From b2f69bbb3b062eef360b42ffca32ac947be8efb9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Oct 2023 03:31:25 +0000
Subject: [PATCH] build(deps): bump the formats group with 2 updates (#7714)

* build(deps): bump the formats group with 2 updates

Bumps the formats group with 2 updates: [regex](https://github.com/rust-lang/regex) and [byteorder](https://github.com/BurntSushi/byteorder).


Updates `regex` from 1.9.5 to 1.10.0
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.9.5...1.10.0)

Updates `byteorder` from 1.4.3 to 1.5.0
- [Changelog](https://github.com/BurntSushi/byteorder/blob/master/CHANGELOG.md)
- [Commits](https://github.com/BurntSushi/byteorder/compare/1.4.3...1.5.0)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: formats
- dependency-name: byteorder
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: formats
...

Signed-off-by: dependabot[bot] <support@github.com>

* Add a test-related exception to deny.toml

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: teor <teor@riseup.net>
---
 Cargo.lock               | 24 +++++++++++++++---------
 deny.toml                |  4 ++++
 zebra-chain/Cargo.toml   |  2 +-
 zebra-network/Cargo.toml |  4 ++--
 zebra-state/Cargo.toml   |  2 +-
 zebra-test/Cargo.toml    |  2 +-
 zebra-utils/Cargo.toml   |  2 +-
 zebrad/Cargo.toml        |  2 +-
 8 files changed, 26 insertions(+), 16 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 3d5d4699..74f4bc3f 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -589,9 +589,9 @@ checksum = "374d28ec25809ee0e23827c2ab573d729e293f281dfe393500e7ad618baa61c6"
 
 [[package]]
 name = "byteorder"
-version = "1.4.3"
+version = "1.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610"
+checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
 
 [[package]]
 name = "bytes"
@@ -3439,14 +3439,14 @@ dependencies = [
 
 [[package]]
 name = "regex"
-version = "1.9.5"
+version = "1.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "697061221ea1b4a94a624f67d0ae2bfe4e22b8a17b6a192afb11046542cc8c47"
+checksum = "d119d7c7ca818f8a53c300863d4f87566aac09943aef5b355bb83969dae75d87"
 dependencies = [
  "aho-corasick",
  "memchr",
- "regex-automata 0.3.8",
- "regex-syntax 0.7.5",
+ "regex-automata 0.4.0",
+ "regex-syntax 0.8.0",
 ]
 
 [[package]]
@@ -3460,13 +3460,13 @@ dependencies = [
 
 [[package]]
 name = "regex-automata"
-version = "0.3.8"
+version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c2f401f4955220693b56f8ec66ee9c78abffd8d1c4f23dc41a23839eb88f0795"
+checksum = "5d58da636bd923eae52b7e9120271cbefb16f399069ee566ca5ebf9c30e32238"
 dependencies = [
  "aho-corasick",
  "memchr",
- "regex-syntax 0.7.5",
+ "regex-syntax 0.8.0",
 ]
 
 [[package]]
@@ -3481,6 +3481,12 @@ version = "0.7.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "dbb5fb1acd8a1a18b3dd5be62d25485eb770e05afb408a9627d14d451bae12da"
 
+[[package]]
+name = "regex-syntax"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c3cbb081b9784b07cceb8824c8583f86db4814d172ab043f3c23f7dc600bf83d"
+
 [[package]]
 name = "reqwest"
 version = "0.11.22"
diff --git a/deny.toml b/deny.toml
index 84220b0d..8e149b0b 100644
--- a/deny.toml
+++ b/deny.toml
@@ -72,6 +72,10 @@ skip-tree = [
     # wait for console-subscriber to upgrade
     { name = "tonic", version = "=0.9.2" },
 
+    # wait for tracing and many other crates to upgrade
+    # this duplicate dependency currently only exists in testing builds
+    { name = "regex-syntax", version = "=0.6.29" },
+
     # ZF crates
 
     # wait for indexmap, toml_edit, serde_json, tower to upgrade
diff --git a/zebra-chain/Cargo.toml b/zebra-chain/Cargo.toml
index 9ee9d497..5d8de1c8 100644
--- a/zebra-chain/Cargo.toml
+++ b/zebra-chain/Cargo.toml
@@ -60,7 +60,7 @@ blake2b_simd = "1.0.2"
 blake2s_simd = "1.0.2"
 bridgetree = "0.3.0"
 bs58 = { version = "0.5.0", features = ["check"] }
-byteorder = "1.4.3"
+byteorder = "1.5.0"
 equihash = "0.2.0"
 group = "0.13.0"
 incrementalmerkletree = "0.4.0"
diff --git a/zebra-network/Cargo.toml b/zebra-network/Cargo.toml
index a1dc2e47..869a2ab4 100644
--- a/zebra-network/Cargo.toml
+++ b/zebra-network/Cargo.toml
@@ -41,7 +41,7 @@ proptest-impl = ["proptest", "proptest-derive", "zebra-chain/proptest-impl"]
 
 [dependencies]
 bitflags = "2.4.0"
-byteorder = "1.4.3"
+byteorder = "1.5.0"
 bytes = "1.5.0"
 chrono = { version = "0.4.31", default-features = false, features = ["clock", "std"] }
 dirs = "5.0.1"
@@ -55,7 +55,7 @@ ordered-map = "0.4.2"
 pin-project = "1.1.3"
 rand = "0.8.5"
 rayon = "1.7.0"
-regex = "1.9.5"
+regex = "1.10.0"
 serde = { version = "1.0.188", features = ["serde_derive"] }
 tempfile = "3.8.0"
 thiserror = "1.0.48"
diff --git a/zebra-state/Cargo.toml b/zebra-state/Cargo.toml
index 29caca7b..b67f43b9 100644
--- a/zebra-state/Cargo.toml
+++ b/zebra-state/Cargo.toml
@@ -55,7 +55,7 @@ itertools = "0.11.0"
 lazy_static = "1.4.0"
 metrics = "0.21.1"
 mset = "0.1.1"
-regex = "1.9.5"
+regex = "1.10.0"
 rlimit = "0.10.1"
 rocksdb = { version = "0.21.0", default-features = false, features = ["lz4"] }
 semver = "1.0.18"
diff --git a/zebra-test/Cargo.toml b/zebra-test/Cargo.toml
index fc20b7ad..ceb6a5b4 100644
--- a/zebra-test/Cargo.toml
+++ b/zebra-test/Cargo.toml
@@ -22,7 +22,7 @@ insta = "1.33.0"
 proptest = "1.3.1"
 once_cell = "1.18.0"
 rand = "0.8.5"
-regex = "1.9.5"
+regex = "1.10.0"
 
 tokio = { version = "1.33.0", features = ["full", "tracing", "test-util"] }
 tower = { version = "0.4.13", features = ["util"] }
diff --git a/zebra-utils/Cargo.toml b/zebra-utils/Cargo.toml
index 55809c60..756417a2 100644
--- a/zebra-utils/Cargo.toml
+++ b/zebra-utils/Cargo.toml
@@ -84,7 +84,7 @@ zebra-rpc = { path = "../zebra-rpc", version = "1.0.0-beta.29", optional = true
 itertools = { version = "0.11.0", optional = true }
 
 # These crates are needed for the search-issue-refs binary
-regex = { version = "1.9.5", optional = true }
+regex = { version = "1.10.0", optional = true }
 # Avoid default openssl dependency to reduce the dependency tree and security alerts. 
 reqwest = { version = "0.11.22", default-features = false, features = ["rustls-tls"], optional = true }
 
diff --git a/zebrad/Cargo.toml b/zebrad/Cargo.toml
index 901bbc6a..95e08ff3 100644
--- a/zebrad/Cargo.toml
+++ b/zebrad/Cargo.toml
@@ -234,7 +234,7 @@ hex = "0.4.3"
 hex-literal = "0.4.1"
 jsonrpc-core = "18.0.0"
 once_cell = "1.18.0"
-regex = "1.9.5"
+regex = "1.10.0"
 insta = { version = "1.33.0", features = ["json"] }
 
 # zebra-rpc needs the preserve_order feature, it also makes test results more stable