Home Explore Help
Register Sign In
RISCI_ATOM
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Files Issues 3 Wiki
Browse Source

Make Dependabot only bump Rust deps in the lock file (#14434)

This is to help downstream packagers.
Erik Johnston 1 year ago
parent
2cc592584a
commit
6816300588
3 changed files with 8 additions and 6 deletions
Split View Show Diff Stats
  1. 1 0
      .github/dependabot.yml
  2. 1 0
      changelog.d/14434.misc
  3. 6 6
      rust/Cargo.toml

+ 1 - 0
.github/dependabot.yml
View File 

@@ -18,5 +18,6 @@ updates:
 
 
   - package-ecosystem: "cargo"
 
     directory: "/"
 
+    versioning-strategy: "lockfile-only"
 
     schedule:
 
       interval: "weekly"

+ 1 - 0
changelog.d/14434.misc
View File 

@@ -0,0 +1 @@
 
+Make Dependabot only bump Rust deps in the lock file.

+ 6 - 6
rust/Cargo.toml
View File 

@@ -20,16 +20,16 @@ crate-type = ["lib", "cdylib"]
 
 name = "synapse.synapse_rust"
 
 
 [dependencies]
 
-anyhow = "1.0.66"
 
+anyhow = "1.0.63"
 
 lazy_static = "1.4.0"
 
 log = "0.4.17"
 
-pyo3 = { version = "0.17.3", features = ["extension-module", "macros", "anyhow", "abi3", "abi3-py37"] }
 
+pyo3 = { version = "0.17.1", features = ["extension-module", "macros", "anyhow", "abi3", "abi3-py37"] }
 
 pyo3-log = "0.7.0"
 
 pythonize = "0.17.0"
 
-regex = "1.7.0"
 
-serde = { version = "1.0.147", features = ["derive"] }
 
-serde_json = "1.0.87"
 
+regex = "1.6.0"
 
+serde = { version = "1.0.144", features = ["derive"] }
 
+serde_json = "1.0.85"
 
 
 [build-dependencies]
 
-blake2 = "0.10.5"
 
+blake2 = "0.10.4"
 
 hex = "0.4.3"