fix(deps): update rust crate regex to 1.9.6 #53
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.4.3
->1.9.6
Release Notes
rust-lang/regex (regex)
v1.9.6
Compare Source
==================
This is a patch release that fixes a panic that can occur when the default
regex size limit is increased to a large number.
Fix a bug where computing the maximum haystack length for the bounded
backtracker could result underflow and thus provoke a panic later in a search
due to a broken invariant.
v1.9.5
Compare Source
==================
This is a patch release that hopefully mostly fixes a performance bug that
occurs when sharing a regex across multiple threads.
Issue #934
explains this in more detail. It is also noted in the crate
documentation.
The bug can appear when sharing a regex across multiple threads simultaneously,
as might be the case when using a regex from a
OnceLock
,lazy_static
orsimilar primitive. Usually high contention only results when using many threads
to execute searches on small haystacks.
One can avoid the contention problem entirely through one of two methods.
The first is to use lower level APIs from
regex-automata
that require passingstate explicitly, such as
meta::Regex::search_with
.The second is to clone a regex and send it to other threads explicitly. This
will not use any additional memory usage compared to sharing the regex. The
only downside of this approach is that it may be less convenient, for example,
it won't work with things like
OnceLock
orlazy_static
oronce_cell
.With that said, as of this release, the contention performance problems have
been greatly reduced. This was achieved by changing the free-list so that it
was sharded across threads, and that ensuring each sharded mutex occupies a
single cache line to mitigate false sharing. So while contention may still
impact performance in some cases, it should be a lot better now.
Because of the changes to how the free-list works, please report any issues you
find with this release. That not only includes search time regressions but also
significant regressions in memory usage. Reporting improvements is also welcome
as well! If possible, provide a reproduction.
Bug fixes:
Fix a performance bug where high contention on a single regex led to massive
slow downs.
v1.9.4
Compare Source
==================
This is a patch release that fixes a bug where
RegexSet::is_match(..)
couldincorrectly return false (even when
RegexSet::matches(..).matched_any()
returns true).
Bug fixes:
Fix a bug where a prefilter was incorrectly configured for a
RegexSet
.v1.9.3
Compare Source
==================
This is a patch release that fixes a bug where some searches could result in
incorrect match offsets being reported. It is difficult to characterize the
types of regexes susceptible to this bug. They generally involve patterns
that contain no prefix or suffix literals, but have an inner literal along with
a regex prefix that can conditionally match.
Bug fixes:
Fix a bug with the reverse inner literal optimization reporting incorrect match
offsets.
v1.9.2
Compare Source
==================
This is a patch release that fixes another memory usage regression. This
particular regression occurred only when using a
RegexSet
. In some cases,much more heap memory (by one or two orders of magnitude) was allocated than in
versions prior to 1.9.0.
Bug fixes:
Fix a memory usage regression when using a
RegexSet
.v1.9.1
Compare Source
==================
This is a patch release which fixes a memory usage regression. In the regex
1.9 release, one of the internal engines used a more aggressive allocation
strategy than what was done previously. This patch release reverts to the
prior on-demand strategy.
Bug fixes:
Change the allocation strategy for the backtracker to be less aggressive.
v1.9.0
Compare Source
==================
This release marks the end of a years long rewrite of the regex crate
internals. Since this is
such a big release, please report any issues or regressions you find. We would
also love to hear about improvements as well.
In addition to many internal improvements that should hopefully result in
"my regex searches are faster," there have also been a few API additions:
Captures::extract
method for quickly accessing the substringsthat match each capture group in a regex.
R
, which enables CRLF mode. This makes.
match anyUnicode scalar value except for
\r
and\n
, and also makes(?m:^)
and(?m:$)
match after and before both\r
and\n
, respectively, but neverbetween a
\r
and\n
.RegexBuilder::line_terminator
was added to further customize the lineterminator used by
(?m:^)
and(?m:$)
to be any arbitrary byte.std
Cargo feature is now actually optional. That is, theregex
cratecan be used without the standard library.
regex 1.9
may make binary size and compile times even worse, anew experimental crate called
regex-lite
has been published. It prioritizesbinary size and compile times over functionality (like Unicode) and
performance. It shares no code with the
regex
crate.New features:
One can opt into CRLF mode via the
R
flag.e.g.,
(?mR:$)
matches just before\r\n
.Multi-pattern searches with offsets can be done with
regex-automata 0.3
.std
is now an optional feature.regex
may be used with onlyalloc
.RegexBuilder::line_terminator
configures how(?m:^)
and(?m:$)
behave.Anchored search APIs are now available in
regex-automata 0.3
.Add new
Captures::extract
method for easier capture group access.Add
regex-lite
crate with smaller binary sizes and faster compile times.Add
TryFrom
implementations for theRegex
type.Performance improvements:
Added a one-pass DFA engine for faster capture group matching.
Inner literals are now used to accelerate searches, e.g.,
\w+@​\w+
will scanfor
@
.PERF #891:
Makes literal optimizations apply to regexes of the form
\b(foo|bar|quux)\b
.(There are many more performance improvements as well, but not all of them have
specific issues devoted to them.)
Bug fixes:
Fix matching bugs related to
\B
and inconsistencies across internal engines.Fix matching bug with capture groups.
Fix matching bug with word boundaries.
Fix bug where some regexes like
(re)+
were not equivalent to(re)(re)*
.Fix matching bug inconsistency between NFA and DFA engines.
Fix matching bug where literal extraction got confused by
$
.Add documentation to replacement routines about dealing with fallibility.
Use corpus rejection in fuzz testing.
v1.8.4
Compare Source
==================
This is a patch release that fixes a bug where
(?-u:\B)
was allowed inUnicode regexes, despite the fact that the current matching engines can report
match offsets between the code units of a single UTF-8 encoded codepoint. That
in turn means that match offsets that split a codepoint could be reported,
which in turn results in panicking when one uses them to slice a
&str
.This bug occurred in the transition to
regex 1.8
because the underlyingsyntactical error that prevented this regex from compiling was intentionally
removed. That's because
(?-u:\B)
will be permitted in Unicode regexes inregex 1.9
, but the matching engines will guarantee to never report matchoffsets that split a codepoint. When the underlying syntactical error was
removed, no code was added to ensure that
(?-u:\B)
didn't compile in theregex 1.8
transition release. This release,regex 1.8.4
, adds that codesuch that
Regex::new(r"(?-u:\B)")
returns to theregex <1.8
behavior ofnot compiling. (A
bytes::Regex
can still of course compile it.)Bug fixes:
Fix a bug where
(?-u:\B)
was allowed in Unicode regexes, and in turn couldlead to match offsets that split a codepoint in
&str
.v1.8.3
Compare Source
==================
This is a patch release that fixes a bug where the regex would report a
match at every position even when it shouldn't. This could occur in a very
small subset of regexes, usually an alternation of simple literals that
have particular properties. (See the issue linked below for a more precise
description.)
Bug fixes:
Fix a bug where a match at every position is erroneously reported.
v1.8.2
Compare Source
==================
This is a patch release that fixes a bug where regex compilation could panic
in debug mode for regexes with large counted repetitions. For example,
a{2147483516}{2147483416}{5}
resulted in an integer overflow that wrappedin release mode but panicking in debug mode. Despite the unintended wrapping
arithmetic in release mode, it didn't cause any other logical bugs since the
errant code was for new analysis that wasn't used yet.
Bug fixes:
Fix a bug where regex compilation with large counted repetitions could panic.
v1.8.1
Compare Source
==================
This is a patch release that fixes a bug where a regex match could be reported
where none was found. Specifically, the bug occurs when a pattern contains some
literal prefixes that could be extracted and an optional word boundary in the
prefix.
Bug fixes:
Fix a bug where a word boundary could interact with prefix literal
optimizations and lead to a false positive match.
v1.8.0
Compare Source
==================
This is a sizeable release that will be soon followed by another sizeable
release. Both of them will combined close over 40 existing issues and PRs.
This first release, despite its size, essentially represents preparatory work
for the second release, which will be even bigger. Namely, this release:
aho-corasick
to the recently released 1.0version.
regex-syntax
to the simultaneously released0.7
version. The changes toregex-syntax
principally revolve around arewrite of its literal extraction code and a number of simplifications and
optimizations to its high-level intermediate representation (HIR).
The second release, which will follow ~shortly after the release above, will
contain a soup-to-nuts rewrite of every regex engine. This will be done by
bringing
regex-automata
intothis repository, and then changing the
regex
crate to be nothing but an APIshim layer on top of
regex-automata
's API.These tandem releases are the culmination of about 3
years of on-and-off work that began in earnest in March
2020.
Because of the scale of changes involved in these releases, I would love to
hear about your experience. Especially if you notice undocumented changes in
behavior or performance changes (positive or negative).
Most changes in the first release are listed below. For more details, please
see the commit log, which reflects a linear and decently documented history
of all changes.
New features:
Permit many more characters to be escaped, even if they have no significance.
More specifically, any ASCII character except for
[0-9A-Za-z<>]
can now beescaped. Also, a new routine,
is_escapeable_character
, has been added toregex-syntax
to query whether a character is escapeable or not.Add
Regex::captures_at
. This fills a hole in the API, but doesn't otherwiseintroduce any new expressive power.
Capture group names are now Unicode-aware. They can now begin with either a
_
or any "alphabetic" codepoint. After the first codepoint, subsequent codepoints
can be any sequence of alpha-numeric codepoints, along with
_
,.
,[
and]
. Note that replacement syntax has not changed.Add
Match::is_empty
andMatch::len
APIs.Add an
impl Default for RegexSet
, with the default being the empty set.A new method,
Regex::static_captures_len
, has been added which returns thenumber of capture groups in the pattern if and only if every possible match
always contains the same number of matching groups.
Named captures can now be written as
(?<name>re)
in addition to(?P<name>re)
.regex-syntax
now supports empty character classes.regex-syntax
now has an optionalstd
feature. (This will cometo
regex
in the second release.)Hir
type inregex-syntax
has had a number of simplificationsmade to it.
regex-syntax
has support for a newR
flag for enabling CRLFmode. This will be supported in
regex
proper in the second release.regex-syntax
now has proper support for "regex that nevermatches" via
Hir::fail()
.hir::literal
module ofregex-syntax
has been completelyre-worked. It now has more documentation, examples and advice.
allow_invalid_utf8
option inregex-syntax
has been renamedto
utf8
, and the meaning of the boolean has been flipped.Performance improvements:
aho-corasick 1.0
may improve performance in somecases. It's difficult to characterize exactly which patterns this might impact,
but if there are a small number of longish (>= 4 bytes) prefix literals, then
it might be faster than before.
Bug fixes:
Improve
Debug
impl forMatch
so that it doesn't show the entire haystack.#731:
Fix a number of issues with printing
Hir
values as regex patterns.Add explicit example of
foo|bar
in the regex syntax docs.Clarify that
SetMatches::len
does not (regretably) refer to the number ofmatches in the set.
Clarify "verbose mode" in regex syntax documentation.
#950:
Fix
CaptureLocations::get
so that it never panics.Clarify documentation for
Regex::shortest_match
.Fix
\p{Sc}
so that it is equivalent to\p{Currency_Symbol}
.Add more clarifying documentation to the
CompiledTooBig
error variant.Clarify that
regex::Regex
searches as if the haystack is a sequence ofUnicode scalar values.
Replace
__Nonexhaustive
variants with#[non_exhaustive]
attribute.Optimize case folding since it can get quite slow in some pathological cases.
Reject
(?-u:\W)
inregex::Regex
APIs.Add a missing
void
keyword to indicate "no parameters" in C API.Fix
\p{Lc}
so that it is equivalent to\p{Cased_Letter}
.Clarify documentation for
\pX
syntax.v1.7.3
Compare Source
==================
This is a small release that fixes a bug in
Regex::shortest_match_at
thatcould cause it to panic, even when the offset given is valid.
Bug fixes:
Fix a bug in how the reverse DFA was called for
Regex::shortest_match_at
.v1.7.2
Compare Source
==================
This is a small release that fixes a failing test on FreeBSD.
Bug fixes:
Fix "no stack overflow" test which can fail due to the small stack size.
v1.7.1
Compare Source
==================
This release was done principally to try and fix the doc.rs rendering for the
regex crate.
Performance improvements:
Optimize
replacen
. This also applies toreplace
, but notreplace_all
.Bug fixes:
Maybe fix rustdoc rendering by just bumping a new release?
v1.7.0
Compare Source
==================
This release principally includes an upgrade to Unicode 15.
New features:
Upgrade to Unicode 15.
v1.6.0
Compare Source
==================
This release principally includes an upgrade to Unicode 14.
New features:
Clarify that
Captures::len
includes all groups, not just matching groups.Add an
ExactSizeIterator
impl forSubCaptureMatches
.Improve
RegexSet
documentation examples.Upgrade to Unicode 14.
Bug fixes:
Fix error message rendering bug.
v1.5.6
Compare Source
==================
This release includes a few bug fixes, including a bug that produced incorrect
matches when a non-greedy
?
operator was used.Fixes a bug where
[[:alnum:][:^ascii:]]
dropped[:alnum:]
from the class.Fixes a bug where
Hir::is_match_empty
returnedfalse
for\b
.Fixes a bug where 'ab??' matches 'ab' instead of 'a' in 'ab'.
v1.5.5
Compare Source
==================
This releases fixes a security bug in the regex compiler. This bug permits a
vector for a denial-of-service attack in cases where the regex being compiled
is untrusted. There are no known problems where the regex is itself trusted,
including in cases of untrusted haystacks.
Fixes a bug in the regex compiler where empty sub-expressions subverted the
existing mitigations in place to enforce a size limit on compiled regexes.
The Rust Security Response WG published an advisory about this:
https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw
v1.5.4
Compare Source
==================
This release fixes another compilation failure when building regex. This time,
the fix is for when the
pattern
feature is enabled, which only works onnightly Rust. CI has been updated to test this case.
Fix build when
pattern
feature is enabled.v1.5.3
Compare Source
==================
This releases fixes a bug when building regex with only the
unicode-perl
feature. It turns out that while CI was building this configuration, it wasn't
actually failing the overall build on a failed compilation.
Fix build in
regex-syntax
when only theunicode-perl
feature is enabled.v1.5.2
Compare Source
==================
This release fixes a performance bug when Unicode word boundaries are used.
Namely, for certain regexes on certain inputs, it's possible for the lazy DFA
to stop searching (causing a fallback to a slower engine) when it doesn't
actually need to.
PR #768 fixes the bug, which was
originally reported in
ripgrep#1860.
v1.5.1
Compare Source
==================
This is a patch release that fixes a compilation error when the
perf-literal
feature is not enabled.
v1.5.0
Compare Source
==================
This release primarily updates to Rust 2018 (finally) and bumps the MSRV to
Rust 1.41 (from Rust 1.28). Rust 1.41 was chosen because it's still reasonably
old, and is what's in Debian stable at the time of writing.
This release also drops this crate's own bespoke substring search algorithms
in favor of a new
memmem
implementation provided by thememchr
crate.This will change the performance profile of some regexes, sometimes getting a
little worse, and hopefully more frequently, getting a lot better. Please
report any serious performance regressions if you find them.
v1.4.6
Compare Source
==================
This is a small patch release that fixes the compiler's size check on how much
heap memory a regex uses. Previously, the compiler did not account for the
heap usage of Unicode character classes. Now it does. It's possible that this
may make some regexes fail to compile that previously did compile. If that
happens, please file an issue.
Some regexes can use more heap memory than one would expect.
v1.4.5
Compare Source
==================
This is a small patch release that fixes a regression in the size of a
Regex
in the 1.4.4 release. Prior to 1.4.4, a
Regex
was 552 bytes. In the 1.4.4release, it was 856 bytes due to internal changes. In this release, a
Regex
is now 16 bytes. In general, the size of a
Regex
was never something that wason my radar, but this increased size in the 1.4.4 release seems to have crossed
a threshold and resulted in stack overflows in some programs.
Fixes stack overflows seemingly caused by a large
Regex
size by decreasingits size.
v1.4.4
Compare Source
==================
This is a small patch release that contains some bug fixes. Notably, it also
drops the
thread_local
(andlazy_static
, via transitivity) dependencies.Bug fixes:
Memory leaks caused by an internal caching strategy should now be fixed.
All regex types now implement
UnwindSafe
andRefUnwindSafe
.Add missing
Replacer
impls forVec<u8>
,String
,Cow
, etc.Configuration
📅 Schedule: Branch creation - "after 8pm,before 6am" in timezone America/Los_Angeles, Automerge - "after 8pm,before 6am" in timezone America/Los_Angeles.
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.