Fix UB and add Miri to Github CI #505

clubby789 · 2022-07-28T13:02:09Z

matrix_graph::extend_flat_square_matrix caused Miri to report UB due to taking two mutable pointers into a slice (

Lines 858 to 865 in ffb085f

    
           if pos + old_node_capacity <= new_pos { 
        
               let old = node_adjacencies[pos..pos + old_node_capacity].as_mut_ptr(); 
        
               let new = node_adjacencies[new_pos..new_pos + old_node_capacity].as_mut_ptr(); 
        
               // SAFE: new starts at least `old_node_capacity` positions after old. 
        
               unsafe { 
        
                   std::ptr::swap_nonoverlapping(old, new, old_node_capacity); 
        
               }

).
This PR fixes that by safely splitting the slices to ensure there is no overlap and that the length is valid, as well as adding Miri to the CI.

Disables some tests that take too long to run while under Miri, and adds `features = ["std"]` to the `indexmap` dependency so it compiles correctly under Miri.

clubby789 · 2022-07-28T15:00:49Z

I opted to remove the unsafe block completely and use swap_with_slice - when building in release the assertion is removed completely so the generated code is the same.

ABorgna · 2022-07-28T15:11:12Z

Nice !

The unsafe block was introduced because it was quite faster than the safe code that was there before (#427 (comment)).
Did you check how the benchmarks compare with HEAD ?

saethlin · 2022-07-28T16:26:57Z

src/matrix_graph.rs

-            let old = node_adjacencies[pos..pos + old_node_capacity].as_mut_ptr();
-            let new = node_adjacencies[new_pos..new_pos + old_node_capacity].as_mut_ptr();


FYI my usual solution to this is

let ptr = node_adjacencies.as_mut_ptr(); let old = ptr.add(pos); let new = ptr.add(new_pos);

This has zero overhead, and if anything is faster because it omits the bounds checks. Unclear if those are desired, but you could add them back in explicitly if you want.

clubby789 · 2022-07-28T16:57:46Z

I'm not very experienced with benchmarking but the differences seem negligible:
PR:

test add_100_edges_to_self             ... bench:         255 ns/iter (+/- 15)
test add_100_nodes                     ... bench:      13,001 ns/iter (+/- 544)
test add_5_edges_for_each_of_100_nodes ... bench:         857 ns/iter (+/- 54)
test add_adjacent_edges                ... bench:      22,015 ns/iter (+/- 612)
test add_edges_from_root               ... bench:      22,191 ns/iter (+/- 1,604)
test bigger_edges_in                   ... bench:          52 ns/iter (+/- 5)
test bigger_edges_out                  ... bench:          39 ns/iter (+/- 1)
test bigger_kosaraju_sccs              ... bench:       7,955 ns/iter (+/- 401)
test bigger_neighbors_in               ... bench:          49 ns/iter (+/- 2)
test bigger_neighbors_out              ... bench:          50 ns/iter (+/- 2)
test bigger_tarjan_sccs                ... bench:       4,042 ns/iter (+/- 156)
test full_edges_in                     ... bench:          20 ns/iter (+/- 1)
test full_edges_out                    ... bench:          13 ns/iter (+/- 0)
test full_kosaraju_sccs                ... bench:       1,120 ns/iter (+/- 94)
test full_neighbors_in                 ... bench:          16 ns/iter (+/- 0)
test full_neighbors_out                ... bench:          18 ns/iter (+/- 2)
test full_tarjan_sccs                  ... bench:         612 ns/iter (+/- 20)

HEAD:

test add_100_edges_to_self             ... bench:         249 ns/iter (+/- 10)
test add_100_nodes                     ... bench:      13,058 ns/iter (+/- 986)
test add_5_edges_for_each_of_100_nodes ... bench:         857 ns/iter (+/- 24)
test add_adjacent_edges                ... bench:      21,953 ns/iter (+/- 1,604)
test add_edges_from_root               ... bench:      22,075 ns/iter (+/- 697)
test bigger_edges_in                   ... bench:          51 ns/iter (+/- 3)
test bigger_edges_out                  ... bench:          40 ns/iter (+/- 1)
test bigger_kosaraju_sccs              ... bench:       8,085 ns/iter (+/- 443)
test bigger_neighbors_in               ... bench:          50 ns/iter (+/- 2)
test bigger_neighbors_out              ... bench:          50 ns/iter (+/- 1)
test bigger_tarjan_sccs                ... bench:       4,067 ns/iter (+/- 158)
test full_edges_in                     ... bench:          20 ns/iter (+/- 1)
test full_edges_out                    ... bench:          13 ns/iter (+/- 0)
test full_kosaraju_sccs                ... bench:       1,110 ns/iter (+/- 49)
test full_neighbors_in                 ... bench:          16 ns/iter (+/- 0)
test full_neighbors_out                ... bench:          18 ns/iter (+/- 0)
test full_tarjan_sccs                  ... bench:         613 ns/iter (+/- 41)

From a very brief investigation, I think all three methods end up emitting very similar code as the compiler eliminates checks.

clubby789 · 2022-09-27T13:22:53Z

I switched to using the method suggested by @saethlin since the fully-safe method adds a lot of complexity to the code, and it looks like the bounds checks aren't fully eliminated (I get noticable improvements against HEAD with this version). Added in the bounds checks for debug mode only

ABorgna · 2022-09-27T13:50:57Z

This is great, thanks !

* Fix UB reported by Miri by splitting a slice * Add Miri to GitHub CI Disables some tests that take too long to run while under Miri, and adds `features = ["std"]` to the `indexmap` dependency so it compiles correctly under Miri. * Re-add removed comment * Remove unsafe version and enable a test in Miri * Switch back to copy_nonoverlapping

Bumps [petgraph](https://github.com/petgraph/petgraph) from 0.6.2 to 0.6.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/petgraph/petgraph/blob/master/RELEASES.rst">petgraph's changelog</a>.</em></p> <blockquote> <h1>Version 0.6.3 (2023-02-07)</h1> <ul> <li>Added an iterator over subgraph isomorphisms (<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>_)</li> <li>Added serde support on <code>GraphMap</code> (<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>_)</li> <li>Added <code>reverse</code> method for <code>StableGraph</code> (<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>_)</li> <li>Added <code>edges_connecting</code> iterator for <code>StableGraph</code> (<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>_)</li> <li>Fix Floyd-Warshall algorithm behaviour on undirected graphs (<code>487</code>_)</li> <li>Fix IntoEdgesDirected implementation for NodeFiltered when direction is Incoming (<code>476</code>_)</li> <li>Fix cardinality check in subgraph isomorphism (<code>472</code>_)</li> <li>Fix UB in <code>MatrixGraph</code> (<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>_)</li> </ul> <p>.. _<code>[#472](https://github.com/petgraph/petgraph/issues/472)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/472">petgraph/petgraph#472</a> .. _<code>[#476](https://github.com/petgraph/petgraph/issues/476)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/476">petgraph/petgraph#476</a> .. _<code>[#487](https://github.com/petgraph/petgraph/issues/487)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/487">petgraph/petgraph#487</a> .. _<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/496">petgraph/petgraph#496</a> .. _<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/500">petgraph/petgraph#500</a> .. _<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/505">petgraph/petgraph#505</a> .. _<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/521">petgraph/petgraph#521</a> .. _<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/533">petgraph/petgraph#533</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/petgraph/petgraph/commits/0.6.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=petgraph&package-manager=cargo&previous-version=0.6.2&new-version=0.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yota Toyama <raviqqe@gmail.com>

Bumps [petgraph](https://github.com/petgraph/petgraph) from 0.6.2 to 0.6.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/petgraph/petgraph/blob/master/RELEASES.rst">petgraph's changelog</a>.</em></p> <blockquote> <h1>Version 0.6.3 (2023-02-07)</h1> <ul> <li>Added an iterator over subgraph isomorphisms (<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>_)</li> <li>Added serde support on <code>GraphMap</code> (<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>_)</li> <li>Added <code>reverse</code> method for <code>StableGraph</code> (<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>_)</li> <li>Added <code>edges_connecting</code> iterator for <code>StableGraph</code> (<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>_)</li> <li>Fix Floyd-Warshall algorithm behaviour on undirected graphs (<code>487</code>_)</li> <li>Fix IntoEdgesDirected implementation for NodeFiltered when direction is Incoming (<code>476</code>_)</li> <li>Fix cardinality check in subgraph isomorphism (<code>472</code>_)</li> <li>Fix UB in <code>MatrixGraph</code> (<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>_)</li> </ul> <p>.. _<code>[#472](https://github.com/petgraph/petgraph/issues/472)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/472">petgraph/petgraph#472</a> .. _<code>[#476](https://github.com/petgraph/petgraph/issues/476)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/476">petgraph/petgraph#476</a> .. _<code>[#487](https://github.com/petgraph/petgraph/issues/487)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/487">petgraph/petgraph#487</a> .. _<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/496">petgraph/petgraph#496</a> .. _<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/500">petgraph/petgraph#500</a> .. _<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/505">petgraph/petgraph#505</a> .. _<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/521">petgraph/petgraph#521</a> .. _<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/533">petgraph/petgraph#533</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/petgraph/petgraph/commits/0.6.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=petgraph&package-manager=cargo&previous-version=0.6.2&new-version=0.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [petgraph](https://github.com/petgraph/petgraph) from 0.6.2 to 0.6.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/petgraph/petgraph/blob/master/RELEASES.rst">petgraph's changelog</a>.</em></p> <blockquote> <h1>Version 0.6.3 (2023-02-07)</h1> <ul> <li>Added an iterator over subgraph isomorphisms (<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>_)</li> <li>Added serde support on <code>GraphMap</code> (<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>_)</li> <li>Added <code>reverse</code> method for <code>StableGraph</code> (<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>_)</li> <li>Added <code>edges_connecting</code> iterator for <code>StableGraph</code> (<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>_)</li> <li>Fix Floyd-Warshall algorithm behaviour on undirected graphs (<code>487</code>_)</li> <li>Fix IntoEdgesDirected implementation for NodeFiltered when direction is Incoming (<code>476</code>_)</li> <li>Fix cardinality check in subgraph isomorphism (<code>472</code>_)</li> <li>Fix UB in <code>MatrixGraph</code> (<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>_)</li> </ul> <p>.. _<code>[#472](https://github.com/petgraph/petgraph/issues/472)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/472">petgraph/petgraph#472</a> .. _<code>[#476](https://github.com/petgraph/petgraph/issues/476)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/476">petgraph/petgraph#476</a> .. _<code>[#487](https://github.com/petgraph/petgraph/issues/487)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/487">petgraph/petgraph#487</a> .. _<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/496">petgraph/petgraph#496</a> .. _<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/500">petgraph/petgraph#500</a> .. _<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/505">petgraph/petgraph#505</a> .. _<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/521">petgraph/petgraph#521</a> .. _<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/533">petgraph/petgraph#533</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/petgraph/petgraph/commits/0.6.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=petgraph&package-manager=cargo&previous-version=0.6.2&new-version=0.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yota Toyama <raviqqe@gmail.com>

614: Bump petgraph from 0.6.2 to 0.6.3 r=foresterre a=dependabot[bot] Bumps [petgraph](https://github.com/petgraph/petgraph) from 0.6.2 to 0.6.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/petgraph/petgraph/blob/master/RELEASES.rst">petgraph's changelog</a>.</em></p> <blockquote> <h1>Version 0.6.3 (2023-02-07)</h1> <ul> <li>Added an iterator over subgraph isomorphisms (<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>_)</li> <li>Added serde support on <code>GraphMap</code> (<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>_)</li> <li>Added <code>reverse</code> method for <code>StableGraph</code> (<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>_)</li> <li>Added <code>edges_connecting</code> iterator for <code>StableGraph</code> (<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>_)</li> <li>Fix Floyd-Warshall algorithm behaviour on undirected graphs (<code>487</code>_)</li> <li>Fix IntoEdgesDirected implementation for NodeFiltered when direction is Incoming (<code>476</code>_)</li> <li>Fix cardinality check in subgraph isomorphism (<code>472</code>_)</li> <li>Fix UB in <code>MatrixGraph</code> (<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>_)</li> </ul> <p>.. _<code>[#472](https://github.com/petgraph/petgraph/issues/472)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/472">petgraph/petgraph#472</a> .. _<code>[#476](https://github.com/petgraph/petgraph/issues/476)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/476">petgraph/petgraph#476</a> .. _<code>[#487](https://github.com/petgraph/petgraph/issues/487)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/487">petgraph/petgraph#487</a> .. _<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/496">petgraph/petgraph#496</a> .. _<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/500">petgraph/petgraph#500</a> .. _<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/505">petgraph/petgraph#505</a> .. _<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/521">petgraph/petgraph#521</a> .. _<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/533">petgraph/petgraph#533</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/petgraph/petgraph/commits/0.6.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=petgraph&package-manager=cargo&previous-version=0.6.2&new-version=0.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

2397: build(deps): bump egg-mode from 0.16.0 to 0.16.1 r=andreasots a=dependabot[bot] Bumps [egg-mode](https://github.com/egg-mode-rs/egg-mode) from 0.16.0 to 0.16.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/egg-mode-rs/egg-mode/blob/master/CHANGELOG.md">egg-mode's changelog</a>.</em></p> <blockquote> <h1>Changelog for egg-mode</h1> <h2>Pending</h2> <h3>Changed</h3> <h3>Added</h3> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/egg-mode-rs/egg-mode/commit/2f8289ae64a51966dcd580e68410d5e9c27e96cd"><code>2f8289a</code></a> remove funding info</li> <li><a href="https://github.com/egg-mode-rs/egg-mode/commit/46fe1dfc920a093ab9a31654ff1bf2fcf5ada542"><code>46fe1df</code></a> version 0.16.1 - abandonment notice</li> <li><a href="https://github.com/egg-mode-rs/egg-mode/commit/d9db2d458aa9bb0eb878a775bae5c542cdce39e2"><code>d9db2d4</code></a> update README references to 0.15</li> <li>See full diff in <a href="https://github.com/egg-mode-rs/egg-mode/compare/v0.16.0...0.16.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=egg-mode&package-manager=cargo&previous-version=0.16.0&new-version=0.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 2398: build(deps): bump hyper from 0.14.23 to 0.14.24 r=andreasots a=dependabot[bot] Bumps [hyper](https://github.com/hyperium/hyper) from 0.14.23 to 0.14.24. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hyperium/hyper/releases">hyper's releases</a>.</em></p> <blockquote> <h2>v0.14.24</h2> <h2>Bug Fixes</h2> <ul> <li><strong>body:</strong> set an internal max to reserve in <code>to_bytes</code> (<a href="https://github.com/hyperium/hyper/commit/4d89adce6122af1650165337d9d814314e7ee409">4d89adce</a>)</li> <li><strong>server:</strong> prevent sending 100-continue if user drops request body (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/3138">#3138</a>) (<a href="https://github.com/hyperium/hyper/commit/92443d7ef57ed474f0add7dd1f114c81a3faa8fe">92443d7e</a>)</li> </ul> <h2>Features</h2> <ul> <li><strong>http2:</strong> add <code>http2_max_header_list_size</code> to <code>hyper::server::Builder</code> (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/3006">#3006</a>) (<a href="https://github.com/hyperium/hyper/commit/031425f087219f02a87eea3d01b14e75e35a5209">031425f0</a>)</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jiahaoliang"><code>`@jiahaoliang</code></a>` made their first contribution in <a href="https://github-redirect.dependabot.com/hyperium/hyper/pull/3006">hyperium/hyper#3006</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hyperium/hyper/blob/v0.14.24/CHANGELOG.md">hyper's changelog</a>.</em></p> <blockquote> <h3>v0.14.24 (2023-02-02)</h3> <h4>Bug Fixes</h4> <ul> <li><strong>body:</strong> set an internal max to reserve in <code>to_bytes</code> (<a href="https://github.com/hyperium/hyper/commit/4d89adce6122af1650165337d9d814314e7ee409">4d89adce</a>)</li> <li><strong>server:</strong> prevent sending 100-continue if user drops request body (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/3138">#3138</a>) (<a href="https://github.com/hyperium/hyper/commit/92443d7ef57ed474f0add7dd1f114c81a3faa8fe">92443d7e</a>)</li> </ul> <h4>Features</h4> <ul> <li><strong>http2:</strong> add <code>http2_max_header_list_size</code> to <code>hyper::server::Builder</code> (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/3006">#3006</a>) (<a href="https://github.com/hyperium/hyper/commit/031425f087219f02a87eea3d01b14e75e35a5209">031425f0</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/hyperium/hyper/commit/40c01dfb4f87342a6f86f07564ddc482194c6240"><code>40c01df</code></a> v0.14.24</li> <li><a href="https://github.com/hyperium/hyper/commit/92443d7ef57ed474f0add7dd1f114c81a3faa8fe"><code>92443d7</code></a> fix(server): prevent sending 100-continue if user drops request body (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/3138">#3138</a>)</li> <li><a href="https://github.com/hyperium/hyper/commit/4d89adce6122af1650165337d9d814314e7ee409"><code>4d89adc</code></a> fix(body): set an internal max to reserve in <code>to_bytes</code></li> <li><a href="https://github.com/hyperium/hyper/commit/031425f087219f02a87eea3d01b14e75e35a5209"><code>031425f</code></a> feat(http2): add <code>http2_max_header_list_size</code> to <code>hyper::server::Builder</code> (<a href="https://github-redirect.dependabot.com/hyperium/hyper/issues/3">#3</a>...</li> <li>See full diff in <a href="https://github.com/hyperium/hyper/compare/v0.14.23...v0.14.24">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=hyper&package-manager=cargo&previous-version=0.14.23&new-version=0.14.24)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 2401: build(deps): bump twilight-gateway-queue from 0.14.0 to 0.14.1 r=andreasots a=dependabot[bot] Bumps [twilight-gateway-queue](https://github.com/twilight-rs/twilight) from 0.14.0 to 0.14.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/twilight-rs/twilight/releases">twilight-gateway-queue's releases</a>.</em></p> <blockquote> <h2>gateway-queue: 0.14.1</h2> <h3>Bug Fixes</h3> <ul> <li>skip sleep on failed messages (<a href="https://github-redirect.dependabot.com/twilight-rs/twilight/issues/2113">#2113</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/twilight-rs/twilight/commit/6638adbafd69cb52f706216ed3d9e73a75507e30"><code>6638adb</code></a> release(twilight-gateway): bump to 0.14.2</li> <li><a href="https://github.com/twilight-rs/twilight/commit/14020da68e9f96a2c53629ef16ad0b780ea86ca7"><code>14020da</code></a> release(twilight-gateway-queue): bump to 0.14.1</li> <li><a href="https://github.com/twilight-rs/twilight/commit/ef191c517f01c23c0f09fa42a272b79b98dd7618"><code>ef191c5</code></a> release(twilight-http): bump to 0.14.4</li> <li><a href="https://github.com/twilight-rs/twilight/commit/17c99a1c52d68691f534fb6c334e6e1c86863e71"><code>17c99a1</code></a> release(twilight-cache-inmemory): bump to 0.14.4</li> <li><a href="https://github.com/twilight-rs/twilight/commit/9bf36cb044cf7bafcc7c8c21f723e29c7179664e"><code>9bf36cb</code></a> release(twilight-model): bump to 0.14.5</li> <li><a href="https://github.com/twilight-rs/twilight/commit/cb531281094e1348d16ef49bd49725c642edaa82"><code>cb53128</code></a> release: generate changelogs</li> <li><a href="https://github.com/twilight-rs/twilight/commit/4ee878bf2b0409bd4a9e8a2d4fdc6ed7876a4bd3"><code>4ee878b</code></a> fix(gateway-queue): skip sleep on failed messages (<a href="https://github-redirect.dependabot.com/twilight-rs/twilight/issues/2113">#2113</a>)</li> <li><a href="https://github.com/twilight-rs/twilight/commit/b808e3747ccb464fd5fa0eefa701e49dc9d4f061"><code>b808e37</code></a> docs(model): clarify <code>RequestGuildMembersBuilder</code> empty queries (<a href="https://github-redirect.dependabot.com/twilight-rs/twilight/issues/2108">#2108</a>)</li> <li><a href="https://github.com/twilight-rs/twilight/commit/53721a1f816f35d8f07819fd3ddb7ce996d194dd"><code>53721a1</code></a> fix(model)!: audit log change type may be a string (<a href="https://github-redirect.dependabot.com/twilight-rs/twilight/issues/2111">#2111</a>)</li> <li><a href="https://github.com/twilight-rs/twilight/commit/32759af726271522f32681a5ca209006afe6699a"><code>32759af</code></a> fix(gateway): backport unexpected eof handling (<a href="https://github-redirect.dependabot.com/twilight-rs/twilight/issues/2099">#2099</a>)</li> <li>Additional commits viewable in <a href="https://github.com/twilight-rs/twilight/compare/twilight-gateway-queue-0.14.0...twilight-gateway-queue-0.14.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=twilight-gateway-queue&package-manager=cargo&previous-version=0.14.0&new-version=0.14.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 2403: build(deps): bump twilight-validate from 0.14.2 to 0.15.0 r=andreasots a=dependabot[bot] Bumps [twilight-validate](https://github.com/twilight-rs/twilight) from 0.14.2 to 0.15.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/twilight-rs/twilight/releases">twilight-validate's releases</a>.</em></p> <blockquote> <h2>validate: 0.15.0</h2> <h3>Features</h3> <ul> <li>[<strong>breaking</strong>] channel user limits (<a href="https://github-redirect.dependabot.com/twilight-rs/twilight/issues/2077">#2077</a>)</li> <li>[<strong>breaking</strong>] bulk delete message count (<a href="https://github-redirect.dependabot.com/twilight-rs/twilight/issues/2078">#2078</a>)</li> <li>[<strong>breaking</strong>] flatten <code>CommandOptionChoice</code> (<a href="https://github-redirect.dependabot.com/twilight-rs/twilight/issues/2081">#2081</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/twilight-rs/twilight/commit/73c43a39c0ea2069f4a5c4eec887830964457145"><code>73c43a3</code></a> release(twilight): bump to 0.15.0</li> <li><a href="https://github.com/twilight-rs/twilight/commit/66de1df3c14cb8dbbcfc14b80e84a08d5190dc7d"><code>66de1df</code></a> release(twilight-standby): bump to 0.15.0</li> <li><a href="https://github.com/twilight-rs/twilight/commit/f093ec7e37c0f393322fe349d2ffcf3a05b4a4f7"><code>f093ec7</code></a> release(twilight-mention): bump to 0.15.0</li> <li><a href="https://github.com/twilight-rs/twilight/commit/b6c3eea147604a3aabb9b7701241b0e1a13142bc"><code>b6c3eea</code></a> release(twilight-lavalink): bump to 0.15.0</li> <li><a href="https://github.com/twilight-rs/twilight/commit/2dd7aa8937920d07e7704ed9db605a18b03ec637"><code>2dd7aa8</code></a> release(twilight-gateway): bump to 0.15.0</li> <li><a href="https://github.com/twilight-rs/twilight/commit/5437a53cc4906308e3ad5d544fb368cfa4de2b9f"><code>5437a53</code></a> release(twilight-gateway-queue): bump to 0.15.0</li> <li><a href="https://github.com/twilight-rs/twilight/commit/b2fde078f942f380ecf3a895f9378a4918c82e13"><code>b2fde07</code></a> release(twilight-http): bump to 0.15.0</li> <li><a href="https://github.com/twilight-rs/twilight/commit/7b6bdb215a4ada535aad74e87402281ce981df61"><code>7b6bdb2</code></a> release(twilight-http-ratelimiting): bump to 0.15.0</li> <li><a href="https://github.com/twilight-rs/twilight/commit/7182e2696b4fb3da47a68473badd5b0fea530b62"><code>7182e26</code></a> release(twilight-cache-inmemory): bump to 0.15.0</li> <li><a href="https://github.com/twilight-rs/twilight/commit/7c8b7cdb37771f87fd69e4763485bf30bf1397fb"><code>7c8b7cd</code></a> release(twilight-util): bump to 0.15.0</li> <li>Additional commits viewable in <a href="https://github.com/twilight-rs/twilight/compare/twilight-validate-0.14.2...twilight-validate-0.15.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=twilight-validate&package-manager=cargo&previous-version=0.14.2&new-version=0.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 2404: build(deps): bump proc-macro2 from 1.0.50 to 1.0.51 r=andreasots a=dependabot[bot] Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.50 to 1.0.51. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/proc-macro2/releases">proc-macro2's releases</a>.</em></p> <blockquote> <h2>1.0.51</h2> <ul> <li>Implement rustc's limit on the number of <code>#</code> used for delimiting a raw string literal: 255 (<a href="https://github-redirect.dependabot.com/dtolnay/proc-macro2/issues/364">#364</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/proc-macro2/commit/bc369f088f1b4067bc08848e8c6060b51a00e9df"><code>bc369f0</code></a> Release 1.0.51</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/ec804f126735a46e8b9f2d08d3f01e763340b173"><code>ec804f1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/dtolnay/proc-macro2/issues/364">#364</a> from dtolnay/hashes</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/dffd53caa1ae33112be444c0e452ec4f8b046d56"><code>dffd53c</code></a> Reduce max hash in raw strings to 255</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/f0a3490e9797ce1f9677e623693ef2c587051b6e"><code>f0a3490</code></a> Add raw string literal test cases</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/3b90e7d1edbc985e7625b4b5097c664e99ee7dc9"><code>3b90e7d</code></a> Ignore items_after_statements pedantic clippy lint</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/bce0e5f0abae6a945e664343b6c92d2c5b37190e"><code>bce0e5f</code></a> Consistently use Self in the return of From impls</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/3915aeedc637751f8c98057ee9a0558a68472247"><code>3915aee</code></a> Speed up cargo fuzz CI job</li> <li>See full diff in <a href="https://github.com/dtolnay/proc-macro2/compare/1.0.50...1.0.51">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=proc-macro2&package-manager=cargo&previous-version=1.0.50&new-version=1.0.51)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 2405: build(deps): bump anyhow from 1.0.68 to 1.0.69 r=andreasots a=dependabot[bot] Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.68 to 1.0.69. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/anyhow/releases">anyhow's releases</a>.</em></p> <blockquote> <h2>1.0.69</h2> <ul> <li>Documentation improvements</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/anyhow/commit/58377abfea67601caf6a7051de082484717fe79f"><code>58377ab</code></a> Release 1.0.69</li> <li><a href="https://github.com/dtolnay/anyhow/commit/f65b087b52b42fd74dcc20e1d8344accfde35682"><code>f65b087</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/dtolnay/anyhow/issues/295">#295</a> from dtolnay/docrepr</li> <li><a href="https://github.com/dtolnay/anyhow/commit/10370e94a1940c59862a69461456c6594366d66d"><code>10370e9</code></a> Hide repr attribute from documentation</li> <li><a href="https://github.com/dtolnay/anyhow/commit/cf2adb47a1d37d54dd46ece54be03010e2ea9bf1"><code>cf2adb4</code></a> Raise minimum toolchain for the backtrace feature to 1.60</li> <li><a href="https://github.com/dtolnay/anyhow/commit/0a45d7665c32ba61788e09273bb17912ed402332"><code>0a45d76</code></a> Prevent actions duplication on noop merge commits</li> <li><a href="https://github.com/dtolnay/anyhow/commit/3d91f13dcd92871e383daceb7a715f9d411ff45c"><code>3d91f13</code></a> Sync license text with rust-lang repos</li> <li><a href="https://github.com/dtolnay/anyhow/commit/ed1327fbab4cd12e4028b238d567a91db465b46d"><code>ed1327f</code></a> Ignore redundant_clone lint on test testing clone</li> <li>See full diff in <a href="https://github.com/dtolnay/anyhow/compare/1.0.68...1.0.69">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anyhow&package-manager=cargo&previous-version=1.0.68&new-version=1.0.69)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 2410: build(deps): bump petgraph from 0.6.2 to 0.6.3 r=andreasots a=dependabot[bot] Bumps [petgraph](https://github.com/petgraph/petgraph) from 0.6.2 to 0.6.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/petgraph/petgraph/blob/master/RELEASES.rst">petgraph's changelog</a>.</em></p> <blockquote> <h1>Version 0.6.3 (2023-02-07)</h1> <ul> <li>Added an iterator over subgraph isomorphisms (<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>_)</li> <li>Added serde support on <code>GraphMap</code> (<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>_)</li> <li>Added <code>reverse</code> method for <code>StableGraph</code> (<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>_)</li> <li>Added <code>edges_connecting</code> iterator for <code>StableGraph</code> (<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>_)</li> <li>Fix Floyd-Warshall algorithm behaviour on undirected graphs (<code>487</code>_)</li> <li>Fix IntoEdgesDirected implementation for NodeFiltered when direction is Incoming (<code>476</code>_)</li> <li>Fix cardinality check in subgraph isomorphism (<code>472</code>_)</li> <li>Fix UB in <code>MatrixGraph</code> (<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>_)</li> </ul> <p>.. _<code>[#472](https://github.com/petgraph/petgraph/issues/472)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/472">petgraph/petgraph#472</a> .. _<code>[#476](https://github.com/petgraph/petgraph/issues/476)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/476">petgraph/petgraph#476</a> .. _<code>[#487](https://github.com/petgraph/petgraph/issues/487)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/487">petgraph/petgraph#487</a> .. _<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/496">petgraph/petgraph#496</a> .. _<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/500">petgraph/petgraph#500</a> .. _<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/505">petgraph/petgraph#505</a> .. _<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/521">petgraph/petgraph#521</a> .. _<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/533">petgraph/petgraph#533</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/petgraph/petgraph/commits/0.6.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=petgraph&package-manager=cargo&previous-version=0.6.2&new-version=0.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 2412: build(deps): bump serde_json from 1.0.91 to 1.0.93 r=andreasots a=dependabot[bot] Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.91 to 1.0.93. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.93</h2> <ul> <li>Support 128-bit integers in serde_json::to_value (<a href="https://github-redirect.dependabot.com/serde-rs/json/issues/982">#982</a>)</li> </ul> <h2>v1.0.92</h2> <ul> <li>Documentation improvements</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/0ebeede28a0d5f0f07f18124078f55d62b180a2d"><code>0ebeede</code></a> Release 1.0.93</li> <li><a href="https://github.com/serde-rs/json/commit/4fd48503de36bbfce42ffafc6bed83e19887f070"><code>4fd4850</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/json/issues/982">#982</a> from serde-rs/integer128tovalue</li> <li><a href="https://github.com/serde-rs/json/commit/e3d13cd61aeacd28bacc4b86af45dc454e57549a"><code>e3d13cd</code></a> Support 128-bit integers in to_value</li> <li><a href="https://github.com/serde-rs/json/commit/f77ad4750f6594a3d717cf34424089756c745c60"><code>f77ad47</code></a> Add test of integer128 to_value</li> <li><a href="https://github.com/serde-rs/json/commit/a9c984f13e6086c093c2f7a1014148c1922bac27"><code>a9c984f</code></a> Release 1.0.92</li> <li><a href="https://github.com/serde-rs/json/commit/c42b724c14a83059ff9286df5eccff7cb90a2670"><code>c42b724</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/json/issues/980">#980</a> from serde-rs/docrepr</li> <li><a href="https://github.com/serde-rs/json/commit/eaa287cb3a873ca0513b11c8b9da6fbc956548d7"><code>eaa287c</code></a> Hide repr attribute from documentation</li> <li><a href="https://github.com/serde-rs/json/commit/7bc6c863101474c651d1cbd5a4927f1edfef5ed0"><code>7bc6c86</code></a> RawValue -> repr(transparent)</li> <li><a href="https://github.com/serde-rs/json/commit/e41ee42d92022dbffc00f4ed50580fa5e060a379"><code>e41ee42</code></a> Update indoc dev-dependency to version 2</li> <li><a href="https://github.com/serde-rs/json/commit/8cebe895007bd1305228f21d5fe6d200e136c4f3"><code>8cebe89</code></a> Speed up cargo fuzz CI job</li> <li>Additional commits viewable in <a href="https://github.com/serde-rs/json/compare/v1.0.91...v1.0.93">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.91&new-version=1.0.93)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [petgraph](https://github.com/petgraph/petgraph) from 0.6.2 to 0.6.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/petgraph/petgraph/blob/master/RELEASES.rst">petgraph's changelog</a>.</em></p> <blockquote> <h1>Version 0.6.3 (2023-02-07)</h1> <ul> <li>Added an iterator over subgraph isomorphisms (<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>_)</li> <li>Added serde support on <code>GraphMap</code> (<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>_)</li> <li>Added <code>reverse</code> method for <code>StableGraph</code> (<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>_)</li> <li>Added <code>edges_connecting</code> iterator for <code>StableGraph</code> (<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>_)</li> <li>Fix Floyd-Warshall algorithm behaviour on undirected graphs (<code>487</code>_)</li> <li>Fix IntoEdgesDirected implementation for NodeFiltered when direction is Incoming (<code>476</code>_)</li> <li>Fix cardinality check in subgraph isomorphism (<code>472</code>_)</li> <li>Fix UB in <code>MatrixGraph</code> (<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>_)</li> </ul> <p>.. _<code>[#472](https://github.com/petgraph/petgraph/issues/472)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/472">petgraph/petgraph#472</a> .. _<code>[#476](https://github.com/petgraph/petgraph/issues/476)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/476">petgraph/petgraph#476</a> .. _<code>[#487](https://github.com/petgraph/petgraph/issues/487)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/487">petgraph/petgraph#487</a> .. _<code>[#496](https://github.com/petgraph/petgraph/issues/496)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/496">petgraph/petgraph#496</a> .. _<code>[#500](https://github.com/petgraph/petgraph/issues/500)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/500">petgraph/petgraph#500</a> .. _<code>[#505](https://github.com/petgraph/petgraph/issues/505)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/505">petgraph/petgraph#505</a> .. _<code>[#521](https://github.com/petgraph/petgraph/issues/521)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/521">petgraph/petgraph#521</a> .. _<code>[#533](https://github.com/petgraph/petgraph/issues/533)</code>: <a href="https://github-redirect.dependabot.com/petgraph/petgraph/issues/533">petgraph/petgraph#533</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/petgraph/petgraph/commits/0.6.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=petgraph&package-manager=cargo&previous-version=0.6.2&new-version=0.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yota Toyama <raviqqe@gmail.com>

clubby789 added 4 commits July 28, 2022 13:52

Fix UB reported by Miri by splitting a slice

25f84ab

Add Miri to GitHub CI

ad1bda7

Disables some tests that take too long to run while under Miri, and adds `features = ["std"]` to the `indexmap` dependency so it compiles correctly under Miri.

Re-add removed comment

48cdcd0

Remove unsafe version and enable a test in Miri

5916f48

saethlin reviewed Jul 28, 2022

View reviewed changes

Switch back to copy_nonoverlapping

0e4754b

ABorgna merged commit 6303db2 into petgraph:master Sep 27, 2022

clubby789 deleted the fix-ub branch September 27, 2022 23:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix UB and add Miri to Github CI #505

Fix UB and add Miri to Github CI #505

clubby789 commented Jul 28, 2022

clubby789 commented Jul 28, 2022

ABorgna commented Jul 28, 2022

saethlin Jul 28, 2022

clubby789 commented Jul 28, 2022 •

edited

clubby789 commented Sep 27, 2022

ABorgna commented Sep 27, 2022

	if pos + old_node_capacity <= new_pos {
	let old = node_adjacencies[pos..pos + old_node_capacity].as_mut_ptr();
	let new = node_adjacencies[new_pos..new_pos + old_node_capacity].as_mut_ptr();

	// SAFE: new starts at least `old_node_capacity` positions after old.
	unsafe {
	std::ptr::swap_nonoverlapping(old, new, old_node_capacity);
	}

Fix UB and add Miri to Github CI #505

Fix UB and add Miri to Github CI #505

Conversation

clubby789 commented Jul 28, 2022

clubby789 commented Jul 28, 2022

ABorgna commented Jul 28, 2022

saethlin Jul 28, 2022

Choose a reason for hiding this comment

clubby789 commented Jul 28, 2022 • edited

clubby789 commented Sep 27, 2022

ABorgna commented Sep 27, 2022

clubby789 commented Jul 28, 2022 •

edited