prod(deps): bump tempfile from 3.8.0 to 3.10.1 in /gui #26

dependabot · 2024-02-27T18:41:30Z

Bumps tempfile from 3.8.0 to 3.10.1.

Changelog

3.10.1

Handle potential integer overflows in 32-bit systems when seeking/truncating "spooled" temporary files past 4GiB (2³²).

Handle a theoretical 32-bit overflow when generating a temporary file name larger than 4GiB. Now it'll panic (on allocation failure) rather than silently succeeding due to wraparound.

Thanks to @stoeckmann for finding and fixing both of these issues.

3.10.0

Drop redox_syscall dependency, we now use rustix for Redox.

Add Builder::permissions for setting the permissions on temporary files and directories (thanks to @Byron).

Update rustix to 0.38.31.

Update fastrand to 2.0.1.

3.9.0

Updates windows-sys to 0.52

Updates minimum rustix version to 0.38.25

3.8.1

Update rustix to fix a potential panic on persist_noclobber on android.

Update redox_syscall to 0.4 (on redox).

Fix some docs typos.

Commits

094c115 chore: release 3.10.1
56c5934 Fix integer overflows and truncation (#278)
5a949d6 chore: 2021 edition (#276)
61531ea chore: release v3.10.0
e246c4a chore: update deps (#275)
4a05e47 feat: Add Builder::permissions() method. (#273)
184ab8f fix: drop redox_syscall dependency (#272)
fb313e0 chore: release 3.9.0
709a62a Update windows-sys 0.52 (#265)
21c639e chore: release 3.8.1
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.8.0 to 3.10.1. - [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md) - [Commits](Stebalien/tempfile@v3.8.0...v3.10.1) --- updated-dependencies: - dependency-name: tempfile dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Feb 27, 2024

dependabot bot mentioned this pull request Feb 27, 2024

prod(deps): bump tempfile from 3.8.0 to 3.10.0 in /gui #24

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

prod(deps): bump tempfile from 3.8.0 to 3.10.1 in /gui #26

prod(deps): bump tempfile from 3.8.0 to 3.10.1 in /gui #26

Uh oh!

dependabot bot commented on behalf of github Feb 27, 2024

Uh oh!

Uh oh!

prod(deps): bump tempfile from 3.8.0 to 3.10.1 in /gui #26

Are you sure you want to change the base?

prod(deps): bump tempfile from 3.8.0 to 3.10.1 in /gui #26

Uh oh!

Conversation

dependabot bot commented on behalf of github Feb 27, 2024

3.10.1

3.10.0

3.9.0

3.8.1

Uh oh!

Uh oh!