing improvements, enable dependencies by default (#746)
• Fix compiling for wasm32-unknown-emscripten target (#568, thanks to @​orion78fr)
• Use stub implementation for anything not unix and not windows (#593, thanks to @​yu-re-ka)
• Remove now unused libc dependency (#710, thanks to @​metent)
• Clean up some clippy warnings (#721, thanks to @​botahamec)
• Clarify documentation for Utc::now() (#647, thanks to @​ModProg)

... (truncated)

Sourced from chrono's changelog.

ChangeLog for Chrono

This documents all notable changes to Chrono.

Chrono obeys the principle of Semantic Versioning, with one caveat: we may move previously-existing code behind a feature gate and put it behind a new feature. This new feature will always be placed in the previously-default feature, which you can use to prevent breakage if you use no-default-features.

There were/are numerous minor versions before 1.0 due to the language changes. Versions with only mechanical changes will be omitted from the following list.

0.4.20 (unreleased)

• Add more formatting documentation and examples.
• Add support for microseconds timestamps serde serialization/deserialization (#304)
• Fix DurationRound is not TZ aware (#495)
• Implement DurationRound for NaiveDateTime
• Implement std::iter::Sum for Duration
• Add DateTime::from_local() to construct from given local date and time (#572)
• Add a function that calculates the number of years elapsed between now and a given Date or DateTime (#557)
• Correct build for wasm32-unknown-emscripten target (#568)
• Change Local::now() and Utc::now() documentation from "current date" to "current date and time" (#647)
• Fix duration_round panic on rounding by Duration::zero() (#658)
• Add optional rkyv support.
• Add support for microseconds timestamps serde serialization for NaiveDateTime.
• Add support for optional timestamps serde serialization for NaiveDateTime.
• Fix build for wasm32-unknown-emscripten (@​yu-re-ka #593)
• Make ParseErrorKind public and available through ParseError::kind() (#588)
• Implement DoubleEndedIterator for NaiveDateDaysIterator and NaiveDateWeeksIterator
• Fix panicking when parsing a DateTime (@​botahamec)
• Add support for getting week bounds based on a specific NaiveDate and a Weekday (#666)
• Remove libc dependency from Cargo.toml.
• Add the and_local_timezone method to NaiveDateTime
• Fix the behavior of Duration::abs() for negative durations with non-zero nanos
• Add compatibility with rfc2822 comments (#733)
• Make js-sys and wasm-bindgen enabled by default when target is wasm32-unknown-unknown for ease of API discovery
• Add the Months struct and associated Add and Sub impls

• 2d22e57 Bump version number to 0.4.21
• 557bcd5 handle missing /etc/localtime on some unix platforms (#756)
• 5edf4d0 fixes #758 -- correctly document that %Y parses negative years (#760)
• a185d3b Remove unnecessary try_opt!() macro
• 0b7feac Clean up some unreachable_pub warnings
• 65f1f2e Bump version to 0.4.20
• bd3b48d Revise Months API
• ab688c3 Implement Add\<Months> and Sub\<Months> for NaiveDate (#731)
• 782f904 Clarify docs for DateTime::with_timezone
• 27c0558 dont use stub.rs when wasmbind feature is enabled
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from chrono's releases.

0.4.20

chrono is a date and time library for Rust and 0.4.20 is the first chrono release since Sep 2020. There has been a long hiatus since the previous maintainer was no longer able to spend much time on the crate; thanks to @​quodlibetor for their stewardship of the chrono crate for many years! The new maintainers are @​djc and @​esheppa. Our first priority has been fixing the soundness issues with calls to localtime_r() as first reported in #499 and the RUSTSEC-2020-0159 advisory. In order to do this we adapted code from the tz-rs crate maintained by @​x-hgg-x for use within chrono -- thanks for working on that! With the new implementation, chrono uses safe Rust code to parse the timezone data files on Unix platforms directly instead of relying on libc.

Due to compatibility reasons, this release does not yet remove the time 0.1 dependency, though chrono 0.4.20 does not depend on the vulnerable parts of the time 0.1.x versions. In a future 0.5 release, we will remove the time dependency.

The minimum supported Rust version for 0.4.20 is 1.32.0, which is intentionally still quite conservative. If you are using chrono 0.4 with a Rust version older than 1.52, we'd like to hear from you since we'd like to further modernize the code base to ease maintenance.

Fixes

• Fix unsound call to localtime_r() by parsing timezone files in Rust on Unix (#677 and #728)
• Allow RFC 2822 parser to deal with comments (#733 then #737, thanks to @​Finomnis)
• Avoid panicking during parsing (#686, thanks to @​botahamec)
• Avoid panics when rounding durations (#659, thanks to @​ARBaart)
• Fix Duration::abs() behavior in case of negative durations with nanoseconds (#734, thanks to @​abreis)

Additions

• Make ParserErrorKind public and available through ParseError::kind() (#588, thanks to @​sbrocket)
• Expose associated MIN and MAX const values in favor of free-standing consts (#726)
• Add (optional) support for rkyv (#644 and #701, thanks to @​dovahcrow)
• Support month-based calculations against NaiveDate (#732 with follow up in #752, thanks to @​avantgardnerio)
• Add NaiveWeek type to facilitate week-based calculations (#666, thanks to @​sestrella)
• Add NaiveDateTime::and_local_timezone() method (#711, thanks to @​botahamec)
• Add DateTime::from_local() method (#572, thanks to @​retrhelo)
• Extend serde integration for NaiveDateTime (#664, thanks to @​nickelc)
• Implement DoubleEndedIterator for NaiveDateDaysIterator/NaiveDateWeeksIterator (#697, thanks to @​teobouvard)
• Implement std::iter::Sum for Duration (#522, thanks to @​jakevossen5)
• Add years_since() method to DateTime/Date (#557 then #707, thanks to @​yozhgoor)
• Implement AddAssign/SubAssign for DateTime/Date (#698, thanks to @​MrGunflame)
• Fix imports on WASM targets (#672, thanks to @​danielalvsaaker)
• Implement std::error::Error for ParseWeekdayError (#745)

Non-functional improvements

• Improve CI to better exercise WASM targets (#662, thanks to @​AmateurECE)
• More WASM testing improvements, enable dependencies by default (#746)
• Fix compiling for wasm32-unknown-emscripten target (#568, thanks to @​orion78fr)
• Use stub implementation for anything not unix and not windows (#593, thanks to @​yu-re-ka)
• Remove now unused libc dependency (#710, thanks to @​metent)
• Clean up some clippy warnings (#721, thanks to @​botahamec)
• Clarify documentation for Utc::now() (#647, thanks to @​ModProg)
• Clarify documentation for DateTime::with_timezone() (#747, thanks to @​kevincox)
• Improve examples for naive serde integration (#616, thanks to @​nickelc)
• Clean up extern crate statements and outdated comments (#665, thanks to @​nickelc)
• Fix typo in deprecation notice (#744, thanks to @​Mike-Dax)
• Fix some typos in documentation (#680 and #695, thanks to @​cuishuang and @​fxredeemer)
• Implement caching for CI (#609, thanks to @​Milo123459)

0.4.20-rc.1

0.4.20 is the first chrono release since Sep 2020. There has been a long hiatus since the previous maintainer was no longer able to spend much time on the crate; thanks to @​quodlibetor for their stewardship of the chrono crate for many years! The new maintainers are @​djc and @​esheppa. Our first priority has been fixing the soundness issues with calls to localtime_r() as first reported in #499 and the RUSTSEC-2020-0159 advisory. In order to do this we adapted code from the tz-rs crate maintained by @​x-hgg-x for use within chrono -- thanks for working on that! With the new implementation, chrono uses safe Rust code to parse the timezone data files on Unix platforms directly instead of relying on libc.

... (truncated)

Sourced from chrono's changelog.

0.4.20 (unreleased)

• Add more formatting documentation and examples.
• Add support for microseconds timestamps serde serialization/deserialization (#304)
• Fix DurationRound is not TZ aware (#495)
• Implement DurationRound for NaiveDateTime
• Implement std::iter::Sum for Duration
• Add DateTime::from_local() to construct from given local date and time (#572)
• Add a function that calculates the number of years elapsed between now and a given Date or DateTime (#557)
• Correct build for wasm32-unknown-emscripten target (#568)
• Change Local::now() and Utc::now() documentation from "current date" to "current date and time" (#647)
• Fix duration_round panic on rounding by Duration::zero() (#658)
• Add optional rkyv support.
• Add support for microseconds timestamps serde serialization for NaiveDateTime.
• Add support for optional timestamps serde serialization for NaiveDateTime.
• Fix build for wasm32-unknown-emscripten (@​yu-re-ka #593)
• Make ParseErrorKind public and available through ParseError::kind() (#588)
• Implement DoubleEndedIterator for NaiveDateDaysIterator and NaiveDateWeeksIterator
• Fix panicking when parsing a DateTime (@​botahamec)
• Add support for getting week bounds based on a specific NaiveDate and a Weekday (#666)
• Remove libc dependency from Cargo.toml.
• Add the and_local_timezone method to NaiveDateTime
• Fix the behavior of Duration::abs() for negative durations with non-zero nanos
• Add compatibility with rfc2822 comments (#733)
• Make js-sys and wasm-bindgen enabled by default when target is wasm32-unknown-unknown for ease of API discovery
• Add the Months struct and associated Add and Sub impls

• 0b7feac Clean up some unreachable_pub warnings
• 65f1f2e Bump version to 0.4.20
• bd3b48d Revise Months API
• ab688c3 Implement Add\<Months> and Sub\<Months> for NaiveDate (#731)
• 782f904 Clarify docs for DateTime::with_timezone
• 27c0558 dont use stub.rs when wasmbind feature is enabled
• 56f80e4 run on all branches and also for changes in the ci folder
• 353f179 Implement std::error::Error for ParseWeekdayError
• 309cbeb Fixed typo in deprecation notice
• 26e231a Bump version to 0.4.20-rc.1
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• e60fa1e Bump to 1.0.0
• 7daa598 Prohibit multiple predicates (#37)
• f71bf60 Another attempt at gh-pages
• f779d28 Change push username for gh-pages
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from worker's releases.

Release v0.0.12

Full Changelog: https://github.com/cloudflare/workers-rs/compare/v0.0.11...v0.0.12

• 9d99271 chore: update workers-rs version
• b8f4648 Merge pull request #243 from cloudflare/zeb/service-bindings
• c999534 chore: add integration testing for service bindings
• cd1d989 Add Service Bindings support
• f3e65bd chore: increment worker-build version
• cd400f8 Merge pull request #226 from cloudflare/zeb/esbuild-windows
• 41b8583 Merge pull request #229 from oldcomputer2007/oldcomputer2007/esbuild-minify
• f78a691 refactor: use matches! macro to remove verbosity as suggested by clippy
• 9d77c9c refactor: handle NotPresent error instead of broad is_ok check
• fb85823 feat(esbuild): minify esbuild bundle by default
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from chrono's releases.

0.4.23 is the next 0.4 release of the popular chrono date and time library for Rust. After the 0.4.20-0.4.22 series that brought chrono back to life after a long hiatus, development has been fairly quiet, allowing us to start planning changes for the 0.5.0 release. As such, we've started deprecating some APIs that are likely to be removed in 0.5. If you have any feedback on these changes, please let us know in the issue tracker!

Deprecations

• Deprecate methods that have an _opt() alternative (#827)
• Deprecate usage of the Date<Tz> type (#851)

Features

• Optimize RFC 3339 (and RFC 2822) encoding (#844, thanks to @​conradludgate)
• Addition and subtraction with the Days type (#784)
• Add NaiveDateTime::from_timestamp_millis(_opt) (#818, thanks to @​Pscheidl -- backported in #823)
• Allow for changing TZ variable and cache it for Local timezone (#853)
• Add optional support for the arbitrary::Arbitrary trait (#849, thanks to @​greyblake and @​asayers)

Fixes

• Support tzdb location on AIX (#826)
• Fix warnings in documentation (#847)

On behalf of @​esheppa and @​djc, thanks to all contributors!

• 9e5eb49 Bump version to 0.4.23
• dc4287a store hash of environment variable
• 57908e9 allow sharing of the allocated environment variable
• 84f3c30 move last_changed to the Cache
• 8bc4139 add bench for Local::now()
• 22b4d32 Avoid use of deprecated API
• 77317d5 Deprecate usage of the Date<Tz> type
• 7ba090d Add TimeZone::with_ymd_and_hms() helper method
• 03165c8 Move Date::years_since() implementation into NaiveDate
• 645fca0 chore: apply clippy suggestions for 1.65
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from iana-time-zone's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[0.1.50] - 2022-09-23

Fixed

• Reduce MSRV for Android again (#62)

[0.1.49] - 2022-09-22

Changed

• once_cell dependency is not needed (#61)

[0.1.48] - 2022-09-12

Changed

• Downgrade requirements for WASM dependencies (#58)
• Reduce MSRV for Tier 1 platforms to 1.31 (#59)

[0.1.47] - 2022-08-30

Changed

• Update android_system_properties to v0.1.5 to run 9786% faster (YMMV) (#56)

[0.1.46] - 2022-08-18

Added

• Implement for Solaris (#55)

[0.1.45] - 2022-08-16

Fixed

• Fix potential use after free in MacOS / iOS (#54, RUSTSEC-2022-0049)
• Fix typos in README (#53)

• 8ed756e Increment version number
• 999d837 Merge remote-tracking branch 'origin/lopopolo/android-typos'
• fd3d810 Merge pull request #66 from Kijewski/pr-haiku
• 1f38743 Merge pull request #69 from strawlab/lopopolo/android-cstring-test
• 5639513 Merge pull request #67 from Kijewski/pr-macos-safe2
• 8b9c9f0 add documentation about lifetime
• 770edec add clarifying comment
• 9fbf7a6 mark function as unsafe
• 29a62fe Make android timezone property getter pub(crate)
• df6ac02 Refactor Android property key CStr construction to add tests
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from worker's releases.

Release v0.0.11

Full Changelog: https://github.com/cloudflare/workers-rs/compare/v0.0.10...v0.0.11

• 318117a chore: increment worker version
• 424e68a chore: increment worker-build version
• 9f8d2d7 chore: increment worker-macros version
• f0378da chore: increment worker-sys version
• fa59b7b Merge pull request #218 from cloudflare/zeb/dynamic-dispatch
• bf461c4 Merge pull request #216 from cjpatton/bug-do-alarm-offset
• 223aa17 chore: fix formatting
• af6ef34 feat: add dynamic dispatch binding
• 413cfc6 Merge pull request #217 from cloudflare/zeb/fix-flaky-tests
• 5b8cd77 fix: flaky worker-sandbox tests
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from chrono's releases.

0.4.22

Unfortunately the introduction of the iana-time-zone dependency in 0.4.21 caused some new regressions with lesser known platforms. This release fixes all of the issues we've encountered, improving the situation on some WebAssembly targets, SGX and on macOS/iOS. We've improved our CI setup to hopefully catch more of these issues before release in the future.

• Make wasm-bindgen optional on wasm32-unknown-unknown target (#771)
• Avoid iana-time-zone dependency on x86_64-fortanix-unknown-sgx (#767, thanks to @​trevor-crypto)
• Update iana-time-zone version to 0.1.44 to avoid cyclic dependencies (#773, thanks to @​Kijewski for the upstream PRs)
• Clarify documentation about year range in formatting/parsing (#765)

0.4.21 is a bugfix release that mainly fixes one regression from 0.4.20:

• Fall back to UTC in case no timezone is found. Unfortunately this is a regression from the changes we made in 0.4.20 where we now parse the timezone database ourselves. Before 0.4.20, TimeZone::now() fell back to UTC in the case it could not find the current timezone, but the new implementation panicked in that case.
• Correctly detect timezone on Android (also #756). Android does have the timezone database installed, but it's in a different path, and it does not use /etc/localtime to keep track of the current timezone. Instead we now use the iana-time-zone crate as a dependency, since it already has quite a bit of logic for finding the current timezone on a host of platforms.

Additionally, there is a documentation fix that reverts an incorrect guarantee:

• Document that %Y can have a negative value, both in formatting and in parsing (#760, thanks to @​alex)

0.4.20

chrono is a date and time library for Rust and 0.4.20 is the first chrono release since Sep 2020. There has been a long hiatus since the previous maintainer was no longer able to spend much time on the crate; thanks to @​quodlibetor for their stewardship of the chrono crate for many years! The new maintainers are @​djc and @​esheppa. Our first priority has been fixing the soundness issues with calls to localtime_r() as first reported in #499 and the RUSTSEC-2020-0159 advisory. In order to do this we adapted code from the tz-rs crate maintained by @​x-hgg-x for use within chrono -- thanks for working on that! With the new implementation, chrono uses safe Rust code to parse the timezone data files on Unix platforms directly instead of relying on libc.

Due to compatibility reasons, this release does not yet remove the time 0.1 dependency, though chrono 0.4.20 does not depend on the vulnerable parts of the time 0.1.x versions. In a future 0.5 release, we will remove the time dependency.

The minimum supported Rust version for 0.4.20 is 1.32.0, which is intentionally still quite conservative. If you are using chrono 0.4 with a Rust version older than 1.52, we'd like to hear from you since we'd like to further modernize the code base to ease maintenance.

Fixes

• Fix unsound call to localtime_r() by parsing timezone files in Rust on Unix (#677 and #728)
• Allow RFC 2822 parser to deal with comments (#733 then #737, thanks to @​Finomnis)
• Avoid panicking during parsing (#686, thanks to @​botahamec)
• Avoid panics when rounding durations (#659, thanks to @​ARBaart)
• Fix Duration::abs() behavior in case of negative durations with nanoseconds (#734, thanks to @​abreis)

Additions

• Make ParserErrorKind public and available through ParseError::kind() (#588, thanks to @​sbrocket)
• Expose associated MIN and MAX const values in favor of free-standing consts (#726)
• Add (optional) support for rkyv (#644 and #701, thanks to @​dovahcrow)
• Support month-based calculations against NaiveDate (#732 with follow up in #752, thanks to @​avantgardnerio)
• Add NaiveWeek type to facilitate week-based calculations (#666, thanks to @​sestrella)
• Add NaiveDateTime::and_local_timezone() method (#711, thanks to @​botahamec)
• Add DateTime::from_local() method (#572, thanks to @​retrhelo)
• Extend serde integration for NaiveDateTime (#664, thanks to @​nickelc)
• Implement DoubleEndedIterator for NaiveDateDaysIterator/NaiveDateWeeksIterator (#697, thanks to @​teobouvard)
• Implement std::iter::Sum for Duration (#522, thanks to @​jakevossen5)
• Add years_since() method to DateTime/Date (#557 then #707, thanks to @​yozhgoor)
• Implement AddAssign/SubAssign for DateTime/Date (#698, thanks to @​MrGunflame)
• Fix imports on WASM targets (#672, thanks to @​danielalvsaaker)
• Implement std::error::Error for ParseWeekdayError (#745)

Non-functional improvements

... (truncated)

Sourced from chrono's changelog.

0.4.22

• Allow wasmbindgen to be optional on wasm32-unknown-unknown target [(#771)](chronotope/chrono#771)
• Fix compile error for x86_64-fortanix-unknown-sgx [(#767)](chronotope/chrono#767)
• Update iana-time-zone version to 1.44 [(#773)](chronotope/chrono#773)

0.4.21

• Fall back to UTC timezone in cases where no timezone is found [(#756)](chronotope/chrono#756)
• Correctly detect timezone on Android [(#756)](chronotope/chrono#756)
• Improve documentation for strftime %Y specifier [(#760)](chronotope/chrono#760)

0.4.20

• Add more formatting documentation and examples.
• Add support for microseconds timestamps serde serialization/deserialization (#304)
• Fix DurationRound is not TZ aware (#495)
• Implement DurationRound for NaiveDateTime
• Implement std::iter::Sum for Duration
• Add DateTime::from_local() to construct from given local date and time (#572)
• Add a function that calculates the number of years elapsed between now and a given Date or DateTime (#557)
• Correct build for wasm32-unknown-emscripten target (#568)
• Change Local::now() and Utc::now() documentation from "current date" to "current date and time" (#647)
• Fix duration_round panic on rounding by Duration::zero() (#658)
• Add optional rkyv support.
• Add support for microseconds timestamps serde serialization for NaiveDateTime.
• Add support for optional timestamps serde serialization for NaiveDateTime.
• Fix build for wasm32-unknown-emscripten (@​yu-re-ka #593)
• Make ParseErrorKind public and available through ParseError::kind() (#588)
• Implement DoubleEndedIterator for NaiveDateDaysIterator and NaiveDateWeeksIterator
• Fix panicking when parsing a DateTime (@​botahamec)
• Add support for getting week bounds based on a specific NaiveDate and a Weekday (#666)
• Remove libc dependency from Cargo.toml.
• Add the and_local_timezone method to NaiveDateTime
• Fix the behavior of Duration::abs() for negative durations with non-zero nanos
• Add compatibility with rfc2822 comments (#733)
• Make js-sys and wasm-bindgen enabled by default when target is wasm32-unknown-unknown for ease of API discovery
• Add the Months struct and associated Add and Sub impls

• 4514276 update changelog
• db8bde3 Apply clippy suggestions
• f6b575c Bump version number to 0.4.22
• af69b90 Require iana-time-zone 0.1.44
• 84f98e0 set fallback feature in iana-time-zone depedency
• 511d368 Add sgx build to CI
• bee614a Do not include iana-time-zone for sgx
• fe4bd22 allow optional wasmbindgen
• 95223ee format: be specific about support year range
• 2d22e57 Bump version number to 0.4.21
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from worker's releases.

v0.0.10

Full Changelog: https://github.com/cloudflare/workers-rs/compare/v0.0.9...v0.0.10

• 7a103ef chore: increment workers-rs version
• 30d0694 chore: increment worker-macros version
• 7600a43 chore: increment worker-sys version
• 0e08565 chore: increment worker-build version
• fc9e825 Merge pull request #201 from Voltairine-de-Cleyre/patch-1
• a3eaf04 Update README.md
• 14c14fc Merge pull request #199 from cloudflare/zeb/export-secret-var
• 9ef1dfb fix: export Var and Secret
• eacdadd Merge pull request #198 from cloudflare/zeb/update-dependencies
• e5f11e2 chore: update dependencies
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from regex's changelog.

1.5.6 (2022-05-20)

This release includes a few bug fixes, including a bug that produced incorrect matches when a non-greedy ? operator was used.

• [BUG #680](rust-lang/regex#680): Fixes a bug where [[:alnum:][:^ascii:]] dropped [:alnum:] from the class.
• [BUG #859](rust-lang/regex#859): Fixes a bug where Hir::is_match_empty returned false for \b.
• [BUG #862](rust-lang/regex#862): Fixes a bug where 'ab??' matches 'ab' instead of 'a' in 'ab'.

1.5.5 (2022-03-08)

This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.

• SECURITY #GHSA-m5pq-gvj9-9vr8: Fixes a bug in the regex compiler where empty sub-expressions subverted the existing mitigations in place to enforce a size limit on compiled regexes. The Rust Security Response WG published an advisory about this: https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw

• 9aef5b1 1.5.6
• 2931b07 syntax: bump minimum regex-syntax version to 0.6.26
• b41bde0 regex-syntax-0.6.26
• d98da65 changelog: 1.5.6
• 1c19619 syntax: fix literal extraction for 'ab??'
• 88a2a62 syntax: fix 'is_match_empty' predicate
• 72f09f1 syntax: fix ascii class union bug
• b537286 doc: fix some typos
• 258bdf7 changelog: 1.5.5
• d130381 1.5.5
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.