From 87b3c8805dac41a115e6918057ecd66dc72358b4 Mon Sep 17 00:00:00 2001
From: Tim Weis <tim.weis@outlook.com>
Date: Sun, 22 Dec 2024 13:06:35 +0100
Subject: [PATCH 1/3] Updated dependencies for cfb and nom

---
 Cargo.toml    | 4 ++--
 src/parser.rs | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 546ce6d..3932fac 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -13,7 +13,7 @@ keywords = ["parser", "office", "vba"]
 categories = ["parser-implementations"]
 
 [dependencies]
-cfb = "0.3"
+cfb = "0.10"
 codepage = "0.1"
 encoding_rs = "0.8"
-nom = "5.1.3"
+nom = "7.1"
diff --git a/src/parser.rs b/src/parser.rs
index 8a8a44f..fa6ee9d 100644
--- a/src/parser.rs
+++ b/src/parser.rs
@@ -134,7 +134,7 @@ pub(crate) fn decompress(i: &[u8]) -> IResult<&[u8], Vec<u8>, FormatError<&[u8]>
     // * If all data has been consumed, return an `Ok()` value.
     nom::combinator::all_consuming(nom::multi::fold_many1(
         chunk_parser,
-        Vec::new(),
+        Vec::new,
         |mut acc: Vec<_>, data| {
             acc.extend(data);
             acc

From 7cb796c32fcc92e7ab16f793570b5a217d0114a2 Mon Sep 17 00:00:00 2001
From: Tim Weis <tim.weis@outlook.com>
Date: Sun, 22 Dec 2024 13:38:14 +0100
Subject: [PATCH 2/3] Opt-out of nom's default features

---
 Cargo.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Cargo.toml b/Cargo.toml
index 3932fac..e26175e 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -16,4 +16,4 @@ categories = ["parser-implementations"]
 cfb = "0.10"
 codepage = "0.1"
 encoding_rs = "0.8"
-nom = "7.1"
+nom = { version = "7.1", default-features = false }

From 93373b203b6e6a33bc4322dcaad1f0e61e3bae49 Mon Sep 17 00:00:00 2001
From: Tim Weis <tim.weis@outlook.com>
Date: Sun, 22 Dec 2024 14:07:11 +0100
Subject: [PATCH 3/3] Prepared release 0.7.1

---
 CHANGELOG.md | 17 ++++++++++++++++-
 Cargo.toml   |  2 +-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 35d1d33..04fe499 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,20 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Fixed
 ### Security
 
+## [0.7.1] - 2024-12-22
+
+Servicing release.
+
+### Changed
+
+* Updated the `cfb` dependency from "0.3" to "0.10".
+
+### Security
+
+* Updated the `nom` dependency from "5.1" to "7.1". This acknowledges [RUSTSEC-2023-0086](https://rustsec.org/advisories/RUSTSEC-2023-0086.html) that describes soundness issues in the `lexical-core` crate.
+
+  `lexical-core` was an optional dependency of the `nom` crate prior to version "7". It was pulled in via default features, but wasn't used by this crate. This update makes sure that clients of this crate won't have to deal with false alarms going forward.
+
 ## [0.7.0] - 2024-12-22
 
 ### Fixed
@@ -118,7 +132,8 @@ Non-breaking changes:
 - VBA project parser.
 - RLE decompressor for compressed streams.
 
-[Unreleased]: https://github.com/tim-weis/ovba/compare/0.7.0...HEAD
+[Unreleased]: https://github.com/tim-weis/ovba/compare/0.7.1...HEAD
+[0.7.1]: https://github.com/tim-weis/ovba/compare/0.7.0...0.7.1
 [0.7.0]: https://github.com/tim-weis/ovba/compare/0.6.0...0.7.0
 [0.6.0]: https://github.com/tim-weis/ovba/compare/0.5.0...0.6.0
 [0.5.0]: https://github.com/tim-weis/ovba/compare/0.4.1...0.5.0
diff --git a/Cargo.toml b/Cargo.toml
index e26175e..2ded528 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "ovba"
-version = "0.7.0"
+version = "0.7.1"
 authors = ["Tim Weis <tim.weis@outlook.com>"]
 description = "An Office VBA project parser written in 100% safe Rust."
 edition = "2018"