Make Dependabot only bump Rust deps in the lock file (#14434)

This is to help downstream packagers.
This commit is contained in:
Erik Johnston 2022-11-14 14:45:17 +00:00 committed by GitHub
parent 2cc592584a
commit 6816300588
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 6 deletions

View file

@ -18,5 +18,6 @@ updates:
- package-ecosystem: "cargo" - package-ecosystem: "cargo"
directory: "/" directory: "/"
versioning-strategy: "lockfile-only"
schedule: schedule:
interval: "weekly" interval: "weekly"

1
changelog.d/14434.misc Normal file
View file

@ -0,0 +1 @@
Make Dependabot only bump Rust deps in the lock file.

View file

@ -20,16 +20,16 @@ crate-type = ["lib", "cdylib"]
name = "synapse.synapse_rust" name = "synapse.synapse_rust"
[dependencies] [dependencies]
anyhow = "1.0.66" anyhow = "1.0.63"
lazy_static = "1.4.0" lazy_static = "1.4.0"
log = "0.4.17" log = "0.4.17"
pyo3 = { version = "0.17.3", features = ["extension-module", "macros", "anyhow", "abi3", "abi3-py37"] } pyo3 = { version = "0.17.1", features = ["extension-module", "macros", "anyhow", "abi3", "abi3-py37"] }
pyo3-log = "0.7.0" pyo3-log = "0.7.0"
pythonize = "0.17.0" pythonize = "0.17.0"
regex = "1.7.0" regex = "1.6.0"
serde = { version = "1.0.147", features = ["derive"] } serde = { version = "1.0.144", features = ["derive"] }
serde_json = "1.0.87" serde_json = "1.0.85"
[build-dependencies] [build-dependencies]
blake2 = "0.10.5" blake2 = "0.10.4"
hex = "0.4.3" hex = "0.4.3"