Tracking issue for updating dependencies #1265
Comments
|
@jtgeibel I think we should chat about a plan for this. Want to ping me on gitter and set up a call? |
|
@sgrif yeah that sounds good to me. I've just created a gitter account and will reach out to you there. |
carols10cents
added
C-internal 🔧
Update itertools to 0.7.0 and log to 0.4 This PR updates dependency crates `itertools` to 0.7.0 and `log` to 0.4. Ref. #1265
The latest version of `comrak` requires an explicit opt-in to produce unsanitized output (the previous default). We already sanitize the output with `ammonia` and `comrak`'s sanitized output is too restrictive, causing 5 tests to fail. Refs: rust-lang#1265
The latest version of `comrak` requires an explicit opt-in to produce unsanitized output (the previous default). We already sanitize the output with `ammonia` and `comrak`'s sanitized output is too restrictive, causing 5 tests to fail. Refs: rust-lang#1265
Update to the latest `comrak` and `ammonia` for processing markdown The latest version of `comrak` requires an explicit opt-in to produce unsanitized output (the previous default). We already sanitize the output with `ammonia` and `comrak`'s sanitized output is too restrictive, causing 5 tests to fail. Refs: #1265
I have several local branches updating dependencies and addressing any breaking changes (towards closing out rust-lang#1265). I'd like to avoid lockfile merge conflicts between those branches so I'm bumping all semver compatible versions in this PR. I'd like to let this bake in production for at least a few days before opening PRs bumping major versions in `Cargo.toml`. If this approach is too aggressive, or needs to be reverted, I can open the other PRs more serially and look into breaking this upgrade into smaller pieces.
Run `cargo update` I have several local branches updating dependencies and addressing any breaking changes (towards closing out #1265). I'd like to avoid lockfile merge conflicts between those branches so I'm bumping all semver compatible versions in this PR. I'd like to let this bake in production for at least a few days before opening PRs bumping major versions in `Cargo.toml`. If this approach is too aggressive, or needs to be reverted, I can open the other PRs more serially and look into breaking this upgrade into smaller pieces.
Docopt is only used directly in the `render_readme` binary, though this does transitively update some crates that are used in production. Refs rust-lang#1265, rust-lang#1805
Docopt is only used directly in the `render_readme` binary, though this does transitively update some crates that are used in production. Refs rust-lang#1265, rust-lang#1805
Background threads are now enabled for all artifacts by enabling the `background_threads` feature. Reviewing `jemalloc-sys` shows the underlying `jemalloc` version remains unchanged at 5.1, so this is not expected to affect runtime behavior in production. Refs: rust-lang#1265
Upgrade `jemallocator` Background threads are now enabled for all artifacts by enabling the `background_threads` feature. Reviewing `jemalloc-sys` shows the underlying `jemalloc` version remains unchanged at 5.1, so this is not expected to affect runtime behavior in production. Refs: #1265
Update handlebars to 3.0.1 Update handlebars to 3.0.1 ([changelog](https://github.com/sunng87/handlebars-rust/blob/master/CHANGELOG.md)). cc #1265 Output: ```text Updating handlebars v2.0.1 -> v3.0.1 Removing hashbrown v0.5.0 Updating quick-error v1.2.2 -> v1.2.3 Removing same-file v1.0.5 Removing walkdir v2.2.9 ``` r? @jtgeibel
JohnTitor
added
the
C-tracking-issue
|
I'm going to close this as effectively complete after 2+ years! The only remaining update is for There is a bit more work to do to incrementally |
|
Hooray!!!! Would we be able to and want to enable dependabot for Rust deps now? |
Very soon I hope! We just need to do a For instance we did a |
Bump to comrak 0.7 r? @JohnTitor cc #1265
API Changes
These require code changes to address API changes.
tar- a80193eopensslpart 1 - b4fc94fopensslpart 2 - 8036a78hyper- Update to new hyper API and runcargo update#1289flate2- bd0cd6denvlogger- ac9d73dhex- dccee42lettre- 822735eoauth2- Bump to oauth2:2.0.0 #1842jemallocandjemalloc-ctl- to 0.3.2 - Upgradejemallocator#1953 and Disable the background_threads jemallocator feature #1956cookie- 0.11 to 0.12, will also need to upstream a change toconduit-cookieBump to alpha releases of conduit-* crates #2208dotenv- 0.11 to 0.15 - Update chrono, dotenv, num-*, migrations_macros, and derive_deref #1917hex- 0.3 to 0.4 Update hex to 0.4 #2256Version bump
These should just be a version bump in
Cargo.toml.url- 1.7 to 2.1 (needs to wait for newer oauth2 3.0 alpha)comrak- 0.4 to 0.7 - Bump to comrak 0.7 #2513dotenv- 0.10 to 0.11 - Bump dotenv #1391itertools- 0.6 to 0.7base64- 0.6 to 0.9log- 0.3 to 0.4comrak- 0.2 to 0.4 Update to the latestcomrakandammoniafor processing markdown #1664ammonia- 1.0 to 2.0 Update to the latestcomrakandammoniafor processing markdown #1664git2- 0.6 to 0.8 Bumpgit2and remove dependency oncmake#1663env_logger- 0.5 to 0.7 - Updateenv_loggerto 0.7 #2236docopt- 0.8 to 1.1 Bump docopt 0.8 -> 1.1.0 #1812toml- 0.4 to 0.5 Updatetomlto 0.5 #2430git2- 0.8 to 0.13 Updategit2to 0.13 #2467ammonia- 2.0 to 3.0 - Ammonia 3.0 upgrade #1876rand- 0.6 to 0.7 - Bump to rand 0.7 #2512base64- 0.9 to 0.11 (also bump in s3) Bump to alpha releases of conduit-* crates #2208parking_lot- 0.7 to 0.10 - Updateparking_lotto 0.10 #2223handlebars- 2 to 3 Update handlebars to 3.0.1 #2259External
conduit-git-http-backendWe could switch to
libflatehowever it is no longer pulled in byreqwestby default and we've consolidated on a single version offlate2so this isn't a priority.flate21.0 - Bump to alpha releases of conduit-* crates #2208conduit-cookiebase64- we can bump to 0.11 insrc/s3, but the old version is still pulled in and it would be nice to land Bump the version of base64 from 0.6 to 0.11 conduit-rust/conduit-cookie#6 - Bump to alpha releases of conduit-* crates #2208cookie- from 0.11 to 0.12 - Bump to alpha releases of conduit-* crates #2208ring- from 0.13 to 0.14 - Bump to alpha releases of conduit-* crates #2208ring- from 0.14 to 0.16The text was updated successfully, but these errors were encountered: