You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+19-2Lines changed: 19 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -1,11 +1,28 @@
1
+
# Unreleased
2
+
3
+
* Fixed the URL of the security advisory linked from the documentation.
4
+
5
+
# 1.3.0
6
+
7
+
* Full fix for the high-severity security vulnerability [RUSTSEC-2024-0006](https://rustsec.org/advisories/RUSTSEC-2024-0006.html) a.k.a. [GHSA-r7qv-8r2h-pg27](https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27):
8
+
* Deprecates quote APIs in favor of `try_` equivalents that complain about nul bytes.
9
+
* Also adds a builder API, which allows re-enabling nul bytes without using the deprecated interface, and in the future can allow other things (as discussed in quoting_warning).
10
+
* Adds documentation about various security risks that remain, particularly with interactive shells.
11
+
* Adds explicit MSRV of 1.46.0.
12
+
13
+
# 1.2.1
14
+
15
+
* Partial fix for the high-severity security vulnerability [RUSTSEC-2024-0006](https://rustsec.org/advisories/RUSTSEC-2024-0006.html) a.k.a. [GHSA-r7qv-8r2h-pg27](https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27) without bumping MSRV:
16
+
* The bytes `{` and `\xa0` are now escaped by quoting functions.
17
+
1
18
# 1.2.0
2
19
3
20
* Adds `bytes` module to support operating directly on byte strings.
4
21
5
22
# 1.1.0
6
23
7
-
* Adds the `std` feature (enabled by default)
8
-
* Disabling the `std` feature makes the crate work in `#![no_std]` mode, assuming presence of the `alloc` crate
24
+
* Adds the `std` feature (enabled by default).
25
+
* Disabling the `std` feature makes the crate work in `#![no_std]` mode, assuming presence of the `alloc` crate.
0 commit comments