Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump secret-service from 2.0.2 to 3.0.1 #603

Merged
merged 3 commits into from
Feb 20, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 20, 2023

Bumps secret-service from 2.0.2 to 3.0.1.

Release notes

Sourced from secret-service's releases.

v3.0.1

  • Fix docs.rs builds

v3.0.0

  • Updated dependencies where reasonable
  • It is now possible to choose between RustCrypto and OpenSSL cryptography providers with feature flags.
  • Bumped MSRV to 1.60
  • BREAKING: Updated to zbus 3.0. This changes error types and public path fields.
  • BREAKING: The types exported from the crate root are now entirely async. Blocking functions have been moved into the blocking module.
  • BREAKING: Error::Crypto now contains a &'static str instead of a String.
  • BREAKING: SecretService::search_items now takes a HashMap<&str, &str> instead of Vec<(&str, &str)> for the attributes.
  • BREAKING: The SecretService::new() method was renamed to SecretService::connect() to be more accurate.
  • BREAKING: Error is now marked as #[non_exhaustive] to allow for additions to be made more easily in the future.
  • BREAKING: Several dead error variants were pruned.
  • BREAKING: search_items now returns both locked and unlocked items. If an unlocked item isn't present in the list, it must be unlocked manually.
  • BREAKING: It is now required to choose a feature set in order to use the crate. See the README for more details.
Changelog

Sourced from secret-service's changelog.

Unreleased

[3.0.1]

  • Fix docs.rs builds

[3.0.0]

  • Updated dependencies where reasonable
  • Bumped MSRV to 1.60
  • BREAKING: Updated to zbus 3.0. This changes error types and public path fields.
  • BREAKING: The types exported from the crate root are now entirely async. Blocking functions have been moved into the blocking module.
  • BREAKING: Error::Crypto now contains a &'static str instead of a String.
  • BREAKING: SecretService::search_items now takes a HashMap<&str, &str> instead of Vec<(&str, &str)> for the attributes.
  • BREAKING: The SecretService::new() method was renamed to SecretService::connect() to be more accurate.
  • BREAKING: Error is now marked as #[non_exhaustive] to allow for additions to be made more easily in the future.
  • BREAKING: Several dead error variants were pruned.
  • BREAKING: search_items now returns both locked and unlocked items. If an unlocked item isn't present in the list, it must be unlocked manually.
  • BREAKING: It is now required to choose a feature set in order to use the crate. See the README for more details.

[2.0.2]

  • Increased minimum zbus version to 1.9.2, in order to increase the minimum version of the transitive dependency nix to at least 0.20.2, which is the first nix release to contain the fix for the security vulnerability described at https://rustsec.org/advisories/RUSTSEC-2021-0119 . A known issue with this version of nix is that it places an upper bound on the version of the bitflags dependency; if you are depending on bitflags, you may need to downgrade your bitflags version in order to upgrade to this version of secret-service, which you are encouraged to do in order to ensure that you are not exposed to the aforementioned nix vulnerability. In the long term, this will be fixed by upgrading secret-service to use a newer version of zbus, which itself depends on versions of nix which no longer have this restriction on bitflags.

[2.0.1]

  • Updated crate's Rustdoc link

[2.0.0]

  • dbus replaced by zbus, PURE RUST!
  • update to 2018 edition
  • BREAKING: SsError renamed to Error
  • BREAKING: variants added to Error
  • BREAKING: attributes are now HashMap<&str, &str> or HashMap<String, String> instead of Vec<(&str, &str)>. Not sure why I decided this way back when, but it could cause unexpected behavior for user: when the Vec was transformed to HashMap internally, tuples could be lost if the keys were the same.
  • BREAKING: Collection::new and Item::new are now private (although I don't think it was possible to use them anyways)

1.1.3

  • update deps

1.1.2

  • update rand

[1.1.1]

  • update deps

[1.1.0]

  • Fix, get_collection_* returns Error::NoResult when doesn't exist
  • udpate hkdf to 0.8

[1.0.0]

  • switch from rust-crypto to RustCrypto
  • remove gmp dep for powm
  • update rand and num

... (truncated)

Commits
  • 9ed2f55 Release 3.0.1
  • e380c2b Supply feature set to docs.rs during builds
  • 67bc1d0 Release 3.0.0
  • 629d637 Add default service information to all proxy macro builders
  • 0abaa2c Raise minimum zbus version to 3.7
  • b2d1a38 Remove unused session module
  • 82e910c Address latest stable Rust's clippy lints
  • d8e604b Add documentation about runtime feature sets
  • 9602c50 Fix attribute roundtrip tests
  • d31cc9f Fix example CI
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [secret-service](https://github.com/hwchen/secret-service-rs) from 2.0.2 to 3.0.1.
- [Release notes](https://github.com/hwchen/secret-service-rs/releases)
- [Changelog](https://github.com/hwchen/secret-service-rs/blob/master/CHANGELOG.md)
- [Commits](hwchen/secret-service-rs@v2.0.2...v3.0.1)

---
updated-dependencies:
- dependency-name: secret-service
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 20, 2023
@xou816 xou816 merged commit 4b390a2 into development Feb 20, 2023
@xou816 xou816 deleted the dependabot/cargo/secret-service-3.0.1 branch February 20, 2023 20:29
@samsapti
Copy link

@xou816 you bumped it to 3.0.0 instead of 3.0.1. I don't know if it was on purpose, I just wanted to let you know.

@xou816
Copy link
Owner

xou816 commented Feb 22, 2023

right thanks! doesnt seem to be an important release tahnkfully, will update it eventually!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants