Skip to content

build(deps): bump the http group across 1 directory with 5 updates#1348

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/http-64ef5d346b
Closed

build(deps): bump the http group across 1 directory with 5 updates#1348
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/http-64ef5d346b

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 19, 2025
edited
Loading

Bumps the http group with 5 updates in the / directory:

Package From To
hyper 0.14.32 1.6.0
hyper-util 0.1.11 0.1.12
tower-http 0.5.2 0.6.4
tower 0.3.1 0.5.2
rustls-cng 0.5.3 0.6.0

Updates hyper from 0.14.32 to 1.6.0

Release notes

Sourced from hyper's releases.

v1.6.0

Features

  • ext: add ext::on_informational() callback extension (#3818) (8ce1fcfa, closes #2565)
  • server: add http1::Builder::ignore_invalid_headers(bool) option (#3824) (3817a79b)

Bug Fixes

Breaking Changes

  • http2::Builder::max_local_error_reset_streams() now takes &mut self and returns &mut Self. In practice, this shouldn't break almost anyone. It was the wrong receiver and return types. (e981a91e)

New Contributors

Thanks

Full Changelog: hyperium/hyper@v1.5.2...v1.6.0

v1.5.2

Bug Fixes

Features

New Contributors

Thanks

Full Changelog: hyperium/hyper@v1.5.1...v1.5.2

... (truncated)

Changelog

Sourced from hyper's changelog.

v1.6.0 (2025-01-28)

Bug Fixes

Features

  • ext: add ext::on_informational() callback extension (#3818) (8ce1fcfa, closes #2565)
  • server: add http1::Builder::ignore_invalid_headers(bool) option (#3824) (3817a79b)

Breaking Changes

  • http2::Builder::max_local_error_reset_streams() now takes &mut self and returns &mut Self. In practice, this shouldn't break almost anyone. It was the wrong receiver and return types. (e981a91e)

v1.5.2 (2024-12-16)

Bug Fixes

Features

v1.5.1 (2024-11-19)

Bug Fixes

  • http2:
    • pass proper value to h2 max_local_error_reset_streams (4a20147a)
    • improve graceful shutdown during handshake (#3729) (13b05943)

v1.5.0 (2024-10-15)

... (truncated)

Commits
  • 621d8e4 v1.6.0
  • 83f4588 chore(LICENSE): update copyright year
  • 10b09ff fix(server): start http1 header read timeout when conn is idle (#3828)
  • 8ce1fcf feat(ext): add ext::on_informational() callback extension (#3818)
  • de28b0e chore(ci): use msrv aware dependency resolver (#3831)
  • 5baf537 chore(ci): use yq to get rust-version in manifest (#3829)
  • 3817a79 feat(server): add http1::Builder::ignore_invalid_headers(bool) option (#3824)
  • e981a91 fix(server): change max_local_error_reset_streams function to &mut self (...
  • 30f2961 v1.5.2
  • a131111 fix(http1): fix intermitent panic parsing partial headers (#3812)
  • Additional commits viewable in compare view

Updates hyper-util from 0.1.11 to 0.1.12

Release notes

Sourced from hyper-util's releases.

v0.1.12

tl;dr

  • Add client::legacy::proxy::Tunnel connector that wraps another connector with HTTP tunneling.
  • Add client::legacy::proxy::{SocksV4, SocksV5} connectors that wraps another connector with SOCKS.
  • Add client::proxy::matcher::Matcher type that can use environment variables to match proxy rules.
  • Add server::graceful::Watcher type that can be sent to watch a connection in another task.
  • Add GracefulShutdown::count() method to get number of currently watched connections.
  • Fix missing must_use attributes on Connection futures.
  • Fix tracing span in GAI resolver that can cause panics.

What's Changed

New Contributors

Full Changelog: hyperium/hyper-util@v0.1.11...v0.1.12

Changelog

Sourced from hyper-util's changelog.

0.1.12 (2025-05-19)

  • Add client::legacy::proxy::Tunnel connector that wraps another connector with HTTP tunneling.
  • Add client::legacy::proxy::{SocksV4, SocksV5} connectors that wraps another connector with SOCKS.
  • Add client::proxy::matcher::Matcher type that can use environment variables to match proxy rules.
  • Add server::graceful::Watcher type that can be sent to watch a connection in another task.
  • Add GracefulShutdown::count() method to get number of currently watched connections.
  • Fix missing must_use attributes on Connection futures.
  • Fix tracing span in GAI resolver that can cause panics.
Commits
  • 8805922 v0.1.12
  • 7e34375 feat(client): add proxy::SocksV4 and proxy::SocksV5 connectors (#187)
  • 7e74248 feat(client): add windows system proxies for Matcher (#190)
  • acdda1a feat(client): add macOS system proxy support for Matcher (#189)
  • 6c29abb feat(client): add proxy::matcher utilities (#171)
  • e74ab78 feat(server): add method to get number of watching connection (#185)
  • 9ac0dfe docs(client): Include .pool_timer() in the Client builder example (#186)
  • a891979 feat(client): add proxy::Tunnel legacy util (#140)
  • c39da45 feat(server): implement Default for server auto connection Builder (#183)
  • 8610b18 feat(server): add graceful::Watcher type (#182)
  • Additional commits viewable in compare view

Updates tower-http from 0.5.2 to 0.6.4

Release notes

Sourced from tower-http's releases.

tower-http 0.6.4

Added

  • decompression: Support HTTP responses containing multiple ZSTD frames (#548)
  • The ServiceExt trait for chaining layers onto an arbitrary http service just like ServiceBuilderExt allows for ServiceBuilder (#563)

Fixed

  • Remove unnecessary trait bounds on S::Error for Service impls of RequestBodyTimeout<S> and ResponseBodyTimeout<S> (#533)
  • compression: Respect is_end_stream (#535)
  • Fix a rare panic in fs::ServeDir (#553)
  • Fix invalid content-lenght of 1 in response to range requests to empty files (#556)
  • In AsyncRequireAuthorization, use the original inner service after it is ready, instead of using a clone (#561)

#533: tower-rs/tower-http#533 #535: tower-rs/tower-http#535 #548: tower-rs/tower-http#548 #553: tower-rs/tower-http#556 #556: tower-rs/tower-http#556 #561: tower-rs/tower-http#561 #563: tower-rs/tower-http#563

tower-http 0.6.3

This release was yanked because its definition of ServiceExt was quite unhelpful, in a way that's very unlikely that anybody would start depending on within the small timeframe before this was yanked, but that was technically breaking to change.

tower-http-0.6.2

Changed:

  • CompressionBody<B> now propagates B's size hint in its http_body::Body implementation, if compression is disabled (#531)
    • this allows a content-length to be included in an HTTP message with this body for those cases

#531: tower-rs/tower-http#531

New Contributors

Full Changelog: tower-rs/tower-http@tower-http-0.6.1...tower-http-0.6.2

v0.6.1

Fixed

  • decompression: reuse scratch buffer to significantly reduce allocations and improve performance (#521)

... (truncated)

Commits

Updates tower from 0.3.1 to 0.5.2

Release notes

Sourced from tower's releases.

tower 0.5.2

Added

  • util: Add BoxCloneSyncService which is a Clone + Send + Sync boxed Service (#777)
  • util: Add BoxCloneSyncServiceLayer which is a Clone + Send + Sync boxed Layer (#802)

tower 0.5.1

  • Fix minimum version of tower-layer dependency (#787)

#787: tower-rs/tower#787

tower 0.5.0

Fixed

  • util: BoxService is now Sync (#702)

Changed

  • util: Removed deprecated ServiceExt::ready_and method and ReadyAnd future (#652)
  • retry: Breaking Change retry::Policy::retry now accepts &mut Req and &mut Res instead of the previous mutable versions. This increases the flexibility of the retry policy. To update, update your method signature to include mut for both parameters. (#584)
  • retry: Breaking Change Change Policy to accept &mut self (#681)
  • retry: Add generic backoff utilities (#685)
  • retry: Add Budget trait. This allows end-users to implement their own budget and bucket implementations. (#703)
  • reconnect: Breaking Change Remove unused generic parameter from Reconnect::new (#755)
  • ready-cache: Allow iteration over ready services (#700)
  • discover: Implement Clone for Change (#701)
  • util: Add a BoxCloneServiceLayer (#708)
  • rng: use a simpler random 2-sampler (#716)
  • filter: Derive Clone for AsyncFilterLayer (#731)
  • general: Update IndexMap (#741)
  • MSRV: Increase MSRV to 1.63.0 (#741)

#702: tower-rs/tower#702 #652: tower-rs/tower#652 #584: tower-rs/tower#584 #681: tower-rs/tower#681 #685: tower-rs/tower#685 #703: tower-rs/tower#703 #755: tower-rs/tower#755 #700: tower-rs/tower#700 #701: tower-rs/tower#701 #708: tower-rs/tower#708 #716: tower-rs/tower#716 #731: tower-rs/tower#731 #741: tower-rs/tower#741

tower 0.4.13

Added

... (truncated)

Commits
  • 7dc533e tower v0.5.2
  • a09fd97 chore: fix dead code warning for 'Sealed' trait and 'sample_floyd2' func (#799)
  • f57e31b Add util::BoxCloneSyncServiceLayer (#802)
  • da24532 Add util::BoxCloneSyncService (#777)
  • 6283f3a Upgrade http and sync_wrapper dependencies (#788)
  • 7155101 Prepare release of v0.5.1 (#791)
  • b2c48b4 Bump dependency on tower-layer (#787)
  • fec9e55 tower-layer: drop versions from dev dependencies (#782)
  • 646804d chore: prepare to release tower-0.5.0, tower-layer-0.3.3, tower-service-0.3.3...
  • 7202cfe chore: fix a few typos (#780)
  • Additional commits viewable in compare view

Updates rustls-cng from 0.5.3 to 0.6.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels May 19, 2025
@dependabot
build(deps): bump the http group across 1 directory with 5 updates
ee035a6 
Bumps the http group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [hyper](https://github.com/hyperium/hyper) | `0.14.32` | `1.6.0` |
| [hyper-util](https://github.com/hyperium/hyper-util) | `0.1.11` | `0.1.12` |
| [tower-http](https://github.com/tower-rs/tower-http) | `0.5.2` | `0.6.4` |
| [tower](https://github.com/tower-rs/tower) | `0.3.1` | `0.5.2` |
| [rustls-cng](https://github.com/rustls/rustls-cng) | `0.5.3` | `0.6.0` |



Updates `hyper` from 0.14.32 to 1.6.0
- [Release notes](https://github.com/hyperium/hyper/releases)
- [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md)
- [Commits](hyperium/hyper@v0.14.32...v1.6.0)

Updates `hyper-util` from 0.1.11 to 0.1.12
- [Release notes](https://github.com/hyperium/hyper-util/releases)
- [Changelog](https://github.com/hyperium/hyper-util/blob/master/CHANGELOG.md)
- [Commits](hyperium/hyper-util@v0.1.11...v0.1.12)

Updates `tower-http` from 0.5.2 to 0.6.4
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](tower-rs/tower-http@tower-http-0.5.2...tower-http-0.6.4)

Updates `tower` from 0.3.1 to 0.5.2
- [Release notes](https://github.com/tower-rs/tower/releases)
- [Commits](tower-rs/tower@tower-0.3.1...tower-0.5.2)

Updates `rustls-cng` from 0.5.3 to 0.6.0
- [Commits](rustls/rustls-cng@v0.5.3...v0.6.0)

---
updated-dependencies:
- dependency-name: hyper
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: http
- dependency-name: hyper-util
  dependency-version: 0.1.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: http
- dependency-name: tower-http
  dependency-version: 0.6.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: http
- dependency-name: tower
  dependency-version: 0.5.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: http
- dependency-name: rustls-cng
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: http
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/http-64ef5d346b branch from c006895 to ee035a6 Compare May 26, 2025 21:46
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 30, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 30, 2025
@dependabot dependabot Bot deleted the dependabot/cargo/http-64ef5d346b branch May 30, 2025 17:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@CBenoit Benoît Cortier (CBenoit)

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@CBenoit