duckscript icon indicating copy to clipboard operation
duckscript copied to clipboard

Published 20 hours ago verified publisher icon sagiegurari

Bump zip from 2.2.3 to 4.0.0

Open dependabot[bot] opened this issue 5 months ago • 0 comments
trafficstars

Bumps zip from 2.2.3 to 4.0.0.

Release notes

Sourced from zip's releases.

v4.0.0

🐛 Bug Fixes

  • Allow extraction of Zip64 where "Version needed to extract" is higher than "Version made by" (#356)

⚙️ Miscellaneous Tasks

  • Revert nt-time upgrade (would increase MSRV)
  • Revert constant_time_eq update (would increase MSRV)
  • Update fully-qualified names of liblzma imports

v3.0.0

🐛 Bug Fixes

  • return correct offset in SeekableTake::seek (#342)
  • When only zopfli is available, decompression of deflate should not be possible (#348)
  • Specify flate2 dependency of the deflate-flate2 feature. (#345)

⚙️ Miscellaneous Tasks

  • drop unused crossbeam-utils dependency (#339)
  • fix typo
  • remove deflate-flate2 dependency on specific backend
  • [breaking] Drop deprecated deflate-miniz feature flag (#351)

v2.6.1

🐛 Bug Fixes

  • avoid scanning through all local file headers while opening an archive (#281)

v2.6.0

🚀 Features

  • Add support for time::PrimitiveDateTime (#322)
  • Add jiff integration (#323)

🐛 Bug Fixes

  • improve error message for duplicated file (#277)

v2.5.0

🚀 Features

  • Add support for time::PrimitiveDateTime (#322)
  • Add jiff integration (#323)

🐛 Bug Fixes

  • improve error message for duplicated file (#277)

... (truncated)

Changelog

Sourced from zip's changelog.

4.0.0 - 2025-05-21

🐛 Bug Fixes

  • Allow extraction of Zip64 where "Version needed to extract" is higher than "Version made by" (#356)

⚙️ Miscellaneous Tasks

  • Revert nt-time upgrade (would increase MSRV)
  • Revert constant_time_eq update (would increase MSRV)
  • Update fully-qualified names of liblzma imports

3.0.0 - 2025-05-14

🐛 Bug Fixes

  • return correct offset in SeekableTake::seek (#342)
  • When only zopfli is available, decompression of deflate should not be possible (#348)
  • Specify flate2 dependency of the deflate-flate2 feature. (#345)

⚙️ Miscellaneous Tasks

  • drop unused crossbeam-utils dependency (#339)
  • fix typo
  • remove deflate-flate2 dependency on specific backend
  • [breaking] Drop deprecated deflate-miniz feature flag (#351)

2.6.1 - 2025-04-03

🐛 Bug Fixes

  • avoid scanning through all local file headers while opening an archive (#281)

2.5.0 - 2025-03-23

🚀 Features

  • Add support for time::PrimitiveDateTime (#322)
  • Add jiff integration (#323)

🐛 Bug Fixes

  • improve error message for duplicated file (#277)

2.4.2 - 2025-03-18

🐛 Bug Fixes

  • deep_copy_file produced a mangled file header on big-endian platforms (#309)

... (truncated)

Commits
  • b87a248 chore: release v4.0.0 (#357)
  • 2514c4c fix: Allow extraction of Zip64 where "Version needed to extract" is higher th...
  • 4aadb85 docs: Update fuzzing section of README
  • 470394d chore: Revert nt-time upgrade (would increase MSRV)
  • e4ab083 test(ci): Remove redundant semver checks
  • 89fd4ff deps!: Use dep: to suppress implicit features that may change in the future
  • 7d7d265 chore: Revert constant_time_eq update (would increase MSRV)
  • 2d75b28 style: cargo fmt --all
  • 3a5094d deps: Replace lzma-rs with liblzma
  • b93fc34 chore: Update fully-qualified names of liblzma imports
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar May 22 '25 03:05 dependabot[bot]