• use an ip filter based on a sorted vector

  so that we can properly contrast the approaches: an implementation of an ip filter using a sorted vector.

  The BTreeMap provides sorted keys, but we don't really get any other benefit, and assume that storing the values in a Vec will be better versus a tree (e.g. scanning can be vectorized and data locality is better)

  This implementation is much smaller than the bitset implementation, and has very little complex logic (some bit shifts, that's it really). A clear win.

  But, the time complexity of a lookup (the important operation here, construction is performed once and hence I don't think its complexity is relevant) degrades from O(1) to O(n), where n is the number of IPs in the filter. That is unfortunate, but

  • we expect n to be small (couple dozen, at most)
  • the implementation can be readily vectorized
  • technically we can get it down to O(log n) by using a binary search instead of a linear scan. But I predict this is actually slower for small n

  So overall I'm in favor of this simpler, Vec-based approach

  opened by folkertdev 6
• Bump sentry from 0.27.0 to 0.28.0

  Bumps sentry from 0.27.0 to 0.28.0.

  Release notes

  Sourced from sentry's releases.

  0.28.0

  Breaking Changes:

  • The minimum supported Rust version was bumped to 1.60.0 due to requirements from dependencies. (#498)
  • Added the traces_sampler option to ClientOptions. This allows the user to customise sampling rates on a per-transaction basis. (#510)

  Features:

  • Add support for Profiling feature. (#479)
  • Add SSL_VERIFY option to control certificate verification. (#508)
  • Add Windows OS version to OS context (#499)
  • Add a tower-http feature as a shortcut (#493)

  Internal:

  • Take advantage of weak features in Rust 1.60 for TLS enablement (#454)
  • Turn off pprof default features (#491)
  • Change session update logic to follow the spec (#477)
  • Extract public event_from_error fn in sentry-anyhow (#476)

  Thank you:

  Features, fixes and improvements in this release have been contributed by:

  • @​MarijnS95
  • @​lpraneis
  • @​tommilligan

  Changelog

  Sourced from sentry's changelog.

  0.28.0

  Breaking Changes:

  • The minimum supported Rust version was bumped to 1.60.0 due to requirements from dependencies. (#498)
  • Added the traces_sampler option to ClientOptions. This allows the user to customise sampling rates on a per-transaction basis. (#510)

  Features:

  • Add support for Profiling feature. (#479)
  • Add SSL_VERIFY option to control certificate verification. (#508)
  • Add Windows OS version to OS context (#499)
  • Add a tower-http feature as a shortcut (#493)

  Internal:

  • Take advantage of weak features in Rust 1.60 for TLS enablement (#454)
  • Turn off pprof default features (#491)
  • Change session update logic to follow the spec (#477)
  • Extract public event_from_error fn in sentry-anyhow (#476)

  Thank you:

  Features, fixes and improvements in this release have been contributed by:

  • @​MarijnS95
  • @​lpraneis
  • @​tommilligan

  Commits

  • dc048f5 release: 0.28.0
  • d390b64 meta: 0.28 changelog (#511)
  • 0e021ba sentry-core: Add traces_sampler client option (#510)
  • 8e8f7c3 Take advantage of weak features in Rust 1.60 for TLS enablement (#454)
  • 89b31f8 ref: Improve Hub concurrency docs (#509)
  • e11ab3b feat(transport): Add option to disable SSL verification (#508)
  • af1b255 feat(profiling): Update to new standard Profile format (#504)
  • a433f63 feat(contexts): Add Windows OS version to OS context (#499)
  • bb81c88 feat(profiling): Use frame-pointer for stack unwinding and update to pprof 0....
  • a9f81cb doc: add few verbs and punctuation (#496)
  • Additional commits viewable in compare view

  
  

  

  Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

  ---

  Dependabot commands and options

  
  

  You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

  dependencies rust 

  opened by dependabot[bot] 5
• ntp-udp safety

  Various improvements to the analysis and isolation of unsafe code within the ntp-udp crate

  Note: This PR does 3 things:

  • It isolates each section of unsafe code in its own module such that that module has a safe interface.
  • It reworks some code to ensure the above is actually possible
  • It adds the argumentation why each of the unsafe code blocks has safe behaviour.

  The commits below are split consciously to make the review process hopefully easier. Each commit either moves stuff around, or reworks a specific bit for proving safety.

  opened by davidv1992 5
• send timestamps

  finally worked this out. Two links that helped me crack this

  • https://stackoverflow.com/questions/47313383/linux-udp-datagrams-and-kernel-timestamps-lots-of-examples-and-stackoversflow
  • https://pastebin.com/qd0gspRc

  the thing that nobody tells you is that these timestamping messages come in on the MSG_ERRQUEUE

  opened by folkertdev 5
• Client for observing state and dynamically changing configuration

  we have two unix sockets, by default

  /run/ntpd-rs/log-level
  /run/ntpd-rs/config
  

  the log level is unprotected, the config needs additional permissions.

  ---

  we can use https://docs.rs/tokio/latest/tokio/net/struct.UnixStream.html

  for sending data over the socket, use https://docs.rs/postcard/latest/postcard/ ? (or send json as bytes?)

  ---

  client --set-log-level=debug
  
  client --step-if-bigger=1000 --step-first-updates=10
  

  then we also need some observability features, some ideas

  client peers list # lists all remotes we are connected to
  client peers watch # show for each connected peer its `PeerStatus`
  

  opened by folkertdev 5
• Bump sentry-tracing from 0.27.0 to 0.28.0

  Bumps sentry-tracing from 0.27.0 to 0.28.0.

  Release notes

  Sourced from sentry-tracing's releases.

  0.28.0

  Breaking Changes:

  • The minimum supported Rust version was bumped to 1.60.0 due to requirements from dependencies. (#498)
  • Added the traces_sampler option to ClientOptions. This allows the user to customise sampling rates on a per-transaction basis. (#510)

  Features:

  • Add support for Profiling feature. (#479)
  • Add SSL_VERIFY option to control certificate verification. (#508)
  • Add Windows OS version to OS context (#499)
  • Add a tower-http feature as a shortcut (#493)

  Internal:

  • Take advantage of weak features in Rust 1.60 for TLS enablement (#454)
  • Turn off pprof default features (#491)
  • Change session update logic to follow the spec (#477)
  • Extract public event_from_error fn in sentry-anyhow (#476)

  Thank you:

  Features, fixes and improvements in this release have been contributed by:

  • @​MarijnS95
  • @​lpraneis
  • @​tommilligan

  Changelog

  Sourced from sentry-tracing's changelog.

  0.28.0

  Breaking Changes:

  • The minimum supported Rust version was bumped to 1.60.0 due to requirements from dependencies. (#498)
  • Added the traces_sampler option to ClientOptions. This allows the user to customise sampling rates on a per-transaction basis. (#510)

  Features:

  • Add support for Profiling feature. (#479)
  • Add SSL_VERIFY option to control certificate verification. (#508)
  • Add Windows OS version to OS context (#499)
  • Add a tower-http feature as a shortcut (#493)

  Internal:

  • Take advantage of weak features in Rust 1.60 for TLS enablement (#454)
  • Turn off pprof default features (#491)
  • Change session update logic to follow the spec (#477)
  • Extract public event_from_error fn in sentry-anyhow (#476)

  Thank you:

  Features, fixes and improvements in this release have been contributed by:

  • @​MarijnS95
  • @​lpraneis
  • @​tommilligan

  Commits

  • dc048f5 release: 0.28.0
  • d390b64 meta: 0.28 changelog (#511)
  • 0e021ba sentry-core: Add traces_sampler client option (#510)
  • 8e8f7c3 Take advantage of weak features in Rust 1.60 for TLS enablement (#454)
  • 89b31f8 ref: Improve Hub concurrency docs (#509)
  • e11ab3b feat(transport): Add option to disable SSL verification (#508)
  • af1b255 feat(profiling): Update to new standard Profile format (#504)
  • a433f63 feat(contexts): Add Windows OS version to OS context (#499)
  • bb81c88 feat(profiling): Use frame-pointer for stack unwinding and update to pprof 0....
  • a9f81cb doc: add few verbs and punctuation (#496)
  • Additional commits viewable in compare view

  
  

  

  Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

  ---

  Dependabot commands and options

  
  

  You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

  dependencies rust 

  opened by dependabot[bot] 4
• Origin Timestamp as Transaction ID

  reported by jsha

  The origin timestamp in outbound packets is used to identify reply packets. This is a good measure against off-path attackers, similar to how DNS uses source port randomization in addition to query id to make it hard for spoofed packets to interfere with operations.

  In ntp-proto/src/peer.rs, the next_expected_origin is kept live until either (a) a packet with that timestamp is accepted, or (b) the next poll interval arrives. Since the poll interval can be quite long at the maximum (many hours), this gives a long window for attackers to send packets guessing origin timestamp values. I recommend having a maximum time (on the order of seconds) past which reply packets won't be accepted, independent of the poll interval.

  I recommend adding a small random delay to the poll time to make it harder for an attacker to guess when a poll request is inflight. This also has the happy operational effect of preventing a situation where a fleet of clients all make their poll requests at the same time.

  Handle_incoming checks for a match with next_expected_origin before checking whether a packet is a Kiss-O'-Death (KoD) packet. The RFC says:

  The Receive Timestamp and the Transmit Timestamp (set by the server) are undefined when in a KoD packet and MUST NOT be relied upon to have valid values and MUST be discarded.

  This suggests KISS checks should come before the next_expected_origin checks and should not be able to redeem next_expected origin. The MUST discard suggests these fields should be cleared during packet parsing.

  The downside of following the spec here is that KISS packets can be easily forged by off-path attackers if they are not validated against next_expected_origin. In practice, do common NTP deployments copy the transmit timestamp? I suspect there may be some deployments where KISS packets are generated by a firewall without copying data from the inbound packet.

  opened by davidv1992 4
• Bump clap from 3.1.18 to 3.2.1

  Bumps clap from 3.1.18 to 3.2.1.

  Release notes

  Sourced from clap's releases.

  v3.2.0

  [3.2.0] - 2022-06-13

  Features

  • Parsed, typed arguments via Arg::value_parser / ArgMatches::{get_one,get_many} (#2683, #3732)
    • Several built-in TypedValueParsers available with an API open for expansion
    • value_parser!(T) macro for selecting a parser for a given type (#3732) and open to expansion via the ValueParserFactory trait (#3755)
    • [&str] is implicitly a value parser for possible values
    • All ArgMatches getters do not assume required arguments (#2505)
    • Add ArgMatches::remove_* variants to transfer ownership
    • Add ArgMatches::try_* variants to avoid panics for developer errors (#3621)
    • Add a get_raw to access the underlying OsStrs
    • PathBuf value parsers imply ValueHint::AnyPath for completions (#3732)
  • Explicit control over parsing via Arg::action (#3774)
    • ArgAction::StoreValue: existing takes_value(true) behavior
    • ArgAction::IncOccurrences: existing takes_value(false) behavior
    • ArgAction::Help: existing --help behavior
    • ArgAction::Version: existing --version behavior
    • ArgAction::Set: Overwrite existing values (like Arg::multiple_occurrences mixed with Command::args_override_self) (#3777)
    • ArgAction::Append: like Arg::multiple_occurrences (#3777)
    • ArgAction::SetTrue: Treat --flag as --flag=true (#3775)
      • Implies Arg::default_value("false") (#3786)
      • Parses Arg::env via Arg::value_parser
    • ArgAction::SetFalse: Treat --flag as --flag=false (#3775)
      • Implies Arg::default_value("true") (#3786)
      • Parses Arg::env via Arg::value_parser
    • ArgAction::Count: Treat --flag --flag --flag as --flag=1 --flag=2 --flag=3 (#3775)
      • Implies Arg::default_value("0") (#3786)
      • Parses Arg::env via Arg::value_parser
  • (derive) Opt-in to new Arg::value_parser / Arg::action with either #[clap(value_parser)] (#3589, #3742) / #[clap(action)] attributes (#3794)
    • Default ValueParser is determined by value_parser! (#3199, #3496)
    • Default ArgAction is determine by a hard-coded lookup on the type (#3794)
  • Command::multicall is now stable for busybox-like programs and REPLs (#2861, #3684)
  • ArgMatches::{try_,}contains_id for checking if there are values for an argument that mirrors the new get_{one,many} API

  Fixes

  parser

  • Set ArgMatches::value_source and ArgMatches::occurrences_of for external subcommands (#3732)
  • Use value delimiter for Arg::default_missing_values (#3761, #3765)
  • SplitArg::default_value / Arg::env on value delimiters independent of whether -- was used (#3765)
  • Allow applying defaults to flags (#3294, 3775)
  • Defaults no longer satisfy required and its variants (#3793)

  Compatibility

  MSRV is now 1.56.0 (#3732)

  Behavior

  ... (truncated)

  Changelog

  Sourced from clap's changelog.

  [3.2.1] - 2022-06-13

  [3.2.0] - 2022-06-13

  Features

  • Parsed, typed arguments via Arg::value_parser / ArgMatches::{get_one,get_many} (#2683, #3732)
    • Several built-in TypedValueParsers available with an API open for expansion
    • value_parser!(T) macro for selecting a parser for a given type (#3732) and open to expansion via the ValueParserFactory trait (#3755)
    • [&str] is implicitly a value parser for possible values
    • All ArgMatches getters do not assume required arguments (#2505)
    • Add ArgMatches::remove_* variants to transfer ownership
    • Add ArgMatches::try_* variants to avoid panics for developer errors (#3621)
    • Add a get_raw to access the underlying OsStrs
    • PathBuf value parsers imply ValueHint::AnyPath for completions (#3732)
  • Explicit control over parsing via Arg::action (#3774)
    • ArgAction::StoreValue: existing takes_value(true) behavior
    • ArgAction::IncOccurrences: existing takes_value(false) behavior
    • ArgAction::Help: existing --help behavior
    • ArgAction::Version: existing --version behavior
    • ArgAction::Set: Overwrite existing values (like Arg::multiple_occurrences mixed with Command::args_override_self) (#3777)
    • ArgAction::Append: like Arg::multiple_occurrences (#3777)
    • ArgAction::SetTrue: Treat --flag as --flag=true (#3775)
      • Implies Arg::default_value("false") (#3786)
      • Parses Arg::env via Arg::value_parser
    • ArgAction::SetFalse: Treat --flag as --flag=false (#3775)
      • Implies Arg::default_value("true") (#3786)
      • Parses Arg::env via Arg::value_parser
    • ArgAction::Count: Treat --flag --flag --flag as --flag=1 --flag=2 --flag=3 (#3775)
      • Implies Arg::default_value("0") (#3786)
      • Parses Arg::env via Arg::value_parser
  • (derive) Opt-in to new Arg::value_parser / Arg::action with either #[clap(value_parser)] (#3589, #3742) / #[clap(action)] attributes (#3794)
    • Default ValueParser is determined by value_parser! (#3199, #3496)
    • Default ArgAction is determine by a hard-coded lookup on the type (#3794)
  • Command::multicall is now stable for busybox-like programs and REPLs (#2861, #3684)
  • ArgMatches::{try_,}contains_id for checking if there are values for an argument that mirrors the new get_{one,many} API

  Fixes

  parser

  • Set ArgMatches::value_source and ArgMatches::occurrences_of for external subcommands (#3732)
  • Use value delimiter for Arg::default_missing_values (#3761, #3765)
  • SplitArg::default_value / Arg::env on value delimiters independent of whether -- was used (#3765)
  • Allow applying defaults to flags (#3294, 3775)
  • Defaults no longer satisfy required and its variants (#3793)

  Compatibility

  MSRV is now 1.56.0 (#3732)

  ... (truncated)

  Commits

  • 650a29c chore: Release
  • 73ea5bc chore: Release
  • 4e56acf chore: Release
  • 45d8bb1 chore: Release
  • bd56054 docs(lex): Update changelog
  • d25b805 Merge pull request #3821 from epage/test
  • 1d053e9 docs: Update changelog
  • d72b313 test: Match rest of style
  • c8b45f7 Merge pull request #3820 from epage/panic
  • 3eacf5b fix(builder): Don't double-has arg id in default_value_ifs_os (#3815)
  • Additional commits viewable in compare view

  
  

  

  Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

  ---

  Dependabot commands and options

  
  

  You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

  dependencies 

  opened by dependabot[bot] 4
• Bump tokio from 1.18.2 to 1.19.2

  Bumps tokio from 1.18.2 to 1.19.2.

  Release notes

  Sourced from tokio's releases.

  Tokio v1.19.1

  1.19.1 (June 5, 2022)

  This release fixes a bug in Notified::enable. (#4747)

  #4747: tokio-rs/tokio#4747

  Tokio v1.19.0

  1.19.0 (June 3, 2022)

  Added

  • runtime: add is_finished method for JoinHandle and AbortHandle (#4709)
  • runtime: make global queue and event polling intervals configurable (#4671)
  • sync: add Notified::enable (#4705)
  • sync: add watch::Sender::send_if_modified (#4591)
  • sync: add resubscribe method to broadcast::Receiver (#4607)
  • net: add take_error to TcpSocket and TcpStream (#4739)

  Changed

  • io: refactor out usage of Weak in the io handle (#4656)

  Fixed

  • macros: avoid starvation in join! and try_join! (#4624)

  Documented

  • runtime: clarify semantics of tasks outliving block_on (#4729)
  • time: fix example for MissedTickBehavior::Burst (#4713)

  Unstable

  • metrics: correctly update atomics in IoDriverMetrics (#4725)
  • metrics: fix compilation with unstable, process, and rt, but without net (#4682)
  • task: add #[track_caller] to JoinSet/JoinMap (#4697)
  • task: add Builder::{spawn_on, spawn_local_on, spawn_blocking_on} (#4683)
  • task: add consume_budget for cooperative scheduling (#4498)
  • task: add join_set::Builder for configuring JoinSet tasks (#4687)
  • task: update return value of JoinSet::join_one (#4726)

  #4498: tokio-rs/tokio#4498 #4591: tokio-rs/tokio#4591 #4607: tokio-rs/tokio#4607 #4624: tokio-rs/tokio#4624 #4656: tokio-rs/tokio#4656 #4671: tokio-rs/tokio#4671 #4682: tokio-rs/tokio#4682 #4683: tokio-rs/tokio#4683 #4687: tokio-rs/tokio#4687 #4697: tokio-rs/tokio#4697 #4705: tokio-rs/tokio#4705 #4709: tokio-rs/tokio#4709 #4713: tokio-rs/tokio#4713 #4725: tokio-rs/tokio#4725 #4726: tokio-rs/tokio#4726 #4729: tokio-rs/tokio#4729

  ... (truncated)

  Commits

  • See full diff in compare view

  
  

  

  Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

  ---

  Dependabot commands and options

  
  

  You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

  dependencies 

  opened by dependabot[bot] 4
• Bump libc from 0.2.135 to 0.2.136

  Bumps libc from 0.2.135 to 0.2.136.

  Release notes

  Sourced from libc's releases.

  0.2.136

  What's Changed

  • Ignore arm-linux-androideabi on bors by @​JohnTitor in rust-lang/libc#2959
  • add some time functions on glibc and musl by @​SteveLauC in rust-lang/libc#2957
  • Add support for tvOS by @​thomcc in rust-lang/libc#2958
  • implement ifreq for linux by @​folkertdev in rust-lang/libc#2960
  • adds putenv call to win32. by @​devnexen in rust-lang/libc#2964
  • solarish: Fix libsendfile symbol dependency by @​pfmooney in rust-lang/libc#2970
  • openbsd: add more locale constants for use with newlocale() by @​semarie in rust-lang/libc#2965
  • linux add missing SIOC* constants. by @​devnexen in rust-lang/libc#2967
  • Redox updates by @​jackpot51 in rust-lang/libc#2966
  • add missing clockid_t on macOS by @​name1e5s in rust-lang/libc#2968
  • linux fixes recvmmsg flags type for musl/emscripten. by @​devnexen in rust-lang/libc#2963
  • Add more MNT_ flags on {Dragonfly,Net,Open}BSD by @​asomers in rust-lang/libc#2973
  • illumos: Remove obsolete (and private) a.out define by @​pfmooney in rust-lang/libc#2969
  • Prepare 0.2.136 release by @​JohnTitor in rust-lang/libc#2975

  Full Changelog: https://github.com/rust-lang/libc/compare/0.2.135...0.2.136

  Commits

  • 09ad0b3 Auto merge of #2975 - JohnTitor:release-0.2.136, r=JohnTitor
  • 5e3c708 Prepare 0.2.136 release
  • 71b864d Auto merge of #2969 - pfmooney:illumos-aout, r=JohnTitor
  • cc19b6f Auto merge of #2973 - asomers:MNT_bsd, r=JohnTitor
  • 8acaac5 Add new definitions to libc-test/semver
  • a59c842 Auto merge of #2963 - devnexen:recvmsg_linux_fix, r=JohnTitor
  • cfa3116 Style fixes, and filter out duplicate definitions
  • 138202d Add more MNT_ flags on {Dragonfly,Net,Open}BSD
  • 00204b0 warns that in the near future the MSG_* constants will have
  • 0488a83 Auto merge of #2968 - name1e5s:macos_clocks, r=JohnTitor
  • Additional commits viewable in compare view

  
  

  

  Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

  ---

  Dependabot commands and options

  
  

  You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

  dependencies rust 

  opened by dependabot[bot] 3
• [StepSecurity] ci: Harden GitHub Actions

  Summary

  This is an automated pull request generated by Secure Workflows at the request of @jauderho. Please merge the Pull Request to incorporate the requested changes. Please tag @jauderho on your message if you have any questions related to the PR. You can also engage with the StepSecurity team by tagging @step-security-bot.

  Security Fixes

  Pinned Dependencies

  A pinned dependency is a dependency that is explicitly set to a specific hashed version instead of a mutable version. Pinned dependencis ensure that development and deployment are done with the same software versions which reduces deployment risks, and enables reproducibility. It can help mitigate compromised dependencies from undermining the security of the project in certain scenarios. The dependencies were pinned using Secure WorkFlows

  • GitHub Security Guide
  • The Open Source Security Foundation (OpenSSF) Security Guide

  Feedback

  For bug reports, feature requests, and general feedback; please create an issue in step-security/secure-workflows or contact us via our website.

  Signed-off-by: StepSecurity Bot [email protected]

  opened by step-security-bot 3
• Bump prometheus-client from 0.18.1 to 0.19.0

  Bumps prometheus-client from 0.18.1 to 0.19.0.

  Release notes

  Sourced from prometheus-client's releases.

  v0.19.0

  See changelog for details.

  v0.19.0-alpha.2

  See changelog for details.

  v0.19.0-alpha

  See changelog for details.

  Changelog

  Sourced from prometheus-client's changelog.

  [0.19.0]

  This is a large release including multiple breaking changes. Major user-facing improvement of this release is support for the OpenMetrics Protobuf format.

  Upgrade guide:

  • Don't box before registering.

      registry.register(
          "my_metric",
          "This is my metric",
    -      Box::new(my_metric.clone()),
    +      my_metric.clone(),
      );
    

  • Gauge uses i64 instead of u64.

      my_gauge
    -     .set(42u64);
    +     .set(42i64);
    

  • Derive EncodeLabelSet for struct and EncodeLabelValue for enum instead of just Encode for all and require Debug.

    - #[derive(Clone, Hash, PartialEq, Eq, Encode)]
    + #[derive(Clone, Hash, PartialEq, Eq, EncodeLabelSet, Debug)]
      struct Labels {
          path: String,
          method: Method,
          some_number: u64,
      }
    
    #[derive(Clone, Hash, PartialEq, Eq, Encode)]
    
    
    #[derive(Clone, Hash, PartialEq, Eq, EncodeLabelValue, Debug)]
    enum Method {
    Get,
    #[allow(dead_code)]
    Put,
    }
    

• Encode as utf-8 and not as [u8].

  - let mut buffer = vec![];
  

... (truncated)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.