v8.1.0

Compare Source

Changed/Fixed

• Upgrade asn1-rs to 0.5.0 (new features only: only increment minor number)

v8.0.0

Compare Source

Changed/Fixed

• Upgrade asn1-rs to 0.4.0 This causes an increment of the major number, because asn1-rs is re-exported

Sourced from crossbeam-utils's releases.

crossbeam-utils 0.8.8

• Fix a bug when unstable loom support is enabled. (#787)

crossbeam-utils 0.8.7

• Add AtomicCell<{i*,u*}>::{fetch_max,fetch_min}. (#785)
• Add AtomicCell<{i*,u*,bool}>::fetch_nand. (#785)
• Fix unsoundness of AtomicCell<{i,u}64> arithmetics on 32-bit targets that support Atomic{I,U}64 (#781)

crossbeam-utils 0.8.6

• Re-add AtomicCell<{i,u}64>::{fetch_add,fetch_sub,fetch_and,fetch_or,fetch_xor} that were accidentally removed in 0.8.0 0.7.1 on targets that do not support Atomic{I,U}64. (#767)
• Re-add AtomicCell<{i,u}128>::{fetch_add,fetch_sub,fetch_and,fetch_or,fetch_xor} that were accidentally removed in 0.8.0 0.7.1. (#767)

• 5b4d808 Merge #800
• 6fa7246 Prepare for the next release
• 8efcd02 Merge #798
• baedeb0 channel: Do not panic on very large timeout
• 113daf4 Merge #799
• 5cb7cac Update no_atomic.rs
• 0081fcc Merge #789 #797
• 7b2d65f Update to stabilized const_fn_trait_bound
• bd75c3c Add force_push to ArrayQueue
• b11f1a8 Merge #793
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

v1.23.1: Tokio v1.23.1

Compare Source

This release forward ports changes from 1.18.4.

Fixed

• net: fix Windows named pipe server builder to maintain option when toggling pipe mode (#​5336).

Sourced from tokio's releases.

Tokio v1.23.1

This release forward ports changes from 1.18.4.

Fixed

• net: fix Windows named pipe server builder to maintain option when toggling pipe mode (#5336).

#5336: tokio-rs/tokio#5336

• 1a997ff chore: prepare Tokio v1.23.1 release
• a8fe333 Merge branch 'tokio-1.20.x' into tokio-1.23.x
• ba81945 chore: prepare Tokio 1.20.3 release
• 763bdc9 ci: run WASI tasks using latest Rust
• 9f98535 Merge remote-tracking branch 'origin/tokio-1.18.x' into fix-named-pipes-1.20
• 9241c3e chore: prepare Tokio v1.18.4 release
• 699573d net: fix named pipes server configuration builder
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from json5's releases.

v2.2.3

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from json5's releases.

v2.2.3

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from json5's releases.

v2.2.3

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

v1.0.68

Compare Source

• Opt out of -Zrustdoc-scrape-examples on docs.rs for now

v1.0.67

Compare Source

• Improve the backtrace captured when context() is used on an Option (#​280)

v0.1.61

Compare Source

• Fix async function signatures that involve #[cfg(...)] attributes on parameters (#​227, thanks @​azriel91)

v0.1.60

Compare Source

• Documentation improvements

v0.21.0

Compare Source

(not yet released)

Migration

Functions

| < 0.20 function | 0.21 equivalent | |-------------------------|-------------------------------------------------------------------------------------| | encode() | engine::general_purpose::STANDARD.encode() or prelude::BASE64_STANDARD.encode() | | encode_config() | engine.encode() | | encode_config_buf() | engine.encode_string() | | encode_config_slice() | engine.encode_slice() | | decode() | engine::general_purpose::STANDARD.decode() or prelude::BASE64_STANDARD.decode() | | decode_config() | engine.decode() | | decode_config_buf() | engine.decode_vec() | | decode_config_slice() | engine.decode_slice() |

The short-lived 0.20 functions were the 0.13 functions with config replaced with engine.

Padding

If applicable, use the preset engines engine::STANDARD, engine::STANDARD_NO_PAD, engine::URL_SAFE, or engine::URL_SAFE_NO_PAD. The NO_PAD ones require that padding is absent when decoding, and the others require that canonical padding is present .

If you need the < 0.20 behavior that did not care about padding, or want to recreate < 0.20.0's predefined Configs precisely, see the following table.

| 0.13.1 Config | 0.20.0+ alphabet | encode_padding | decode_padding_mode | |-----------------|------------------|------------------|-----------------------| | STANDARD | STANDARD | true | Indifferent | | STANDARD_NO_PAD | STANDARD | false | Indifferent | | URL_SAFE | URL_SAFE | true | Indifferent | | URL_SAFE_NO_PAD | URL_SAFE | false | Indifferent |

v0.20.0

Compare Source

Breaking changes

• Update MSRV to 1.57.0
• Decoding can now either ignore padding, require correct padding, or require no padding. The default is to require correct padding.
  • The NO_PAD config now requires that padding be absent when decoding.

0.20.0-alpha.1

Breaking changes

• Extended the Config concept into the Engine abstraction, allowing the user to pick different encoding / decoding implementations.
  • What was formerly the only algorithm is now the FastPortable engine, so named because it's portable (works on any CPU) and relatively fast.
  • This opens the door to a portable constant-time implementation (#​153, presumably ConstantTimePortable?) for security-sensitive applications that need side-channel resistance, and CPU-specific SIMD implementations for more speed.
  • Standard base64 per the RFC is available via DEFAULT_ENGINE. To use different alphabets or other settings ( padding, etc), create your own engine instance.
• CharacterSet is now Alphabet (per the RFC), and allows creating custom alphabets. The corresponding tables that were previously code-generated are now built dynamically.
• Since there are already multiple breaking changes, various functions are renamed to be more consistent and discoverable.
• MSRV is now 1.47.0 to allow various things to use const fn.
• DecoderReader now owns its inner reader, and can expose it via into_inner(). For symmetry, EncoderWriter can do the same with its writer.
• encoded_len is now public so you can size encode buffers precisely.

v0.9.0

Compare Source

• Update dependency on hashbrown to 0.13.
• Change LruCache.map to hold a pointer, rather than owned LruEntry.

v7.1.2

Compare Source

Thanks

• @​joubs
• @​Fyko
• @​LoganDark
• @​darnuria
• @​jkugelman
• @​barower
• @​puzzlewolf
• @​epage
• @​cky
• @​wolthom
• @​w1ll-i-code

Changed

• documentation fixes
• tests fixes
• limit the initial capacity of the result vector of many_m_n to 64kiB
• bits parser now accept Parser implementors instead of only functions

Added

• implement Tuple parsing for the unit type as a special case
• implement ErrorConvert on the unit type to make it usable as error type for bits parsers
• bool parser for bits input

v1.17.0

Compare Source

• Add race::OnceRef for storing a &'a T.

v1.0.152

Compare Source

• Documentation improvements

v1.0.151

Compare Source

• Update serde::{ser,de}::StdError to re-export core::error::Error when serde is built with feature="std" off and feature="unstable" on (#​2344)

v1.0.150

Compare Source

• Relax some trait bounds from the Serialize impl of HashMap and BTreeMap (#​2334)
• Enable Serialize and Deserialize impls of std::sync::atomic types on more platforms (#​2337, thanks @​badboy)

v1.0.91

Compare Source

• Opt out of -Zrustdoc-scrape-examples on docs.rs for now

v1.0.90

Compare Source

• Documentation improvements

v0.9.16

Compare Source

• Opt out of -Zrustdoc-scrape-examples on docs.rs for now

v0.9.15

Compare Source

• Documentation improvements

v1.0.38

Compare Source

• Documentation improvements

v0.6.0

Compare Source

Added

• Added additional tests and examples
• Re-export tls engine crates as public modules.

Changed

• Increased default handshake timeout to 10 seconds (technically a breaking change)