Bump the backend group with 11 updates

[dependabot]

Bumps the backend group with 11 updates:

Package	From	To
askama_axum	0.3.0	0.4.0
async-channel	2.1.0	2.1.1
axum	0.6.20	0.7.2
clap	4.4.8	4.4.11
config	0.13.3	0.13.4
ignore	0.4.20	0.4.21
jsonwebtoken	9.1.0	9.2.0
openssl	0.10.59	0.10.61
tokio	1.34.0	1.35.0
tower-http	0.4.4	0.5.0
mockall	0.11.4	0.12.0

Updates askama_axum from 0.3.0 to 0.4.0

Release notes

Sourced from askama_axum's releases.

0.4.0

Roughly six months after announcing the first public version of Askama, 0.4.0 feels like a large update.

There are some breaking changes compared to the 0.3.0 series:

• &, < and > are replaced with HTML character entities by default (see #23)
• Run-time errors are now returned via custom Error and Result types

Other noteworthy new features include:

• Optional integrations for Rocket and Iron (see examples for Rocket and Iron)
• Support for defining variables, user-defined filters, includes and macros
• Inheriting templates no longer have to use _parent to refer to fields from the parent context
• Template implementations now automatically implement Display
• Better robustness and more explicit error handling through panics at compile time
• Much faster compilation in some edge cases with nested binary operators

Special thanks to those who have contributed to this release, in particular @​anowell and @​defyrlt.

Please post your feedback or questions as an issue or join the chat!

0.3.4

• Add support for chained attributes (fixes #22)
• Fix edge cases in content literal parser (fixes #24)

0.3.2

• No longer need to use std; or use askama; in template modules (#17)
• Add lower, trim and upper filters (#16, #19)
• Documentation improvements, including an explanation of inheritance pitfalls

0.3.1

• Prevent errors due to type parameter defaults in generic types (#12)
• Some documentation improvements

Commits

• f58e26c Update dependency on error-chain to 0.11
• 2bd1745 Add package metadata for new askama_shared crate
• 27ba9ae Add badge for Gitter chat to README
• 9c4f37c Decrease coupling with Rocket in generated code
• 0129365 Add documentation on optional features
• 6003615 Allow setting an extension with source attributes
• ddcc045 Make path and source attributes mutually exclusive
• 09514f0 Tighten up and expand documentation on variables
• 697f461 Cover all template() attribute options
• 832c23b Slightly extend introduction to creating templates
• Additional commits viewable in compare view

Updates async-channel from 2.1.0 to 2.1.1

Release notes

Sourced from async-channel's releases.

v2.1.1

• Bump event-listener to v4.0.0. (#73)

Changelog

Sourced from async-channel's changelog.

Version 2.1.1

• Bump event-listener to v4.0.0. (#73)

Commits

• e243d55 v2.1.1
• dab18de m: Bump to event-listener v4.0.0
• See full diff in compare view

Updates axum from 0.6.20 to 0.7.2

Release notes

Sourced from axum's releases.

axum-extra - v0.7.2

• added: Implement IntoResponse for MultipartError (#1861)

#1861: tokio-rs/axum#1861

axum - v0.7.2

• added: Add axum::body::to_bytes (#2373)
• fixed: Gracefully handle accept errors in serve (#2400)

#2373: tokio-rs/axum#2373 #2400: tokio-rs/axum#2400

axum-extra - v0.7.1

• Updated to latest axum-macros

axum - v0.7.1

• fix: Fix readme.

axum-extra - v0.7.0

• breaking: Remove the spa feature which should have been removed in 0.6.0 (#1802)
• added: Add Multipart. This is similar to axum::extract::Multipart except that it enforces field exclusivity at runtime instead of compile time, as this improves usability (#1692)
• added: Implement Clone for CookieJar, PrivateCookieJar and SignedCookieJar (#1808)
• fixed: Add #[must_use] attributes to types that do nothing unless used (#1809)

#1692: tokio-rs/axum#1692 #1802: tokio-rs/axum#1802 #1808: tokio-rs/axum#1808 #1809: tokio-rs/axum#1809

axum - v0.7.0

• breaking: Update public dependencies. axum now requires
  • hyper 1.0
  • http 1.0
  • http-body 1.0
• breaking: axum now requires tower-http 0.5
• breaking: Remove deprecated WebSocketUpgrade::max_send_queue
• breaking: The following types/traits are no longer generic over the request body (i.e. the B type param has been removed) (#1751 and #1789):
  • FromRequestParts
  • FromRequest
  • HandlerService
  • HandlerWithoutStateExt
  • Handler
  • LayeredFuture
  • Layered
  • MethodRouter
  • Next
  • RequestExt

... (truncated)

Commits

• ab36eda Release axum and axum-core (#2402)
• ef56636 Gracefully handle accept errors in serve (#2400)
• 6491655 Fix typo in DefaultBodyLimit docs (#2401)
• 1fa21bb Update example http-proxy to hyper 1.0 (#2394)
• a6011a5 Add axum-serde to ECOSYSTEM.md (#2399)
• b02ce30 Update example reverse-proxy to axum 0.7 (#2395)
• 801a78a Fix from_stream doc link to Stream (#2391)
• 3c7cf81 Add utility function to convert body into bytes (#2373)
• f98bc11 Updated doc link versions to use more explicit 0.7 version. (#2379)
• 6d7ddee Update example low-level-rustls to axum 0.7 (#2375)
• Additional commits viewable in compare view

Updates clap from 4.4.8 to 4.4.11

Release notes

Sourced from clap's releases.

v4.4.11

[4.4.11] - 2023-12-04

Features

• Add Command::mut_group

v4.4.10

[4.4.10] - 2023-11-28

Documentation

• Link out to changelog
• Cross link derive's attribute reference to derive tutorial

v4.4.9

[4.4.9] - 2023-11-27

Fixes

• (help) Show correct Command::about under flattened headings
• (help) Respect hide when flattening subcommands

Changelog

Sourced from clap's changelog.

[4.4.11] - 2023-12-04

Features

• Add Command::mut_group

[4.4.10] - 2023-11-28

Documentation

• Link out to changelog
• Cross link derive's attribute reference to derive tutorial

[4.4.9] - 2023-11-27

Fixes

• (help) Show correct Command::about under flattened headings
• (help) Respect hide when flattening subcommands

Commits

• d092896 chore: Release
• c76a713 chore: Update lockfile
• b99d17b docs: Update changelog
• b47f8da Merge pull request #5247 from epage/group
• 2e7c9d1 Merge pull request #5194 from c19/patch-1
• 37917be feat: Add Command::mut_group
• cf7a027 chore: Update from '_rust/main'
• 8c836ea Merge pull request #10 from epage/renovate/migrate-config
• 598c624 chore(config): migrate config .github/renovate.json5
• c0a1814 chore: Release
• Additional commits viewable in compare view

Updates config from 0.13.3 to 0.13.4

Changelog

Sourced from config's changelog.

0.13.4 - 2023-11-22

• Relaxed the MSRV to 1.56.0 for this release. Please have a look at #495 for details
• Backport of the following patches from PR #465:
  • [aa63d2dbbcc13fbdfa846185d54d87d7822e2509]
  • [831102fe0ffd5c7fe475efe5f379c710d201f165]
  • [147e6c7275b65b6a74eaec9c05b317673e61084e]
  • [ed6a3c9882fbc43eae9313ab1801610e49af863f] to fix nested arrays (see the related bug report for details).

#495: mehcode/config-rs#495 #465: mehcode/config-rs#465 [aa63d2dbbcc13fbdfa846185d54d87d7822e2509]: rust-cli/config-rs@aa63d2d [831102fe0ffd5c7fe475efe5f379c710d201f165]: rust-cli/config-rs@831102f [147e6c7275b65b6a74eaec9c05b317673e61084e]: rust-cli/config-rs@147e6c7 [ed6a3c9882fbc43eae9313ab1801610e49af863f]: rust-cli/config-rs@ed6a3c9

Commits

• a383879 Merge pull request #500 from matthiasbeyer/release-0.13/changelog
• 750c8d3 Update version: 0.13.3 -> 0.13.4
• 8bab2ac Add changelog entry for 0.13.4
• db754f5 Merge pull request #486 from ijackson/nested-array-backport
• 08197e4 Merge pull request #495 from mehcode/chore/0.13.x-min-versions
• eb46fd6 ser: sequences: Test a more comprehensive round-trip
• 9bed600 ser: sequences: Rework, fixing handling of nested arrays
• 43ac661 ser: sequences: Introduce SeqSerializer newtype
• 319a9e2 ser: sequences: Centralise
• bedfb5d chore(CI): Relax MSRV to 1.56.1
• Additional commits viewable in compare view

Updates ignore from 0.4.20 to 0.4.21

Commits

• See full diff in compare view

Updates jsonwebtoken from 9.1.0 to 9.2.0

Changelog

Sourced from jsonwebtoken's changelog.

9.2.0 (2023-12-01)

• Add an option to not validate aud in the Validation struct
• Get the current timestamp in wasm without using std
• Update ring to 0.17

Commits

• 08601f7 Update changelog
• 32eabfb Add wasm tests using was-bindgen-test and wasm-pack (#346)
• 4e8ca23 Comment out wasm in CI
• 58f2df2 Next version
• fa92c4f Add CI for wasm
• f112c08 Add the ability to decode a JWT token without specifying an audience. (#336)
• d4f3300 Do what chrono does (#341)
• 004a188 Fix typo in README.md (#343)
• 895079c Remove unused import
• See full diff in compare view

Updates openssl from 0.10.59 to 0.10.61

Release notes

Sourced from openssl's releases.

openssl v0.10.61

No release notes provided.

openssl-v0.10.60

What's Changed

• Correct off-by-one in minimum output buffer size computation by @​alex in sfackler/rust-openssl#2088
• Expose a few more (bad) ciphers in cipher::Cipher by @​alex in sfackler/rust-openssl#2084
• add temp key bindings by @​jmayclin in sfackler/rust-openssl#2076
• Expose ChaCha20 on LibreSSL by @​alex in sfackler/rust-openssl#2093
• Revert "Correct off-by-one in minimum output buffer size computation" by @​alex in sfackler/rust-openssl#2090
• Added update_unchecked to symm::Crypter by @​alex in sfackler/rust-openssl#2100
• fixes #2096 -- deprecate X509StoreRef::objects, it is unsound by @​alex in sfackler/rust-openssl#2099
• Don't leak when overwriting ex data by @​sfackler in sfackler/rust-openssl#2102
• Release openssl v0.10.60 and openssl-sys v0.9.96 by @​alex in sfackler/rust-openssl#2104

Full Changelog: sfackler/rust-openssl@openssl-v0.10.59...openssl-v0.10.60

Commits

• c428588 Release openssl v0.10.61
• 3e6b5d4 Release openssl-sys v0.9.97
• 61c4acd Merge pull request #2117 from sfackler/maybe-uninit
• 1092196 Add uninit read methods and switch to _ex when possible
• ea075d1 Merge pull request #2115 from davidben/x509-purpose-get-id
• 9cafc73 Restore struct in handwritten, memory-unsafe bindings
• 25606f0 Use X509_PURPOSE_get_id instead of struct access
• efe619c Merge pull request #2114 from davidben/x509-object-free
• 66c16ca X509_OBJECT_free_contents is not X509_OBJECT_free
• 8840e53 Merge pull request #2113 from alex/new-boringssl
• Additional commits viewable in compare view

Updates tokio from 1.34.0 to 1.35.0

Release notes

Sourced from tokio's releases.

Tokio v1.35.0

1.35.0 (December 8th, 2023)

Added

• net: add Apple watchOS support (#6176)

Changed

• io: drop the Sized requirements from AsyncReadExt.read_buf (#6169)
• runtime: make Runtime unwind safe (#6189)
• runtime: reduce the lock contention in task spawn (#6001)
• tokio: update nix dependency to 0.27.1 (#6190)

Fixed

• chore: make --cfg docsrs work without net feature (#6166)
• chore: use relaxed load for unsync_load on miri (#6179)
• runtime: handle missing context on wake (#6148)
• taskdump: fix taskdump cargo config example (#6150)
• taskdump: skip notified tasks during taskdumps (#6194)
• tracing: avoid creating resource spans with current parent, use a None parent instead (#6107)
• tracing: make task span explicit root (#6158)

Documented

• io: flush in AsyncWriteExt examples (#6149)
• runtime: document fairness guarantees and current behavior (#6145)
• task: document cancel safety of LocalSet::run_until (#6147)

#6001: tokio-rs/tokio#6001 #6107: tokio-rs/tokio#6107 #6144: tokio-rs/tokio#6144 #6145: tokio-rs/tokio#6145 #6147: tokio-rs/tokio#6147 #6148: tokio-rs/tokio#6148 #6149: tokio-rs/tokio#6149 #6150: tokio-rs/tokio#6150 #6158: tokio-rs/tokio#6158 #6166: tokio-rs/tokio#6166 #6169: tokio-rs/tokio#6169 #6176: tokio-rs/tokio#6176 #6179: tokio-rs/tokio#6179 #6189: tokio-rs/tokio#6189 #6190: tokio-rs/tokio#6190 #6194: tokio-rs/tokio#6194

Commits

• 92a3455 chore: prepare Tokio v1.35.0 (#6197)
• 1968565 chore: use relaxed load for unsync_load (#6203)
• c9273f1 sync: improve safety comments for WakeList (#6200)
• e05d0f8 changelog: fix missing link for 1.8.2 (#6199)
• debcb22 Revert "net: add SocketAddr::as_abstract_namespace (#6144)" (#6198)
• 83b7397 io: drop the Sized requirements from AsyncReadExt.read_buf (#6169)
• 3991f9f docs: fix typo in 'tokio/src/sync/broadcast.rs' (#6182)
• 48c0e62 chore: use relaxed load for unsync_load on miri (#6179)
• d561b58 taskdump: skip notified tasks during taskdumps (#6194)
• 3a4aef1 runtime: reduce the lock contention in task spawn (#6001)
• Additional commits viewable in compare view

Updates tower-http from 0.4.4 to 0.5.0

Release notes

Sourced from tower-http's releases.

v0.5.0

Changed

• Bump Minimum Supported Rust Version to 1.66 (#433)
• Update to http-body 1.0 (#348)
• Update to http 1.0 (#348)
• Preserve service error type in RequestDecompression (#368)

Fixed

• Accepts range headers with ranges where the end of range goes past the end of the document by bumping http-range-header to 0.4

#418: tower-rs/tower-http#418 #433: tower-rs/tower-http#433 #348: tower-rs/tower-http#348 #368: tower-rs/tower-http#368

Commits

• 3d3bb02 Release 0.5.0 (#437)
• 04361b7 Upgrade to http-body 1.0 (#348)
• d2eadcb Preserve service error type in RequestDecompression (#368)
• d663cbf Refactor use of futures crate (#434)
• 38c05ba Bump MSRV again (#433)
• f33c3e0 Bump MSRV to 1.63 (#418)
• e8eb549 Make http-range-header dependency optional (#394)
• 0c50afe Upgrade http-range-header to 0.4 (#391)
• See full diff in compare view

Updates mockall from 0.11.4 to 0.12.0

Changelog

Sourced from mockall's changelog.

[ 0.12.0 ] - 2023-12-10

Added

• Added #[mockall::concretize], which can be used to mock some generic methods that have non-'static generic parameters. It works by turning the generic arguments into trait objects for the expectation. (#408)

• When mocking functions with a non-default ABI (Like extern "C"), the mock function will now use the same ABI as the original. Name mangling will also be disabled, so the mock function will be callable from external code. For example, from C functions. (#504)

Changed

• Raised predicates, which is reexported, to 3.0.0. This may affect backwards compatibility for users who make use of predicates's "color" feature. (#467)

• Raised MSRV to 1.64.0 because predicates-core and predicates-tree did. (#430) (#467)

• Better "No matching expectation found" messages on stable. (#425)

Fixed

• Fixed mocking non-private inherent methods that have attributes with syn version 2.0.9 and later. (#486)

• Suppress clippy::too_many_arguments warnings in the generated code. This is most useful when mocking static functions with exactly 7 arguments. (#487)

• Fixed unused_attributes warnings in the generated code when mocking FFI functions that use #[link_name]. (#503)

• Fix a panic during Drop for static methods. One way to trigger it is by calling the method more times than is allowed by a .times() constraint. Another way would be to explicitly panic during the .returning method. (#516)

Removed

• Removed syntax deprecated since 0.9.0: using #[automock] directly on an

... (truncated)

Commits

• 8cdb23c chore: Release
• 1dd573d [skip ci] modernize cargo-release setup.
• 0572cf6 [skip ci] Correct mockall_double's CHANGELOG
• 0339354 [skip ci] reformat CHANGELOG
• aac6edc Merge pull request #528 from asomers/alt-mutex
• b4b28d8 Change the recommendation for static methods
• d4102cd Merge pull request #526 from asomers/rpitit
• 5e8bf3c Add a test for the Return Position Impl Trait in Trait feature
• 3d5c289 Merge pull request #525 from mgeisler/patch-1
• 7fbcfb8 Clarify "namespace" to "name"
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.