build: take targeted dependency updates (#93)

reubeno · Jun 24, 2024 · d03d724 · d03d724
1 parent ce91eae
commit d03d724
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 32 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -8,6 +8,13 @@ updates:
       github-actions:
         patterns:
           - "*"
+    ignore:
+      # For now, ignore updates to clap/assert_cmd to avoid requiring an MSRV update.
+      # Once we're okay bumping past 1.72.0, then we should remove these lines.
+      # Until then, we should carefully review upstream changes for these dependencies
+      # to identify any critical issues.
+      - dependency-name: "clap"
+      - dependency-name: "assert_cmd"
 
   - package-ecosystem: "cargo"
     directory: "/"

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/brush-core/Cargo.toml b/brush-core/Cargo.toml
@@ -27,7 +27,7 @@ fancy-regex = "0.13.0"
 futures = "0.3.30"
 hostname = "0.4.0"
 itertools = "0.13.0"
-lazy_static = "1.4.0"
+lazy_static = "1.5.0"
 os_pipe = { version = "1.1.5", features = ["io_safety"] }
 rand = "0.8.5"
 thiserror = "1.0.61"