Browse Source

Bump chrono from 0.4.19 to 0.4.20 (#2222)

Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.19 to 0.4.20.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p>
<blockquote>
<h2>0.4.20</h2>
<p>chrono is a date and time library for Rust and 0.4.20 is the first chrono release since Sep 2020. There has been a long hiatus since the previous maintainer was no longer able to spend much time on the crate; thanks to <a href="https://github.com/quodlibetor"><code>@​quodlibetor</code></a> for their stewardship of the chrono crate for many years! The new maintainers are <a href="https://github.com/djc"><code>@​djc</code></a> and <a href="https://github.com/esheppa"><code>@​esheppa</code></a>. Our first priority has been fixing the soundness issues with calls to <code>localtime_r()</code> as first reported in <a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/499">#499</a> and the <a href="https://rustsec.org/advisories/RUSTSEC-2020-0159">RUSTSEC-2020-0159 </a> advisory. In order to do this we adapted code from the tz-rs crate maintained by <a href="https://github.com/x-hgg-x"><code>@​x-hgg-x</code></a> for use within chrono -- thanks for working on that! With the new implementation, chrono uses safe Rust code to parse the timezone data files on Unix platforms directly instead of relying on libc.</p>
<p>Due to compatibility reasons, this release does not yet remove the time 0.1 dependency, though chrono 0.4.20 does not depend on the vulnerable parts of the time 0.1.x versions. In a future 0.5 release, we will remove the time dependency.</p>
<p>The minimum supported Rust version for 0.4.20 is 1.32.0, which is intentionally still quite conservative. If you are using chrono 0.4 with a Rust version older than 1.52, we'd like to hear from you since we'd like to further modernize the code base to ease maintenance.</p>
<h2>Fixes</h2>
<ul>
<li>Fix unsound call to <code>localtime_r()</code> by parsing timezone files in Rust on Unix (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/677">#677</a> and <a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/728">#728</a>)</li>
<li>Allow RFC 2822 parser to deal with comments (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/733">#733</a> then <a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/737">#737</a>, thanks to <a href="https://github.com/Finomnis"><code>@​Finomnis</code></a>)</li>
<li>Avoid panicking during parsing (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/686">#686</a>, thanks to <a href="https://github.com/botahamec"><code>@​botahamec</code></a>)</li>
<li>Avoid panics when rounding durations  (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/659">#659</a>, thanks to <a href="https://github.com/ARBaart"><code>@​ARBaart</code></a>)</li>
<li>Fix <code>Duration::abs()</code> behavior in case of negative durations with nanoseconds (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/734">#734</a>, thanks to <a href="https://github.com/abreis"><code>@​abreis</code></a>)</li>
</ul>
<h2>Additions</h2>
<ul>
<li>Make <code>ParserErrorKind</code> public and available through <code>ParseError::kind()</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/588">#588</a>, thanks to <a href="https://github.com/sbrocket"><code>@​sbrocket</code></a>)</li>
<li>Expose associated <code>MIN</code> and <code>MAX</code> const values in favor of free-standing consts (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/726">#726</a>)</li>
<li>Add (optional) support for rkyv (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/644">#644</a> and <a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/701">#701</a>, thanks to <a href="https://github.com/dovahcrow"><code>@​dovahcrow</code></a>)</li>
<li>Support month-based calculations against <code>NaiveDate</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/732">#732</a> with follow up in <a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/752">#752</a>, thanks to <a href="https://github.com/avantgardnerio"><code>@​avantgardnerio</code></a>)</li>
<li>Add <code>NaiveWeek</code> type to facilitate week-based calculations (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/666">#666</a>, thanks to <a href="https://github.com/sestrella"><code>@​sestrella</code></a>)</li>
<li>Add <code>NaiveDateTime::and_local_timezone()</code> method (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/711">#711</a>, thanks to <a href="https://github.com/botahamec"><code>@​botahamec</code></a>)</li>
<li>Add <code>DateTime::from_local()</code> method (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/572">#572</a>, thanks to <a href="https://github.com/retrhelo"><code>@​retrhelo</code></a>)</li>
<li>Extend serde integration for <code>NaiveDateTime</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/664">#664</a>, thanks to <a href="https://github.com/nickelc"><code>@​nickelc</code></a>)</li>
<li>Implement <code>DoubleEndedIterator</code> for <code>NaiveDateDaysIterator</code>/<code>NaiveDateWeeksIterator</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/697">#697</a>, thanks to <a href="https://github.com/teobouvard"><code>@​teobouvard</code></a>)</li>
<li>Implement <code>std::iter::Sum</code> for <code>Duration</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/522">#522</a>, thanks to <a href="https://github.com/jakevossen5"><code>@​jakevossen5</code></a>)</li>
<li>Add <code>years_since()</code> method to <code>DateTime</code>/<code>Date</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/557">#557</a> then <a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/707">#707</a>, thanks to <a href="https://github.com/yozhgoor"><code>@​yozhgoor</code></a>)</li>
<li>Implement <code>AddAssign</code>/<code>SubAssign</code> for <code>DateTime</code>/<code>Date</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/698">#698</a>, thanks to <a href="https://github.com/MrGunflame"><code>@​MrGunflame</code></a>)</li>
<li>Fix imports on WASM targets (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/672">#672</a>, thanks to <a href="https://github.com/danielalvsaaker"><code>@​danielalvsaaker</code></a>)</li>
<li>Implement std::error::Error for ParseWeekdayError (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/745">#745</a>)</li>
</ul>
<h2>Non-functional improvements</h2>
<ul>
<li>Improve CI to better exercise WASM targets (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/662">#662</a>, thanks to <a href="https://github.com/AmateurECE"><code>@​AmateurECE</code></a>)</li>
<li>More WASM testing improvements, enable dependencies by default (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/746">#746</a>)</li>
<li>Fix compiling for wasm32-unknown-emscripten target (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/568">#568</a>, thanks to <a href="https://github.com/orion78fr"><code>@​orion78fr</code></a>)</li>
<li>Use stub implementation for anything not unix and not windows (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/593">#593</a>, thanks to <a href="https://github.com/yu-re-ka"><code>@​yu-re-ka</code></a>)</li>
<li>Remove now unused libc dependency (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/710">#710</a>, thanks to <a href="https://github.com/metent"><code>@​metent</code></a>)</li>
<li>Clean up some clippy warnings (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/721">#721</a>, thanks to <a href="https://github.com/botahamec"><code>@​botahamec</code></a>)</li>
<li>Clarify documentation for <code>Utc::now()</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/647">#647</a>, thanks to <a href="https://github.com/ModProg"><code>@​ModProg</code></a>)</li>
<li>Clarify documentation for <code>DateTime::with_timezone()</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/747">#747</a>, thanks to <a href="https://github.com/kevincox"><code>@​kevincox</code></a>)</li>
<li>Improve examples for <code>naive</code> serde integration (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/616">#616</a>, thanks to <a href="https://github.com/nickelc"><code>@​nickelc</code></a>)</li>
<li>Clean up <code>extern crate</code> statements and outdated comments (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/665">#665</a>, thanks to <a href="https://github.com/nickelc"><code>@​nickelc</code></a>)</li>
<li>Fix typo in deprecation notice (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/744">#744</a>, thanks to <a href="https://github.com/Mike-Dax"><code>@​Mike-Dax</code></a>)</li>
<li>Fix some typos in documentation (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/680">#680</a> and <a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/695">#695</a>, thanks to <a href="https://github.com/cuishuang"><code>@​cuishuang</code></a> and <a href="https://github.com/fxredeemer"><code>@​fxredeemer</code></a>)</li>
<li>Implement caching for CI (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/609">#609</a>, thanks to <a href="https://github.com/Milo123459"><code>@​Milo123459</code></a>)</li>
</ul>
<h2>0.4.20-rc.1</h2>
<p>0.4.20 is the first chrono release since Sep 2020. There has been a long hiatus since the previous maintainer was no longer able to spend much time on the crate; thanks to <a href="https://github.com/quodlibetor"><code>@​quodlibetor</code></a> for their stewardship of the chrono crate for many years! The new maintainers are <a href="https://github.com/djc"><code>@​djc</code></a> and <a href="https://github.com/esheppa"><code>@​esheppa</code></a>. Our first priority has been fixing the soundness issues with calls to <code>localtime_r()</code> as first reported in <a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/499">#499</a> and the <a href="https://rustsec.org/advisories/RUSTSEC-2020-0159">RUSTSEC-2020-0159 </a> advisory. In order to do this we adapted code from the tz-rs crate maintained by <a href="https://github.com/x-hgg-x"><code>@​x-hgg-x</code></a> for use within chrono -- thanks for working on that! With the new implementation, chrono uses safe Rust code to parse the timezone data files on Unix platforms directly instead of relying on libc.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/chronotope/chrono/blob/main/CHANGELOG.md">chrono's changelog</a>.</em></p>
<blockquote>
<h2>0.4.20 (unreleased)</h2>
<ul>
<li>Add more formatting documentation and examples.</li>
<li>Add support for microseconds timestamps serde serialization/deserialization (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/304">#304</a>)</li>
<li>Fix <code>DurationRound</code> is not TZ aware (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/495">#495</a>)</li>
<li>Implement <code>DurationRound</code> for <code>NaiveDateTime</code></li>
<li>Implement <code>std::iter::Sum</code> for <code>Duration</code></li>
<li>Add <code>DateTime::from_local()</code> to construct from given local date and time (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/572">#572</a>)</li>
<li>Add a function that calculates the number of years elapsed between now and a given <code>Date</code> or <code>DateTime</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/557">#557</a>)</li>
<li>Correct build for wasm32-unknown-emscripten target (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/568">#568</a>)</li>
<li>Change <code>Local::now()</code> and <code>Utc::now()</code> documentation from &quot;current date&quot; to &quot;current date and time&quot; (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/647">#647</a>)</li>
<li>Fix <code>duration_round</code> panic on rounding by <code>Duration::zero()</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/658">#658</a>)</li>
<li>Add optional rkyv support.</li>
<li>Add support for microseconds timestamps serde serialization for <code>NaiveDateTime</code>.</li>
<li>Add support for optional timestamps serde serialization for <code>NaiveDateTime</code>.</li>
<li>Fix build for wasm32-unknown-emscripten (<a href="https://github.com/yu-re-ka"><code>@​yu-re-ka</code></a> <a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/593">#593</a>)</li>
<li>Make <code>ParseErrorKind</code> public and available through <code>ParseError::kind()</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/588">#588</a>)</li>
<li>Implement <code>DoubleEndedIterator</code> for <code>NaiveDateDaysIterator</code> and <code>NaiveDateWeeksIterator</code></li>
<li>Fix panicking when parsing a <code>DateTime</code> (<a href="https://github.com/botahamec"><code>@​botahamec</code></a>)</li>
<li>Add support for getting week bounds based on a specific <code>NaiveDate</code> and a <code>Weekday</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/666">#666</a>)</li>
<li>Remove libc dependency from Cargo.toml.</li>
<li>Add the <code>and_local_timezone</code> method to <code>NaiveDateTime</code></li>
<li>Fix the behavior of <code>Duration::abs()</code> for negative durations with non-zero nanos</li>
<li>Add compatibility with rfc2822 comments (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/733">#733</a>)</li>
<li>Make <code>js-sys</code> and <code>wasm-bindgen</code> enabled by default when target is <code>wasm32-unknown-unknown</code> for ease of API discovery</li>
<li>Add the <code>Months</code> struct and associated <code>Add</code> and <code>Sub</code> impls</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="0b7feacb54"><code>0b7feac</code></a> Clean up some unreachable_pub warnings</li>
<li><a href="65f1f2e588"><code>65f1f2e</code></a> Bump version to 0.4.20</li>
<li><a href="bd3b48d1a9"><code>bd3b48d</code></a> Revise Months API</li>
<li><a href="ab688c384f"><code>ab688c3</code></a> Implement <code>Add\&lt;Months&gt;</code> and <code>Sub\&lt;Months&gt;</code> for <code>NaiveDate</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/731">#731</a>)</li>
<li><a href="782f904375"><code>782f904</code></a> Clarify docs for <code>DateTime::with_timezone</code></li>
<li><a href="27c05589ac"><code>27c0558</code></a> dont use stub.rs when wasmbind feature is enabled</li>
<li><a href="56f80e4366"><code>56f80e4</code></a> run on all branches and also for changes in the ci folder</li>
<li><a href="353f1795b6"><code>353f179</code></a> Implement std::error::Error for ParseWeekdayError</li>
<li><a href="309cbeb054"><code>309cbeb</code></a> Fixed typo in deprecation notice</li>
<li><a href="26e231af33"><code>26e231a</code></a> Bump version to 0.4.20-rc.1</li>
<li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.19...v0.4.20">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chrono&package-manager=cargo&previous-version=0.4.19&new-version=0.4.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
pull/2224/head
dependabot[bot] 2 years ago
parent
commit
a1f52ef51d
  1. 7
      Cargo.lock
  2. 2
      boa_engine/Cargo.toml

7
Cargo.lock generated

@ -232,14 +232,15 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
[[package]] [[package]]
name = "chrono" name = "chrono"
version = "0.4.19" version = "0.4.20"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "670ad68c9088c2a963aaa298cb369688cf3f9465ce5e2d4ca10e6e0098a1ce73" checksum = "6127248204b9aba09a362f6c930ef6a78f2c1b2215f8a7b398c06e1083f17af0"
dependencies = [ dependencies = [
"libc", "js-sys",
"num-integer", "num-integer",
"num-traits", "num-traits",
"time", "time",
"wasm-bindgen",
"winapi", "winapi",
] ]

2
boa_engine/Cargo.toml

@ -44,7 +44,7 @@ num-integer = "0.1.45"
bitflags = "1.3.2" bitflags = "1.3.2"
indexmap = "1.9.1" indexmap = "1.9.1"
ryu-js = "0.2.2" ryu-js = "0.2.2"
chrono = "0.4.19" chrono = "0.4.20"
fast-float = "0.2.0" fast-float = "0.2.0"
unicode-normalization = "0.1.21" unicode-normalization = "0.1.21"
dyn-clone = "1.0.9" dyn-clone = "1.0.9"

Loading…
Cancel
Save