Skip to content

Commit

Permalink
Update changelog
Browse files Browse the repository at this point in the history
  • Loading branch information
fenhl authored Jan 22, 2024
1 parent aa3c380 commit ecfa500
Showing 1 changed file with 19 additions and 2 deletions.
21 changes: 19 additions & 2 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,11 +1,28 @@
# Unreleased

* Fixed the URL of the security advisory linked from the documentation.

# 1.3.0

* Full fix for the high-severity security vulnerability [RUSTSEC-2024-0006](https://rustsec.org/advisories/RUSTSEC-2024-0006.html) a.k.a. [GHSA-r7qv-8r2h-pg27](https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27):
* Deprecates quote APIs in favor of `try_` equivalents that complain about nul bytes.
* Also adds a builder API, which allows re-enabling nul bytes without using the deprecated interface, and in the future can allow other things (as discussed in quoting_warning).
* Adds documentation about various security risks that remain, particularly with interactive shells.
* Adds explicit MSRV of 1.46.0.

# 1.2.1

* Partial fix for the high-severity security vulnerability [RUSTSEC-2024-0006](https://rustsec.org/advisories/RUSTSEC-2024-0006.html) a.k.a. [GHSA-r7qv-8r2h-pg27](https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27) without bumping MSRV:
* The bytes `{` and `\xa0` are now escaped by quoting functions.

# 1.2.0

* Adds `bytes` module to support operating directly on byte strings.

# 1.1.0

* Adds the `std` feature (enabled by default)
* Disabling the `std` feature makes the crate work in `#![no_std]` mode, assuming presence of the `alloc` crate
* Adds the `std` feature (enabled by default).
* Disabling the `std` feature makes the crate work in `#![no_std]` mode, assuming presence of the `alloc` crate.

# 1.0.0

Expand Down

0 comments on commit ecfa500

Please sign in to comment.