From 93a40c1c643873ca3199a8cb2a6f29f0ca5bab68 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Apr 2024 18:08:31 -0600
Subject: chore(deps): bump rustls from 0.21.10 to 0.21.11 (#23464)
Bumps [rustls](https://github.com/rustls/rustls) from 0.21.10 to
0.21.11.
Commits
7b8d1db
Prepare 0.21.11ebcb478
complete_io: bail out if progress is impossible20f35df
Regression test for complete_io infinite loop bug2f2aae1
Don't specially handle unauthenticated close_notify alertse163587
Don't deny warnings from nightly clippy9f86487
server::handy: fix new nightly clippy lint7e0e8ab
Correct assorted clippy warnings in test code3587d98
Apply clippy suggestions from Rust 1.72d082e83
Address clippy::redundant_static_lifetimes5e7a06c
Address clippy::slow_vector_initialization- Additional commits viewable in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/denoland/deno/network/alerts).
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Cargo.lock | 4 ++--
Cargo.toml | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
index b45a76591..c6748e5b4 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -5394,9 +5394,9 @@ dependencies = [
[[package]]
name = "rustls"
-version = "0.21.10"
+version = "0.21.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f9d5a6813c0759e4609cd494e8e725babae6a2ca7b62a5536a13daaec6fcb7ba"
+checksum = "7fecbfb7b1444f477b345853b1fce097a2c6fb637b2bfb87e6bc5db0f043fae4"
dependencies = [
"log",
"ring",
diff --git a/Cargo.toml b/Cargo.toml
index 3f99ec9fd..ef8353a2f 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -148,7 +148,7 @@ regex = "^1.7.0"
reqwest = { version = "=0.11.20", default-features = false, features = ["rustls-tls", "stream", "gzip", "brotli", "socks", "json"] } # pinned because of https://github.com/seanmonstar/reqwest/pull/1955
ring = "^0.17.0"
rusqlite = { version = "=0.29.0", features = ["unlock_notify", "bundled"] }
-rustls = "0.21.8"
+rustls = "0.21.11"
rustls-pemfile = "1.0.0"
rustls-tokio-stream = "=0.2.17"
rustls-webpki = "0.101.4"
--
cgit v1.2.3