Make Dependabot only bump Rust deps in the lock file (#14434)

This is to help downstream packagers.
This commit is contained in:
Erik Johnston 2022-11-14 14:45:17 +00:00 committed by GitHub
parent 2cc592584a
commit 6816300588
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 6 deletions

View File

@ -18,5 +18,6 @@ updates:
- package-ecosystem: "cargo"
directory: "/"
versioning-strategy: "lockfile-only"
schedule:
interval: "weekly"

1
changelog.d/14434.misc Normal file
View File

@ -0,0 +1 @@
Make Dependabot only bump Rust deps in the lock file.

View File

@ -20,16 +20,16 @@ crate-type = ["lib", "cdylib"]
name = "synapse.synapse_rust"
[dependencies]
anyhow = "1.0.66"
anyhow = "1.0.63"
lazy_static = "1.4.0"
log = "0.4.17"
pyo3 = { version = "0.17.3", features = ["extension-module", "macros", "anyhow", "abi3", "abi3-py37"] }
pyo3 = { version = "0.17.1", features = ["extension-module", "macros", "anyhow", "abi3", "abi3-py37"] }
pyo3-log = "0.7.0"
pythonize = "0.17.0"
regex = "1.7.0"
serde = { version = "1.0.147", features = ["derive"] }
serde_json = "1.0.87"
regex = "1.6.0"
serde = { version = "1.0.144", features = ["derive"] }
serde_json = "1.0.85"
[build-dependencies]
blake2 = "0.10.5"
blake2 = "0.10.4"
hex = "0.4.3"