Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump shlex 1.3 to reduce escaping concerns #1493

Merged

Conversation

workingjubilee
Copy link
Member

No description provided.

@workingjubilee workingjubilee merged commit 9bb470c into pgcentralfoundation:develop Jan 25, 2024
8 checks passed
workingjubilee added a commit that referenced this pull request Jan 25, 2024
The pgrx 0.11.3 release addresses a few UB risks in pgrx, updates its
dependencies on many points, and includes many additional headers. It
should also now be easier to use cargo-pgrx on more-complicated network
configurations.

## New Bindings!

New bindings added thanks to
- @burmecia in #1432
- @daamien in
  - #1431
  - #1485
- @rebasedming in #1486
- @usamoi in #1436
- @workingjubilee in
#1453

## "...wait, that's UB?"

Two UB fixes!
- Thanks to @Lokathor in
#1443
- Thanks to @usamoi in
#1466

## Ergonomics

- A better `ereport!` macro in
#1472

## Less transport-level security problems in cargo-pgrx

- We no longer secretly require rustls! Thanks to @jirutka in
#1448
- We now use native certs if possible, even with rustls, since
#1449

Together these should mean it's possible to actually use cargo-pgrx on
whatever your network configuration is, but you might have to use `cargo
install --no-default-features --features native-tls` to install with
native-tls (which, on Linux, means OpenSSL). By default, you will use
rustls.

## Many dependency updates

These address some largely-hypothetical security risks, but one is
particularly important: the bindgen update means we now should be
compatible with some aarch64 builds that might have failed.

- #1492
- #1493
- #1494
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant