Skip to content

[master] Update git2 version #107139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 21, 2023
Merged

[master] Update git2 version #107139

merged 1 commit into from
Jan 21, 2023

Conversation

pietroalbini
Copy link
Member

This PR bumps the version of the git2 and libgit2-sys crates to pull in fixes for GHSA-m4ch-rfv5-x5g3.

This does not fix any security vulnerability: Cargo is already protected thanks to the fixes we implemented as part of CVE-2022-46176. The only purpose of this PR is to avoid dependency scanners from flagging vulnerabilities.

@rustbot
Copy link
Collaborator

rustbot commented Jan 20, 2023

r? @Mark-Simulacrum

(rustbot has picked a reviewer for you, use r? to override)

@rustbot rustbot added the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Jan 20, 2023
@Mark-Simulacrum
Copy link
Member

@bors r+ p=1

@bors
Copy link
Collaborator

bors commented Jan 21, 2023

📌 Commit 6f1795a has been approved by Mark-Simulacrum

It is now in the queue for this repository.

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Jan 21, 2023
@bors
Copy link
Collaborator

bors commented Jan 21, 2023

⌛ Testing commit 6f1795a with merge 0726909...

@bors
Copy link
Collaborator

bors commented Jan 21, 2023

☀️ Test successful - checks-actions
Approved by: Mark-Simulacrum
Pushing 0726909 to master...

@bors bors added the merged-by-bors This PR was explicitly merged by bors. label Jan 21, 2023
@bors bors merged commit 0726909 into master Jan 21, 2023
@bors bors deleted the pa-bump-git2 branch January 21, 2023 04:19
@rustbot rustbot added this to the 1.68.0 milestone Jan 21, 2023
@rust-timer
Copy link
Collaborator

Finished benchmarking commit (0726909): comparison URL.

Overall result: ✅ improvements - no action needed

@rustbot label: -perf-regression

Instruction count

This is a highly reliable metric that was used to determine the overall result at the top of this comment.

mean range count
Regressions ❌
(primary)		 - - 0
Regressions ❌
(secondary)		 - - 0
Improvements ✅
(primary)		 - - 0
Improvements ✅
(secondary)		 -1.4% [-1.4%, -1.4%] 1
All ❌✅ (primary) - - 0

Max RSS (memory usage)

Results

This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.

mean range count
Regressions ❌
(primary)		 - - 0
Regressions ❌
(secondary)		 2.2% [2.2%, 2.2%] 1
Improvements ✅
(primary)		 - - 0
Improvements ✅
(secondary)		 - - 0
All ❌✅ (primary) - - 0

Cycles

Results

This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.

mean range count
Regressions ❌
(primary)		 - - 0
Regressions ❌
(secondary)		 - - 0
Improvements ✅
(primary)		 - - 0
Improvements ✅
(secondary)		 -2.0% [-2.0%, -2.0%] 1
All ❌✅ (primary) - - 0

@klensy klensy mentioned this pull request Jan 25, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@Mark-Simulacrum Mark-Simulacrum

Labels
merged-by-bors This PR was explicitly merged by bors. S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion.
Projects
None yet
Milestone
1.68.0
Development

Successfully merging this pull request may close these issues.
5 participants
@pietroalbini @rustbot @Mark-Simulacrum @bors @rust-timer