deps(rust): bump password-hash from 0.5.0 to 0.6.1#116
Conversation
Bumps [password-hash](https://github.com/RustCrypto/traits) from 0.5.0 to 0.6.1. - [Commits](RustCrypto/traits@password-hash-v0.5.0...password-hash-v0.6.1) --- updated-dependencies: - dependency-name: password-hash dependency-version: 0.6.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
- hmac 0.12 -> 0.13 and sha2 0.10 -> 0.11 ship together because hmac 0.13 pulls in digest 0.11 (the crate is locked alongside sha2). Import KeyInit explicitly in webhook + generic alerting modules (new_from_slice moved off the Mac trait), and qualify the integration test through hmac::KeyInit. - clap 4.6.0 -> 4.6.1 and rand 0.10.0 -> 0.10.1 are patch bumps with no API surface changes. Closes #106, #118, #119, #120. argon2/password-hash 0.6 deferred: argon2 0.6 is still RC; bumping password-hash alone (#116) creates a dual-version transitive (argon2 0.5 still pulls password-hash 0.5). Will revisit when argon2 0.6 ships stable.
|
Deferring this bump. Will revisit when argon2 0.6 ships stable. The |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
1 participant
Bumps password-hash from 0.5.0 to 0.6.1.
Commits
d1954d8password-hash v0.6.1 (#2371)2501d4fpassword-hash: change bounds for PHC verify blanket impl [BREAKING] (#2370)f18bb80digest: adddev::initialized_mac_testfunction (#2367)adcbc44build(deps): bump crate-ci/typos from 1.44.0 to 1.45.0 (#2368)fb3f1eabuild(deps): bump the all-deps group across 1 directory with 11 updates (#2369)23118eakem v0.3.0 (#2356)13beea5kem: add serialization docs (#2355)ea57736kem: add basic usage with example (#2354)1c96506elliptic-curve: bumphkdfdependency to v0.13 (#2349)b7c764aCargo.lock: bumpcrypto-bigintto v0.7.3 (#2346)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)