Bumps [serde](https://github.com/serde-rs/serde) from 1.0.147 to 1.0.148.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/serde-rs/serde/releases">serde's releases</a>.</em></p>
<blockquote>
<h2>v1.0.148</h2>
<ul>
<li>Support <code>remote</code> derive for generic types that have private fields (<a href="https://github-redirect.dependabot.com/serde-rs/serde/issues/2327">#2327</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="7766103174"><code>7766103</code></a> Release 1.0.148</li>
<li><a href="30f7c7110d"><code>30f7c71</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/serde/issues/2331">#2331</a> from dtolnay/remote</li>
<li><a href="50354c2d0b"><code>50354c2</code></a> Improve error message on remote derive duplicate generics</li>
<li><a href="c4f67e679f"><code>c4f67e6</code></a> Add ui test of duplicate generics in remote derive</li>
<li><a href="0daafe423f"><code>0daafe4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/serde/issues/2330">#2330</a> from dtolnay/remote</li>
<li><a href="37021910c9"><code>3702191</code></a> Fix Into conversion involving generic remote derive with getter</li>
<li><a href="7328b34810"><code>7328b34</code></a> Add test of generic remote derive with getter</li>
<li><a href="fabbd2b097"><code>fabbd2b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/serde/issues/2329">#2329</a> from dtolnay/safety</li>
<li><a href="6814f978d7"><code>6814f97</code></a> Revert Buf::as_str safety change from PR 2319</li>
<li><a href="4ea403c54a"><code>4ea403c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/serde/issues/2328">#2328</a> from dtolnay/remote</li>
<li>Additional commits viewable in <a href="https://github.com/serde-rs/serde/compare/v1.0.147...v1.0.148">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.103 to 1.0.104.
<details>
<summary>Commits</summary>
<ul>
<li><a href="78fa618e96"><code>78fa618</code></a> Release 1.0.104</li>
<li><a href="e054b03a3b"><code>e054b03</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/dtolnay/syn/issues/1244">#1244</a> from dtolnay/isnone</li>
<li><a href="3a0406db04"><code>3a0406d</code></a> Make PathArguments::is_none() public</li>
<li><a href="ac1dbf5d85"><code>ac1dbf5</code></a> Time out workflows after 45 minutes</li>
<li><a href="f510eb0ba9"><code>f510eb0</code></a> Update test suite to nightly-2022-11-25</li>
<li><a href="20087fc51c"><code>20087fc</code></a> Update test suite to nightly-2022-11-24</li>
<li><a href="dbc86fe1ed"><code>dbc86fe</code></a> Suppress "emit":"dep-info" json from syn-test-suite-feature-check</li>
<li><a href="1e8227295e"><code>1e82272</code></a> Fix renamed let_underscore_drop lint</li>
<li><a href="754236dbe6"><code>754236d</code></a> Update test suite to nightly-2022-11-23</li>
<li><a href="4245c41f22"><code>4245c41</code></a> Update test suite to nightly-2022-11-19</li>
<li>Additional commits viewable in <a href="https://github.com/dtolnay/syn/compare/1.0.103...1.0.104">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [clap](https://github.com/clap-rs/clap) from 4.0.26 to 4.0.27.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p>
<blockquote>
<h2>[4.0.27] - 2022-11-24</h2>
<h3>Features</h3>
<ul>
<li>Have <code>Arg::value_parser</code> accept <code>Vec<impl Into<PossibleValue>></code></li>
<li>Implement <code>Display</code> and <code>FromStr</code> for <code>ColorChoice</code></li>
</ul>
<h3>Fixes</h3>
<ul>
<li>Remove soundness issue by switching from <code>atty</code> to <code>is-terminal</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="3262016c26"><code>3262016</code></a> chore: Release</li>
<li><a href="757f95b2e9"><code>757f95b</code></a> docs: Update changelog</li>
<li><a href="20e02eb34e"><code>20e02eb</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4509">#4509</a> from epage/possible</li>
<li><a href="fb1d960fe2"><code>fb1d960</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4249">#4249</a> from jcgruenhage/replace-atty</li>
<li><a href="94aca92e44"><code>94aca92</code></a> feat: Create ValueParser from Vec<PossibleValue></li>
<li><a href="3bccfced1a"><code>3bccfce</code></a> docs: Clarify PossibleValue is likely not needed</li>
<li><a href="19981a2455"><code>19981a2</code></a> docs: Clarify ColorChoice impls ValueEnum</li>
<li><a href="8d92f3e7a8"><code>8d92f3e</code></a> feat: Add Display/FromStr to ColorChoice</li>
<li><a href="ed683ef248"><code>ed683ef</code></a> fix: Always expose ColorChoice</li>
<li><a href="789bfd6813"><code>789bfd6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4508">#4508</a> from epage/style</li>
<li>Additional commits viewable in <a href="https://github.com/clap-rs/clap/compare/v4.0.26...v4.0.27">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
<!---
Thank you for contributing to Boa! Please fill out the template below, and remove or add any
information as you feel necessary.
--->
This Pull Request is related to the #2058 and the discussion in the discord chat.
It changes the following:
- Adds a `take` method to `JsArrayBuffer`
- Builds out `JsArrayBuffer` docs
- Adds a `JsArrayBuffer::take()` example to `jsarraybuffer.rs` in `boa_examples`
This Pull Request restructures the lint deny/warn/allow lists in `boa_engine`. It adds a lot of documentation to pup functions. There are still a few clippy lints that are not fixed, mainly regarding casting of number types. Fixing those lints effectiveley would in some cases probably require bigger refactors.
This should probably wait for #2449 to be merged, because that PR already fixes that lints regarding the `Date` built-in.
This PR is a WIP implementation of a vm instruction flowgraph generator
This aims to make the vm easier to debug and understand for both newcomers and experienced devs.
For example if we have the following code:
```js
let i = 0;
while (i < 10) {
if (i == 3) {
break;
}
i++;
}
```
It generates the following instructions (which is hard to read, especially jumps):
<details>
```
----------------------Compiled Output: '<main>'-----------------------
Location Count Opcode Operands
000000 0000 PushZero
000001 0001 DefInitLet 0000: 'i'
000006 0002 LoopStart
000007 0003 LoopContinue
000008 0004 GetName 0000: 'i'
000013 0005 PushInt8 10
000015 0006 LessThan
000016 0007 JumpIfFalse 78
000021 0008 PushDeclarativeEnvironment 0, 1
000030 0009 GetName 0000: 'i'
000035 0010 PushInt8 3
000037 0011 Eq
000038 0012 JumpIfFalse 58
000043 0013 PushDeclarativeEnvironment 0, 0
000052 0014 Jump 78
000057 0015 PopEnvironment
000058 0016 GetName 0000: 'i'
000063 0017 IncPost
000064 0018 RotateRight 2
000066 0019 SetName 0000: 'i'
000071 0020 Pop
000072 0021 PopEnvironment
000073 0022 Jump 7
000078 0023 LoopEnd
Literals:
<empty>
Bindings:
0000: i
Functions:
<empty>
```
</details>
And the flow graph is generated:
The beginning of the function is marked by the `start` node (in green) and end (in red). In branching the "yes" branch is marked in green and "no" in red.
~~This only generates in [graphviz format](https://en.wikipedia.org/wiki/DOT_(graph_description_language)) (a widely used format) but it would be nice to also generate to a format that `mermaid.js` can understand and that could be put in articles https://github.com/boa-dev/boa-dev.github.io/issues/26~~
TODO:
- [x] Generate graphviz format
- [x] Generate mermaid format
- [x] Programmatically generate colors push and pop env instructions
- [x] Display nested functions in sub-sub-graphs.
- [x] Put under a feature (`"flowgraph"`)
- [x] Handle try/catch, switch instructions
- [x] CLI option for configuring direction of flow (by default it is top down)
- [x] Handle `Throw` instruction (requires keeping track of try blocks)
- [x] Documentation
- [x] Prevent node name collisions (functions with the same name)
Just a general cleanup of the `Date` builtin to use slightly better patterns and to fix our warnings about deprecated functions.
About the regressed tests. It seems to be a `chrono` bug, so I opened up an issue (https://github.com/chronotope/chrono/issues/884) for it and they've already opened a PR fixing it (https://github.com/chronotope/chrono/pull/885).
However, while checking out the remaining failing tests, I realized there's a more fundamental limitation with the library. Currently, [`chrono`](https://github.com/chronotope/chrono) specifies:
> Date types are limited in about +/- 262,000 years from the common epoch.
While the [ECMAScript spec](https://tc39.es/ecma262/#sec-time-values-and-time-range) says:
> The smaller range supported by a time value as specified in this section is approximately -273,790 to 273,790 years relative to 1970.
The range allowed by the spec is barely outside of the range supported by `chrono`! This is why the remaining `Date` tests fail.
Seeing that, I would like to ping @djc and @esheppa (the maintainers of `chrono`) to ask if it would be feasible to add a feature, akin to the `large-dates` feature from the `time` crate, that expands the supported range of `chrono`.
EDIT: Filed https://github.com/chronotope/chrono/issues/886
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.88 to 1.0.89.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p>
<blockquote>
<h2>v1.0.89</h2>
<ul>
<li>Fix invalid JSON incorrectly accepted when a large number has no digits after decimal point (<a href="https://github-redirect.dependabot.com/serde-rs/json/issues/953">#953</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="d2f936855d"><code>d2f9368</code></a> Release 1.0.89</li>
<li><a href="0b898369f9"><code>0b89836</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/json/issues/956">#956</a> from dtolnay/decimal</li>
<li><a href="9d94e920ef"><code>9d94e92</code></a> Require at least one digit after decimal point</li>
<li><a href="c27b02334b"><code>c27b023</code></a> Add regression test for issue 953</li>
<li><a href="586fefb5a1"><code>586fefb</code></a> Resolve semicolon_if_nothing_returned pedantic clippy lint</li>
<li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.88...v1.0.89">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [bootstrap](https://github.com/twbs/bootstrap) from 5.2.2 to 5.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/twbs/bootstrap/releases">bootstrap's releases</a>.</em></p>
<blockquote>
<h2>v5.2.3</h2>
<h2>Fixes</h2>
<h3>🎨 CSS</h3>
<ul>
<li><a href="https://github-redirect.dependabot.com/twbs/bootstrap/issues/37377">#37377</a>: Import root in bootstrap-utilities</li>
<li><a href="https://github-redirect.dependabot.com/twbs/bootstrap/issues/37425">#37425</a>: Fix deprecation warning with sass 1.56.0</li>
<li>Carousel: Fix RTL <code>translate()</code> direction</li>
</ul>
<h3>☕️ JavaScript</h3>
<ul>
<li><a href="https://github-redirect.dependabot.com/twbs/bootstrap/issues/37235">#37235</a>: fix tooltip/popper disposal inconsistencies</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="cb021439c6"><code>cb02143</code></a> Dist</li>
<li><a href="39589472f7"><code>3958947</code></a> Bump version to 5.2.3</li>
<li><a href="7e3074c165"><code>7e3074c</code></a> fix tooltip/popper disposal inconsistencies (<a href="https://github-redirect.dependabot.com/twbs/bootstrap/issues/37235">#37235</a>)</li>
<li><a href="127a816f77"><code>127a816</code></a> fix(carousel): RTL <code>translate()</code> direction</li>
<li><a href="77c456d8c4"><code>77c456d</code></a> Import root in <code>bootstrap-utilities</code> (<a href="https://github-redirect.dependabot.com/twbs/bootstrap/issues/37377">#37377</a>)</li>
<li><a href="b72236981f"><code>b722369</code></a> Fix deprecation warning with sass 1.56.0 (<a href="https://github-redirect.dependabot.com/twbs/bootstrap/issues/37425">#37425</a>)</li>
<li>See full diff in <a href="https://github.com/twbs/bootstrap/compare/v5.2.2...v5.2.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [test262](https://github.com/tc39/test262) from `1d5dc6b` to `83a46bf`.
<details>
<summary>Commits</summary>
<ul>
<li><a href="83a46bfe0e"><code>83a46bf</code></a> test/built-ins/TypedArray/prototype/map/callbackfn-resize.js test result is i...</li>
<li><a href="ec752ebaab"><code>ec752eb</code></a> Temporal: Expand PlainYearMonth and PlainMonthDay strings tests</li>
<li><a href="7d0dde3635"><code>7d0dde3</code></a> Temporal: Remove duplicate number-as-PlainMonthDay test case</li>
<li><a href="d1b16d7d0e"><code>d1b16d7</code></a> Temporal: Move more collections of valid/invalid strings into TemporalHelpers</li>
<li><a href="10ac2ad03e"><code>10ac2ad</code></a> Fix esids</li>
<li><a href="60e41ed3cb"><code>60e41ed</code></a> CI: Disable GraalJS.</li>
<li><a href="dfb3593e3b"><code>dfb3593</code></a> Add feature flag for Array.fromAsync</li>
<li>See full diff in <a href="1d5dc6b577...83a46bfe0e">compare view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.5.3 to 1.6.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/rayon-rs/rayon/blob/master/RELEASES.md">rayon's changelog</a>.</em></p>
<blockquote>
<h1>Release rayon 1.6.0 / rayon-core 1.10.0 (2022-11-18)</h1>
<ul>
<li>The minimum supported <code>rustc</code> is now 1.56.</li>
<li>The new <code>IndexedParallelIterator::fold_chunks</code> and <code>fold_chunks_with</code> methods
work like <code>ParallelIterator::fold</code> and <code>fold_with</code> with fixed-size chunks of
items. This may be useful for predictable batching performance, without the
allocation overhead of <code>IndexedParallelIterator::chunks</code>.</li>
<li>New "broadcast" methods run a given function on all threads in the pool.
These run at a sort of reduced priority after each thread has exhausted their
local work queue, but before they attempt work-stealing from other threads.
<ul>
<li>The global <code>broadcast</code> function and <code>ThreadPool::broadcast</code> method will
block until completion, returning a <code>Vec</code> of all return values.</li>
<li>The global <code>spawn_broadcast</code> function and methods on <code>ThreadPool</code>, <code>Scope</code>,
and <code>ScopeFifo</code> will run detached, without blocking the current thread.</li>
</ul>
</li>
<li>Panicking methods now use <code>#[track_caller]</code> to report the caller's location.</li>
<li>Fixed a truncated length in <code>vec::Drain</code> when given an empty range.</li>
</ul>
<h2>Contributors</h2>
<p>Thanks to all of the contributors for this release!</p>
<ul>
<li><a href="https://github.com/cuviper"><code>@cuviper</code></a></li>
<li><a href="https://github.com/idanmuze"><code>@idanmuze</code></a></li>
<li><a href="https://github.com/JoeyBF"><code>@JoeyBF</code></a></li>
<li><a href="https://github.com/JustForFun88"><code>@JustForFun88</code></a></li>
<li><a href="https://github.com/kianmeng"><code>@kianmeng</code></a></li>
<li><a href="https://github.com/kornelski"><code>@kornelski</code></a></li>
<li><a href="https://github.com/ritchie46"><code>@ritchie46</code></a></li>
<li><a href="https://github.com/ryanrussell"><code>@ryanrussell</code></a></li>
<li><a href="https://github.com/steffahn"><code>@steffahn</code></a></li>
<li><a href="https://github.com/TheIronBorn"><code>@TheIronBorn</code></a></li>
<li><a href="https://github.com/willcrozi"><code>@willcrozi</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="60cdb43173"><code>60cdb43</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/686">#686</a></li>
<li><a href="efeeace277"><code>efeeace</code></a> Release rayon 1.2.0 / rayon-core 1.6.0</li>
<li><a href="d993d7a666"><code>d993d7a</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/683">#683</a></li>
<li><a href="2720d8d55b"><code>2720d8d</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/682">#682</a></li>
<li><a href="c6a294b62f"><code>c6a294b</code></a> impl ParallelExtend<()> for ()</li>
<li><a href="9bfb3c6d55"><code>9bfb3c6</code></a> clippy::inconsistent_digit_grouping</li>
<li><a href="3cd762e225"><code>3cd762e</code></a> clippy::toplevel_ref_arg</li>
<li><a href="b216c3e0eb"><code>b216c3e</code></a> Update bare traits to <code>dyn Trait</code></li>
<li><a href="58b0275a14"><code>58b0275</code></a> Once:new() is const-stable since Rust 1.24</li>
<li><a href="83b67e27f2"><code>83b67e2</code></a> Merge <a href="https://github-redirect.dependabot.com/rayon-rs/rayon/issues/673">#673</a></li>
<li>Additional commits viewable in <a href="https://github.com/rayon-rs/rayon/compare/v1.5.3...rayon-core-v1.6.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
This Pull Request restructures the lint deny/warn/allow lists in almost all crates. `boa_engine` will be done in a follow up PR as the changes there are pretty extensive.
Bumps [indexmap](https://github.com/bluss/indexmap) from 1.9.1 to 1.9.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/bluss/indexmap/blob/master/RELEASES.md">indexmap's changelog</a>.</em></p>
<blockquote>
<ul>
<li>
<p>1.9.2</p>
<ul>
<li><code>IndexMap</code> and <code>IndexSet</code> both implement <code>arbitrary::Arbitrary<'_></code> and
<code>quickcheck::Arbitrary</code> if those optional dependency features are enabled.</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="4d52cf338c"><code>4d52cf3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/bluss/indexmap/issues/247">#247</a> from cuviper/arbitrary-1.x</li>
<li><a href="4d410509d2"><code>4d41050</code></a> Release 1.9.2</li>
<li><a href="bc1a12f7f3"><code>bc1a12f</code></a> Add an Arbitrary release note</li>
<li><a href="2251812717"><code>2251812</code></a> impl Arbitrary for IndexMap and IndexSet</li>
<li><a href="fe98ec2a03"><code>fe98ec2</code></a> Revert "Run CI on 1.56.1 until next hashbrown release"</li>
<li>See full diff in <a href="https://github.com/bluss/indexmap/compare/1.9.1...1.9.2">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.87 to 1.0.88.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p>
<blockquote>
<h2>v1.0.88</h2>
<ul>
<li>Optimize serde_json::Map's implementation of <code>append</code> and <code>clone_from</code> (<a href="https://github-redirect.dependabot.com/serde-rs/json/issues/952">#952</a>, thanks <a href="https://github.com/Lucretiel"><code>@Lucretiel</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9eb66da7e0"><code>9eb66da</code></a> Release 1.0.88</li>
<li><a href="057957ccf4"><code>057957c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/json/issues/952">#952</a> from Lucretiel/map-traits</li>
<li><a href="3347248d82"><code>3347248</code></a> Add <code>clone_from</code> to <code>Map</code>; <code>Map::append</code> now uses <code>IndexMap::extend</code></li>
<li><a href="ca41bdd563"><code>ca41bdd</code></a> Update ui test suite to nightly-2022-11-16</li>
<li><a href="4f194c9141"><code>4f194c9</code></a> Resolve needless_borrow pedantic clippy lint in test</li>
<li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.87...v1.0.88">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [clap](https://github.com/clap-rs/clap) from 4.0.25 to 4.0.26.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p>
<blockquote>
<h2>v4.0.26</h2>
<h2>[4.0.26] - 2022-11-16</h2>
<h3>Fixes</h3>
<ul>
<li><em>(error)</em> Fix typos in <code>ContextKind::as_str</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p>
<blockquote>
<h2>[4.0.26] - 2022-11-16</h2>
<h3>Fixes</h3>
<ul>
<li><em>(error)</em> Fix typos in <code>ContextKind::as_str</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f8e9211e38"><code>f8e9211</code></a> chore: Release</li>
<li><a href="6524416e9e"><code>6524416</code></a> docs: Update changelog</li>
<li><a href="df1efb4c53"><code>df1efb4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4486">#4486</a> from jpgrayson/master</li>
<li><a href="d9c9c7bdd8"><code>d9c9c7b</code></a> fix: ContextKind.as_str() spellings</li>
<li>See full diff in <a href="https://github.com/clap-rs/clap/compare/v4.0.25...v4.0.26">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
This Pull Request restructures the lint deny/warn/allow lists in `boa_ast` and fixes some clippy lints in the crate.
The most relevant change should be in `boa_ast/src/lib.rs`. I went trough all the lints that are available in rustc/rustdoc/clippy with the goal to have most in the deny list, either trough groups or individually. Some clippy lints remain allowed, because they trigger false positives (I fixed them as far as possible).
I'm interested in how everyone feels about denying most lints, as it may impact individual development workflows. If we agree on how we want to structure this, I will apply the restructured lists to all other creates aswell.
Just some quality changes to improve the maintainability of the tester:
- Replaces `anyhow` with `color_eyre` to have a better output on errors/panics.
- Changes the ignore file to a TOML file and replaces all parsing logic with the `toml` crate.
- Adds a `ignored` field on all `Test`s to simplify run logic.
- Replaces the global `IGNORED` with an `ignored` argument on the CLI.
Bumps [clap](https://github.com/clap-rs/clap) from 4.0.24 to 4.0.25.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p>
<blockquote>
<h2>v4.0.25</h2>
<h2>[4.0.25] - 2022-11-15</h2>
<h3>Features</h3>
<ul>
<li><em>(error)</em> Report available subcommands when required subcommand is missing</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p>
<blockquote>
<h2>[4.0.25] - 2022-11-15</h2>
<h3>Features</h3>
<ul>
<li><em>(error)</em> Report available subcommands when required subcommand is missing</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="ba32ab87b2"><code>ba32ab8</code></a> chore: Release</li>
<li><a href="391cd0092d"><code>391cd00</code></a> docs: Update changelog</li>
<li><a href="8cefdf31cc"><code>8cefdf3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4482">#4482</a> from epage/suggest</li>
<li><a href="6b62c82fe2"><code>6b62c82</code></a> feat(parser): Show available subcommands when one is missing</li>
<li><a href="d21ee513fd"><code>d21ee51</code></a> test(parser): Verify subcommand required message</li>
<li>See full diff in <a href="https://github.com/clap-rs/clap/compare/v4.0.24...v4.0.25">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
This Pull Request offers a basic VM fuzzer which relies on implied oracles (namely, "does it crash or timeout?").
It changes the following:
- Adds an insns_remaining field to Context, denoting the number of instructions remaining to execute (only available when fuzzing)
- Adds a JsNativeError variant, denoting when the number of instructions has been exceeded (only available when fuzzing)
- Adds a VM fuzzer which looks for cases where Boa may crash on an input
This offers no guarantees about correctness, only assertion violations. Depends on #2400.
Any issues I raise in association with this fuzzer will link back to this fuzzer.
You may run the fuzzer using the following commands:
```bash
$ cd boa_engine
$ cargo +nightly fuzz run -s none vm-implied
```
Co-authored-by: Addison Crump <addison.crump@cispa.de>
Bumps [clap](https://github.com/clap-rs/clap) from 4.0.23 to 4.0.24.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p>
<blockquote>
<h2>v4.0.24</h2>
<h2>[4.0.24] - 2022-11-14</h2>
<h3>Fixes</h3>
<ul>
<li>Avoid panic when printing an argument that isn't built</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p>
<blockquote>
<h2>[4.0.24] - 2022-11-14</h2>
<h3>Fixes</h3>
<ul>
<li>Avoid panic when printing an argument that isn't built</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="010976c2ff"><code>010976c</code></a> chore: Release</li>
<li><a href="0bafd2f52d"><code>0bafd2f</code></a> docs: Update changelog</li>
<li><a href="8171a5f6d0"><code>8171a5f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4480">#4480</a> from epage/panic</li>
<li><a href="c939de8a25"><code>c939de8</code></a> fix: Don't panic on non-built arg rendering</li>
<li>See full diff in <a href="https://github.com/clap-rs/clap/compare/v4.0.23...v4.0.24">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
<!---
Thank you for contributing to Boa! Please fill out the template below, and remove or add any
information as you feel necessary.
--->
Not sure if anyone else may be working on something more substantial/in-depth, but I thought I'd post this. 😄
The basic rundown is that this is more of an untested (and in some ways naïve) draft than anything else. It builds rather heavily on `rust-gc`, and tries to keep plenty of the core aspects so as to not break anything too much, and also to minimize overarching changes were it to actually be merged at some point.
This implementation does add ~~a generational divide (although a little unoptimized) to the heap,~~ a GcAlloc/Collector struct with methods, and an ephemeron implementation that allows for the WeakPair and WeakGc pointers.
Bumps [clap](https://github.com/clap-rs/clap) from 4.0.22 to 4.0.23.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p>
<blockquote>
<h2>v4.0.23</h2>
<h2>[4.0.23] - 2022-11-11</h2>
<h3>Fixes</h3>
<ul>
<li>Don't panic on reporting invalid-long errors when followed by invalid UTF8</li>
<li><em>(help)</em> Clarified argument to <code>help</code> subcommand</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p>
<blockquote>
<h2>[4.0.23] - 2022-11-11</h2>
<h3>Fixes</h3>
<ul>
<li>Don't panic on reporting invalid-long errors when followed by invalid UTF8</li>
<li><em>(help)</em> Clarified argument to <code>help</code> subcommand</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="95144b7590"><code>95144b7</code></a> chore: Release</li>
<li><a href="20ecae1cb3"><code>20ecae1</code></a> docs: Update changelog</li>
<li><a href="e6a3529e24"><code>e6a3529</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4474">#4474</a> from epage/utf8</li>
<li><a href="e9cbed34cd"><code>e9cbed3</code></a> fix(parser): Don't panic on invalid UTF-8 values</li>
<li><a href="45d26e0013"><code>45d26e0</code></a> test(parser): Show UTF8 bug</li>
<li><a href="4d69e56f06"><code>4d69e56</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4471">#4471</a> from epage/assert</li>
<li><a href="ec03972023"><code>ec03972</code></a> test(assert): Verify empty positional assert exists</li>
<li><a href="0d27188d87"><code>0d27188</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4465">#4465</a> from epage/help</li>
<li><a href="9376a57d40"><code>9376a57</code></a> fix(help): Clarify that 'help' command accepts multiple</li>
<li>See full diff in <a href="https://github.com/clap-rs/clap/compare/v4.0.22...v4.0.23">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.22 to 0.4.23.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p>
<blockquote>
<p>0.4.23 is the next 0.4 release of the popular chrono date and time library for Rust. After the 0.4.20-0.4.22 series that brought chrono back to life after a long hiatus, development has been fairly quiet, allowing us to start planning changes for the 0.5.0 release. As such, we've started deprecating some APIs that are likely to be removed in 0.5. If you have any feedback on these changes, please let us know in the issue tracker!</p>
<h3>Deprecations</h3>
<ul>
<li>Deprecate methods that have an <code>_opt()</code> alternative (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/827">#827</a>)</li>
<li>Deprecate usage of the <code>Date<Tz></code> type (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/851">#851</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>Optimize RFC 3339 (and RFC 2822) encoding (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/844">#844</a>, thanks to <a href="https://github.com/conradludgate"><code>@conradludgate</code></a>)</li>
<li>Addition and subtraction with the <code>Days</code> type (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/784">#784</a>)</li>
<li>Add <code>NaiveDateTime::from_timestamp_millis(_opt)</code> (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/818">#818</a>, thanks to <a href="https://github.com/Pscheidl"><code>@Pscheidl</code></a> -- backported in <a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/823">#823</a>)</li>
<li>Allow for changing TZ variable and cache it for <code>Local</code> timezone (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/853">#853</a>)</li>
<li>Add optional support for the <code>arbitrary::Arbitrary</code> trait (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/849">#849</a>, thanks to <a href="https://github.com/greyblake"><code>@greyblake</code></a> and <a href="https://github.com/asayers"><code>@asayers</code></a>)</li>
</ul>
<h3>Fixes</h3>
<ul>
<li>Support tzdb location on AIX (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/826">#826</a>)</li>
<li>Fix warnings in documentation (<a href="https://github-redirect.dependabot.com/chronotope/chrono/issues/847">#847</a>)</li>
</ul>
<p>On behalf of <a href="https://github.com/esheppa"><code>@esheppa</code></a> and <a href="https://github.com/djc"><code>@djc</code></a>, thanks to all contributors!</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9e5eb49838"><code>9e5eb49</code></a> Bump version to 0.4.23</li>
<li><a href="dc4287a627"><code>dc4287a</code></a> store hash of environment variable</li>
<li><a href="57908e918b"><code>57908e9</code></a> allow sharing of the allocated environment variable</li>
<li><a href="84f3c30d1e"><code>84f3c30</code></a> move last_changed to the Cache</li>
<li><a href="8bc413936f"><code>8bc4139</code></a> add bench for Local::now()</li>
<li><a href="22b4d32498"><code>22b4d32</code></a> Avoid use of deprecated API</li>
<li><a href="77317d5255"><code>77317d5</code></a> Deprecate usage of the Date<Tz> type</li>
<li><a href="7ba090d484"><code>7ba090d</code></a> Add TimeZone::with_ymd_and_hms() helper method</li>
<li><a href="03165c8658"><code>03165c8</code></a> Move Date::years_since() implementation into NaiveDate</li>
<li><a href="645fca0c55"><code>645fca0</code></a> chore: apply clippy suggestions for 1.65</li>
<li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.22...v0.4.23">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [test262](https://github.com/tc39/test262) from `f6c48f3` to `1d5dc6b`.
<details>
<summary>Commits</summary>
<ul>
<li><a href="1d5dc6b577"><code>1d5dc6b</code></a> Remove tests involving the <code>Emoji_Test</code> property</li>
<li><a href="e04de94c07"><code>e04de94</code></a> Line Terminator test description corrections</li>
<li><a href="0593463817"><code>0593463</code></a> Add missed changes for Symbols as WeakMap keys proposal.</li>
<li>See full diff in <a href="f6c48f333e...1d5dc6b577">compare view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [webpack](https://github.com/webpack/webpack) from 5.74.0 to 5.75.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/webpack/webpack/releases">webpack's releases</a>.</em></p>
<blockquote>
<h2>v5.75.0</h2>
<h1>Bugfixes</h1>
<ul>
<li><code>experiments.*</code> normalize to <code>false</code> when opt-out</li>
<li>avoid <code>NaN%</code></li>
<li>show the correct error when using a conflicting chunk name in code</li>
<li>HMR code tests existance of <code>window</code> before trying to access it</li>
<li>fix <code>eval-nosources-*</code> actually exclude sources</li>
<li>fix race condition where no module is returned from processing module</li>
<li>fix position of standalong semicolon in runtime code</li>
</ul>
<h1>Features</h1>
<ul>
<li>add support for <code>@import</code> to extenal CSS when using experimental CSS in node</li>
<li>add <code>i64</code> support to the deprecated WASM implementation</li>
</ul>
<h1>Developer Experience</h1>
<ul>
<li>expose <code>EnableWasmLoadingPlugin</code></li>
<li>add more typings</li>
<li>generate getters instead of readonly properties in typings to allow overriding them</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="8241da7f1e"><code>8241da7</code></a> 5.75.0</li>
<li><a href="a91d9232ea"><code>a91d923</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/16458">#16458</a> from webpack/bugfix/semi</li>
<li><a href="4608b11416"><code>4608b11</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/16457">#16457</a> from webpack/tooling/update</li>
<li><a href="dfdd0b0e42"><code>dfdd0b0</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/16122">#16122</a> from AnmolBansalDEV/bug/compilationCallback</li>
<li><a href="23b9a1c01f"><code>23b9a1c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/16167">#16167</a> from exposir/fixts</li>
<li><a href="6f2c5e852a"><code>6f2c5e8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/16257">#16257</a> from alexzhang1030/calc_deterministic_verbose</li>
<li><a href="f7f36ad412"><code>f7f36ad</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/16339">#16339</a> from Liamolucko/wasm-i64</li>
<li><a href="761a54285e"><code>761a542</code></a> fix semicolon position</li>
<li><a href="2403a36326"><code>2403a36</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/16345">#16345</a> from ahabhgk/fix-eval-nosources</li>
<li><a href="c18203c894"><code>c18203c</code></a> update tooling</li>
<li>Additional commits viewable in <a href="https://github.com/webpack/webpack/compare/v5.74.0...v5.75.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
This PR adds a safe wrapper around JavaScript `JsDate` from `builtins::date`, and is being tracked at #2098.
#### Implements following methods
- [x] `new Date()`
- [x] `Date.prototype.getDate()`
- [x] `Date.prototype.getDay()`
- [x] `Date.prototype.getFullYear()`
- [x] `Date.prototype.getHours()`
- [x] `Date.prototype.getMilliseconds()`
- [x] `Date.prototype.getMinutes()`
- [x] `Date.prototype.getMonth()`
- [x] `Date.prototype.getSeconds()`
- [x] `Date.prototype.getTime()`
- [x] `Date.prototype.getTimezoneOffset()`
- [x] `Date.prototype.getUTCDate()`
- [x] `Date.prototype.getUTCDay()`
- [x] `Date.prototype.getUTCFullYear()`
- [x] `Date.prototype.getUTCHours()`
- [x] `Date.prototype.getUTCMilliseconds()`
- [x] `Date.prototype.getUTCMinutes()`
- [x] `Date.prototype.getUTCMonth()`
- [x] `Date.prototype.getUTCSeconds()`
- [x] `Date.prototype.getYear()`
- [x] `Date.now()`
- [ ] `Date.parse()` Issue 4
- [x] `Date.prototype.setDate()`
- [x] `Date.prototype.setFullYear()`
- [ ] `Date.prototype.setHours()` Issue 3
- [x] `Date.prototype.setMilliseconds()`
- [ ] `Date.prototype.setMinutes()` Issue 3
- [x] `Date.prototype.setMonth()`
- [x] `Date.prototype.setSeconds()`
- [x] `Date.prototype.setTime()`
- [x] `Date.prototype.setUTCDate()`
- [x] `Date.prototype.setUTCFullYear()`
- [x] `Date.prototype.setUTCHours()`
- [x] `Date.prototype.setUTCMilliseconds()`
- [x] `Date.prototype.setUTCMinutes()`
- [x] `Date.prototype.setUTCMonth()`
- [x] `Date.prototype.setUTCSeconds()`
- [x] `Date.prototype.setYear()`
- [ ] `Date.prototype.toDateString()` Issue 5
- [ ] `Date.prototype.toGMTString()` Issue 5
- [ ] `Date.prototype.toISOString()` Issue 5
- [ ] `Date.prototype.toJSON()` Issue 5
- [ ] `Date.prototype.toLocaleDateString()` Issue 5 and 6
- [ ] `Date.prototype.toLocaleString()` Issue 5 and 6
- [ ] `Date.prototype.toLocaleTimeString()` Issue 5 and 6
- [ ] `Date.prototype.toString()` Issue 5
- [ ] `Date.prototype.toTimeString()` Issue 5
- [ ] `Date.prototype.toUTCString()` Issue 5
- [x] `Date.UTC()`
- [x] `Date.prototype.valueOf()`
### Issues
1. ~~`get_*()` and some other methods - They take `&self` as input internally, and internal struct shouldn't be used in a wrapper API. Therefore, these would require input to be `this: &JsValue, args: &[JsValue], context: &mut Context` like others and use `this_time_value()`?~~ Fixed using `this_time_value()`
2. ~~`to_string()`- how can I use `Date::to_string()` rather than `alloc::string::ToString`.~~ My bad it compiles, just `rust-analyzer` was showing it as an issue.
3. `set_hours()` and `set_minutes()` - they subtract local timezones when setting the value, e.g.
- On further look:
```rust
// both function call `builtins:📅:mod.rs#L1038
this.set_data(ObjectData::date(t));
// `ObjectData::date` creates a new `Date` object `object::mods.rs#L423
// | this date is chrono::Date<Tz(TimezoneOffset)> and Tz default is being used here which is GMT+0
pub fn date(date: Date) -> Self {
Self {
kind: ObjectKind::Date(date),
internal_methods: &ORDINARY_INTERNAL_METHODS,
}
}
```
- BTW, in `object::mod.rs`'s `enum ObjectKind` there is `Date(chrono::Date)` and it requires
the generic argument, how is it being bypassed here?
- Also in `set_minutes()` step 6, `LocalTime` should be used.
```rust
// reference date = 2000-01-01T06:26:53.984
date.set_hours(&[23.into(), 23.into(), 23.into(), 23.into()], context)?;
// would add tiemzone(+5:30) to it
// Is 2000-01-01T17:53:23.023
// Should be 2000-01-01T23:23:23.023
```
4. `parse()` - it uses `chrono::parse_from_rfc3339` internally, while es6 spec recommends ISO8601. And it can also parse other formats like from [MDN](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/parse) `04 Dec 1995 00:12:00 GMT` which fails. So what should be done about it.
5. `to_*()` - This is more general, as the internal date object uses `chrono::NaiveDateTime` which doesn't have timezone. It doesn't account for `+4:00` in example below.
```rust
// Creates new `Date` object from given rfc3339 string.
let date = JsDate::new_from_parse(&JsValue::new("2018-01-26T18:30:09.453+04:00"), context);
println!("to_string: {:?}", date2.to_string(context)?);
// IS: Sat Jan 27 2018 00:00:09 GMT+0530
// Should: Fri Jan 26 2018 20:00:09 GMT+0530
```
6. `to_locale_*()` - requires [`ToDateTimeOptions`](https://402.ecma-international.org/9.0/#sec-todatetimeoptions) and localization would require chrono's `unstable-locales` feature, which is available for `DateTime` and not for `NaiveDateTime`.
- I should have looked properly, `to_date_time_options` is already implemented in `builtins::intl`. Anyway, I would still need some tips on how to use it. What would function signature be like in wrapper API, how would `options` be passed to the said API.
- So `to_date_time_options()` takes `options: &JsValue` as an argument and build an object from it and fetch properties through `Object.get()`. If I want `options` to be `{ weekday: 'long', year: 'numeric', month: 'long', day: 'numeric' }` what would `JsValue` look like to make it all work.
```rust
date.to_locale_date_string(&[JsValue::new("en_EN"), OPTIONS], context)?;
// OPTIONS need to be a JsValue which when converted into an object
// have these properties { weekday: 'long', year: 'numeric', month: 'long', day: 'numeric' };
```
### Possible improvements
1. Right now, `object::jsdate::set_full_year()` and alike (input is a slice) are like below, `into()` doesn't feel ergonomic.
```rust
#[inline]
pub fn set_full_year(&self, values: &[JsValue], context: &mut Context) -> JsResult<JsValue> {
Date::set_full_year(&self.inner.clone().into(), values, context)
}
// Usage
date.set_full_year(&[2000.into(), 0.into(), 1.into()], context)?;
// How can something like this be made to work
#[inline]
pub fn set_full_year<T>(&self, values: &[T], context: &mut Context) -> JsResult<JsValue>
where
T: Into<JsValue>,
{
| expected reference `&[value::JsValue]`
| found reference `&[T]`
Date::set_full_year(&self.inner.clone().into(), values, context)
}
```
2. Any other suggestion?
Bumps [clap](https://github.com/clap-rs/clap) from 4.0.18 to 4.0.22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p>
<blockquote>
<h2>v4.0.22</h2>
<h2>[4.0.22] - 2022-11-07</h2>
<h3>Fixes</h3>
<ul>
<li><em>(help)</em> Don't overflow into next-line-help early due to stale (pre-v4) padding calculations</li>
</ul>
<h2>v4.0.21</h2>
<h2>[4.0.21] - 2022-11-07</h2>
<h3>Features</h3>
<ul>
<li><em>(derive)</em> <code>long_about</code> and <code>long_help</code> attributes, without a value, force using doc comment (before it wouldn't be set if there wasn't anything different than the short help)</li>
</ul>
<h2>v4.0.20</h2>
<h2>[4.0.20] - 2022-11-07</h2>
<h3>Fixes</h3>
<ul>
<li><em>(derive)</em> Allow defaulted value parser for '()' fields</li>
</ul>
<h2>v4.0.19</h2>
<h2>[4.0.19] - 2022-11-04</h2>
<h3>Features</h3>
<ul>
<li><code>ColorChoice</code> now implements <code>ValueEnum</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p>
<blockquote>
<h2>[4.0.22] - 2022-11-07</h2>
<h3>Fixes</h3>
<ul>
<li><em>(help)</em> Don't overflow into next-line-help early due to stale (pre-v4) padding calculations</li>
</ul>
<h2>[4.0.21] - 2022-11-07</h2>
<h3>Features</h3>
<ul>
<li><em>(derive)</em> <code>long_about</code> and <code>long_help</code> attributes, without a value, force using doc comment (before it wouldn't be set if there wasn't anything different than the short help)</li>
</ul>
<h2>[4.0.20] - 2022-11-07</h2>
<h3>Fixes</h3>
<ul>
<li><em>(derive)</em> Allow defaulted value parser for '()' fields</li>
</ul>
<h2>[4.0.19] - 2022-11-04</h2>
<h3>Features</h3>
<ul>
<li><code>ColorChoice</code> now implements <code>ValueEnum</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6cbe5c4323"><code>6cbe5c4</code></a> chore: Release</li>
<li><a href="d2739c95cf"><code>d2739c9</code></a> docs: Update changelog</li>
<li><a href="eaa6bfe826"><code>eaa6bfe</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4463">#4463</a> from epage/help</li>
<li><a href="dfe9e73880"><code>dfe9e73</code></a> fix(help): Update auto-next-line to use new padding</li>
<li><a href="539577dfb2"><code>539577d</code></a> refactor(help): Remove dead code</li>
<li><a href="bc457b179f"><code>bc457b1</code></a> chore: Release</li>
<li><a href="d5c3c13ec2"><code>d5c3c13</code></a> docs: Update changelog</li>
<li><a href="87edc19ef7"><code>87edc19</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/clap-rs/clap/issues/4461">#4461</a> from epage/help</li>
<li><a href="c37ab6c205"><code>c37ab6c</code></a> fix(derive): Allow 'long_help' to force populating from doc comment</li>
<li><a href="8751152316"><code>8751152</code></a> test(derive): Verify long_help behavior</li>
<li>Additional commits viewable in <a href="https://github.com/clap-rs/clap/compare/v4.0.18...v4.0.22">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [regex](https://github.com/rust-lang/regex) from 1.6.0 to 1.7.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p>
<blockquote>
<h1>1.7.0 (2022-11-05)</h1>
<p>This release principally includes an upgrade to Unicode 15.</p>
<p>New features:</p>
<ul>
<li>[FEATURE <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/832">#832</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/916">rust-lang/regex#916</a>):
Upgrade to Unicode 15.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f871a8eb1d"><code>f871a8e</code></a> 1.7.0</li>
<li><a href="ca7b99c647"><code>ca7b99c</code></a> changelog: 1.7.0</li>
<li><a href="ea3b132080"><code>ea3b132</code></a> regex-syntax-0.6.28</li>
<li><a href="9a1892737b"><code>9a18927</code></a> syntax: update to Unicode 15</li>
<li><a href="0d0023e412"><code>0d0023e</code></a> rure-0.2.2</li>
<li><a href="3bac5c8075"><code>3bac5c8</code></a> capi: add 'rlib' crate type</li>
<li><a href="159a63c85e"><code>159a63c</code></a> doc: add a note about the empty regex</li>
<li><a href="fc6f5ccc51"><code>fc6f5cc</code></a> readme: re-word usage to remove version number</li>
<li><a href="67824c7af2"><code>67824c7</code></a> ci: switch to dtolnay/rust-toolchain</li>
<li><a href="54660765af"><code>5466076</code></a> capi: fix 'unused return value' warnings</li>
<li>See full diff in <a href="https://github.com/rust-lang/regex/compare/1.6.0...1.7.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [sys-locale](https://github.com/1Password/sys-locale) from 0.2.1 to 0.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/1Password/sys-locale/releases">sys-locale's releases</a>.</em></p>
<blockquote>
<h2>v0.2.3</h2>
<p>See <a href="https://github.com/1Password/sys-locale/blob/main/CHANGELOG.md#023---2022-11-06">the changelog</a> for details.</p>
<h2>v0.2.2</h2>
<p>See <a href="https://github.com/1Password/sys-locale/blob/main/CHANGELOG.md#022---2022-11-06">the changelog</a> for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/1Password/sys-locale/blob/main/CHANGELOG.md">sys-locale's changelog</a>.</em></p>
<blockquote>
<h2>[0.2.3] - 2022-11-06</h2>
<h3>Fixed</h3>
<ul>
<li>Re-release 0.2.2 and correctly maintain <code>no_std</code> compatibility on Apple targets.</li>
</ul>
<h2>[0.2.2] - 2022-11-06</h2>
<h3>Changed</h3>
<ul>
<li>The Apple backend has been rewritten in pure Rust instead of Objective-C.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>The locale returned on UNIX systems is now always a correctly formatted BCP-47 tag.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="21a5596bb6"><code>21a5596</code></a> Release 0.2.3</li>
<li><a href="6717e5662a"><code>6717e56</code></a> Use manual CoreFoundation bindings instead of core-foundation-sys</li>
<li><a href="f4dee466cf"><code>f4dee46</code></a> Release 0.2.2</li>
<li><a href="db4471ebff"><code>db4471e</code></a> Convert CHANGELOG.md to LF line endings</li>
<li><a href="a35c485c10"><code>a35c485</code></a> Update CHANGELOG</li>
<li><a href="ad29e24f7b"><code>ad29e24</code></a> Rewrite Apple locale fetching in pure Rust</li>
<li><a href="e76d9c55d1"><code>e76d9c5</code></a> Improve locale fetching tests</li>
<li><a href="29f4f2582b"><code>29f4f25</code></a> Fix implementation for Linux</li>
<li><a href="7c58f80849"><code>7c58f80</code></a> Fix cross-compiling CI</li>
<li>See full diff in <a href="https://github.com/1Password/sys-locale/compare/v0.2.1...v0.2.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [test262](https://github.com/tc39/test262) from `85373b4` to `f6c48f3`.
<details>
<summary>Commits</summary>
<ul>
<li><a href="f6c48f333e"><code>f6c48f3</code></a> Update Intl tests to recognize microsecond and nanosecond as sanctioned</li>
<li><a href="5d8ebdff05"><code>5d8ebdf</code></a> Improve documentation for assert.compareIterator.</li>
<li><a href="745f3c01aa"><code>745f3c0</code></a> Add more tests for duplicated named capture groups.</li>
<li><a href="54c9ff9084"><code>54c9ff9</code></a> Rename duplicate-names.js.</li>
<li><a href="c3c6c86663"><code>c3c6c86</code></a> Fix some esids.</li>
<li><a href="9e1907e5f7"><code>9e1907e</code></a> Unicode case-folding tests</li>
<li><a href="c44d82c370"><code>c44d82c</code></a> Add <code>/iu</code> Unicode case folding tests</li>
<li><a href="27063ae219"><code>27063ae</code></a> Duplicate named capture groups: .groups and .indices.groups objects</li>
<li><a href="fabb1fd379"><code>fabb1fd</code></a> Duplicate named capture groups: Fix match arrays</li>
<li><a href="d77d9b2b85"><code>d77d9b2</code></a> Duplicate named capture groups: Syntax tests</li>
<li>Additional commits viewable in <a href="85373b4ce1...f6c48f333e">compare view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
This Pull Request offers a fuzzer which is capable of detecting faults in the parser and interner. It does so by ensuring that the parsed AST remains the same between a parsed source and the result of parsing the `to_interned_string` result of the first parsed source.
It changes the following:
- Adds a fuzzer for the parser and interner.
Any issues I raise in association with this fuzzer will link back to this fuzzer.
You may run the fuzzer using the following commands:
```bash
$ cd boa_engine
$ cargo +nightly fuzz run -s none parser-idempotency
```
Co-authored-by: Addison Crump <addison.crump@cispa.de>
This PR adds an `OrAbrupt` trait, with the `or_abrupt()` function. This function is equivalent to the previous `?.ok_or(ParseError::AbruptEnd)`, but it's cleaner. It's implemented for the parser cursor results types.
It also adds an `advance()` function to the parser cursor (which might be possible to optimize further), that just advances the cursor without returning any token. This shows a clearer intent in many places where it's being used.
I also used `ParseResult` in more places, since we were not using it in many places.
This PR rewrites some patterns of the `JsString` implementation in order to pass all its miri tests. This can be verified by running:
```bash
cargo +nightly miri test -p boa_engine string::tests -- --skip builtins --skip parser
```
Basically, we were doing two operations that were Undefined Behaviour per the [Stacked Borrows](https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md) model:
- Casting `&JsString` to `&mut RawJsString` to `&[u16]`. The intermediate mutable borrow must not exist, or Miri considers this as Undefined Behaviour.
- Trying to access `RawJsString.data` using the dot operator. Miri complains with `this is a zero-size retag ([0x10..0x10]) so the tag in question does not exist anywhere`. To fix this, we can recompute the position of `data` every time we want to access it.
This PR rewrites all syntax-directed operations that find declared names and variables using visitors.
Hopefully, this should be the last step before finally being able to separate the parser from the engine.
I checked the failing [tests](85373b4ce1/test/language/statements/for-await-of/async-gen-decl-dstr-obj-prop-elem-target-yield-expr.js (L49)) and they're apparently false positives, since they return `Promise { <rejected> ReferenceError: x is not initialized }` on the main branch.
dependabot[bot]
raskad
Kevin
Arjun Kavi
Halid Odat
José Julián Espina
Iban Eguia Moraza
Addison Crump
João Borges
Anuvrat
