Bump rustls from 0.23.14 to 0.23.18 #6641

dependabot · 2024-11-25T17:03:41Z

Bumps rustls from 0.23.14 to 0.23.18.

Commits

33af2c3 Prepare 0.23.18
ffe646d Add reproducer for bug 2227
69b6f74 Record and restore the processed cursor in first_handshake_message
4ef3532 Upgrade to mio 1
092a164 Manage dependencies via the workspace
a01bd6b rustls-bench: fix warnings with no features
7d74de2 tests: linearize new test code helper
499d797 fix: do not send session_ticket(35) extension for TLS 1.3
faca289 chore(deps): lock file maintenance
d12f423 fix(deps): update rust crate asn1 to 0.20
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [rustls](https://github.com/rustls/rustls) from 0.23.14 to 0.23.18. - [Release notes](https://github.com/rustls/rustls/releases) - [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md) - [Commits](rustls/rustls@v/0.23.14...v/0.23.18) --- updated-dependencies: - dependency-name: rustls dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [rustls](https://github.com/rustls/rustls) from 0.23.14 to 0.23.18. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rustls/rustls/commit/33af2c38b0f1e4abf44d59d5b74ccf12f5cf5e56"><code>33af2c3</code></a> Prepare 0.23.18</li> <li><a href="https://github.com/rustls/rustls/commit/ffe646d1ff07d3e1d9f009daadd94228d462425d"><code>ffe646d</code></a> Add reproducer for bug 2227</li> <li><a href="https://github.com/rustls/rustls/commit/69b6f7473a7ae096a9cf9e2d6eb3cd8b22743597"><code>69b6f74</code></a> Record and restore the processed cursor in first_handshake_message</li> <li><a href="https://github.com/rustls/rustls/commit/4ef3532cf2fceda9fdd19947f871adf7020d0b49"><code>4ef3532</code></a> Upgrade to mio 1</li> <li><a href="https://github.com/rustls/rustls/commit/092a16427e81e58ecd6bcfdacc0b49f02bad8db3"><code>092a164</code></a> Manage dependencies via the workspace</li> <li><a href="https://github.com/rustls/rustls/commit/a01bd6bcb536c6cdd490942b0eae2903abcfcab3"><code>a01bd6b</code></a> rustls-bench: fix warnings with no features</li> <li><a href="https://github.com/rustls/rustls/commit/7d74de2c1bdf265531036f50abd3fc04df8c148a"><code>7d74de2</code></a> tests: linearize new test code helper</li> <li><a href="https://github.com/rustls/rustls/commit/499d797b267e0b548fef5225b044b99fc215a8ff"><code>499d797</code></a> fix: do not send session_ticket(35) extension for TLS 1.3</li> <li><a href="https://github.com/rustls/rustls/commit/faca28904efcb3b5a4a5f05be8e03374bf5086df"><code>faca289</code></a> chore(deps): lock file maintenance</li> <li><a href="https://github.com/rustls/rustls/commit/d12f42385c2da74e1ec16826af68d17a13101152"><code>d12f423</code></a> fix(deps): update rust crate asn1 to 0.20</li> <li>Additional commits viewable in <a href="https://github.com/rustls/rustls/compare/v/0.23.14...v/0.23.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rustls&package-manager=cargo&previous-version=0.23.14&new-version=0.23.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/paritytech/polkadot-sdk/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot added A1-insubstantial Pull request requires no code review (e.g., a sub-repository hash update). R0-silent Changes should not be mentioned in any release notes labels Nov 25, 2024

bkchr approved these changes Nov 25, 2024

View reviewed changes

bkchr requested a review from a team November 25, 2024 21:06

bkchr enabled auto-merge November 25, 2024 21:06

lexnv approved these changes Nov 26, 2024

View reviewed changes

bkchr added this pull request to the merge queue Nov 26, 2024

Merged via the queue into master with commit 86a917f Nov 26, 2024
200 of 208 checks passed

bkchr deleted the dependabot/cargo/rustls-0.23.18 branch November 26, 2024 09:41

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump rustls from 0.23.14 to 0.23.18 #6641

Bump rustls from 0.23.14 to 0.23.18 #6641

dependabot bot commented on behalf of github Nov 25, 2024

Bump rustls from 0.23.14 to 0.23.18 #6641

Bump rustls from 0.23.14 to 0.23.18 #6641

Conversation

dependabot bot commented on behalf of github Nov 25, 2024