Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all non-major dependencies #63

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update all non-major dependencies #63

wants to merge 1 commit into from
+4 −4

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 1, 2024
edited
Loading

This PR contains the following updates:

Package Update Change
apple/swift-nio minor from: "2.67.0" -> from: "2.76.1"
apple/swift-openapi-generator minor from: "1.2.1" -> from: "1.4.0"
apple/swift-openapi-runtime minor from: "1.4.0" -> from: "1.5.0"
vapor/vapor minor from: "4.102.0" -> from: "4.106.1"

Release Notes

apple/swift-nio (apple/swift-nio)

v2.76.1: SwiftNIO 2.76.1

Compare Source

What's Changed

SemVer Patch

Full Changelog: apple/swift-nio@2.76.0...2.76.1

v2.76.0: SwiftNIO 2.76.0

Compare Source

What's Changed

SemVer Minor
SemVer Patch
Other Changes

New Contributors

Full Changelog: apple/swift-nio@2.75.0...2.76.0

v2.75.0: SwiftNIO 2.75.0

Compare Source

What's Changed

SemVer Minor
SemVer Patch
Other Changes

New Contributors

Full Changelog: apple/swift-nio@2.74.0...2.75.0

v2.74.0: SwiftNIO 2.74.0

Compare Source

What's Changed

SemVer Minor
SemVer Patch

Full Changelog: apple/swift-nio@2.73.0...2.74.0

v2.73.0

Compare Source

What's Changed

SemVer Minor
SemVer Patch
Other Changes

New Contributors

Full Changelog: apple/swift-nio@2.72.0...2.73.0

v2.72.0

Compare Source

What's Changed

SemVer Minor
SemVer Patch

New Contributors

Full Changelog: apple/swift-nio@2.71.0...2.72.0

v2.71.0

Compare Source

What's Changed

SemVer Minor
SemVer Patch
Other Changes

New Contributors

Full Changelog: apple/swift-nio@2.70.0...2.71.0

v2.70.0: SwiftNIO 2.70.0

Compare Source

What's Changed

SemVer Minor
SemVer Patch
Other Changes

New Contributors

Full Changelog: apple/swift-nio@2.69.0...2.70.0

v2.69.0: SwiftNIO 2.69.0

Compare Source

What's Changed

SemVer Minor
SemVer Patch
Other Changes

Full Changelog: apple/swift-nio@2.68.0...2.69.0

v2.68.0: SwiftNIO 2.68.0

Compare Source

SemVer Minor
  • NIOSendableBox: allow off-loop initialisation iff Value is Sendable (#​2753)
SemVer Patch
  • Throw an appropriate error from the writer when the channel closed (#​2744)
Other Changes
apple/swift-openapi-generator (apple/swift-openapi-generator)

v1.4.0

Compare Source

What's Changed

SemVer Minor
SemVer Patch
Other Changes

New Contributors

Full Changelog: apple/swift-openapi-generator@1.3.1...1.4.0

v1.3.1

Compare Source

What's Changed

SemVer Patch
Other Changes

New Contributors

Full Changelog: apple/swift-openapi-generator@1.3.0...1.3.1

v1.3.0

Compare Source

What's Changed

SemVer Minor
SemVer Patch
Other Changes

New Contributors

Full Changelog: apple/swift-openapi-generator@1.2.1...1.3.0

apple/swift-openapi-runtime (apple/swift-openapi-runtime)

v1.5.0

Compare Source

What's Changed

SemVer Minor

Full Changelog: apple/swift-openapi-runtime@1.4.1...1.5.0

v1.4.1

Compare Source

What's Changed

SemVer Patch

New Contributors

Full Changelog: apple/swift-openapi-runtime@1.4.0...1.4.1

vapor/vapor (vapor/vapor)

v4.106.1: - Omit ACAO header instead of empty value

Compare Source

What's Changed

Omit ACAO header instead of empty value by @​grahamburgsma in #​3243

For context, Vapor currently sends an empty Access-Control-Allow-Origin (ACAO) header when the origin does not match or is set to none.

We recently had a pentest done against our Vapor server and the tester reported the following regarding the empty ACAO header:

When the header is empty, browsers might reject the request without detailed error messages, making it harder for developers to debug or even realize there is a problem. This lack of transparency can lead to extended periods of vulnerability before the issue is discovered.

Looking at some other sources as well, an empty header doesn’t appear to be a valid value and so could result in unexpected behaviour.

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#the_http_response_headers
https://fetch.spec.whatwg.org/#http-access-control-allow-origin

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.106.0...4.106.1

v4.106.0: - Drop Support for Swift 5.8

Compare Source

What's Changed

Drop Support for Swift 5.8 by @​0xTim in #​3240

  • Removes support for Swift 5.8, making 5.9 the lowest supported version
  • Updates Swift Crypto dependency to accept 4.0.0 that is about to land
  • Fixes up some warnings in Swift 6
  • Removes code paths from old Swift versions
This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.105.2...4.106.0

v4.105.2: - Raise error when the data expected an array but not parsed as array

Compare Source

What's Changed

Raise error when the data expected an array but not parsed as array by @​sidepelican in #​3222

URLEncodedFormDecoder fails silently without throwing an error when attempting to decode data in the following pattern: array[0]=0&array[1]=1&array[3]=3. Now it is decoded as an empty array.
Typically, a decoder throws an error when data cannot be parsed as the expected structure, so I propose modifying the decoder to throw an error in this case as well.

Reviewers

Thanks to the reviewers for their help:

This patch was released by @​ptoffy

Full Changelog: vapor/vapor@4.105.1...4.105.2

v4.105.1: - Throw an error if unkeyed container is at end

Compare Source

What's Changed

Throw an error if unkeyed container is at end by @​supersonicbyte in #​3226

Throwing an error if the unkeyed container is at end while decoding query params fixes the crash mentioned with this issue:
vapor/vapor#3217

The error being thrown is DecodingError.valueNotFound and it’s matching the error thrown by JSONDecoder.

New Contributor
Reviewers

Thanks to the reviewers for their help:

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.105.0...4.105.1

v4.105.0: - Support Swift 6

Compare Source

What's Changed

Support Swift 6 by @​0xTim in #​3225

  • Drop support for Swift 5.7
  • Fix warnings in Vapor with latest Swift 6 changes
  • Fix tests on Linux nightlies
Reviewers

Thanks to the reviewers for their help:

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.104.0...4.105.0

v4.104.0: - Conditional Content Response Compression

Compare Source

What's Changed

Conditional Content Response Compression by @​dimitribouniol in #​3215

Added support for conditionally compressing responses based on content type or marker headers. This is necessary because some resource types, such as images, don’t compress much, and end up maxing out CPU time on the thread and sometimes block the entire channel while they compress. This results in pipelined resources taking a long time to load even on fast connections.

This change comes with three knobs to control this:

  • A global disabled/enabled by default state for the entire server.
  • Allow and disallow lists of content types for automatic configurations.
  • A marker header for explicitly configuring certain requests or routes to compress or not.

Notably, since the response compression handler now takes a predicate, it is always installed, and the predicate statelessly determines if a response should be compressed based on the server configuration:

  • If a response compression configuration was never set, this continues to be a no-op and no compression will occur, though routes can now explicitly enable it as needed.
This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.103.2...4.104.0

v4.103.2: - Use Configured JSONEncoder in ErrorMiddleware

Compare Source

What's Changed

Use Configured JSONEncoder in ErrorMiddleware by @​0xTim in #​3224

Use the prescribed content encoder for the body of ErrorMiddleware instead of a contained JSONEncoder that can’t be overridden.

You can set the encoder with

ContentConfiguration.global.use(encoder: myCustomEncoder, for: .json)

Resolves #​3218

Reviewers

Thanks to the reviewers for their help:

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.103.1...4.103.2

v4.103.1: - fix: support capital letters in the domain part of email validation

Compare Source

What's Changed

fix: support capital letters in the domain part of email validation by @​Austinpayne in #​3211

Fixes #​2889

New Contributor
This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.103.0...4.103.1

v4.103.0: - HTTPHeaders.LastModified Public Initializer

Compare Source

What's Changed

HTTPHeaders.LastModified Public Initializer by @​dimitribouniol in #​3216

Added a public initializer for HTTPHeaders.LastModified, and updated the value property to be readwrite, which would prevent needing to roll your own formatter and header access in application code.

This patch was released by @​0xTim

Full Changelog: vapor/vapor@4.102.1...4.103.0

v4.102.1: - Incorrect HTTPMediaType/parameters Documentation Formatting.

Compare Source

What's Changed

Incorrect HTTPMediaType/parameters Documentation Formatting. by @​dimitribouniol in #​3214

Fixed an issue where docs for HTTPMediaType/parameters were incorrectly formatted. This was because parameters was being interpreted as the argument list, and wouldn’t render.

Before

This patch was released by @​0xTim

**Full Changel

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the renovate label Jul 1, 2024
@renovate renovate bot changed the title chore(deps): update dependency apple/swift-nio to from: "2.68.0" chore(deps): update all non-major dependencies Jul 10, 2024
@renovate renovate bot force-pushed the ci-c6b2bc branch 3 times, most recently from 4e9d949 to fe6c36b Compare July 25, 2024 07:43
@renovate renovate bot force-pushed the ci-c6b2bc branch 2 times, most recently from 80feb8b to 61a09f3 Compare August 5, 2024 19:17
@renovate renovate bot force-pushed the ci-c6b2bc branch 4 times, most recently from a5c1b38 to 2ce69a9 Compare August 22, 2024 17:34
@renovate renovate bot force-pushed the ci-c6b2bc branch 5 times, most recently from b5b2aab to 579329d Compare September 8, 2024 10:32
@renovate renovate bot force-pushed the ci-c6b2bc branch 2 times, most recently from add2c9e to e698331 Compare September 25, 2024 12:47
@renovate renovate bot force-pushed the ci-c6b2bc branch 2 times, most recently from 69d7e70 to 34fafc8 Compare October 5, 2024 00:50
@renovate renovate bot force-pushed the ci-c6b2bc branch 3 times, most recently from ecef711 to 6caed19 Compare October 24, 2024 04:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
renovate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants