Switch to the sha2 crate for SRI digests.
This removes one (simple) use of OpenSSL
The update of `content-security-policy` ensures that we don't add a duplicate sha2 crate.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [ ] These changes fix #___ (GitHub issue number if applicable)
<!-- Either: -->
- [ ] There are tests for these changes OR
- [X] These changes do not require tests because it's a refactoring, no behavior change expected.
<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Bump winit to 0.28.1
This fixes the following wayland-client error:
Attempted to dispatch unknown opcode 0 for wl_shm, aborting.
<!-- Please describe your changes on the following line: -->
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#27740 (GitHub issue number if applicable)
<!-- Either: -->
- [x] There are tests for these changes OR
- [X] These changes do not require tests because only dependencies are updated.
<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Commit a5824ed (servo/webxr#203) bumped surfman to 0.6. This commit
bumps servo's webxr dep, letting all servo deps use the same version of
surfman and winit.
Release selectors 0.24.0 and servo_arc 0.2.0
This patch extends #29361, bumping selectors to 0.24.0 and servo_arc to 0.2.0.
We’ll need to publish them too, in order to close#29105.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix#29105 (GitHub issue number if applicable)
<!-- Either: -->
- [ ] There are tests for these changes OR
- [x] These changes do not require tests because there are no functional changes
This reverts commit 8a8a587908, reversing
changes made to a01035e6fd.
Reason: breaks tidy:
```
./Cargo.lock:1: duplicate versions for package `half`
The following packages depend on version 1.8.2 from 'crates.io':
canvas 0.0.1
The following packages depend on version 2.2.1 from 'crates.io':
exr 1.5.3
```
Bump spin from 0.9.4 to 0.9.5
Bumps [spin](https://github.com/mvdnes/spin-rs) from 0.9.4 to 0.9.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/mvdnes/spin-rs/blob/master/CHANGELOG.md">spin's changelog</a>.</em></p>
<blockquote>
<h1>[0.9.5] - 2023-02-07</h1>
<h3>Added</h3>
<ul>
<li><code>FairMutex</code>, a new mutex implementation that reduces writer starvation.</li>
<li>A MSRV policy: Rust 1.38 is currently required</li>
</ul>
<h3>Changed</h3>
<ul>
<li>The crate's CI now has full MIRI integration, further improving the confidence you can have in the implementation.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Ensured that the crate's abstractions comply with stacked borrows rules.</li>
<li>Unsoundness in the <code>RwLock</code> that could be triggered via a reader overflow</li>
<li>Relaxed various <code>Send</code>/<code>Sync</code> bound requirements to make the crate more flexible</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/mvdnes/spin-rs/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump tinyvec_macros from 0.1.0 to 0.1.1
Bumps [tinyvec_macros](https://github.com/Soveu/tinyvec_macros) from 0.1.0 to 0.1.1.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/Soveu/tinyvec_macros/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump exr from 1.5.1 to 1.5.3
Bumps [exr](https://github.com/johannesvollmer/exrs) from 1.5.1 to 1.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/johannesvollmer/exrs/releases">exr's releases</a>.</em></p>
<blockquote>
<h2>Various Performance Improvements by <a href="https://github.com/Shantsel"><code>@Shantsel</code></a></h2>
<p>Various Improvements in encoding and decoding speed, yay!</p>
<p>Huge thanks to <a href="https://github.com/Shnatsel"><code>@Shnatsel</code></a> for all of these:</p>
<ul>
<li>Faster Zip1 & Zip16 & PXR24 decoding (encoding unchaged yet) (by using a new dependency)</li>
<li>Faster RLE encoding and decoding (by utilizing cpu vectorization where supported)</li>
<li>Faster packing and unpacking of RLE & Zip1 & Zip16 images (by utilizing cpu vectorization where supported)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="2a27312290"><code>2a27312</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/johannesvollmer/exrs/issues/183">#183</a> from Shnatsel/zune-inflate</li>
<li><a href="213ac22da7"><code>213ac22</code></a> Merge branch 'master' into zune-inflate</li>
<li><a href="a3004cc984"><code>a3004cc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/johannesvollmer/exrs/issues/181">#181</a> from Shnatsel/better-benches</li>
<li><a href="fc4ade2bf3"><code>fc4ade2</code></a> Merge branch 'master' into better-benches</li>
<li><a href="20df1fcf5e"><code>20df1fc</code></a> Merge branch 'master' into zune-inflate</li>
<li><a href="56f1d0a2cf"><code>56f1d0a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/johannesvollmer/exrs/issues/180">#180</a> from Shnatsel/iterator-size-hint</li>
<li><a href="991e3e719b"><code>991e3e7</code></a> Upgrade to zune-inflate 0.2.3</li>
<li><a href="3c96df154e"><code>3c96df1</code></a> Merge remote-tracking branch 'origin/master' into zune-inflate</li>
<li><a href="5d084f8b07"><code>5d084f8</code></a> Saner benchmarking order</li>
<li><a href="73770a3ce8"><code>73770a3</code></a> Rename benchmarks for consistency and sort the list</li>
<li>Additional commits viewable in <a href="https://github.com/johannesvollmer/exrs/compare/v1.5.1...v1.5.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump libdbus-sys from 0.2.2 to 0.2.4
Bumps [libdbus-sys](https://github.com/diwic/dbus-rs) from 0.2.2 to 0.2.4.
<details>
<summary>Commits</summary>
<ul>
<li><a href="1dab726dd1"><code>1dab726</code></a> Release libdbus-sys 0.2.4</li>
<li><a href="44246d3f1a"><code>44246d3</code></a> libdbus-sys vendored: Do not turn warnings into errors</li>
<li><a href="7c408602b5"><code>7c40860</code></a> dbus: Make stdfd compile on rust v1.65</li>
<li><a href="3cf507bb77"><code>3cf507b</code></a> Release dbus-crossroads 0.5.2</li>
<li><a href="ad81b09cb9"><code>ad81b09</code></a> Release libdbus 0.2.3, dbus 0.9.7</li>
<li><a href="ecb379de0b"><code>ecb379d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/diwic/dbus-rs/issues/418">#418</a> from diwic/31-ownedfd</li>
<li><a href="65d0a443ac"><code>65d0a44</code></a> dbus: Remove io-lifetimes feature, add stdfd feature</li>
<li><a href="d913c608c6"><code>d913c60</code></a> crossroads: Fixup introspection of children</li>
<li><a href="bf1e745615"><code>bf1e745</code></a> crossroads: Fixup context lost in GetManagedObjects</li>
<li><a href="7fe3b49301"><code>7fe3b49</code></a> crossroads: Test multiple objects in async-property ObjectManager test</li>
<li>Additional commits viewable in <a href="https://github.com/diwic/dbus-rs/compare/libdbus-sys-v0.2.2...libdbus-sys-v0.2.4">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump typed-arena from 2.0.1 to 2.0.2
Bumps [typed-arena](https://github.com/SimonSapin/rust-typed-arena) from 2.0.1 to 2.0.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/SimonSapin/rust-typed-arena/blob/master/CHANGELOG.md">typed-arena's changelog</a>.</em></p>
<blockquote>
<h2>2.0.2</h2>
<p>Released 2023/01/08.</p>
<h3>Fixed</h3>
<ul>
<li>Various fixes for use under miri (soundness and provenance fixes).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="239d236e6d"><code>239d236</code></a> Prep release 2.0.2</li>
<li><a href="b92091aaab"><code>b92091a</code></a> Avoid invalidating provenance of outstanding references in <code>alloc_extend</code>. Fi...</li>
<li><a href="6e8f574228"><code>6e8f574</code></a> Remove <code>#[cfg_attr(miri, ignore)]</code> from tests</li>
<li><a href="6a3e6eef5b"><code>6a3e6ee</code></a> Enable miri in CI and bump MSRV</li>
<li><a href="80d469e7c6"><code>80d469e</code></a> Avoid intermediate slice reference in <code>uninitialized_array</code> (fixes <a href="https://github-redirect.dependabot.com/SimonSapin/rust-typed-arena/issues/54">#54</a>)</li>
<li><a href="afbe7b7256"><code>afbe7b7</code></a> Replace travis with github actions in the README's CI badge</li>
<li><a href="dad4f6d97e"><code>dad4f6d</code></a> Only run CI on {PRs against,pushes to master} and fix MSRV CI</li>
<li><a href="9560241e75"><code>9560241</code></a> Remove travis CI</li>
<li><a href="400b56b8cc"><code>400b56b</code></a> Run <code>rustfmt</code></li>
<li><a href="17738fbb7c"><code>17738fb</code></a> Convert CI to github actions</li>
<li>Additional commits viewable in <a href="https://github.com/SimonSapin/rust-typed-arena/compare/2.0.1...2.0.2">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump euclid to 0.22
Major changes:
- All matrices are now stored in row major order. This means that parameters to rotation functions should no longer be negated.
- `post_...()` functions are now named `then()`. `pre_transform()` is removed, so `then()` is used and the order of operations changed.
In addition, this PR updates lyon_geom to the latest version.
<!-- Please describe your changes on the following line: -->
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix#27424
- [x] There are tests for these changes
<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
- Also updates raqote to latest with an upgrade of font-kit to 0.11
applied on as a patch
- Update lyon_geom to the latest version
Major change:
- All matrices are now stored in row major order. This means that
parameters to rotation functions no longer should be negated.
- `post_...()` functions are now named `then()`. `pre_transform()` is removed,
so `then()` is used and the order of operations changed.
Bump truetype from 0.40.0 to 0.40.1
Bumps [truetype](https://github.com/bodoni/truetype) from 0.40.0 to 0.40.1.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/bodoni/truetype/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump schannel from 0.1.19 to 0.1.21
Bumps [schannel](https://github.com/steffengy/schannel-rs) from 0.1.19 to 0.1.21.
<details>
<summary>Commits</summary>
<ul>
<li><a href="e93c3bcf58"><code>e93c3bc</code></a> Release v0.1.21</li>
<li><a href="74e761e1e4"><code>74e761e</code></a> Update windows-sys to 0.42 (<a href="https://github-redirect.dependabot.com/steffengy/schannel-rs/issues/82">#82</a>)</li>
<li><a href="471182575b"><code>4711825</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/steffengy/schannel-rs/issues/87">#87</a> from arlosi/fix-tests</li>
<li><a href="0230156169"><code>0230156</code></a> update to newest self-signed.badssl.com:443 cert</li>
<li><a href="abd8f52577"><code>abd8f52</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/steffengy/schannel-rs/issues/78">#78</a> from Expyron/master</li>
<li><a href="7ed2b5f5d5"><code>7ed2b5f</code></a> Update context_buffer.rs</li>
<li><a href="595c509b48"><code>595c509</code></a> Use MSI installation files for CI</li>
<li><a href="237e82c543"><code>237e82c</code></a> Change CI minimum tested version to 1.46</li>
<li><a href="334cc45ca0"><code>334cc45</code></a> Remove dependency on <code>lazy_static</code></li>
<li><a href="bd07438aa7"><code>bd07438</code></a> * chore(test): update to newest self-signed.badssl.com:443 cert</li>
<li>Additional commits viewable in <a href="https://github.com/steffengy/schannel-rs/compare/v0.1.19...v0.1.21">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump brotli-decompressor from 2.3.2 to 2.3.4
Bumps [brotli-decompressor](https://github.com/dropbox/rust-brotli-decompressor) from 2.3.2 to 2.3.4.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/dropbox/rust-brotli-decompressor/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bump nom from 7.1.1 to 7.1.3
Bumps [nom](https://github.com/Geal/nom) from 7.1.1 to 7.1.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/rust-bakery/nom/blob/7.1.3/CHANGELOG.md">nom's changelog</a>.</em></p>
<blockquote>
<h2>7.1.3 - 2023-01-15</h2>
<h3>Thanks</h3>
<ul>
<li><a href="https://github.com/Shadow53"><code>@Shadow53</code></a></li>
</ul>
<h3>Fixed</h3>
<ul>
<li>panic in <code>many</code> and <code>count</code> combinators when the output type is zero sized</li>
</ul>
<h2>7.1.2 - 2023-01-01</h2>
<h3>Thanks</h3>
<ul>
<li><a href="https://github.com/joubs"><code>@joubs</code></a></li>
<li><a href="https://github.com/Fyko"><code>@Fyko</code></a></li>
<li><a href="https://github.com/LoganDark"><code>@LoganDark</code></a></li>
<li><a href="https://github.com/darnuria"><code>@darnuria</code></a></li>
<li><a href="https://github.com/jkugelman"><code>@jkugelman</code></a></li>
<li><a href="https://github.com/barower"><code>@barower</code></a></li>
<li><a href="https://github.com/puzzlewolf"><code>@puzzlewolf</code></a></li>
<li><a href="https://github.com/epage"><code>@epage</code></a></li>
<li><a href="https://github.com/cky"><code>@cky</code></a></li>
<li><a href="https://github.com/wolthom"><code>@wolthom</code></a></li>
<li><a href="https://github.com/w1ll-i-code"><code>@w1ll-i-code</code></a></li>
</ul>
<h3>Changed</h3>
<ul>
<li>documentation fixes</li>
<li>tests fixes</li>
<li>limit the initial capacity of the result vector of <code>many_m_n</code> to 64kiB</li>
<li>bits parser now accept <code>Parser</code> implementors instead of only functions</li>
</ul>
<h3>Added</h3>
<ul>
<li>implement <code>Tuple</code> parsing for the unit type as a special case</li>
<li>implement <code>ErrorConvert</code> on the unit type to make it usable as error type for bits parsers</li>
<li>bool parser for bits input</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="869f8972a4"><code>869f897</code></a> v7.1.3</li>
<li><a href="a534b39078"><code>a534b39</code></a> fix other uses of MAX_INITIAL_CAPACITY_BYTES</li>
<li><a href="ee7ad17086"><code>ee7ad17</code></a> avoid panic when counting zero-sized outputs in count() (<a href="https://github-redirect.dependabot.com/Geal/nom/issues/1618">#1618</a>)</li>
<li><a href="6be62d30d7"><code>6be62d3</code></a> v7.1.2 (<a href="https://github-redirect.dependabot.com/Geal/nom/issues/1605">#1605</a>)</li>
<li><a href="6860641f1b"><code>6860641</code></a> 1533 implement bool function for bits (<a href="https://github-redirect.dependabot.com/Geal/nom/issues/1534">#1534</a>)</li>
<li><a href="6e45c5d1f3"><code>6e45c5d</code></a> Remove duplicated section from error_management.md (<a href="https://github-redirect.dependabot.com/Geal/nom/issues/1529">#1529</a>)</li>
<li><a href="3c5e08cde0"><code>3c5e08c</code></a> <code>impl ErrorConvert\<()> for ()</code> (<a href="https://github-redirect.dependabot.com/Geal/nom/issues/1583">#1583</a>)</li>
<li><a href="9c357edae7"><code>9c357ed</code></a> Move the succ! macro to its own file (<a href="https://github-redirect.dependabot.com/Geal/nom/issues/1598">#1598</a>)</li>
<li><a href="9cff115667"><code>9cff115</code></a> Ensure all examples compile (<a href="https://github-redirect.dependabot.com/Geal/nom/issues/1604">#1604</a>)</li>
<li><a href="b66ff43eff"><code>b66ff43</code></a> fix(bits): Accept Parser, not parser-like functions (<a href="https://github-redirect.dependabot.com/Geal/nom/issues/1599">#1599</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/Geal/nom/compare/7.1.1...7.1.3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
