From 17ab51daa6933cd4d24c94d3485e350bffea0650 Mon Sep 17 00:00:00 2001 From: phylum-bot <69485888+phylum-bot@users.noreply.github.com> Date: Mon, 9 Jun 2025 05:35:20 +0000 Subject: [PATCH 1/5] Bump dependencies --- Cargo.lock | 102 ++++++++++++++++++++++++++--------------------------- 1 file changed, 51 insertions(+), 51 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9d48f2938..3d09e351a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -157,9 +157,9 @@ dependencies = [ [[package]] name = "anstream" -version = "0.6.18" +version = "0.6.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8acc5369981196006228e28809f761875c0327210a891e941f4c683b3a99529b" +checksum = "301af1932e46185686725e0fad2f8f2aa7da69dd70bf6ecc44d6b703844a3933" dependencies = [ "anstyle", "anstyle-parse", @@ -172,33 +172,33 @@ dependencies = [ [[package]] name = "anstyle" -version = "1.0.10" +version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55cc3b69f167a1ef2e161439aa98aed94e6028e5f9a59be9a6ffb47aef1651f9" +checksum = "862ed96ca487e809f1c8e5a8447f6ee2cf102f846893800b20cebdf541fc6bbd" [[package]] name = "anstyle-parse" -version = "0.2.6" +version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b2d16507662817a6a20a9ea92df6652ee4f94f914589377d69f3b21bc5798a9" +checksum = "4e7644824f0aa2c7b9384579234ef10eb7efb6a0deb83f9630a49594dd9c15c2" dependencies = [ "utf8parse", ] [[package]] name = "anstyle-query" -version = "1.1.2" +version = "1.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "79947af37f4177cfead1110013d678905c37501914fba0efea834c3fe9a8d60c" +checksum = "6c8bdeb6047d8983be085bab0ba1472e6dc604e7041dbf6fcd5e71523014fae9" dependencies = [ "windows-sys 0.59.0", ] [[package]] name = "anstyle-wincon" -version = "3.0.8" +version = "3.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6680de5231bd6ee4c6191b8a1325daa282b415391ec9d3a37bd34f2060dc73fa" +checksum = "403f75924867bb1033c59fbf0797484329750cfbe3c4325cd33127941fabc882" dependencies = [ "anstyle", "once_cell_polyfill", @@ -489,9 +489,9 @@ dependencies = [ [[package]] name = "base64ct" -version = "1.7.3" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89e25b6adfb930f02d1981565a6e5d9c547ac15a96606256d3b59040e5cd4ca3" +checksum = "55248b47b0caf0546f7988906588779981c43bb1bc9d0c44087278f80cdb44ba" [[package]] name = "better_scoped_tls" @@ -677,18 +677,18 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.17.0" +version = "3.18.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1628fb46dfa0b37568d12e5edd512553eccf6a22a78e8bde00bb4aed84d5bdbf" +checksum = "793db76d6187cd04dff33004d8e6c9cc4e05cd330500379d2394209271b4aeee" dependencies = [ "allocator-api2", ] [[package]] name = "bytemuck" -version = "1.23.0" +version = "1.23.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9134a6ef01ce4b366b50689c94f82c14bc72bc5d0386829828a2e2752ef7958c" +checksum = "5c76a5792e44e4abe34d3abf15636779261d45a7450612059293d1d2cfc63422" [[package]] name = "byteorder" @@ -719,9 +719,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.2.25" +version = "1.2.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0fc897dc1e865cc67c0e05a836d9d3f1df3cbe442aa4a9473b18e12624a4951" +checksum = "956a5e21988b87f372569b66183b78babf23ebc2e744b733e4350a752c4dafac" dependencies = [ "jobserver", "libc", @@ -866,9 +866,9 @@ checksum = "3d7b894f5411737b7867f4827955924d7c254fc9f4d91a6aad6b097804b1018b" [[package]] name = "colorchoice" -version = "1.0.3" +version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990" +checksum = "b05b61dc5112cbb17e4b6cd61790d9845d13888356391624cbe7e41efeac1e75" [[package]] name = "console" @@ -2507,9 +2507,9 @@ checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" [[package]] name = "flate2" -version = "1.1.1" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ced92e76e966ca2fd84c8f7aa01a4aea65b0eb6648d72f7c8f3e2764a67fece" +checksum = "4a3d7db9596fecd151c5f638c0ee5d5bd487b6e0ea232e5dc96d5250f6f94b1d" dependencies = [ "crc32fast", "libz-rs-sys", @@ -2895,7 +2895,7 @@ checksum = "b89c83349105e3732062a895becfc71a8f921bb71ecbbdd8ff99263e3b53a0ca" dependencies = [ "bitflags 2.9.1", "gpu-descriptor-types", - "hashbrown 0.15.3", + "hashbrown 0.15.4", ] [[package]] @@ -2987,9 +2987,9 @@ dependencies = [ [[package]] name = "hashbrown" -version = "0.15.3" +version = "0.15.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84b26c544d002229e640969970a2e74021aadf6e2f96372b9c58eff97de08eb3" +checksum = "5971ac85611da7067dbfcabef3c70ebb5606018acd9e2a3903a0da507521e0d5" dependencies = [ "foldhash", ] @@ -3189,9 +3189,9 @@ dependencies = [ [[package]] name = "hyper-rustls" -version = "0.27.6" +version = "0.27.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03a01595e11bdcec50946522c32dde3fc6914743000a68b93000965f2f02406d" +checksum = "e3c93eb611681b207e1fe55d5a71ecf91572ec8a6705cdb6857f7d8d5242cf58" dependencies = [ "http 1.3.1", "hyper 1.6.0", @@ -3311,7 +3311,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cea70ddb795996207ad57735b50c5982d8844f38ba9ee5f1aedcfb708a2aa11e" dependencies = [ "equivalent", - "hashbrown 0.15.3", + "hashbrown 0.15.4", "serde", ] @@ -3762,9 +3762,9 @@ dependencies = [ [[package]] name = "libz-rs-sys" -version = "0.5.0" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6489ca9bd760fe9642d7644e827b0c9add07df89857b0416ee15c1cc1a3b8c5a" +checksum = "172a788537a2221661b480fee8dc5f96c580eb34fa88764d3205dc356c7e4221" dependencies = [ "zlib-rs", ] @@ -4753,9 +4753,9 @@ dependencies = [ [[package]] name = "portable-atomic" -version = "1.11.0" +version = "1.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "350e9b48cbc6b0e028b0473b114454c6316e57336ee184ceab6e53f72c178b3e" +checksum = "f84267b20a16ea918e43c6a88433c2d54fa145c92a811b5b047ccbe153674483" [[package]] name = "portable-atomic-util" @@ -5879,9 +5879,9 @@ dependencies = [ [[package]] name = "serde_spanned" -version = "0.6.8" +version = "0.6.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87607cb1398ed59d48732e575a4c28a7a8ebf2454b964fe3f224f2afc07909e1" +checksum = "bf41e0cfaf7226dca15e8197172c295a782857fcb97fad1808a166870dee75a3" dependencies = [ "serde", ] @@ -6105,9 +6105,9 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.15.0" +version = "1.15.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8917285742e9f3e1683f0a9c4e6b57960b7314d0b08d30d1ecd426713ee2eee9" +checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03" [[package]] name = "smartstring" @@ -6941,7 +6941,7 @@ dependencies = [ "futures-io", "futures-sink", "futures-util", - "hashbrown 0.15.3", + "hashbrown 0.15.4", "pin-project-lite", "slab", "tokio", @@ -6949,9 +6949,9 @@ dependencies = [ [[package]] name = "toml" -version = "0.8.22" +version = "0.8.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05ae329d1f08c4d17a59bed7ff5b5a769d062e64a62d34a3261b219e62cd5aae" +checksum = "dc1beb996b9d83529a9e75c17a1686767d148d70663143c7854d8b4a09ced362" dependencies = [ "serde", "serde_spanned", @@ -6961,18 +6961,18 @@ dependencies = [ [[package]] name = "toml_datetime" -version = "0.6.9" +version = "0.6.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3da5db5a963e24bc68be8b17b6fa82814bb22ee8660f192bb182771d498f09a3" +checksum = "22cddaf88f4fbc13c51aebbf5f8eceb5c7c5a9da2ac40a13519eb5b0a0e8f11c" dependencies = [ "serde", ] [[package]] name = "toml_edit" -version = "0.22.26" +version = "0.22.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "310068873db2c5b3e7659d2cc35d21855dbafa50d1ce336397c666e3cb08137e" +checksum = "41fe8c660ae4257887cf66394862d21dbca4a6ddd26f04a3560410406a2f819a" dependencies = [ "indexmap", "serde", @@ -6984,9 +6984,9 @@ dependencies = [ [[package]] name = "toml_write" -version = "0.1.1" +version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfb942dfe1d8e29a7ee7fcbde5bd2b9a25fb89aa70caea2eba3bee836ff41076" +checksum = "5d99f8c9a7727884afe522e9bd5edbfc91a3312b36a77b5fb8926e4c31a41801" [[package]] name = "tower" @@ -7065,9 +7065,9 @@ dependencies = [ [[package]] name = "tracing-attributes" -version = "0.1.28" +version = "0.1.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "395ae124c09f9e6918a2310af6038fba074bcf474ac352496d5910dd59a2226d" +checksum = "1b1ffbcf9c6f6b99d386e7444eb608ba646ae452a36b39737deb9663b610f662" dependencies = [ "proc-macro2", "quote", @@ -7076,9 +7076,9 @@ dependencies = [ [[package]] name = "tracing-core" -version = "0.1.33" +version = "0.1.34" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e672c95779cf947c5311f83787af4fa8fffd12fb27e4993211a84bdfd9610f9c" +checksum = "b9d12581f227e93f094d3af2ae690a574abb8a2b9b7a96e7cfe9647b2b617678" dependencies = [ "once_cell", ] @@ -8302,9 +8302,9 @@ dependencies = [ [[package]] name = "zlib-rs" -version = "0.5.0" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "868b928d7949e09af2f6086dfc1e01936064cc7a819253bce650d4e2a2d63ba8" +checksum = "626bd9fa9734751fc50d6060752170984d7053f5a39061f524cda68023d4db8a" [[package]] name = "zopfli" From 4c6d6db385799ba98dc47bfeb290258cbd8ee1be Mon Sep 17 00:00:00 2001 From: Mathew Horner Date: Mon, 9 Jun 2025 11:51:38 -0500 Subject: [PATCH 2/5] Set MSRV for all crates to 1.85.0 --- clap_markdown/Cargo.toml | 2 +- cli/Cargo.toml | 2 +- lockfile/Cargo.toml | 2 +- lockfile_generator/Cargo.toml | 2 +- phylum_project/Cargo.toml | 2 +- vulnreach_types/Cargo.toml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/clap_markdown/Cargo.toml b/clap_markdown/Cargo.toml index cc92abd32..b097c5879 100644 --- a/clap_markdown/Cargo.toml +++ b/clap_markdown/Cargo.toml @@ -5,7 +5,7 @@ repository = "https://github.com/phylum-dev/cli" categories = ["command-line-interface"] keywords = ["clap", "cli", "generate", "markdown"] license = "GPL-3.0-or-later" -rust-version = "1.63.0" +rust-version = "1.85.0" version = "0.1.0" edition = "2021" diff --git a/cli/Cargo.toml b/cli/Cargo.toml index 273d9bd2f..b35a08609 100644 --- a/cli/Cargo.toml +++ b/cli/Cargo.toml @@ -4,7 +4,7 @@ version = "7.5.0" authors = ["Veracode, Inc. "] license = "GPL-3.0-or-later" edition = "2021" -rust-version = "1.82.0" +rust-version = "1.85.0" autotests = false [[test]] diff --git a/lockfile/Cargo.toml b/lockfile/Cargo.toml index 95191e964..39ddc7add 100644 --- a/lockfile/Cargo.toml +++ b/lockfile/Cargo.toml @@ -4,7 +4,7 @@ description = "Package lockfile parsers used by Phylum" version = "0.1.0" authors = ["Veracode, Inc. "] edition = "2021" -rust-version = "1.70.0" +rust-version = "1.85.0" [features] default = [] diff --git a/lockfile_generator/Cargo.toml b/lockfile_generator/Cargo.toml index 5612c98be..caba1d27a 100644 --- a/lockfile_generator/Cargo.toml +++ b/lockfile_generator/Cargo.toml @@ -4,7 +4,7 @@ version = "0.1.0" authors = ["Veracode, Inc. "] license = "GPL-3.0-or-later" edition = "2021" -rust-version = "1.68.0" +rust-version = "1.85.0" [dependencies] serde = { version = "1.0.163", features = ["derive"] } diff --git a/phylum_project/Cargo.toml b/phylum_project/Cargo.toml index b33418d78..bf4ddd1f9 100644 --- a/phylum_project/Cargo.toml +++ b/phylum_project/Cargo.toml @@ -6,7 +6,7 @@ version = "0.1.0" authors = ["Veracode, Inc. "] license = "GPL-3.0-or-later" edition = "2021" -rust-version = "1.64.0" +rust-version = "1.85.0" [dependencies] chrono = { version = "^0.4", default-features = false, features = [ diff --git a/vulnreach_types/Cargo.toml b/vulnreach_types/Cargo.toml index 89e13abe6..e35501118 100644 --- a/vulnreach_types/Cargo.toml +++ b/vulnreach_types/Cargo.toml @@ -3,7 +3,7 @@ name = "vulnreach_types" version = "0.1.0" authors = ["Veracode, Inc. "] edition = "2021" -rust-version = "1.65.0" +rust-version = "1.85.0" [dependencies] serde = { version = "1.0.152", features = ["derive"] } From fd7f1e20297d1463641b86451bebe49cdaac5c8e Mon Sep 17 00:00:00 2001 From: Mathew Horner Date: Mon, 9 Jun 2025 11:51:48 -0500 Subject: [PATCH 3/5] Use version 3 resolver --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 0802dcfdc..d52b30406 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,5 +1,5 @@ [workspace] -resolver = "2" +resolver = "3" members = [ "cli", "lockfile", From 167067d3d4c6c70cae4efdad808f79c926ec1f6f Mon Sep 17 00:00:00 2001 From: Mathew Horner Date: Mon, 9 Jun 2025 11:52:09 -0500 Subject: [PATCH 4/5] cargo update --- Cargo.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3d09e351a..193c3026c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1,6 +1,6 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. -version = 3 +version = 4 [[package]] name = "Inflector" @@ -317,9 +317,9 @@ dependencies = [ [[package]] name = "async-compression" -version = "0.4.23" +version = "0.4.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b37fc50485c4f3f736a4fb14199f6d5f5ba008d7f28fe710306c92780f004c07" +checksum = "d615619615a650c571269c00dca41db04b9210037fa76ed8239f70404ab56985" dependencies = [ "brotli 8.0.1", "flate2", From 564fba0a24649ef942f0b84f8207ccc28c6abd0d Mon Sep 17 00:00:00 2001 From: Mathew Horner Date: Mon, 9 Jun 2025 12:04:17 -0500 Subject: [PATCH 5/5] linter fixes --- clap_markdown/src/lib.rs | 2 +- lockfile_generator/src/npm.rs | 2 +- lockfile_generator/src/pip.rs | 2 +- lockfile_generator/src/pnpm.rs | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/clap_markdown/src/lib.rs b/clap_markdown/src/lib.rs index c199ce907..a1e9f9421 100644 --- a/clap_markdown/src/lib.rs +++ b/clap_markdown/src/lib.rs @@ -134,7 +134,7 @@ fn generate_argument(arg: &Arg) -> Option { } // Add arguments. - if arg.get_num_args().map_or(false, |range| range.max_values() > 0) { + if arg.get_num_args().is_some_and(|range| range.max_values() > 0) { let default_name = [arg.get_id().to_string().into()]; let value_names = arg.get_value_names().unwrap_or(&default_name); diff --git a/lockfile_generator/src/npm.rs b/lockfile_generator/src/npm.rs index 9f94c7c96..0a900efd2 100644 --- a/lockfile_generator/src/npm.rs +++ b/lockfile_generator/src/npm.rs @@ -81,7 +81,7 @@ pub(crate) fn find_workspace_root(manifest_path: impl AsRef) -> Result Option { let dir = fs::read_dir(path).ok()?; for dir_entry in dir.into_iter().flatten().map(|entry| entry.path()) { - if dir_entry.file_name().map_or(false, |name| name == WORKSPACE_MANIFEST_FILENAME) { + if dir_entry.file_name().is_some_and(|name| name == WORKSPACE_MANIFEST_FILENAME) { return Some(path.into()); } }