From 926369ff8042002a8f7fc2113cd8e5527908233b Mon Sep 17 00:00:00 2001 From: mulhern Date: Tue, 8 Oct 2024 13:10:03 -0400 Subject: [PATCH 1/6] ci: Ignore high version of futures crate Signed-off-by: mulhern --- .github/workflows/cargo.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cargo.yml b/.github/workflows/cargo.yml index 1136341219..977f06f742 100644 --- a/.github/workflows/cargo.yml +++ b/.github/workflows/cargo.yml @@ -58,5 +58,5 @@ jobs: # yamllint disable rule:line-length run: | COMPARE_FEDORA_VERSIONS=./ci/dependency_management/compare_fedora_versions FEDORA_RELEASE=rawhide IGNORE_ARGS="--ignore-category low --ignore-high=libcryptsetup-rs --ignore-high=libcryptsetup-rs-sys --ignore-high=devicemapper --ignore-high=libblkid-rs" make -f Makefile_dependencies check-fedora-versions - COMPARE_FEDORA_VERSIONS=./ci/dependency_management/compare_fedora_versions FEDORA_RELEASE=f40 IGNORE_ARGS="--ignore-category low --ignore-high=libcryptsetup-rs --ignore-high=libcryptsetup-rs-sys --ignore-high=devicemapper --ignore-high=libblkid-rs" make -f Makefile_dependencies check-fedora-versions - COMPARE_FEDORA_VERSIONS=./ci/dependency_management/compare_fedora_versions FEDORA_RELEASE=f39 IGNORE_ARGS="--ignore-category low --ignore-high=libcryptsetup-rs --ignore-high=libcryptsetup-rs-sys --ignore-high=devicemapper --ignore-high=libblkid-rs" make -f Makefile_dependencies check-fedora-versions + COMPARE_FEDORA_VERSIONS=./ci/dependency_management/compare_fedora_versions FEDORA_RELEASE=f40 IGNORE_ARGS="--ignore-category low --ignore-high=libcryptsetup-rs --ignore-high=libcryptsetup-rs-sys --ignore-high=devicemapper --ignore-high=libblkid-rs --ignore-high=futures" make -f Makefile_dependencies check-fedora-versions + COMPARE_FEDORA_VERSIONS=./ci/dependency_management/compare_fedora_versions FEDORA_RELEASE=f39 IGNORE_ARGS="--ignore-category low --ignore-high=libcryptsetup-rs --ignore-high=libcryptsetup-rs-sys --ignore-high=devicemapper --ignore-high=libblkid-rs --ignore-high=futures" make -f Makefile_dependencies check-fedora-versions From 6dbab9b2de13da7671456a38814aaa9e89f8a3e9 Mon Sep 17 00:00:00 2001 From: mulhern Date: Tue, 8 Oct 2024 09:42:56 -0400 Subject: [PATCH 2/6] Increase futures dependency lower bound to 0.3.31 This allows us to ensure that futures-util 0.3.31 is required. All previous versions of futures-util have been yanked. Signed-off-by: mulhern --- Cargo.lock | 48 ++++++++++++++++++++++++------------------------ Cargo.toml | 2 +- 2 files changed, 25 insertions(+), 25 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 5b8de298e8..4bb75dd866 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -498,9 +498,9 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "futures" -version = "0.3.28" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23342abe12aba583913b2e62f22225ff9c950774065e4bfb61a19cd9770fec40" +checksum = "65bc07b1a8bc7c85c5f2e110c476c7389b4554ba72af57d8445ea63a576b0876" dependencies = [ "futures-channel", "futures-core", @@ -513,9 +513,9 @@ dependencies = [ [[package]] name = "futures-channel" -version = "0.3.28" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "955518d47e09b25bbebc7a18df10b81f0c766eaf4c4f1cccef2fca5f2a4fb5f2" +checksum = "2dff15bf788c671c1934e366d07e30c1814a8ef514e1af724a602e8a2fbe1b10" dependencies = [ "futures-core", "futures-sink", @@ -523,15 +523,15 @@ dependencies = [ [[package]] name = "futures-core" -version = "0.3.28" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4bca583b7e26f571124fe5b7561d49cb2868d79116cfa0eefce955557c6fee8c" +checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e" [[package]] name = "futures-executor" -version = "0.3.28" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ccecee823288125bd88b4d7f565c9e58e41858e47ab72e8ea2d64e93624386e0" +checksum = "1e28d1d997f585e54aebc3f97d39e72338912123a67330d723fdbb564d646c9f" dependencies = [ "futures-core", "futures-task", @@ -540,15 +540,15 @@ dependencies = [ [[package]] name = "futures-io" -version = "0.3.28" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4fff74096e71ed47f8e023204cfd0aa1289cd54ae5430a9523be060cdb849964" +checksum = "9e5c1b78ca4aae1ac06c48a526a655760685149f0d465d21f37abfe57ce075c6" [[package]] name = "futures-macro" -version = "0.3.28" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72" +checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650" dependencies = [ "proc-macro2", "quote", @@ -557,21 +557,21 @@ dependencies = [ [[package]] name = "futures-sink" -version = "0.3.28" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f43be4fe21a13b9781a69afa4985b0f6ee0e1afab2c6f454a8cf30e2b2237b6e" +checksum = "e575fab7d1e0dcb8d0c7bcf9a63ee213816ab51902e6d244a95819acacf1d4f7" [[package]] name = "futures-task" -version = "0.3.28" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "76d3d132be6c0e6aa1534069c705a74a5997a356c0dc2f86a47765e5617c5b65" +checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988" [[package]] name = "futures-util" -version = "0.3.28" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26b01e40b772d54cf6c6d721c1d1abd0647a0106a12ecaa1c186273392a69533" +checksum = "9fa08315bb612088cc391249efdc3bc77536f16c91f6cf495e6fbe85b20a4a81" dependencies = [ "futures-channel", "futures-core", @@ -1048,9 +1048,9 @@ checksum = "bbc83ee4a840062f368f9096d80077a9841ec117e17e7f700df81958f1451254" [[package]] name = "proc-macro2" -version = "1.0.66" +version = "1.0.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" +checksum = "b3e4daa0dcf6feba26f985457cdf104d4b4256fc5a09547140f3631bb076b19a" dependencies = [ "unicode-ident", ] @@ -1083,9 +1083,9 @@ checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0" [[package]] name = "quote" -version = "1.0.28" +version = "1.0.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488" +checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af" dependencies = [ "proc-macro2", ] @@ -1360,9 +1360,9 @@ checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" [[package]] name = "syn" -version = "2.0.29" +version = "2.0.79" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c324c494eba9d92503e6f1ef2e6df781e78f6a7705a0202d9801b198807d518a" +checksum = "89132cd0bf050864e1d38dc3bbc07a0eb8e7530af26344d3d2bbbef83499f590" dependencies = [ "proc-macro2", "quote", diff --git a/Cargo.toml b/Cargo.toml index f84b2ef6e5..0a2b54176d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -118,7 +118,7 @@ version ="0.11.0" optional = true [dependencies.futures] -version = "0.3.11" +version = "0.3.31" optional = true [dependencies.iocuddle] From 72c5195e06d784f877fa0681a8a2f33aeccaea21 Mon Sep 17 00:00:00 2001 From: mulhern Date: Tue, 8 Oct 2024 09:44:14 -0400 Subject: [PATCH 3/6] Increase tokio dependency lower bound to 1.24.2 * https://rustsec.org/advisories/RUSTSEC-2021-0072 * https://rustsec.org/advisories/RUSTSEC-2023-0001 * https://rustsec.org/advisories/RUSTSEC-2023-0005 Signed-off-by: mulhern --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 0a2b54176d..1a9062fa54 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -218,7 +218,7 @@ version = "0.3.3" optional = true [dependencies.tokio] -version = "1.5.0" +version = "1.24.2" optional = true features = ["sync", "macros", "rt", "rt-multi-thread", "signal", "net", "time"] From 9006e6d5ca5c1ddcd2f62493c255e6c8adff1328 Mon Sep 17 00:00:00 2001 From: mulhern Date: Tue, 8 Oct 2024 10:58:11 -0400 Subject: [PATCH 4/6] Increase regex dependency lower bound to 1.5.5 https://rustsec.org/advisories/RUSTSEC-2022-0013 Signed-off-by: mulhern --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 1a9062fa54..265b967264 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -176,7 +176,7 @@ version = "0.8.0" optional = true [dependencies.regex] -version = "1.5.4" +version = "1.5.5" optional = true [dependencies.retry] From 34fb5128c7f892051fa81c8f57d389f45fda7fec Mon Sep 17 00:00:00 2001 From: mulhern Date: Tue, 8 Oct 2024 11:55:51 -0400 Subject: [PATCH 5/6] Increase tempfile dependency lower bound to 3.4.0 https://rustsec.org/advisories/RUSTSEC-2023-0018 Signed-off-by: mulhern --- Cargo.lock | 76 ++++++++++++++++++++++-------------------------------- Cargo.toml | 2 +- 2 files changed, 32 insertions(+), 46 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 4bb75dd866..8d49b6fd60 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -453,33 +453,19 @@ dependencies = [ [[package]] name = "errno" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4bcfec3a70f97c962c307b2d2c56e358cf1d00b558d74262b5f929ee8cc7e73a" -dependencies = [ - "errno-dragonfly", - "libc", - "windows-sys 0.48.0", -] - -[[package]] -name = "errno-dragonfly" -version = "0.1.2" +version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" +checksum = "534c5cf6194dfab3db3242765c03bbe257cf92f22b38f6bc0c58d59108a820ba" dependencies = [ - "cc", "libc", + "windows-sys 0.52.0", ] [[package]] name = "fastrand" -version = "1.9.0" +version = "2.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e51093e27b0797c359783294ca4f0a911c270184cb10f85783b118614a1501be" -dependencies = [ - "instant", -] +checksum = "e8c02a5121d4ea3eb16a80748c74f5549a5665e4c21333c6098f283870fbdea6" [[package]] name = "float-cmp" @@ -656,15 +642,6 @@ dependencies = [ "cc", ] -[[package]] -name = "instant" -version = "0.1.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" -dependencies = [ - "cfg-if 1.0.0", -] - [[package]] name = "io-lifetimes" version = "1.0.11" @@ -690,7 +667,7 @@ checksum = "adcf93614601c8129ddf72e2d5633df827ba6551541c6d8c59520a371475be1f" dependencies = [ "hermit-abi 0.3.2", "io-lifetimes", - "rustix", + "rustix 0.37.25", "windows-sys 0.48.0", ] @@ -868,6 +845,12 @@ version = "0.3.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" +[[package]] +name = "linux-raw-sys" +version = "0.4.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89" + [[package]] name = "log" version = "0.4.19" @@ -1129,15 +1112,6 @@ dependencies = [ "rand_core", ] -[[package]] -name = "redox_syscall" -version = "0.3.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29" -dependencies = [ - "bitflags 1.3.2", -] - [[package]] name = "regex" version = "1.8.4" @@ -1189,10 +1163,23 @@ dependencies = [ "errno", "io-lifetimes", "libc", - "linux-raw-sys", + "linux-raw-sys 0.3.8", "windows-sys 0.48.0", ] +[[package]] +name = "rustix" +version = "0.38.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f" +dependencies = [ + "bitflags 2.4.0", + "errno", + "libc", + "linux-raw-sys 0.4.14", + "windows-sys 0.52.0", +] + [[package]] name = "rusty-fork" version = "0.3.0" @@ -1371,16 +1358,15 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.6.0" +version = "3.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31c0432476357e58790aaa47a8efb0c5138f137343f3b5f23bd36a27e3b0a6d6" +checksum = "b8fcd239983515c23a32fb82099f97d0b11b8c72f654ed659363a95c3dad7a53" dependencies = [ - "autocfg", "cfg-if 1.0.0", "fastrand", - "redox_syscall", - "rustix", - "windows-sys 0.48.0", + "once_cell", + "rustix 0.38.34", + "windows-sys 0.52.0", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 265b967264..155b73a880 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -210,7 +210,7 @@ optional = true path = "./stratisd_proc_macros" [dependencies.tempfile] -version = "3.0.2" +version = "3.4.0" optional = true [dependencies.termios] From e73a3b46848d58df523564e7c91a900815ea0e32 Mon Sep 17 00:00:00 2001 From: mulhern Date: Tue, 8 Oct 2024 13:04:37 -0400 Subject: [PATCH 6/6] version 3.7.1 Signed-off-by: mulhern --- Cargo.lock | 2 +- Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8d49b6fd60..e78a52491e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1282,7 +1282,7 @@ dependencies = [ [[package]] name = "stratisd" -version = "3.7.0" +version = "3.7.1" dependencies = [ "assert_cmd", "assert_matches", diff --git a/Cargo.toml b/Cargo.toml index 155b73a880..a2022cba36 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "stratisd" -version = "3.7.0" +version = "3.7.1" authors.workspace = true edition.workspace = true rust-version.workspace = true