Skip to content

Bump base64-ng from 1.0.5 to 1.2.3#12

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/base64-ng-1.2.3
Open

Bump base64-ng from 1.0.5 to 1.2.3#12
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/base64-ng-1.2.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 28, 2026

Copy link
Copy Markdown

Bumps base64-ng from 1.0.5 to 1.2.3.

Release notes

Sourced from base64-ng's releases.

base64-ng 1.2.3

Small dependency-sync release for the 1.2 line.

Changed

  • Updated base64-ng-sanitization to use sanitization 1.2.2.
  • Synced all workspace crate versions and examples to 1.2.3.
  • Updated release metadata, changelog, README, and package docs.

Verification

  • GitHub CI green.
  • Local release checks passed.

base64-ng 1.2.2

Small ergonomics and hardening patch for the 1.2 encode-acceleration line.

Added

  • Added explicit infallible encode convenience helpers for ordinary byte-to-Base64 paths:
    • encode_infallible
    • Engine::encode_vec_infallible
    • Engine::encode_string_infallible
    • matching Profile helpers

Hardened

  • Hardened base64-ng-sanitization fixed-size locked secret decode staging.
  • Ensures staged decoded plaintext is wiped even if locked allocation fails before the fill closure runs.

Documentation

  • Documented infallible encode overflow panic boundaries, including the practical 32-bit large-input case.
  • Updated README, SIMD admission notes, release plan, and crate version matrix for the 1.2.2 release scope.

Verification

  • Pentest clean.
  • GitHub CI green.
  • Local release checks passed.

base64-ng 1.2.1

Documentation/package patch for the 1.2 encode-acceleration release.

  • Updates README and crates.io examples to 1.2.1.
  • Adds clearer simd feature guidance for admitted encode acceleration.
  • Refreshes SIMD admission, roadmap, migration, dependency, and companion-crate docs.
  • No runtime behavior changes from 1.2.0.

base64-ng 1.2.0

base64-ng v1.2.0

v1.2.0 is the full encode-acceleration family release. It syncs the core crate and all companion crates to 1.2.0, admits reviewed runtime SIMD encode backends, and keeps decode/security-sensitive paths conservative.

... (truncated)

Changelog

Sourced from base64-ng's changelog.

1.2.3 - Unreleased

  • Updated the optional base64-ng-sanitization companion dependency to sanitization 1.2.2.
  • Synced all workspace crate versions, dependency snippets, release metadata, and package docs to the 1.2.3 family.

1.2.2 - 2026-06-23

  • Added explicit infallible encode convenience helpers for ordinary byte-to-Base64 paths: Engine::encode_vec_infallible, Engine::encode_string_infallible, matching Profile helpers, and the top-level strict standard base64_ng::encode_infallible.
  • Documented the panic contract for infallible encode helpers and kept the existing fallible APIs as the recommended path for untrusted length metadata, constrained allocation environments, and recoverable-error code paths.

1.2.1 - 2026-06-21

  • Bumped the workspace family to 1.2.1 so crates.io and docs.rs show the corrected 1.2.x README, companion-crate examples, and release matrix.
  • Updated README guidance for the completed 1.2.0 encode-acceleration release, including an explicit simd feature install snippet and an example showing that public encode APIs remain unchanged while runtime dispatch selects an admitted backend only when the platform and input shape qualify.
  • Refreshed SIMD admission, roadmap, dependency, migration, and companion-crate documentation so 1.2.0 is no longer described as staged.

1.2.0 - 2026-06-21

  • Synced all workspace crates for the 1.2.0 family release after collecting the former 1.1.x checkpoint work without publishing many small intermediate crates.io versions.
  • Updated base64-ng-sanitization to sanitization 1.2.1, added native sanitization::ct::Choice comparison helpers for decoded SecretBytes and SecretVec values, and added opt-in locked-secret decode helpers that write directly into LockedSecretBytes or LockedSecretVec under the companion's memory-lock/high-assurance feature set.
  • Cached std SIMD backend detection after the first runtime probe, gated admitted encode dispatch by each backend's fixed block size, and avoided runtime SIMD wrapper calls for inputs that cannot fill a vector block.
  • Removed extra per-block input/output stack copies from admitted runtime SIMD slice encode loops by passing bounds-proven fixed-size views directly into the reviewed block encoders.
  • Clarified the 1.2.0 encode scope: slice, clear-tail, alloc, and wrapped encode helpers route through the encode backend boundary; wrapped encode may use SIMD for the unwrapped staging step, while line-ending insertion, in-place encode, tails, padding, custom alphabets, no_std, and decode stay scalar unless separately admitted.
  • Admitted std x86/x86_64 SSSE3/SSE4.1 encode dispatch for Standard and

... (truncated)

Commits
  • 0d4df28 Prepare 1.2.3 sanitization sync
  • ca42dd1 Align 1.2.2 release documentation
  • 579019b Wipe staged locked output on allocation failure
  • 0d85eeb Harden 1.2.2 pentest follow-ups
  • ecfbac3 Add infallible encode helpers
  • d8a419b Prepare 1.2.1 documentation patch
  • fc0cf38 Add locked sanitization decode helpers
  • ff24eee Clarify admitted SIMD cleanup labels
  • d3d3dc1 Fix AArch64 NEON test helper visibility
  • abe8a5c Record AArch64 verification in changelog
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump base64-ng from 1.0.5 to 1.2.3
d5bd83e 
Bumps [base64-ng](https://github.com/valkyoth/base64-ng) from 1.0.5 to 1.2.3.
- [Release notes](https://github.com/valkyoth/base64-ng/releases)
- [Changelog](https://github.com/valkyoth/base64-ng/blob/main/CHANGELOG.md)
- [Commits](valkyoth/base64-ng@v1.0.5...v1.2.3)

---
updated-dependencies:
- dependency-name: base64-ng
  dependency-version: 1.2.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 28, 2026
@dependabot dependabot Bot mentioned this pull request Jun 28, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants