From 3955e987db763199947ef25c261227719a8150c3 Mon Sep 17 00:00:00 2001 From: Javier Arias Date: Thu, 7 Sep 2023 16:25:05 +0100 Subject: [PATCH 1/5] Upgrade chrono --- Cargo.lock | 32 +++++++------------------------- thoth-api/Cargo.toml | 2 +- thoth-app/Cargo.toml | 2 +- thoth-client/Cargo.toml | 2 +- thoth-export-server/Cargo.toml | 2 +- 5 files changed, 11 insertions(+), 29 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3a5f42d68..920e9818d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -215,7 +215,7 @@ dependencies = [ "serde_urlencoded", "smallvec", "socket2 0.5.3", - "time 0.3.7", + "time", "url", ] @@ -731,18 +731,17 @@ checksum = "8100e46ff92eb85bf6dc2930c73f2a4f7176393c84a9446b3d501e1b354e7b34" [[package]] name = "chrono" -version = "0.4.26" +version = "0.4.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec837a71355b28f6556dbd569b37b3f363091c0bd4b2e735674521b4c5fd9bc5" +checksum = "defd4e7873dbddba6c7c91e199c7fcb946abc4a6a4ac3195400bcfb01b5de877" dependencies = [ "android-tzdata", "iana-time-zone", "js-sys", "num-traits", "serde", - "time 0.1.45", "wasm-bindgen", - "winapi", + "windows-targets 0.48.0", ] [[package]] @@ -881,7 +880,7 @@ dependencies = [ "rand 0.8.5", "sha2", "subtle", - "time 0.3.7", + "time", "version_check", ] @@ -3199,7 +3198,7 @@ dependencies = [ "num-bigint", "num-traits", "thiserror", - "time 0.3.7", + "time", ] [[package]] @@ -3559,17 +3558,6 @@ dependencies = [ "xml-rs", ] -[[package]] -name = "time" -version = "0.1.45" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b797afad3f312d1c66a56d11d0316f916356d11bd158fbc6ca6389ff6bf805a" -dependencies = [ - "libc", - "wasi 0.10.0+wasi-snapshot-preview1", - "winapi", -] - [[package]] name = "time" version = "0.3.7" @@ -3890,12 +3878,6 @@ version = "0.9.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" -[[package]] -name = "wasi" -version = "0.10.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" - [[package]] name = "wasi" version = "0.11.0+wasi-snapshot-preview1" @@ -4480,7 +4462,7 @@ dependencies = [ "hmac", "pbkdf2", "sha1", - "time 0.3.7", + "time", "zstd 0.11.2+zstd.1.5.2", ] diff --git a/thoth-api/Cargo.toml b/thoth-api/Cargo.toml index f258d1e06..a0dd5183e 100644 --- a/thoth-api/Cargo.toml +++ b/thoth-api/Cargo.toml @@ -20,7 +20,7 @@ thoth-errors = { version = "0.11.5", path = "../thoth-errors" } actix-web = { version = "4.4.0", optional = true } argon2rs = "0.2.5" isbn2 = "0.4.0" -chrono = { version = "0.4.26", features = ["serde"] } +chrono = { version = "0.4.30", features = ["serde"] } diesel = { version = "2.1.1", features = ["postgres", "uuid", "chrono", "r2d2", "64-column-tables", "serde_json"], optional = true } diesel-derive-enum = { version = "2.1.0", features = ["postgres"], optional = true } diesel-derive-newtype = "2.1.0" diff --git a/thoth-app/Cargo.toml b/thoth-app/Cargo.toml index 576a11ecc..bf491b0eb 100644 --- a/thoth-app/Cargo.toml +++ b/thoth-app/Cargo.toml @@ -20,7 +20,7 @@ wasm-pack = "0.12.1" [dependencies] anyhow = "1.0.32" -chrono = { version = "0.4.26", features = ["serde"] } +chrono = { version = "0.4.30", features = ["serde"] } gloo-storage = "0.2.1" gloo-timers = "0.2.4" log = "0.4.20" diff --git a/thoth-client/Cargo.toml b/thoth-client/Cargo.toml index 3bb1af075..b82d6779a 100644 --- a/thoth-client/Cargo.toml +++ b/thoth-client/Cargo.toml @@ -12,7 +12,7 @@ readme = "README.md" thoth-api = {version = "0.11.5", path = "../thoth-api" } thoth-errors = {version = "0.11.5", path = "../thoth-errors" } graphql_client = "0.13.0" -chrono = { version = "0.4.26", features = ["serde"] } +chrono = { version = "0.4.30", features = ["serde"] } reqwest = { version = "0.11", features = ["json"] } reqwest-middleware = "0.2.3" reqwest-retry = "0.2.3" diff --git a/thoth-export-server/Cargo.toml b/thoth-export-server/Cargo.toml index fe1af3a88..26f9d149e 100644 --- a/thoth-export-server/Cargo.toml +++ b/thoth-export-server/Cargo.toml @@ -15,7 +15,7 @@ thoth-client = { version = "0.11.5", path = "../thoth-client" } actix-web = "4.4.0" actix-cors = "0.6.4" cc_license = "0.1.0" -chrono = { version = "0.4.26", features = ["serde"] } +chrono = { version = "0.4.30", features = ["serde"] } csv = "1.2.2" env_logger = "0.10.0" futures = "0.3.28" From cdd579034588c46c06278f5d4d62e6d6639b40ef Mon Sep 17 00:00:00 2001 From: Javier Arias Date: Thu, 7 Sep 2023 16:25:24 +0100 Subject: [PATCH 2/5] Update changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7976b5690..a6b9ae222 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] +### Security + - Upgrade `chrono` to v0.4.30 ## [[0.11.5]](https://github.com/thoth-pub/thoth/releases/tag/v0.11.5) - 2023-09-05 ### Security From daaeeafd9ec3d17073204cf9e8d9cb7bdf92c96b Mon Sep 17 00:00:00 2001 From: Javier Arias Date: Fri, 8 Sep 2023 07:57:01 +0100 Subject: [PATCH 3/5] Upgrade time --- Cargo.lock | 37 ++++++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 920e9818d..9f242e8c5 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1011,6 +1011,12 @@ dependencies = [ "syn 1.0.107", ] +[[package]] +name = "deranged" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2696e8a945f658fd14dc3b87242e6b80cd0f36ff04ea560fa39082368847946" + [[package]] name = "derive_more" version = "0.99.14" @@ -2231,15 +2237,6 @@ dependencies = [ "libc", ] -[[package]] -name = "num_threads" -version = "0.1.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97ba99ba6393e2c3734791401b66902d981cb03bf190af674ca69949b6d5fb15" -dependencies = [ - "libc", -] - [[package]] name = "object" version = "0.32.0" @@ -3560,21 +3557,31 @@ dependencies = [ [[package]] name = "time" -version = "0.3.7" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "004cbc98f30fa233c61a38bc77e96a9106e65c88f2d3bef182ae952027e5753d" +checksum = "17f6bb557fd245c28e6411aa56b6403c689ad95061f50e4be16c274e70a17e48" dependencies = [ + "deranged", "itoa", - "libc", - "num_threads", + "serde", + "time-core", "time-macros", ] +[[package]] +name = "time-core" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb" + [[package]] name = "time-macros" -version = "0.2.3" +version = "0.2.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25eb0ca3468fc0acc11828786797f6ef9aa1555e4a211a60d64cc8e4d1be47d6" +checksum = "1a942f44339478ef67935ab2bbaec2fb0322496cf3cbe84b261e06ac3814c572" +dependencies = [ + "time-core", +] [[package]] name = "tokio" From bfc1f3eb74f4c49626d390264615b9645ce4c70b Mon Sep 17 00:00:00 2001 From: Javier Arias Date: Fri, 8 Sep 2023 08:20:54 +0100 Subject: [PATCH 4/5] Bump v0.11.6 --- Cargo.lock | 16 ++++++++-------- Cargo.toml | 12 ++++++------ thoth-api-server/Cargo.toml | 6 +++--- thoth-api/Cargo.toml | 4 ++-- thoth-app-server/Cargo.toml | 2 +- thoth-app/Cargo.toml | 6 +++--- thoth-app/manifest.json | 2 +- thoth-client/Cargo.toml | 6 +++--- thoth-errors/Cargo.toml | 2 +- thoth-export-server/Cargo.toml | 8 ++++---- 10 files changed, 32 insertions(+), 32 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9f242e8c5..24293d6fc 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3398,7 +3398,7 @@ dependencies = [ [[package]] name = "thoth" -version = "0.11.5" +version = "0.11.6" dependencies = [ "cargo-husky", "clap", @@ -3413,7 +3413,7 @@ dependencies = [ [[package]] name = "thoth-api" -version = "0.11.5" +version = "0.11.6" dependencies = [ "actix-web", "argon2rs", @@ -3442,7 +3442,7 @@ dependencies = [ [[package]] name = "thoth-api-server" -version = "0.11.5" +version = "0.11.6" dependencies = [ "actix-cors", "actix-identity", @@ -3458,7 +3458,7 @@ dependencies = [ [[package]] name = "thoth-app" -version = "0.11.5" +version = "0.11.6" dependencies = [ "anyhow", "chrono", @@ -3487,7 +3487,7 @@ dependencies = [ [[package]] name = "thoth-app-server" -version = "0.11.5" +version = "0.11.6" dependencies = [ "actix-cors", "actix-web", @@ -3496,7 +3496,7 @@ dependencies = [ [[package]] name = "thoth-client" -version = "0.11.5" +version = "0.11.6" dependencies = [ "chrono", "graphql_client", @@ -3512,7 +3512,7 @@ dependencies = [ [[package]] name = "thoth-errors" -version = "0.11.5" +version = "0.11.6" dependencies = [ "actix-web", "csv", @@ -3532,7 +3532,7 @@ dependencies = [ [[package]] name = "thoth-export-server" -version = "0.11.5" +version = "0.11.6" dependencies = [ "actix-cors", "actix-web", diff --git a/Cargo.toml b/Cargo.toml index 7f6d1eedf..20d634916 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "thoth" -version = "0.11.5" +version = "0.11.6" authors = ["Javier Arias ", "Ross Higman "] edition = "2018" license = "Apache-2.0" @@ -16,11 +16,11 @@ maintenance = { status = "actively-developed" } members = ["thoth-api", "thoth-api-server", "thoth-app", "thoth-app-server", "thoth-client", "thoth-errors", "thoth-export-server"] [dependencies] -thoth-api = { version = "0.11.5", path = "thoth-api", features = ["backend"] } -thoth-api-server = { version = "0.11.5", path = "thoth-api-server" } -thoth-app-server = { version = "0.11.5", path = "thoth-app-server" } -thoth-errors = { version = "0.11.5", path = "thoth-errors" } -thoth-export-server = { version = "0.11.5", path = "thoth-export-server" } +thoth-api = { version = "0.11.6", path = "thoth-api", features = ["backend"] } +thoth-api-server = { version = "0.11.6", path = "thoth-api-server" } +thoth-app-server = { version = "0.11.6", path = "thoth-app-server" } +thoth-errors = { version = "0.11.6", path = "thoth-errors" } +thoth-export-server = { version = "0.11.6", path = "thoth-export-server" } clap = { version = "4.4.2", features = ["cargo", "env"] } dialoguer = { version = "0.10.4", features = ["password"] } dotenv = "0.15.0" diff --git a/thoth-api-server/Cargo.toml b/thoth-api-server/Cargo.toml index 1b4ccdea5..c696e5e3a 100644 --- a/thoth-api-server/Cargo.toml +++ b/thoth-api-server/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "thoth-api-server" -version = "0.11.5" +version = "0.11.6" authors = ["Javier Arias ", "Ross Higman "] edition = "2018" license = "Apache-2.0" @@ -9,8 +9,8 @@ repository = "https://github.com/thoth-pub/thoth" readme = "README.md" [dependencies] -thoth-api = { version = "0.11.5", path = "../thoth-api", features = ["backend"] } -thoth-errors = { version = "0.11.5", path = "../thoth-errors" } +thoth-api = { version = "0.11.6", path = "../thoth-api", features = ["backend"] } +thoth-errors = { version = "0.11.6", path = "../thoth-errors" } actix-web = "4.4.0" actix-cors = "0.6.4" actix-identity = "0.5.2" diff --git a/thoth-api/Cargo.toml b/thoth-api/Cargo.toml index a0dd5183e..288039b9a 100644 --- a/thoth-api/Cargo.toml +++ b/thoth-api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "thoth-api" -version = "0.11.5" +version = "0.11.6" authors = ["Javier Arias ", "Ross Higman "] edition = "2018" license = "Apache-2.0" @@ -16,7 +16,7 @@ maintenance = { status = "actively-developed" } backend = ["diesel", "diesel-derive-enum", "diesel_migrations", "futures", "actix-web"] [dependencies] -thoth-errors = { version = "0.11.5", path = "../thoth-errors" } +thoth-errors = { version = "0.11.6", path = "../thoth-errors" } actix-web = { version = "4.4.0", optional = true } argon2rs = "0.2.5" isbn2 = "0.4.0" diff --git a/thoth-app-server/Cargo.toml b/thoth-app-server/Cargo.toml index 4a87f80f0..7f7aeb28e 100644 --- a/thoth-app-server/Cargo.toml +++ b/thoth-app-server/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "thoth-app-server" -version = "0.11.5" +version = "0.11.6" authors = ["Javier Arias ", "Ross Higman "] edition = "2018" license = "Apache-2.0" diff --git a/thoth-app/Cargo.toml b/thoth-app/Cargo.toml index bf491b0eb..ec325d23a 100644 --- a/thoth-app/Cargo.toml +++ b/thoth-app/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "thoth-app" -version = "0.11.5" +version = "0.11.6" authors = ["Javier Arias ", "Ross Higman "] edition = "2018" license = "Apache-2.0" @@ -41,5 +41,5 @@ uuid = { version = "0.8.2", features = ["serde", "v4"] } # `getrandom` is a dependency of `uuid`, we need to explicitly import and include the `js` feature to enable wasm # https://docs.rs/getrandom/latest/getrandom/#webassembly-support getrandom = { version = "0.2", features = ["js"] } -thoth-api = { version = "0.11.5", path = "../thoth-api" } -thoth-errors = { version = "0.11.5", path = "../thoth-errors" } +thoth-api = { version = "0.11.6", path = "../thoth-api" } +thoth-errors = { version = "0.11.6", path = "../thoth-errors" } diff --git a/thoth-app/manifest.json b/thoth-app/manifest.json index 14629b2c4..f3a254ec2 100644 --- a/thoth-app/manifest.json +++ b/thoth-app/manifest.json @@ -9,7 +9,7 @@ "start_url": "/?homescreen=1", "background_color": "#ffffff", "theme_color": "#ffdd57", - "version": "0.11.5", + "version": "0.11.6", "icons": [ { "src": "\/android-icon-36x36.png", diff --git a/thoth-client/Cargo.toml b/thoth-client/Cargo.toml index b82d6779a..c98a2e83d 100644 --- a/thoth-client/Cargo.toml +++ b/thoth-client/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "thoth-client" -version = "0.11.5" +version = "0.11.6" authors = ["Javier Arias ", "Ross Higman "] edition = "2018" license = "Apache-2.0" @@ -9,8 +9,8 @@ repository = "https://github.com/thoth-pub/thoth" readme = "README.md" [dependencies] -thoth-api = {version = "0.11.5", path = "../thoth-api" } -thoth-errors = {version = "0.11.5", path = "../thoth-errors" } +thoth-api = {version = "0.11.6", path = "../thoth-api" } +thoth-errors = {version = "0.11.6", path = "../thoth-errors" } graphql_client = "0.13.0" chrono = { version = "0.4.30", features = ["serde"] } reqwest = { version = "0.11", features = ["json"] } diff --git a/thoth-errors/Cargo.toml b/thoth-errors/Cargo.toml index 1e83650ee..7d235bfbb 100644 --- a/thoth-errors/Cargo.toml +++ b/thoth-errors/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "thoth-errors" -version = "0.11.5" +version = "0.11.6" authors = ["Javier Arias ", "Ross Higman "] edition = "2018" license = "Apache-2.0" diff --git a/thoth-export-server/Cargo.toml b/thoth-export-server/Cargo.toml index 26f9d149e..c91d0c796 100644 --- a/thoth-export-server/Cargo.toml +++ b/thoth-export-server/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "thoth-export-server" -version = "0.11.5" +version = "0.11.6" authors = ["Javier Arias ", "Ross Higman "] edition = "2018" license = "Apache-2.0" @@ -9,9 +9,9 @@ repository = "https://github.com/thoth-pub/thoth" readme = "README.md" [dependencies] -thoth-api = { version = "0.11.5", path = "../thoth-api" } -thoth-errors = { version = "0.11.5", path = "../thoth-errors" } -thoth-client = { version = "0.11.5", path = "../thoth-client" } +thoth-api = { version = "0.11.6", path = "../thoth-api" } +thoth-errors = { version = "0.11.6", path = "../thoth-errors" } +thoth-client = { version = "0.11.6", path = "../thoth-client" } actix-web = "4.4.0" actix-cors = "0.6.4" cc_license = "0.1.0" From 7a7e97045390cfca0d2c0444de928a3aa5600dfe Mon Sep 17 00:00:00 2001 From: Javier Arias Date: Fri, 8 Sep 2023 08:21:29 +0100 Subject: [PATCH 5/5] Update changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a6b9ae222..fe64450ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] + +## [[0.11.6]](https://github.com/thoth-pub/thoth/releases/tag/v0.11.6) - 2023-09-08 ### Security - Upgrade `chrono` to v0.4.30