Bumps [regex](https://github.com/rust-lang/regex) from 1.5.4 to 1.5.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p> <blockquote> <h1>1.5.6 (2022-05-20)</h1> <p>This release includes a few bug fixes, including a bug that produced incorrect matches when a non-greedy <code>?</code> operator was used.</p> <ul> <li>[BUG <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/680">#680</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/680">rust-lang/regex#680</a>): Fixes a bug where <code>[[:alnum:][:^ascii:]]</code> dropped <code>[:alnum:]</code> from the class.</li> <li>[BUG <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/859">#859</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/859">rust-lang/regex#859</a>): Fixes a bug where <code>Hir::is_match_empty</code> returned <code>false</code> for <code>\b</code>.</li> <li>[BUG <a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/862">#862</a>](<a href="https://github-redirect.dependabot.com/rust-lang/regex/issues/862">rust-lang/regex#862</a>): Fixes a bug where 'ab??' matches 'ab' instead of 'a' in 'ab'.</li> </ul> <h1>1.5.5 (2022-03-08)</h1> <p>This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.</p> <ul> <li><a href="https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8">SECURITY #GHSA-m5pq-gvj9-9vr8</a>: Fixes a bug in the regex compiler where empty sub-expressions subverted the existing mitigations in place to enforce a size limit on compiled regexes. The Rust Security Response WG published an advisory about this: <a href="https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw">https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/regex/commit/9aef5b1edc2a436244b936db53a03ed6d720e87e"><code>9aef5b1</code></a> 1.5.6</li> <li><a href="https://github.com/rust-lang/regex/commit/2931b070fd9b525dec95c2b4c91f8b9ee500239e"><code>2931b07</code></a> syntax: bump minimum regex-syntax version to 0.6.26</li> <li><a href="https://github.com/rust-lang/regex/commit/b41bde0b854e3cd1018f55e5dcd80c09b418d6c4"><code>b41bde0</code></a> regex-syntax-0.6.26</li> <li><a href="https://github.com/rust-lang/regex/commit/d98da65bb3df16836f1181c6f7e4f03c3af1d5a5"><code>d98da65</code></a> changelog: 1.5.6</li> <li><a href="https://github.com/rust-lang/regex/commit/1c19619672c2ef16dc9f64fec38af5719c4ec06c"><code>1c19619</code></a> syntax: fix literal extraction for 'ab??'</li> <li><a href="https://github.com/rust-lang/regex/commit/88a2a62d861d189faae539990f63cb9cf195bd8c"><code>88a2a62</code></a> syntax: fix 'is_match_empty' predicate</li> <li><a href="https://github.com/rust-lang/regex/commit/72f09f1aeb0ff3f703b1afdbdd21f5ff63162fb4"><code>72f09f1</code></a> syntax: fix ascii class union bug</li> <li><a href="https://github.com/rust-lang/regex/commit/b5372864e2df6a2f5e543a556a62197f50ca3650"><code>b537286</code></a> doc: fix some typos</li> <li><a href="https://github.com/rust-lang/regex/commit/258bdf798a14f50529c1665e84cc8a3a9e2c90fc"><code>258bdf7</code></a> changelog: 1.5.5</li> <li><a href="https://github.com/rust-lang/regex/commit/d130381b150756ba7e5940efdc6ebdf47f4febc0"><code>d130381</code></a> 1.5.5</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/1.5.4...1.5.6">compare view</a></li> </ul> </details> <br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/incubator-teaclave/network/alerts). </details> You can view, comment on, or merge this pull request online at: https://github.com/apache/incubator-teaclave/pull/652 -- Commit Summary -- * Bump regex from 1.5.4 to 1.5.6 in /config/config_gen -- File Changes -- M config/config_gen/Cargo.lock (10) -- Patch Links -- https://github.com/apache/incubator-teaclave/pull/652.patch https://github.com/apache/incubator-teaclave/pull/652.diff -- Reply to this email directly or view it on GitHub: https://github.com/apache/incubator-teaclave/pull/652 You are receiving this because you are subscribed to this thread. Message ID: <apache/incubator-teaclave/pull/6...@github.com>
