From be2325a41852d4c9bfdec4db828f228171d08e41 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 6 Jun 2025 17:23:32 +0000
Subject: [PATCH] build(deps): bump bumpalo from 3.17.0 to 3.18.1 (#37297)
Bumps [bumpalo](https://github.com/fitzgen/bumpalo) from 3.17.0 to
3.18.1.
Changelog
Sourced from bumpalo's
changelog.
3.18.1
Released 2025-06-05.
Removed
- Removed the
allocator-api2 version bump from 3.18.0, as
it was not actually
semver compatible.
3.18.0 (yanked)
Released 2025-06-05.
Added
- Added support for enforcing a minimum alignment on all allocations
inside a
Bump arena, which can provide speed ups when allocating
objects whose
alignment is less than or equal to that minimum.
- Added
serde serialization support for
bumpalo::collections::String.
- Added some missing fallible slice allocation function variants.
Changed
- Replaced
extend_from_slice implementation with a
formally-verified version
that is also faster and more-optimizable for LLVM.
- Updated
allocator-api2 support to version
0.3.*.
Fixed
- Fixed a bug where the
allocated_bytes metrics helper
was accidentally
including the size of bumpalo's footer, rather than just
reporting the
user-allocated bytes.
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Cargo.lock | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
index 7ff8a8ec2e6..f3ed1f846fa 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -701,9 +701,9 @@ dependencies = [
[[package]]
name = "bumpalo"
-version = "3.17.0"
+version = "3.18.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1628fb46dfa0b37568d12e5edd512553eccf6a22a78e8bde00bb4aed84d5bdbf"
+checksum = "793db76d6187cd04dff33004d8e6c9cc4e05cd330500379d2394209271b4aeee"
[[package]]
name = "byte-slice-cast"