Skip to content

v1.9.0

Compare
Choose a tag to compare
@lopopolo lopopolo released this 26 Jul 21:12
· 89 commits to trunk since this release
ad78869

Release 1.9.0 of intaglio.

intaglio is available on crates.io.

Note: This release was yanked on crates.io due to an unintentional breaking change in auto trait implementations, which was resolved in #240. Thanks @hoytak for the report. The soundness fix in v1.9.0 is re-released as v1.9.1 without the API breakage.

⚠️ Security Notes

v1.9.0 fixes an unsoundness bug with SymbolTable::intern. This unsoundness bug affects all SymbolTable types in all published versions of intaglio. Please update to v1.9.0 as soon as is practicable. See #235, #236.

This vulnerability has been assigned RUSTSEC-2023-0048: Unsoundness in intern methods on intaglio symbol interners.

The fix for this issue required an MSRV bump to Rust 1.58.0.

What's Changed

  • chore(deps): Bump mheap/github-action-required-labels from 2 to 3 by @dependabot in #204
  • chore(deps): Bump rubocop from 1.39.0 to 1.41.1 by @dependabot in #203
  • chore(deps): Bump rubocop from 1.41.1 to 1.44.1 by @dependabot in #205
  • chore(deps): Bump rubocop from 1.44.1 to 1.46.0 by @dependabot in #206
  • chore(deps): Bump rubocop from 1.46.0 to 1.48.1 by @dependabot in #207
  • chore: Update .github/workflows/rustdoc.yaml in artichoke/intaglio by @lopopolo in #208
  • Remove dependency on actions-rs organization GitHub Actions by @lopopolo in #209
  • Address lint spam from clippy::let_underscore_untyped in Rust 1.69.0 by @lopopolo in #211
  • Remove some fmt machinery by forwarding formatter directly to inner Slice by @lopopolo in #210
  • Ensure code in .config directory is tracked by @lopopolo in #212
  • Upgrade Ruby version and bundler version by @lopopolo in #213
  • Use stricter version pinning for GitHub Actions by @lopopolo in #214
  • Stop monitoring Twitter links, fix markdown link check job by @lopopolo in #217
  • chore(deps): Bump rubocop from 1.48.1 to 1.50.2 by @dependabot in #215
  • chore(deps): Bump ruby/setup-ruby from 1.147.0 to 1.148.0 by @dependabot in #216
  • chore: Update .github/workflows/code-coverage.yaml in `artichoke/in… by @lopopolo in #218
  • Add code coverage badge to README by @lopopolo in #219
  • chore(deps): Bump ruby/setup-ruby from 1.148.0 to 1.150.0 by @dependabot in #223
  • chore(deps): Bump aws-actions/configure-aws-credentials from 2.0.0 to 2.1.0 by @dependabot in #222
  • chore(deps): Update criterion requirement from 0.4.0 to 0.5.1 in /benchmarks by @dependabot in #221
  • chore(deps): Bump rubocop from 1.50.2 to 1.51.0 by @dependabot in #220
  • Remove criterion benchmarks workspace by @lopopolo in #224
  • Remove benchmarks workspace dependabot config by @lopopolo in #225
  • chore(deps): Bump rubocop from 1.51.0 to 1.52.0 by @dependabot in #226
  • chore(deps): Bump mheap/github-action-required-labels from 4.0.0 to 4.1.0 by @dependabot in #227
  • chore(deps): Bump aws-actions/configure-aws-credentials from 2.1.0 to 2.2.0 by @dependabot in #232
  • chore(deps): Bump mheap/github-action-required-labels from 4.1.0 to 5.1.0 by @dependabot in #231
  • chore(deps): Bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #230
  • chore(deps): Bump ruby/setup-ruby from 1.150.0 to 1.152.0 by @dependabot in #229
  • chore(deps): Bump rubocop from 1.52.0 to 1.54.0 by @dependabot in #228
  • Update dependabot.yml by @lopopolo in #233
  • chore(deps): Bump the gha-deps group with 1 update by @dependabot in #234
  • Add tests and coverage for fmt::Debug impls of slice internals by @lopopolo in #237
  • Address stacked borrows violation in SymbolTable::intern by @lopopolo in #236
  • Release v1.9.0 by @lopopolo in #238

Full Changelog: v1.8.0...v1.9.0