chore(deps): bump sha2 from 0.10.9 to 0.11.0 in /src-tauri#16
chore(deps): bump sha2 from 0.10.9 to 0.11.0 in /src-tauri#16dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [sha2](https://github.com/RustCrypto/hashes) from 0.10.9 to 0.11.0. - [Commits](RustCrypto/hashes@sha2-v0.10.9...sha2-v0.11.0) --- updated-dependencies: - dependency-name: sha2 dependency-version: 0.11.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
Greptile SummaryThis is a Dependabot-generated bump of
Confidence Score: 5/5Safe to merge — the only sha2 call site uses the stable Sha256::new() / .update() / .finalize() API that is unchanged across this version boundary. The project's sole usage of sha2 is chunked file hashing with basic Digest trait methods, fully compatible with 0.11's API. Both old and new sha2 versions coexist cleanly in the lock file for packages still on 0.10.9. The one thing worth watching is the MSRV bump to Rust 1.85 introduced by sha2 0.11, since no rust-toolchain.toml is present to pin the toolchain. No files require special attention. The absence of a rust-toolchain.toml means CI must be running Rust >= 1.85 to build successfully. Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
openloop["openloop binary"]
tauri_build["tauri-build (indirect)"]
tao["tao (indirect)"]
sha2_new["sha2 0.11.0"]
sha2_old["sha2 0.10.9"]
digest_new["digest 0.11.3"]
digest_old["digest 0.10.7"]
bb_new["block-buffer 0.12.0"]
bb_old["block-buffer 0.10.4"]
cc_new["crypto-common 0.2.1"]
cc_old["crypto-common 0.1.7"]
cpu_new["cpufeatures 0.3.0"]
cpu_old["cpufeatures 0.2.17"]
hybrid["hybrid-array 0.4.12"]
const_oid["const-oid 0.10.2"]
openloop -->|"bumped to"| sha2_new
tauri_build --> sha2_old
tao --> sha2_old
sha2_new --> digest_new
sha2_new --> cpu_new
sha2_old --> digest_old
sha2_old --> cpu_old
digest_new --> bb_new
digest_new --> cc_new
digest_new --> const_oid
digest_old --> bb_old
digest_old --> cc_old
bb_new --> hybrid
cc_new --> hybrid
Reviews (1): Last reviewed commit: "chore(deps): bump sha2 from 0.10.9 to 0...." | Re-trigger Greptile |
|
Looks like sha2 is up-to-date now, so this is no longer needed. |
Bumps sha2 from 0.10.9 to 0.11.0.
Commits
ffe0939Release sha2 0.11.0 (#806)8991b65Use the standard order of the[package]section fields (#807)3d2bc57sha2: refactor backends (#802)faa55fbsha3: bumpkeccakto v0.2 (#803)d3e6489sha3 v0.11.0-rc.9 (#801)bbf6f51sha2: tweak backend docs (#800)155dbbfsha3: add default value for theDSgeneric parameter onTurboShake128/256...ed514f2Use published version ofkeccakv0.2 (#799)702bcd8Migrate to closure-basedkeccak(#796)827c043sha3 v0.11.0-rc.8 (#794)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)