Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Bump tempfile from 3.16.0 to 3.17.0 #3115

Merged
merged 1 commit into from
Feb 17, 2025
Merged

Bump tempfile from 3.16.0 to 3.17.0 #3115

merged 1 commit into from
Feb 17, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 17, 2025
edited
Loading

Bumps tempfile from 3.16.0 to 3.17.0.

Changelog

Sourced from tempfile's changelog.

3.17.0

  • Make sure to use absolute paths in when creating unnamed temporary files (avoids a small race in the "immediate unlink" logic) and in Builder::make_in (when creating temporary files of arbitrary types).
  • Prevent a theoretical crash that could (maybe) happen when a temporary file is created from a drop function run in a TLS destructor. Nobody has actually reported a case of this happening in practice and I have been unable to create this scenario in a test.
  • When reseeding with getrandom, use platform (e.g., CPU) specific randomness sources where possible.
  • Clarify some documentation.
  • Unlink unnamed temporary files on windows immediately when possible instead of waiting for the handle to be closed. We open files with "Unix" semantics, so this is generally possible.
Commits
  • 6e7d167 chore: release 3.17.0
  • 3718075 doc: remove incorrect documentation about windows and open files
  • 461369f feat: delete unnamed temporary files on windows immediately
  • 78d30a2 doc: clarify "inner file will be deleted" documentation (#329)
  • 0fe11c4 doc: document how to "keep" temporary files/dirs after creation (#328)
  • 35e0629 feat: simplify getrandom call (#325)
  • 1e5059f fix: handle TLS deallocation (#324)
  • c7b2e1a chore: simplify reborrow
  • 8afa07a fix: always use absolute paths (#323)
  • See full diff in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 17, 2025
@serban300
Copy link
Collaborator

@dependabot rebase

@dependabot
Bump tempfile from 3.16.0 to 3.17.0
fedf442 
Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.16.0 to 3.17.0.
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](Stebalien/tempfile@v3.16.0...v3.17.0)

---
updated-dependencies:
- dependency-name: tempfile
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/tempfile-3.17.0 branch from ee8cd7a to fedf442 Compare February 17, 2025 07:04
@serban300 serban300 merged commit 5493cc3 into master Feb 17, 2025
11 of 13 checks passed
@serban300 serban300 deleted the dependabot/cargo/tempfile-3.17.0 branch February 17, 2025 07:12
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@serban300 serban300 serban300 approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@serban300