Sourced from clap's releases.

v4.4.3

[4.4.3] - 2023-09-12

Documentation

• (derive) Clarify use of attributes within the tutorial
• Split sections in the builder and derive tutorials into separate modules

Sourced from clap's changelog.

[4.4.3] - 2023-09-12

Documentation

• (derive) Clarify use of attributes within the tutorial
• Split sections in the builder and derive tutorials into separate modules

• e9668b3 chore: Release
• bc4986e docs: Update changelog
• 3d53641 Merge pull request #5122 from epage/docs
• 32586c7 docs(tutorial): Split into separate modules per section
• 5f6d4a3 docs(tutorial): Split out into a module
• 20987de Merge pull request #5121 from epage/docs
• 9e7404b docs(tutorial): Attempt to clarify attributes
• db97a2c docs(derive): Clarify value attributes are for PossibleValue
• 37ba607 chore: Release
• 3234c74 docs: Update changelog
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from serde_json's releases.

v1.0.106

• Add Value::as_number accessor (#1069, thanks @​chanced)
• Add Number::as_str accessor under "arbitrary_precision" feature (#1067, thanks @​chanced)

• 45f10ec Release 1.0.106
• f346308 Elaborate on documentation of Number::as_str
• f16cad6 Add cfg banner to documentation of Number::as_str
• fc8dd13 Touch up PR 1067
• 028b643 Merge pull request #1067 from chanced/add-as_str-to-number
• db75c22 Fix unintended u8 link inferred by intra doc link
• 11b603c Resolve rustdoc::redundant_explicit_links lint
• 95c5d6c Fix documentation typo from PR 1069
• 5a39516 Reorder Value::as_number after is_number
• 6a5fef9 Wrap as_number documentation to 80 columns
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from clap_complete's releases.

v4.4.1

[4.4.1] - 2023-08-28

Features

• Stabilize Command::styles

Sourced from clap_complete's changelog.

[4.4.1] - 2023-08-28

Features

• Stabilize Command::styles

• 6eac611 chore: Release
• a2f8b1a docs: Update changelog
• 1509828 Merge pull request #5114 from jporwal05/master
• 34291a2 fix: (fish-completion) Help for value enum
• ca06c32 test: (completion) enum value help
• 7f5eac7 chore(gh): Ensure we can test latest deps
• dc63cba chore(deps): update compatible (dev) (#5108)
• 3cd571e chore: Release
• 59f1d01 docs: Update changelog
• 7a4f7d3 Merge pull request #5106 from epage/once
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from chrono's releases.

0.4.30

In this release, we have decided to swap out the chrono::Duration type (which has been a re-export of time 0.1 Duration type) with our own definition, which exposes a strict superset of the time::Duration API. This helps avoid warnings about the CVE-2020-26235 and RUSTSEC-2020-0071 advisories for downstream users and allows us to improve the Duration API going forward.

While this is technically a SemVer-breaking change, we expect the risk of downstream users experiencing actual incompatibility to be exceedingly limited (see our analysis of public code using a crater-like experiment), and not enough justification for the large ecosystem churn of a 0.5 release. If you have any feedback on these changes, please let us know in #1268.

Additions

• Add NaiveDate::leap_year (#1261)

Documentation

• Update main documentation from README (#1260, thanks @​Stygmates)
• Add history of relation between chrono and time 0.1 to documentation (chronotope/chrono#1264, chronotope/chrono#1266)
• Clarify Timelike::num_seconds_from_midnight is a simple mapping (#1255)

Relation between chrono and time 0.1

Rust first had a time module added to std in its 0.7 release. It later moved to libextra, and then to a libtime library shipped alongside the standard library. In 2014 work on chrono started in order to provide a full-featured date and time library in Rust. Some improvements from chrono made it into the standard library; notably, chrono::Duration was included as std::time::Duration (rust#15934) in 2014.

In preparation of Rust 1.0 at the end of 2014 libtime was moved out of the Rust distro and into the time crate to eventually be redesigned (rust#18832, rust#18858), like the num and rand crates. Of course chrono kept its dependency on this time crate. time started re-exporting std::time::Duration during this period. Later, the standard library was changed to have a more limited unsigned Duration type (rust#24920, RFC 1040), while the time crate kept the full functionality with time::Duration. time::Duration had been a part of chrono's public API.

By 2016 time 0.1 lived under the rust-lang-deprecated organisation and was not actively maintained (time#136). chrono absorbed the platform functionality and Duration type of the time crate in chrono#478 (the work started in chrono#286). In order to preserve compatibility with downstream crates depending on time and chrono sharing a Duration type, chrono kept depending on time 0.1. chrono offered the option to opt out of the time dependency by disabling the oldtime feature (swapping it out for an effectively similar chrono type). In 2019, @​jhpratt took over maintenance on the time crate and released what amounts to a new crate as time 0.2.

Security advisories

In November of 2020 CVE-2020-26235 and RUSTSEC-2020-0071 were opened against the time crate. @​quininer had found that calls to localtime_r may be unsound (chrono#499). Eventually, almost a year later, this was also made into a security advisory against chrono as RUSTSEC-2020-0159, which had platform code similar to time.

On Unix-like systems a process is given a timezone id or description via the TZ environment variable. We need this timezone data to calculate the current local time from a value that is in UTC, such as the time from the system clock. time 0.1 and chrono used the POSIX function localtime_r to do the conversion to local time, which reads the TZ variable.

Rust assumes the environment to be writable and uses locks to access it from multiple threads. Some other programming languages and libraries use similar locking strategies, but these are typically not shared across languages. More importantly, POSIX declares modifying the environment in a multi-threaded process as unsafe, and getenv in libc can't be changed to take a lock because it returns a pointer to the data (see rust#27970 for more discussion).

Since version 4.20 chrono no longer uses localtime_r, instead using Rust code to query the timezone (from the TZ variable or via iana-time-zone as a fallback) and work with data from the system timezone database directly. The code for this was forked from the tz-rs crate by @​x-hgg-x. As such, chrono now respects the Rust lock when reading the TZ environment variable. In general, code should avoid modifying the environment.

... (truncated)

• 101ca7e Bump version to 0.4.30
• eee59e3 Rewrite history sections for clarity and consistency
• 7387fe7 Add history of chrono and time 0.1 to main documentation
• 8509da4 Apply Clippy suggestions for duration module
• 9d7fafe Remove mention of oldtime from documentation
• 27ea7e9 Rename oldtime module to duration
• 8f5becd Drop time 0.1 as optional dependency
• f4aefc7 Clarify Timelike::num_seconds_from_midnight is a simple mapping
• 1903778 Add NaiveDate::leap_year
• 84334df Update readme
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

• Update default runtime to node20 by @​takost in actions/checkout#1436
• Support fetching without the --progress option by @​simonbaird in actions/checkout#1067
• Release 4.0.0 by @​takost in actions/checkout#1447

New Contributors

• @​takost made their first contribution in actions/checkout#1436
• @​simonbaird made their first contribution in actions/checkout#1067

Full Changelog: https://github.com/actions/checkout/compare/v3...v4.0.0

v3.6.0

What's Changed

• Mark test scripts with Bash'isms to be run via Bash by @​dscho in actions/checkout#1377
• Add option to fetch tags even if fetch-depth > 0 by @​RobertWieczoreck in actions/checkout#579
• Release 3.6.0 by @​luketomlinson in actions/checkout#1437

New Contributors

• @​RobertWieczoreck made their first contribution in actions/checkout#579
• @​luketomlinson made their first contribution in actions/checkout#1437

Full Changelog: https://github.com/actions/checkout/compare/v3.5.3...v3.6.0

v3.5.3

What's Changed

• Fix: Checkout Issue in self hosted runner due to faulty submodule check-ins by @​megamanics in actions/checkout#1196
• Fix typos found by codespell by @​DimitriPapadopoulos in actions/checkout#1287
• Add support for sparse checkouts by @​dscho and @​dfdez in actions/checkout#1369
• Release v3.5.3 by @​TingluoHuang in actions/checkout#1376

New Contributors

• @​megamanics made their first contribution in actions/checkout#1196
• @​DimitriPapadopoulos made their first contribution in actions/checkout#1287
• @​dfdez made their first contribution in actions/checkout#1369

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.5.3

v3.5.2

What's Changed

• Fix: Use correct API url / endpoint in GHES by @​fhammerl in actions/checkout#1289 based on #1286 by @​1newsr

Full Changelog: https://github.com/actions/checkout/compare/v3.5.1...v3.5.2

v3.5.1

What's Changed

• Improve checkout performance on Windows runners by upgrading @​actions/github dependency by @​BrettDong in actions/checkout#1246

New Contributors

• @​BrettDong made their first contribution in actions/checkout#1246

... (truncated)

Sourced from actions/checkout's changelog.

Changelog

v4.0.0

• Support fetching without the --progress option
• Update to node20

v3.6.0

• Fix: Mark test scripts with Bash'isms to be run via Bash
• Add option to fetch tags even if fetch-depth > 0

v3.5.3

• Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
• Fix typos found by codespell
• Add support for sparse checkouts

v3.5.2

• Fix api endpoint for GHES

v3.5.1

• Fix slow checkout on Windows

v3.5.0

• Add new public key for known_hosts

v3.4.0

• Upgrade codeql actions to v2
• Upgrade dependencies
• Upgrade @​actions/io

v3.3.0

• Implement branch list using callbacks from exec function
• Add in explicit reference to private checkout options
• [Fix comment typos (that got added in #770)](actions/checkout#1057)

v3.2.0

• Add GitHub Action to perform release
• Fix status badge
• Replace datadog/squid with ubuntu/squid Docker image
• Wrap pipeline commands for submoduleForeach in quotes
• Update @​actions/io to 1.1.2
• Upgrading version to 3.2.0

v3.1.0

• Use @​actions/core saveState and getState
• Add github-server-url input

v3.0.2

• Add input set-safe-directory

v3.0.1

... (truncated)

• 3df4ab1 Release 4.0.0 (#1447)
• 8b5e8b7 Support fetching without the --progress option (#1067)
• 97a652b Update default runtime to node20 (#1436)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from clap's releases.

v4.4.4

[4.4.4] - 2023-09-18

Internal

• Update terminal_size to 0.3

v4.4.3

[4.4.3] - 2023-09-12

Documentation

• (derive) Clarify use of attributes within the tutorial
• Split sections in the builder and derive tutorials into separate modules

Sourced from clap's changelog.

[4.4.4] - 2023-09-18

Internal

• Update terminal_size to 0.3

[4.4.3] - 2023-09-12

Documentation

• (derive) Clarify use of attributes within the tutorial
• Split sections in the builder and derive tutorials into separate modules

• e6e5396 chore: Release
• acbb60c docs: Update changelog
• f09d521 Merge pull request #5129 from cgwalters/widen-terminal-size
• 84f99ff chore(builder): Bump terminal_size to 0.3
• 7f8df27 Merge pull request #5124 from devinherron/master
• 4dff873 fix(doc): Fix typo in 03_04_subcommands.md
• e9668b3 chore: Release
• bc4986e docs: Update changelog
• 3d53641 Merge pull request #5122 from epage/docs
• 32586c7 docs(tutorial): Split into separate modules per section
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from chrono's releases.

0.4.31

Another maintenance release. It was not a planned effort to improve our support for UNIX timestamps, yet most PRs seem related to this.

Deprecations

• Deprecate timestamp_nanos in favor of the non-panicking timestamp_nanos_opt (#1275)

Additions

• Add DateTime::<Utc>::from_timestamp (#1279, thanks @​demurgos)
• Add TimeZone::timestamp_micros (#1285, thanks @​emikitas)
• Add DateTime<Tz>::timestamp_nanos_opt and NaiveDateTime::timestamp_nanos_opt (#1275)
• Add UNIX_EPOCH constants (#1291)

Fixes

• Format day of month in RFC 2822 without padding (#1272)
• Don't allow strange leap seconds which are not on a minute boundary initialization methods (#1283) This makes many methods a little more strict:
  • NaiveTime::from_hms_milli
  • NaiveTime::from_hms_milli_opt
  • NaiveTime::from_hms_micro
  • NaiveTime::from_hms_micro_opt
  • NaiveTime::from_hms_nano
  • NaiveTime::from_hms_nano_opt
  • NaiveTime::from_num_seconds_from_midnight
  • NaiveTime::from_num_seconds_from_midnight_opt
  • NaiveDate::and_hms_milli
  • NaiveDate::and_hms_milli_opt
  • NaiveDate::and_hms_micro
  • NaiveDate::and_hms_micro_opt
  • NaiveDate::and_hms_nano
  • NaiveDate::and_hms_nano_opt
  • NaiveDateTime::from_timestamp
  • NaiveDateTime::from_timestamp_opt
  • TimeZone::timestamp
  • TimeZone::timestamp_opt
• Fix underflow in NaiveDateTime::timestamp_nanos_opt (#1294, thanks @​crepererum)

Documentation

• Add more documentation about the RFC 2822 obsolete date format (#1267)

Internal

• Remove internal __doctest feature and doc_comment dependency (#1276)
• CI: Bump actions/checkout from 3 to 4 (#1280)
• Optimize NaiveDate::add_days for small values (#1214)
• Upgrade pure-rust-locales to 0.7.0 (#1288, thanks @​jeremija wo did good improvements on pure-rust-locales)

Thanks to all contributors on behalf of the chrono team, @​djc and @​pitdicker!

0.4.30

In this release, we have decided to swap out the chrono::Duration type (which has been a re-export of time 0.1 Duration type) with our own definition, which exposes a strict superset of the time::Duration API. This helps avoid warnings about the [CVE-2020-26235] and [RUSTSEC-2020-0071] advisories for downstream users and allows us to improve the Duration API going forward.

... (truncated)

• e730c6a Bump version to 0.4.31
• 2afdde8 fix: underflow during datetime->nanos conversion
• 46ad2c2 Add UNIX_EPOCH constants
• 1df8db3 Add TimeZone::timestamp_micros
• 861d4e1 Make TimeZone::timestamp_millis_opt use
• 3c4846a Upgrade pure-rust-locales to 0.7.0
• 6665804 Deny leap second if secs != 59 in from_num_seconds_from_midnight_opt
• 61b7ffb Deny leap second if secs != 59 in from_hms_nano_opt
• 202af6c Don't generate leap seconds that are not 60 in NaiveTime's Arbitrary impl
• 60283ab Don't create strange leap seconds in tests
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from clap_complete's releases.

v4.4.2

[4.4.2] - 2023-08-31

Performance

• Improve build times by removing once_cell dependency

v4.4.1

[4.4.1] - 2023-08-28

Features

• Stabilize Command::styles

Sourced from clap_complete's changelog.

[4.4.2] - 2023-08-31

Performance

• Improve build times by removing once_cell dependency

[4.4.1] - 2023-08-28

Features

• Stabilize Command::styles

• 2045528 chore: Release
• 55d2230 docs: Update changelog
• 492ee03 Merge pull request #5140 from epage/dyn
• 017c258 fix(complete): Include positionals in subcommands
• 82c93ce test(complete): Verify dynamic subcommand positional completion
• c298f6a chore: Release
• 463d6c5 docs: Update changelog
• 3ac4404 Merge pull request #5025 from SUPERCILEX/resolve-alias-conflicts
• a76789e fix: Make long subcommand flag inference consistent
• c2b8ec3 fix: Resolve conflicting name inference if from aliases
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from serde_json's releases.

v1.0.107

• impl IntoDeserializer for &RawValue (#1071)

v1.0.106

• Add Value::as_number accessor (#1069, thanks @​chanced)
• Add Number::as_str accessor under "arbitrary_precision" feature (#1067, thanks @​chanced)

• b6e113f Release 1.0.107
• 00626a0 Merge pull request #1073 from dtolnay/rawvalue
• b9d296f IntoDeserializer for &RawValue
• 4ea34a2 Merge pull request #1072 from dtolnay/rawvalue
• fe30766 Support deserializing from &RawValue
• 2c22077 Merge pull request #1062 from osiewicz/remove_build_rs
• 04f7758 fixup! chore: Remove no_btreemap_get_key_value and no_btreemap_remove_entry.
• 83bdc5f Omit return keyword in remove_entry
• 89a2741 Revert "Remove limb_width32 and limb_width64 features"
• 45f10ec Release 1.0.106
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)