From 21bcd3a1b637e405c7020ed22af821b926be17d6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 14 Nov 2024 13:26:59 -0800
Subject: [PATCH] Bump lz4 from 1.26.0 to 1.28.0 (#3170)

Bumps [lz4](https://github.com/10xGenomics/lz4-rs) from 1.26.0 to
1.28.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/10XGenomics/lz4-rs/blob/master/CHANGELOG.md">lz4's
changelog</a>.</em></p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/10xGenomics/lz4-rs/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lz4&package-manager=cargo&previous-version=1.26.0&new-version=1.28.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 Cargo.lock              | 9 ++++-----
 src/arrow2/Cargo.toml   | 2 +-
 src/parquet2/Cargo.toml | 2 +-
 3 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index eda49f44cb..4111b880e8 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -4017,19 +4017,18 @@ dependencies = [
 
 [[package]]
 name = "lz4"
-version = "1.26.0"
+version = "1.28.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "958b4caa893816eea05507c20cfe47574a43d9a697138a7872990bba8a0ece68"
+checksum = "4d1febb2b4a79ddd1980eede06a8f7902197960aa0383ffcfdd62fe723036725"
 dependencies = [
- "libc",
  "lz4-sys",
 ]
 
 [[package]]
 name = "lz4-sys"
-version = "1.10.0"
+version = "1.11.1+lz4-1.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "109de74d5d2353660401699a4174a4ff23fcc649caf553df71933c7fb45ad868"
+checksum = "6bd8c0d6c6ed0cd30b3652886bb8711dc4bb01d637a68105a3d5158039b418e6"
 dependencies = [
  "cc",
  "libc",
diff --git a/src/arrow2/Cargo.toml b/src/arrow2/Cargo.toml
index b3862e34f0..aba40fe19f 100644
--- a/src/arrow2/Cargo.toml
+++ b/src/arrow2/Cargo.toml
@@ -48,7 +48,7 @@ json-deserializer = {version = "0.4.4", optional = true, features = [
 # To efficiently cast numbers to strings
 lexical-core = {version = "0.8", optional = true}
 # for IPC compression
-lz4 = {version = "1.24", optional = true}
+lz4 = {version = "1.28", optional = true}
 # For `LIKE` matching "contains" fast-path
 memchr = {version = "2.6", optional = true}
 # For instruction multiversioning
diff --git a/src/parquet2/Cargo.toml b/src/parquet2/Cargo.toml
index 6d437e1578..d27a4a7b19 100644
--- a/src/parquet2/Cargo.toml
+++ b/src/parquet2/Cargo.toml
@@ -4,7 +4,7 @@ brotli = {version = "^3.3", optional = true}
 flate2 = {version = "^1.0", optional = true, default-features = false}
 futures = {version = "0.3", optional = true}
 indexmap = {workspace = true, features = ["serde"]}
-lz4 = {version = "1.24", optional = true}
+lz4 = {version = "1.28", optional = true}
 lz4_flex = {version = "^0.9", optional = true}
 parquet-format-safe = "0.2"
 seq-macro = {version = "0.3", default-features = false}