Update dependencies #1263
Update dependencies #1263
Conversation
Some minor changes to header bytes in the tar crate have caused changes to the test data. It appears this is the only test that succesfully uploads a tar file with file contents.
Updating cc v1.0.3 -> v1.0.4
Updating foreign-types v0.2.0 -> v0.3.2
Adding foreign-types-shared v0.1.1
Removing lazy_static v0.2.9
Adding lazy_static v0.2.11
Adding lazy_static v1.0.0
Updating libc v0.2.33 -> v0.2.36
Updating openssl v0.9.20 -> v0.9.24
Updating openssl-sys v0.9.20 -> v0.9.26
When trying to do a full `cargo update` I ran into a deprecation added
in hyper 0.11.11. It looks like `bind_connection` should be replaced
with `serve_connection`, however the API is different. Updating
everything else for now.
Removing advapi32-sys v0.2.0
Updating aho-corasick v0.6.3 -> v0.6.4
Updating ammonia v1.0.0 -> v1.0.1
Adding arrayvec v0.4.7
Updating backtrace v0.3.3 -> v0.3.5
Adding base64 v0.9.0
Removing bitflags v0.7.0
Updating byteorder v1.1.0 -> v1.2.1
Updating bytes v0.4.5 -> v0.4.6
Updating cmake v0.1.26 -> v0.1.29
Removing coco v0.1.1
Updating comrak v0.2.3 -> v0.2.8
Adding crossbeam-deque v0.2.0
Adding crossbeam-epoch v0.3.0
Adding crossbeam-utils v0.2.2
Removing crypt32-sys v0.2.0
Updating curl v0.4.8 -> v0.4.11
Updating curl-sys v0.3.15 -> v0.4.1
Removing dbghelp-sys v0.2.0
Updating diesel v1.1.0 -> v1.1.1
Updating docopt v0.8.1 -> v0.8.3
Updating either v1.3.0 -> v1.4.0
Updating entities v1.0.0 -> v1.0.1
Updating filetime v0.1.14 -> v0.1.15
Updating fuchsia-zircon v0.2.1 -> v0.3.3
Updating fuchsia-zircon-sys v0.2.0 -> v0.3.3
Updating futures v0.1.17 -> v0.1.18
Updating futures-cpupool v0.1.7 -> v0.1.8
Updating git2 v0.6.8 -> v0.6.11
Updating html5ever v0.21.0 -> v0.22.0
Updating httparse v1.2.3 -> v1.2.4
Updating hyper v0.11.6 -> v0.11.10
Updating iovec v0.1.1 -> v0.1.2
Updating lazycell v0.5.1 -> v0.6.0
Updating libgit2-sys v0.6.16 -> v0.6.19
Removing log v0.3.8
Adding log v0.3.9
Adding log v0.4.1
Updating maplit v1.0.0 -> v1.0.1
Updating markup5ever v0.6.2 -> v0.7.2
Removing memchr v1.0.2
Removing memchr v2.0.0
Adding memchr v2.0.1
Adding memoffset v0.2.1
Updating mio v0.6.11 -> v0.6.13
Updating native-tls v0.1.4 -> v0.1.5
Adding nodrop v0.1.12
Updating num v0.1.40 -> v0.1.42
Updating num-integer v0.1.35 -> v0.1.36
Updating num-iter v0.1.34 -> v0.1.35
Removing num-traits v0.1.40
Adding num-traits v0.1.43
Adding num-traits v0.2.0
Updating num_cpus v1.7.0 -> v1.8.0
Updating openssl-probe v0.1.1 -> v0.1.2
Updating percent-encoding v1.0.0 -> v1.0.1
Adding pest v1.0.4
Adding pest_derive v1.0.4
Updating r2d2 v0.8.1 -> v0.8.2
Removing rand v0.3.18
Adding rand v0.3.22
Adding rand v0.4.2
Updating rayon-core v1.2.1 -> v1.4.0
Updating redox_syscall v0.1.31 -> v0.1.37
Updating regex v0.2.2 -> v0.2.6
Updating regex-syntax v0.4.1 -> v0.4.2
Updating relay v0.1.0 -> v0.1.1
Adding remove_dir_all v0.3.0
Updating ring v0.11.1 (https://github.com/SergioBenitez/ring?branch=v0.11#ca9fe986) -> #267d0500
Updating rustc-demangle v0.1.5 -> v0.1.6
Updating schannel v0.1.8 -> v0.1.10
Removing secur32-sys v0.2.0
Updating serde v1.0.19 -> v1.0.27
Updating serde_derive v1.0.19 -> v1.0.27
Updating serde_derive_internals v0.17.0 -> v0.19.0
Updating serde_json v1.0.5 -> v1.0.9
Updating socket2 v0.2.4 -> v0.3.1
Updating string_cache v0.6.2 -> v0.7.1
Updating tempdir v0.3.5 -> v0.3.6
Updating thread_local v0.3.4 -> v0.3.5
Updating time v0.1.38 -> v0.1.39
Updating tokio-core v0.1.10 -> v0.1.12
Updating tokio-io v0.1.3 -> v0.1.5
Updating tokio-tls v0.1.3 -> v0.1.4
Updating twoway v0.1.4 -> v0.1.7
Updating unicase v2.0.0 -> v2.1.0
Updating url v1.6.0 -> v1.7.0
Updating utf-8 v0.7.1 -> v0.7.2
Adding version_check v0.1.3
Adding winapi v0.3.4
Adding winapi-i686-pc-windows-gnu v0.4.0
Adding winapi-x86_64-pc-windows-gnu v0.4.0
jtgeibel
force-pushed
the
cargo-update
branch
from
6d6dc9f to
53ff9bd
Compare
SmtpTransport::simple_builder() automatically validates the TLS certificate against the provided domain name.
jtgeibel
force-pushed
the
cargo-update
branch
from
53ff9bd to
822735e
Compare
|
The only changes that made me a little nervous were the lettre crate changes, but i deployed to staging and emails worked! bors: r+ |
1263: Update dependencies r=carols10cents This PR was constructed in two phases. The first 3 commits make up phase 1 where most semver compatible versions are bumped. In the second phase I started bumping requirements in `Cargo.toml`. ## Phase 1 The first 3 commits essentially do a `cargo update` with the exception of `hyper` which is held back at 0.11.10. A deprecation was introduced in 0.11.11. It looks like `bind_connection` should be replaced with `serve_connection`, however the API is different. The first two commits account for: * A minor change to the GNU header format in `tar`. It appears that this test is the only one we have that successfully uploads a tar file containing file contents, thus triggering the inclusion of the header. * A deprecation in `openssl`. ## Phase 2 The following updates required minor fixes to address API changes: `flate2`, `env_logger`, `openssl`, `hex`, `lettre`.
Build succeeded |
|
We've been seeing regular segfaults since the deploy which included this commit. (That deploy was 44d01f0...a2eb1f9). This is the only change in that deploy which could be the culprit. For that reason, I've reverted it. |
|
Hey @sgrif, I just wanted to check in and see if you were able to resolve the issues seen in production. Actual segfaults, ouch! Did you see any clues in the logs as to which routes may have been related to this? |
|
Reverting this did stop the segmentation faults, yes. The segfaults were not tied to any particular route, nor was there any pattern generally leading up to it. That said, my hunch is that it was the openssl bump that caused the issue. However, at least 4 of the crates bumped here directly use unsafe code, and that's without me checking transitive dependencies, so it could be literally anything. @ashleygwilliams and I discussed (very briefly) about upgrading piece by piece -- I'm not sure if we want to try "the thing I think is causing the problem" first, or last. Either way, in the future, I think it will be best if we do upgrades like this in smaller batches, so it's easier to track down if something goes wrong. |
Yeah, I was thinking that as well. Fortunately it should be easy to land these commits as individual PRs, and then the remaining bulk In this commit series, I started with the |
This PR was constructed in two phases. The first 3 commits make up phase 1 where most semver compatible versions are bumped. In the second phase I started bumping requirements in
Cargo.toml.Phase 1
The first 3 commits essentially do a
cargo updatewith the exception ofhyperwhich is held back at 0.11.10. A deprecation was introduced in 0.11.11. It looks likebind_connectionshould be replaced withserve_connection, however the API is different.The first two commits account for:
tar. It appears that this test is the only one we have that successfully uploads a tar file containing file contents, thus triggering the inclusion of the header.openssl.Phase 2
The following updates required minor fixes to address API changes:
flate2,env_logger,openssl,hex,lettre.