Bump js-sys from 0.3.85 to 0.3.103#517
Conversation
Bumps [js-sys](https://github.com/wasm-bindgen/wasm-bindgen) from 0.3.85 to 0.3.103. - [Release notes](https://github.com/wasm-bindgen/wasm-bindgen/releases) - [Changelog](https://github.com/wasm-bindgen/wasm-bindgen/blob/main/CHANGELOG.md) - [Commits](https://github.com/wasm-bindgen/wasm-bindgen/commits) --- updated-dependencies: - dependency-name: js-sys dependency-version: 0.3.103 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Caution Review the following alerts detected in dependencies. According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.
|
Bumps js-sys from 0.3.85 to 0.3.103.
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Note
Low Risk
Lockfile-only dependency refresh for WASM/js-sys; main risk is regressions in WASM builds or
getrandomon the browser target, not runtime logic in this repo.Overview
Updates the lockfile for js-sys
0.3.85→0.3.103(Dependabot). The newer crate dropsonce_celland addscfg-ifandfutures-util, which pulls infutures-core,futures-task,pin-project-lite, andslabas transitive dependencies.The same resolution bumps the
wasm-bindgenstack from0.2.108to0.2.126(wasm-bindgen, macro crates, and shared).getrandom’s wasm path still depends onjs-sys, so this affects WASM/randomness bindings indirectly.No application source changes—only
Cargo.lock.Reviewed by Cursor Bugbot for commit a2c2b96. Bugbot is set up for automated code reviews on this repo. Configure here.