This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [cargo_metadata](https://redirect.github.com/oli-obk/cargo_metadata) |
workspace.dependencies | minor | `0.18.1` -> `0.19.0` |
---
### Release Notes
<details>
<summary>oli-obk/cargo_metadata (cargo_metadata)</summary>
###
[`v0.19.0`](https://redirect.github.com/oli-obk/cargo_metadata/blob/HEAD/CHANGELOG.md#0190---2024-11-20)
[Compare
Source](https://redirect.github.com/oli-obk/cargo_metadata/compare/0.18.1...0.19.0)
##### Added
- Re-exported `semver` crate directly.
- Added implementation of `std::ops::Index<&PackageId>` for `Resolve`.
- Added `pub fn is_kind(&self, name: TargetKind) -> bool` to `Target`.
- Added derived implementations of `PartialEq`, `Eq` and `Hash` for
`Metadata` and its members' types.
- Added default fields to `PackageBuilder`.
- Added `pub fn new(name:version:id:path:) -> Self` to `PackageBuilder`
for providing all required fields upfront.
##### Changed
- Bumped MSRV from `1.42.0` to `1.56.0`.
- Made `parse_stream` more versatile by accepting anything that
implements `Read`.
- Converted `TargetKind` and `CrateType` to an enum representation.
##### Removed
- Removed re-exports for `BuildMetadata` and `Prerelease` from `semver`
crate.
- Removed `.is_lib(…)`, `.is_bin(…)`, `.is_example(…)`, `.is_test(…)`,
`.is_bench(…)`, `.is_custom_build(…)`, and `.is_proc_macro(…)` from
`Target` (in favor of adding `.is_kind(…)`).
##### Fixed
- Added missing `manifest_path` field to `Artifact`. Fixes
[#​187](https://redirect.github.com/oli-obk/cargo_metadata/issues/187).
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "before 5am on the first day of the
month" (UTC), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/rust-lang/cargo).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xOS4wIiwidXBkYXRlZEluVmVyIjoiMzkuMTkuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6W119-->
I'm unsure how we should be replacing these use cases, so I'm exploring
keeping them but making them use snapbox under the hood.
Part of the intent of snapbox is that it provides you the building
blocks to make what you need.
Add transactional semantics to `rustfix`
### What does this PR try to resolve?
This PR adds transactional semantics to `rustfix::Data`, enabling `rustfix::CodeFix` to apply `Suggestion`s as atomic units and rollback partially-applied changes when they conflict with existing ones. The basic approach and goals are discussed [in a comment on issue 14699](https://github.com/rust-lang/cargo/issues/14699#issuecomment-2427501232). In that comment, I proposed a solution which extended the existing `State` enumeration, but described an alternative that simplifies the overall tracking of incoming changes; this PR implements the latter.
### How should we test and review this PR?
I've added an additional test and updated the existing ones. The tests in `parse_and_replace` already cover this case, particularly thanks to https://github.com/rust-lang/cargo/pull/14765 added by `@weihanglo.` It's still a good idea to experiment with `cargo clippy --fix` on repos that match the cases described in these open issues.
### Additional information
Fixes#14699
Fixes rust-lang/rust-clippy/issues/13549
DirectorySourceOptions is marked as #[non_exhaustive], and only
exposes the Default trait, so we need to instantiate a mutable
instance using default(), and then change tpl_extension to the
value we want.
chore(deps): update rust crate security-framework to v3
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [security-framework](https://lib.rs/crates/security_framework) ([source](https://redirect.github.com/kornelski/rust-security-framework)) | workspace.dependencies | major | `2.11.1` -> `3.0.0` |
---
### Release Notes
<details>
<summary>kornelski/rust-security-framework (security-framework)</summary>
### [`v3.0.0`](https://redirect.github.com/kornelski/rust-security-framework/compare/v2.11.1...v3.0.0)
[Compare Source](https://redirect.github.com/kornelski/rust-security-framework/compare/v2.11.1...v3.0.0)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "before 5am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/rust-lang/cargo).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMzUuMiIsInVwZGF0ZWRJblZlciI6IjM4LjEzNS4yIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=-->
Added unstable-schema generation for Cargo.toml
### What does this PR try to resolve?
Added unstable-schema feature that generates JsonSchema for Cargo.toml
See #12883
finished first step of [plan](https://github.com/rust-lang/cargo/issues/12883#issuecomment-2407648385)
### Information
In cargo-util-schemas, run cargo test --feature unstable-schema . If there have been any changes to manifest.schema.json, rerun with env variable SNAPSHOTS=overwrite and it will update them.
### How should we test and review this PR?
In cargo-util-schemas run cargo test --features unstable-schema and it will generate manifest.schema.json
chore(deps): update rust crate pulldown-cmark to 0.12.0
### What does this PR try to resolve?
Closes#14667
### How should we test and review this PR?
Cargo build-man stopped giving errors after updating pulldown-cmark
### Additional information
initial version of checksum based freshness
Implementation for https://github.com/rust-lang/cargo/issues/14136 and resolves https://github.com/rust-lang/cargo/issues/6529
This PR implements the use of checksums in cargo fingerprints as an alternative to using mtimes. This is most useful on systems with poor mtime implementations.
This has a dependency on https://github.com/rust-lang/rust/pull/126930. It's expected this will increase the time it takes to declare a build to be fresh. Still this loss in performance may be preferable to the issues the ecosystem has had with the use of mtimes for determining freshness.
fix(complete): Don't complete files for any value
### What does this PR try to resolve?
We now need to opt-in to path completions for values, which can be as simple as setting the value parser to be for `PathBuf`s.
We'll now show a lot less irrelevant completions.
### How should we test and review this PR?
### Additional information
Add new intermediate boolean variables for each dependency and each dependency feature declared in a package.
This is used to simplify computation of the sat clauses.
Add support for multiple dependencies with the same name, if their kind or target is different.
A non-weak dependency feature for an optional dependency now activates a feature of the same name in the sat resolver.
We now need to opt-in to path completions for values, which can be as
simple as setting the value parser to be for `PathBuf`s.
We'll now show a lot less irrelevant completions.
chore(deps): bump gix-path from 0.10.9 to 0.10.11
Bumps [gix-path](https://github.com/Byron/gitoxide) from 0.10.9 to 0.10.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/Byron/gitoxide/releases">gix-path's releases</a>.</em></p>
<blockquote>
<h2>gix-path v0.10.10</h2>
<p>A maintenance release without user-facing changes.</p>
<h3>Commit Statistics</h3>
<ul>
<li>6 commits contributed to the release over the course of 12 calendar days.</li>
<li>35 days passed between releases.</li>
<li>0 commits were understood as <a href="https://www.conventionalcommits.org">conventional</a>.</li>
<li>0 issues like '(#ID)' were seen in commit messages</li>
</ul>
<h3>Commit Details</h3>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<ul>
<li><strong>Uncategorized</strong>
<ul>
<li>Prepare changelogs prior to release (0f25841)</li>
<li>Merge pull request <a href="https://redirect.github.com/Byron/gitoxide/issues/1523">#1523</a> from martinvonz/push-xmsuurxprnnw (83c9de0)</li>
<li>Remove <code>--system</code> from <code>git config</code> call as it fails on MacOS (6b1c243)</li>
<li>Run <code>git config -l</code> in temp dir when looking up system config (20ef4e9)</li>
<li>Merge branch 'push-ysnqkzlzwuwq' (e2c747d)</li>
<li>Don't show console on Windows (087594c)</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="d19af16e1d"><code>d19af16</code></a> Release gix-date v0.9.0, gix-actor v0.31.6, gix-validate v0.9.0, gix-object v...</li>
<li><a href="0f2584178a"><code>0f25841</code></a> prepare changelogs prior to release</li>
<li><a href="9ed2b24e5d"><code>9ed2b24</code></a> Merge branch 'improvements'</li>
<li><a href="6990afd269"><code>6990afd</code></a> fix: similarity detection</li>
<li><a href="f8c5d9ce87"><code>f8c5d9c</code></a> fix similarity detection</li>
<li><a href="25a3f1b0b0"><code>25a3f1b</code></a> Merge pull request <a href="https://redirect.github.com/Byron/gitoxide/issues/1531">#1531</a> from EliahKagan/progress-typos</li>
<li><a href="ba72ee0f06"><code>ba72ee0</code></a> fix!: better peeling performance for reference traversal.</li>
<li><a href="9f9feb6545"><code>9f9feb6</code></a> add progress report for July</li>
<li><a href="b31d6b79fd"><code>b31d6b7</code></a> Fix typos in config support info</li>
<li><a href="242fedc973"><code>242fedc</code></a> Merge branch 'improvements'</li>
<li>Additional commits viewable in <a href="https://github.com/Byron/gitoxide/compare/gix-path-v0.10.9...gix-path-v0.10.10">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/rust-lang/cargo/network/alerts).
</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
The new version of tar enables the creation of sparse tar archives by
default. The ability to read such sparse entries was added in tar
0.4.6, which has been in use starting from Cargo 0.13 and Rust 1.12.
Additionally, `docker cp` doesn't support sparse tar entries in the GNU
format. For compatibility with older versions of Rust and Cargo, as
well as with `docker cp`, this commit disables sparse archive creation
in the corresponding cases where the `tar::Builder` is used. See
#14594.
The tests are intended to spot check that shell completions are
registered correctly. That is a low change, low risk area. For shell
integration, we're relying on `clap_complete`s tests.
For our own candidates, we should test the candidate generation
directly, rather than end-to-end.
This reverts parts of commit e7ca9bec80ab5c010c1a84690816da7b64008257, reversing
changes made to bd5f32bb1c7ca273b5d86815bf0ae4adba59ddd8.
Fixes#14545
Changes:
- Change completion order to subcommands, positional values, flags
- When completing `-[TAB]`, prioritize shorts over longs
- De-duplicate completions that have the same result (longs, shorts, aliases)
- Group candidates from the same `CompletionCandidate::tag`
- Sort candidates within a `CompletionCandidate::tag` by their `display_order`
This pulls in
- clap-rs/clap#5731 for `IFS` oddities I had
- clap-rs/clap#5733 with the hope that this makes `CARGO_COMPLETE_BASH cargo +nightly` just work
`clap` was completed next to `clap_complete` because `clap_complete`
depends on unstable features from `clap`.
None should have changed in this time window but I wanted to exercise
caution.
