Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Bump tempfile from 3.16.0 to 3.17.1 #3072

Closed
wants to merge 1 commit into from
Closed

Bump tempfile from 3.16.0 to 3.17.1 #3072

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 18, 2025
edited
Loading

Bumps tempfile from 3.16.0 to 3.17.1.

Changelog

Sourced from tempfile's changelog.

3.17.1

  • Fix build with windows-sys 0.52. Unfortunately, we have no CI for older windows-sys versions at the moment...

3.17.0

  • Make sure to use absolute paths in when creating unnamed temporary files (avoids a small race in the "immediate unlink" logic) and in Builder::make_in (when creating temporary files of arbitrary types).
  • Prevent a theoretical crash that could (maybe) happen when a temporary file is created from a drop function run in a TLS destructor. Nobody has actually reported a case of this happening in practice and I have been unable to create this scenario in a test.
  • When reseeding with getrandom, use platform (e.g., CPU) specific randomness sources where possible.
  • Clarify some documentation.
  • Unlink unnamed temporary files on windows immediately when possible instead of waiting for the handle to be closed. We open files with "Unix" semantics, so this is generally possible.
Commits
  • 714a259 chore: release 3.17.1
  • 78309ed fix: cast handle to the windows crate HANDLE (#332)
  • 6e7d167 chore: release 3.17.0
  • 3718075 doc: remove incorrect documentation about windows and open files
  • 461369f feat: delete unnamed temporary files on windows immediately
  • 78d30a2 doc: clarify "inner file will be deleted" documentation (#329)
  • 0fe11c4 doc: document how to "keep" temporary files/dirs after creation (#328)
  • 35e0629 feat: simplify getrandom call (#325)
  • 1e5059f fix: handle TLS deallocation (#324)
  • c7b2e1a chore: simplify reborrow
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 18, 2025
@dependabot dependabot bot mentioned this pull request Feb 18, 2025
Closed
@dependabot dependabot bot force-pushed the dependabot/cargo/tempfile-3.17.1 branch from 892580a to 2a78403 Compare February 21, 2025 00:31
@dependabot
Bump tempfile from 3.16.0 to 3.17.1
8cac57f 
Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.16.0 to 3.17.1.
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](Stebalien/tempfile@v3.16.0...v3.17.1)

---
updated-dependencies:
- dependency-name: tempfile
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/tempfile-3.17.1 branch from 2a78403 to 8cac57f Compare February 25, 2025 09:35
YJDoc2 added a commit to YJDoc2/youki that referenced this pull request Feb 25, 2025
@YJDoc2
dep: update tempfile to 3.17.1 in youki and exp/selinux
f14983d 
ref: youki-dev#3072

Signed-off-by: Yashodhan Joshi <yjdoc2@gmail.com>
@YJDoc2 YJDoc2 mentioned this pull request Feb 25, 2025
Merged
13 tasks
YJDoc2 added a commit that referenced this pull request Feb 25, 2025
@YJDoc2
rollup multiple dep updates (#3084)
9a8c3df 
* dep: update flate2 in contest

ref: https://github.com/youki-dev/youki/pull/3081/files

Signed-off-by: Yashodhan Joshi <yjdoc2@gmail.com>

* dep: update uuid in contest

ref: https://github.com/youki-dev/youki/pull/3078/files

Signed-off-by: Yashodhan Joshi <yjdoc2@gmail.com>

* dep: update tempfile to 3.17.1 in youki and exp/selinux

ref: #3072

Signed-off-by: Yashodhan Joshi <yjdoc2@gmail.com>

---------

Signed-off-by: Yashodhan Joshi <yjdoc2@gmail.com>
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 25, 2025

Looks like tempfile is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Feb 25, 2025
@dependabot dependabot bot deleted the dependabot/cargo/tempfile-3.17.1 branch February 25, 2025 10:01
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants