Bump regex from 1.5.4 to 1.5.5 Bumps [regex](https://github.com/rust-lang/regex) from 1.5.4 to 1.5.5. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p> <blockquote> <h1>1.5.5 (2022-03-08)</h1> <p>This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.</p> <ul> <li><a href="https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8">SECURITY #GHSA-m5pq-gvj9-9vr8</a>: Fixes a bug in the regex compiler where empty sub-expressions subverted the existing mitigations in place to enforce a size limit on compiled regexes. The Rust Security Response WG published an advisory about this: <a href="https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw">https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/regex/commit/d130381b150756ba7e5940efdc6ebdf47f4febc0"><code>d130381</code></a> 1.5.5</li> <li><a href="https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e"><code>ae70b41</code></a> security: fix denial-of-service bug in compiler</li> <li><a href="https://github.com/rust-lang/regex/commit/b92ffd5471018419ec48dbdef32757424439f065"><code>b92ffd5</code></a> cargo: use SPDX license format</li> <li><a href="https://github.com/rust-lang/regex/commit/f6e52dafdee305d16d6778e7bfe935bd9a6ae38b"><code>f6e52da</code></a> syntax: fix 'unused' warnings</li> <li><a href="https://github.com/rust-lang/regex/commit/5197f21287344d2994f9cf06758a3ea30f5a26c3"><code>5197f21</code></a> fuzz: do not use inherits in Cargo.toml</li> <li><a href="https://github.com/rust-lang/regex/commit/3662851482327e3642940981298150c93718de3c"><code>3662851</code></a> doc: fix typo</li> <li><a href="https://github.com/rust-lang/regex/commit/63ee6699a27b294774af0154862e5cc35b495ee6"><code>63ee669</code></a> syntax/doc: fix 'their' typo</li> <li><a href="https://github.com/rust-lang/regex/commit/d6bc7a4c3b58e1d618024aaededa722df32fa6e8"><code>d6bc7a4</code></a> readme: remove broken badge</li> <li><a href="https://github.com/rust-lang/regex/commit/bd7466034f8cccc3b0918201d1eb099cc8be3c56"><code>bd74660</code></a> fuzz: try to fix build issue</li> <li><a href="https://github.com/rust-lang/regex/commit/bd0a14231b8848669e0d257ba55526f62756c749"><code>bd0a142</code></a> readme: fix badges</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/1.5.4...1.5.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=cargo&previous-version=1.5.4&new-version=1.5.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` use these labels` will set the current labels as the default for future PRs for this repo and language - ``@dependabot` use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - ``@dependabot` use these assignees` will set the current assignees as the default for future PRs for this repo and language - ``@dependabot` use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/rust-lang/chalk/network/alerts). </details>
-Original file line number
+Diff line change
 [dependencies]
 lalrpop-util = "0.19"
 -regex = "1.3"
 +regex = "1.5"
 string_cache = "0.8.0"