Bump Bech32 to 0.7.2

[clarkmoody]

Quick dependency bump, after fixing a logic error in the Bech32 library.

See rust-bitcoin/rust-bech32#41.

[codecov-io]

Codecov Report

Merging #376 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #376   +/-   ##
=======================================
  Coverage   84.78%   84.78%           
=======================================
  Files          39       39           
  Lines        7221     7221           
=======================================
  Hits         6122     6122           
  Misses       1099     1099

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e2caebc...f405745. Read the comment docs.

[sgeisler]

I reviewed rust-bitcoin/rust-bech32#41, LGTM.

[elichai]

There's no need to bump minor versions of dependencies.
According to cargo's semver minors are ignored anyway.

https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html

Just delete your cargo.lock and you should get the latest

[clarkmoody]

@elichai 0.7.2 fixes an encoding bug in the Bech32 library, which should make its way into dependent projects. Do you think we should bump to 0.8 on Bech32?

[apoelstra]

I think we've already merged some breaking changes and will need to backport this to get a minor release.

[elichai]

I don't understand.
If bech32 0.7.2 was released already then that's it, users of rust-bitcoin have it too.

Am I missing something or are you asking if you should yank 0.7.2 and release as 0.8?

[clarkmoody]

I don't understand.
If bech32 0.7.2 was released already then that's it, users of rust-bitcoin have it too.

I don't think so. This lib specifies the dependency exactly. I don't think cargo will grab the patch version automatically.

bech32 = "0.7.1"

What you're describing would be

bech32 = "~0.7"

[apoelstra]

= "0.7.1" should grab 0.7.2.

[clarkmoody]

Ah, from the doc:

The string "0.1.12" is a semver version requirement. Since this string does not have any operators in it, it is interpreted the same way as if we had specified "^0.1.12", which is called a caret requirement.

So this should start getting picked up transparently?

[elichai]

Yes. As long as you don't have a cargo.lock this will get picked up transparently

[clarkmoody]

Ok, I've updated the PR to remove the library bump, as we can do that independently.

[apoelstra]

#349 bumps this to 0.7.3. So I think this PR is unneeded now?

[clarkmoody]

Looks like bitcoin_hashes was updated, not Bech32.

…

-Clark

On Sat, Jan 4, 2020, 18:47 Andrew Poelstra ***@***.***> wrote: #349 <#349> bumps this to 0.7.3. So I think this PR is unneeded now? — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#376?email_source=notifications&email_token=AAL5OMNLR4C53CAIDTJ5RJTQ4EU3TA5CNFSM4KCO6MZKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIDDUDI#issuecomment-570833421>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAL5OMNFIPZ6WXTGCXX4Z43Q4EU3TANCNFSM4KCO6MZA> .

[stevenroose]

I'm about to create a new PR for v0.23.0 that bumps other dependencies as well. I can include it if that's easier. Even though this is a backwards compatible change, it could be 0.22.1.

[clarkmoody]

@stevenroose That works for me.

[clarkmoody]

Fixed via #380