From a980b9d0a63d7c1828ff82367b5b9191380526e4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 4 Dec 2024 09:37:52 +0800
Subject: [PATCH] Bump ureq from 2.10.1 to 2.12.0 (#14507)
Bumps [ureq](https://github.com/algesten/ureq) from 2.10.1 to 2.12.0.
Changelog
Sourced from ureq's
changelog.
2.12.0
- Bump MSRV 1.67 -> 1.71 because rustls will soon adopt it (#905)
- Unpin rustls dep (>=0.23.19) (#905)
2.11.0
- Fixes for changes to cargo-deny (#882)
- Pin rustls dep on 0.23.19 to keep MSRV 1.67 (#878)
- Bump MSRV 1.63 -> 1.67 due to time crate (#878)
- Re-export rustls (#813)
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Cargo.lock | 4 ++--
Cargo.toml | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
index 074ee0439a..ca0f0b66f3 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -7331,9 +7331,9 @@ checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1"
[[package]]
name = "ureq"
-version = "2.10.1"
+version = "2.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b74fc6b57825be3373f7054754755f03ac3a8f5d70015ccad699ba2029956f4a"
+checksum = "3193f92e105038f98ae68af40c008e3c94f2f046926e0f95e6c835dc6459bac8"
dependencies = [
"base64",
"encoding_rs",
diff --git a/Cargo.toml b/Cargo.toml
index 896fed28b2..57cd11a202 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -165,7 +165,7 @@ trash = "5.2"
umask = "2.1"
unicode-segmentation = "1.12"
unicode-width = "0.2"
-ureq = { version = "2.10", default-features = false }
+ureq = { version = "2.12", default-features = false }
url = "2.2"
uu_cp = "0.0.28"
uu_mkdir = "0.0.28"