• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from uuid's releases.

1.0.0

This release includes a huge amount of work from a lot of contributors. These notes are duplicated from 1.0.0-alpha.1 since they're relevant for anybody moving from 0.8.2 to 1.0.0.

Changes since the last release

https://github.com/uuid-rs/uuid/compare/0.8.2...main

Contributions since the last release

• #510
• #482
• #511
• #507
• #518
• #519
• #512
• #520
• #521
• #525
• #526
• #527
• #528
• #535
• #536
• #539
• #538
• #540
• #541
• #542
• #544
• #545
• #546
• #543
• #547
• #548
• #549
• #550
• #552
• #554
• #558
• #560
• #562
• #563
• #564
• #565
• #566
• #579
• #584
• #587
• #595

... (truncated)

• 9e0dc29 Merge pull request #596 from KodrAus/cargo/1.0.0
• 286134f prepare for 1.0.0 release
• 43905eb Merge pull request #595 from spruceid/remove-and
• 444ef96 Remove unnecessary AND
• 5f649d7 Merge pull request #592 from uuid-rs/KodrAus-patch-1
• 92ad25f update contact details in the CoC
• 767f519 Merge pull request #591 from uuid-rs/fix/macro-diagnostics
• 8b043af use the parsed literal as the span source for errors
• f0d5956 Merge pull request #587 from uuid-rs/feat/fast-sha1
• 165b7eb move to sha1_smol as the new name for the current library
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from env_logger's changelog.

0.10.0 - 2022-11-24

MSRV changed to 1.60 to hide optional dependencies

Fixes

• Resolved soundness issue by switching from atty to is-terminal

Breaking Changes

To open room for changing dependencies:

• Renamed termcolor feature to color
• Renamed atty feature to auto-color

0.9.3 - 2022-11-07

• Fix a regression from v0.9.2 where env_logger would fail to compile with the termcolor feature turned off.

0.9.2 - 2022-11-07

• Fix and un-deprecate Target::Pipe, which was basically not working at all before and deprecated in 0.9.1.

0.9.0 -- 2022-07-14

Breaking Changes

• Default message format now prints the target instead of the module

Improvements

• Added a method to print the module instead of the target

• ff029fa chore: Release
• 389cc52 docs: Fix changelog links
• 2979c4b docs: Update changelog
• 4c37917 Merge pull request #248 from epage/atty
• d55d269 style: Make clippy happy
• 066c219 fix: Replace atty with is_terminal
• 4db5e87 fix!: Rename termcolor/atty features
• 660cf7f fix: Bump MSRV to 1.60.0
• e572d04 Merge pull request #244 from epage/update
• f1ff331 docs: Fix typos
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github/codeql-action's changelog.

2.1.9 - 27 Apr 2022

• Add working-directory input to the autobuild action. #1024
• The analyze and upload-sarif actions will now wait up to 2 minutes for processing to complete after they have uploaded the results so they can report any processing errors that occurred. This behavior can be disabled by setting the wait-for-processing action input to "false". #1007
• Update default CodeQL bundle version to 2.9.0.
• Fix a bug where status reporting fails on Windows. #1042

2.1.8 - 08 Apr 2022

• Update default CodeQL bundle version to 2.8.5. #1014
• Fix error where the init action would fail due to a GitHub API request that was taking too long to complete #1025

2.1.7 - 05 Apr 2022

• A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. #1018

2.1.6 - 30 Mar 2022

• [v2+ only] The CodeQL Action now runs on Node.js v16. #1000
• Update default CodeQL bundle version to 2.8.4. #990
• Fix a bug where an invalid commit_oid was being sent to code scanning when a custom checkout path was being used. #956

• 3962f1b Bump glob from 7.1.7 to 8.0.1
• 9daf1de Update references to release branches
• bce749b Improve consistency of variable references in Bash
• fce4a01 Update the major version tag within the release process
• bac9320 Update description of "Tag release and merge back" workflow
• b3bf557 Merge branch 'main' into henrymercer/handle-merge-conflicts-in-releases
• f6312f1 Commit any conflicts during v1 backport to simplify release process
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/checkout's releases.

v3.0.0

• Updated to the node16 runtime by default
  • This requires a minimum Actions Runner version of v2.285.0 to run, which is by default available in GHES 3.4 or later.

v2.4.2

What's Changed

• Add set-safe-directory input to allow customers to take control. (#770) by @​TingluoHuang in actions/checkout#776
• Prepare changelog for v2.4.2. by @​TingluoHuang in actions/checkout#778

Full Changelog: https://github.com/actions/checkout/compare/v2...v2.4.2

v2.4.1

• Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

v2.4.0

• Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

v2.3.5

Update dependencies

v2.3.4

• Add missing awaits
• Swap to Environment Files

v2.3.3

• Remove Unneeded commit information from build logs
• Add Licensed to verify third party dependencies

v2.3.2

Add Third Party License Information to Dist Files

v2.3.1

Fix default branch resolution for .wiki and when using SSH

v2.3.0

Fallback to the default branch

v2.2.0

Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH

... (truncated)

Sourced from actions/checkout's changelog.

Changelog

v3.0.2

• Add input set-safe-directory

v3.0.1

• Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory
• Bumped various npm package versions

v3.0.0

• Update to node 16

v2.3.1

• Fix default branch resolution for .wiki and when using SSH

v2.3.0

• Fallback to the default branch

v2.2.0

• Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

• Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Do not pass cred on command line
• Add input persist-credentials
• Fallback to REST API to download repo

• 2541b12 Prepare changelog for v3.0.2. (#777)
• 0ffe6f9 Add set-safe-directory input to allow customers to take control. (#770)
• dcd71f6 Enforce safe directory (#762)
• add3486 Patch to fix the dependbot alert. (#744)
• 5126516 Bump minimist from 1.2.5 to 1.2.6 (#741)
• d50f8ea Add v3.0 release information to changelog (#740)
• 2d1c119 update test workflows to checkout v3 (#709)
• a12a394 update readme for v3 (#708)
• 8f9e05e Update to node 16 (#689)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from codacy/codacy-analysis-cli-action's releases.

Allow running Codacy Standalone tools

This release adds support for running Gosec, Clang-tidy, and many more standalone tools from the action.

Skip Uncommitted Changes

It's now possible to skip uncommitted changes using the flag --skip-uncommitted-files-check

Parallel mode runs now tools in parallel

Parallel mode was not working as intended. Now it spawns multiple Docker instances based on the parallelism level

Fix using the correct commit SHA on pull requests

Actions triggered on pull requests now send the reports for the correct commit SHA

Fix staticcheck flow that could change go.mod files

No release notes provided.

Fix standalone tools

Fixes scenario where gosec does not run leading to failure in the next standalone tools.

Add support for account API tokens

No release notes provided.

Fix SARIF output for tools that returns 0 startLine

No release notes provided.

Bump CLI version used in action

• Bump to CLI version to 5.1.4.
• Now, when exporting issues to SARIF it no longer downgrades issues' severities for security patterns.

• f386483 Merge pull request #74 from codacy/bump-cli
• b8681a5 bump: Bump CLI to 7.6.1 CY-5812
• 338d076 Merge pull request #73 from codacy/doc/upload-batch-size-description
• 3bf20e6 doc: Improve description for upload-batch-size
• 166037e Merge pull request #69 from codacy/fix/add-support-for-upload-batch-size-CY-5756
• 44a0029 Apply suggestions from code review
• 29e74c9 Merge pull request #71 from codacy/fix-readme-typos
• 966ddf8 Update action.yml
• 028de6e Merge pull request #70 from codacy/add-skip-uncommitted-files-check
• 4d04001 Update action.yml
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from base64's changelog.

0.20.0

Breaking changes

• Update MSRV to 1.57.0
• Decoding can now either ignore padding, require correct padding, or require no padding. The default is to require correct padding.
  • The NO_PAD config now requires that padding be absent when decoding.

0.20.0-alpha.1

Breaking changes

• Extended the Config concept into the Engine abstraction, allowing the user to pick different encoding / decoding implementations.
  • What was formerly the only algorithm is now the FastPortable engine, so named because it's portable (works on any CPU) and relatively fast.
  • This opens the door to a portable constant-time implementation (#153, presumably ConstantTimePortable?) for security-sensitive applications that need side-channel resistance, and CPU-specific SIMD implementations for more speed.
  • Standard base64 per the RFC is available via DEFAULT_ENGINE. To use different alphabets or other settings (padding, etc), create your own engine instance.
• CharacterSet is now Alphabet (per the RFC), and allows creating custom alphabets. The corresponding tables that were previously code-generated are now built dynamically.
• Since there are already multiple breaking changes, various functions are renamed to be more consistent and discoverable.
• MSRV is now 1.47.0 to allow various things to use const fn.
• DecoderReader now owns its inner reader, and can expose it via into_inner(). For symmetry, EncoderWriter can do the same with its writer.
• encoded_len is now public so you can size encode buffers precisely.

0.13.1

• More precise decode buffer sizing, avoiding unnecessary allocation in decode_config.

0.13.0

• Config methods are const
• Added EncoderStringWriter to allow encoding directly to a String
• EncoderWriter now owns its delegate writer rather than keeping a reference to it (though refs still work)
  • As a consequence, it is now possible to extract the delegate writer from an EncoderWriter via finish(), which returns Result<W> instead of Result<()>. If you were calling finish() explicitly, you will now need to use let _ = foo.finish() instead of just foo.finish() to avoid a warning about the unused value.
• When decoding input that has both an invalid length and an invalid symbol as the last byte, InvalidByte will be emitted instead of InvalidLength to make the problem more obvious.

0.12.2

• Add BinHex alphabet

0.12.1

• Add Bcrypt alphabet

0.12.0

• A Read implementation (DecoderReader) to let users transparently decoded data from a b64 input source
• IMAP's modified b64 alphabet
• Relaxed type restrictions to just AsRef<[ut8]> for main encode*/decode* functions
• A minor performance improvement in encoding

0.11.0

• Minimum rust version 1.34.0

... (truncated)

• 9fcde48 v0.20.0
• 68919ae Merge pull request #202 from marshallpierce/mp/edition-2021
• f58f441 Also updated fuzzers
• d86e8c8 Update to edition 2021
• 766fbc9 Merge pull request #198 from marshallpierce/mp/invalid-padding
• 250323c More fuzzer fixes
• bcbc669 Minor cleanup
• 604a3ca fix fuzzers
• 0996b81 Merge branch 'master' into mp/invalid-padding
• 442a809 Merge pull request #197 from marshallpierce/mp/update-msrv
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from Swatinem/rust-cache's releases.

v2.0.0

• The action code was refactored to allow for caching multiple workspaces and different target directory layouts.
• The working-directory and target-dir input options were replaced by a single workspaces option that has the form of $workspace -> $target.
• Support for considering env-vars as part of the cache key.
• The sharedKey input option was renamed to shared-key for consistency.

v1.4.0

• Clean both debug and release target directories.

v1.3.0

• Use Rust toolchain file as additional cache key.
• Allow for a configurable target-dir.

v1.2.0

• Cache ~/.cargo/bin.
• Support for custom $CARGO_HOME.
• Add a cache-hit output.
• Add a new sharedKey option that overrides the automatic job-name based key.

v1.1.0

• Add a new working-directory input.
• Support caching git dependencies.
• Lots of other improvements.

v1.0.1

• Improved logging output.
• Make sure to consider all-features dependencies when pruning.
• Work around macOS cache corruption.
• Remove git-db cache for now.

Sourced from Swatinem/rust-cache's changelog.

Changelog

2.2.0

• Add new save-if option to always restore, but only conditionally save the cache.

2.1.0

• Only hash Cargo.{lock,toml} files in the configured workspace directories.

2.0.2

• Avoid calling cargo metadata on pre-cleanup.
• Added prefix-key, cache-directories and cache-targets options.

2.0.1

• Primarily just updating dependencies to fix GitHub deprecation notices.

2.0.0

• The action code was refactored to allow for caching multiple workspaces and different target directory layouts.
• The working-directory and target-dir input options were replaced by a single workspaces option that has the form of $workspace -> $target.
• Support for considering env-vars as part of the cache key.
• The sharedKey input option was renamed to shared-key for consistency.

1.4.0

• Clean both debug and release target directories.

1.3.0

• Use Rust toolchain file as additional cache key.
• Allow for a configurable target-dir.

1.2.0

• Cache ~/.cargo/bin.
• Support for custom $CARGO_HOME.
• Add a cache-hit output.
• Add a new sharedKey option that overrides the automatic job-name based key.

1.1.0

• Add a new working-directory input.
• Support caching git dependencies.
• Lots of other improvements.

... (truncated)

• 359a70e 2.2.0
• ecee04e feat: add save-if option, closes #66 (#91)
• b894d59 2.1.0
• e78327d small code style improvements, README and CHANGELOG updates
• ccdddcc only hash Cargo.toml/Cargo.lock that belong to a configured workspace (#90)
• b5ec9ed 2.0.2
• 3f2513f avoid calling cargo metadata on pre-cleanup
• 19c4658 update dependencies
• b8e72aa Added prefix-key cache-directories and cache-targets options (#85)
• 22c9328 2.0.1
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 88a7deb aes-gcm-siv v0.11.1 (#464)
• 2f26128 aes-gcm v0.10.1 (#463)
• 91f4062 Fix rustdoc typos (#462)
• 19cd777 Include README.md in rustdoc (#461)
• 30219d9 Fix rustdoc documentation (#460)
• 2e629af xsalsa20poly1305 v0.9.0 (#459)
• 829f0df chacha20poly1305 v0.10.0 (#458)
• 2f1b9be aes-gcm-siv v0.11.0 (#457)
• dee96e7 aes-gcm v0.10.0 (#456)
• f9b0202 README.md(s): use crate badges from buildstats.info (#455)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)