Skip to content

build(deps): bump the cargo-minor-patch group across 1 directory with 12 updates#7

Merged
ndhkaeru merged 1 commit into
mainfrom
dependabot/cargo/cargo-minor-patch-b55bc29f43
Jun 27, 2026
Merged

build(deps): bump the cargo-minor-patch group across 1 directory with 12 updates#7
ndhkaeru merged 1 commit into
mainfrom
dependabot/cargo/cargo-minor-patch-b55bc29f43

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 27, 2026

Copy link
Copy Markdown
Contributor

Bumps the cargo-minor-patch group with 12 updates in the / directory:

Package From To
anyhow 1.0.102 1.0.103
dashmap 6.1.0 6.2.1
ignore 0.4.25 0.4.26
regex 1.12.3 1.12.4
serde_json 1.0.149 1.0.150
tokio 1.49.0 1.50.0
tracing-subscriber 0.3.22 0.3.23
tree-sitter 0.26.6 0.26.9
tree-sitter-rust 0.24.0 0.24.2
tree-sitter-swift 0.7.2 0.7.3
zip 8.1.0 8.6.0
tempfile 3.26.0 3.27.0

Updates anyhow from 1.0.102 to 1.0.103

Release notes

Sourced from anyhow's releases.

1.0.103

  • Fix Stacked Borrows violation (UB) in Error::downcast_mut (#451, #452)
Commits
  • 5bdb0e2 Release 1.0.103
  • e621bd3 Merge pull request #452 from dtolnay/downcast
  • 6e8c000 Eliminate pointer->reference->pointer during downcast
  • 67c4abd Add regression test for issue 451
  • 917a169 Update actions/upload-artifact@v6 -> v7
  • d9dc3fa Update actions/checkout@v6 -> v7
  • 841522b Raise minimum tested compiler to rust 1.85
  • See full diff in compare view

Updates dashmap from 6.1.0 to 6.2.1

Release notes

Sourced from dashmap's releases.

v6.2.1

This is an interim maintenance release for the existing v6 branch before v7 can be released. This bumps the MSRV to 1.85 and updates dependencies to their latest versions.

Commits

Updates ignore from 0.4.25 to 0.4.26

Commits
  • 82313cf ignore-0.4.26
  • 43e2f08 ignore: fix parent gitignore matching across multiple roots
  • 79a23e0 ignore: use named fields in Ignore
  • 4519153 doc: clarify half-boundary syntax for the -w/--word-regexp flag
  • cb66736 core: bleat a DEBUG message when RIPGREP_CONFIG_PATH is not set
  • 9b84e15 ignore/types: add container type that covers both Dockerfile and `Contain...
  • cd1f981 fix: derive Default when possible
  • See full diff in compare view

Updates regex from 1.12.3 to 1.12.4

Changelog

Sourced from regex's changelog.

1.12.4 (2025-06-09)

This release includes a performance optimization for compilation of regexes with very large character classes.

Improvements:

  • #1308: Avoid re-canonicalizing the entire interval set when pushing new class ranges.
Commits
  • 7b96fdc 1.12.4
  • 7b89cf0 deps: update to regex-syntax 0.8.11
  • 1401679 regex-syntax-0.8.11
  • d709000 changelog: 1.12.4
  • 9825c74 syntax: avoid re-canonicalizing the entire IntervalSet on push (#1308)
  • a7f2ff6 docs: clarify regex-lite word boundaries
  • 2c7b172 docs: clarify unsupported Anchored::Pattern searches
  • 839d16b regex-syntax-0.8.10
  • c4865a0 syntax: fix negation handling in HIR translation
  • d8761c0 cargo: also include benches
  • Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

Commits
  • a1ae73a Release 1.0.150
  • 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
  • 2037b63 Reject non-string enum object keys
  • 5d30df6 Resolve manual_assert_eq pedantic clippy lint
  • dc8003a Raise required compiler for preserve_order feature to 1.85
  • a42fa98 Unpin CI miri toolchain
  • 684a60e Pin CI miri to nightly-2026-02-11
  • 7c7da33 Raise required compiler to Rust 1.71
  • acf4850 Simplify Number::is_f64
  • 6b8ceab Resolve unnecessary_map_or clippy lint
  • Additional commits viewable in compare view

Updates tokio from 1.49.0 to 1.50.0

Release notes

Sourced from tokio's releases.

Tokio v1.50.0

1.50.0 (Mar 3rd, 2026)

Added

  • net: add TcpStream::set_zero_linger (#7837)
  • rt: add is_rt_shutdown_err (#7771)

Changed

  • io: add optimizer hint that memchr returns in-bounds pointer (#7792)
  • io: implement vectored writes for write_buf (#7871)
  • runtime: panic when event_interval is set to 0 (#7838)
  • runtime: shorten default thread name to fit in Linux limit (#7880)
  • signal: remember the result of SetConsoleCtrlHandler (#7833)
  • signal: specialize windows Registry (#7885)

Fixed

  • io: always cleanup AsyncFd registration list on deregister (#7773)
  • macros: remove (most) local use declarations in tokio::select! (#7929)
  • net: fix GET_BUF_SIZE constant for target_os = "android" (#7889)
  • runtime: avoid redundant unpark in current_thread scheduler (#7834)
  • runtime: don't park in current_thread if before_park defers waker (#7835)
  • io: fix write readiness on ESP32 on short writes (#7872)
  • runtime: wake deferred tasks before entering block_in_place (#7879)
  • sync: drop rx waker when oneshot receiver is dropped (#7886)
  • runtime: fix double increment of num_idle_threads on shutdown (#7910, #7918, #7922)

Unstable

  • fs: check for io-uring opcode support (#7815)
  • runtime: avoid lock acquisition after uring init (#7850)

Documented

  • docs: update outdated unstable features section (#7839)
  • io: clarify the behavior of AsyncWriteExt::shutdown() (#7908)
  • io: explain how to flush stdout/stderr (#7904)
  • io: fix incorrect and confusing AsyncWrite documentation (#7875)
  • rt: clarify the documentation of Runtime::spawn (#7803)
  • rt: fix missing quotation in docs (#7925)
  • runtime: correct the default thread name in docs (#7896)
  • runtime: fix event_interval doc (#7932)
  • sync: clarify RwLock fairness documentation (#7919)
  • sync: clarify that recv returns None once closed and no more messages (#7920)
  • task: clarify when to use spawn_blocking vs dedicated threads (#7923)
  • task: doc that task drops before JoinHandle completion (#7825)
  • signal: guarantee that listeners never return None (#7869)
  • task: fix task module feature flags in docs (#7891)

... (truncated)

Commits

Updates tracing-subscriber from 0.3.22 to 0.3.23

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.23

Fixed

  • Allow ansi sanitization to be disabled (#3484)

#3484: tokio-rs/tracing#3484

Commits

Updates tree-sitter from 0.26.6 to 0.26.9

Release notes

Sourced from tree-sitter's releases.

v0.26.9

What's Changed

Full Changelog: tree-sitter/tree-sitter@v0.26.8...v0.26.9

v0.26.8

What's Changed

Full Changelog: tree-sitter/tree-sitter@v0.26.7...v0.26.8

v0.26.7

Notable Changes

  • A regression in v0.26.6 with quantified alternations was fixed.
  • Release artifacts for the tree-sitter CLI are now published as zip archives (in addition to gzipped executables, which are planned for removal in a future minor release).

What's Changed

... (truncated)

Commits
  • 7f53486 release v0.26.9
  • 77b96de fix(wasm): validate memory reads (#5569) (#5613)
  • a082228 build(deps): bump wasmtime-c-api to v36.0.9
  • 7aea015 fix(wasm): load supertype tables for ABI 15 grammars (#5605) (#5606)
  • 2cad8b8 fix(generate): consider reserved words when removing unused rules
  • ddbe469 fix(generate): rewrite parse_grammar with forward DFS
  • 17f9796 fix(generate): improve error message for nonterminals used in immediate token...
  • 17e4bf9 fix(cli): account for process versions > 5 in the parse command's pretty
  • ec120d0 build(deps): bump wasmtime-c-api to v36.0.8
  • 7c3d842 docs: note zero point unbounded behavior in query functions
  • Additional commits viewable in compare view

Updates tree-sitter-rust from 0.24.0 to 0.24.2

Release notes

Sourced from tree-sitter-rust's releases.

v0.24.2

NOTE: Download tree-sitter-rust.tar.gz for the complete source code.

v0.24.1

NOTE: Download tree-sitter-rust.tar.gz for the complete source code.

Commits

Updates tree-sitter-swift from 0.7.2 to 0.7.3

Release notes

Sourced from tree-sitter-swift's releases.

0.7.3

NOTE: Download tree-sitter-swift.tar.gz for the complete source code.

What's Changed

Full Changelog: alex-pinkus/tree-sitter-swift@0.7.2...0.7.3

Commits
  • b8b22bf Update for 0.7.3 release
  • 55645a8 Updating top repository version
  • 24585e2 Merge pull request #583 from danfaer/feat/directives-in-type-bodies
  • 24db106 Merge main into feat/directives-in-type-bodies
  • a923ac6 Support bracket-qualified nested type access in type position
  • 03e31ae Support parenthesized nonisolated modifier: nonisolated(unsafe)/(nonsending)
  • 1de03f1 Allow #if/#elseif/#else/#endif directives inside type bodies
  • 3d38a39 Updating top repository version
  • 30f3056 Fix parsing of double-optional types (Type??) in lambda parameters
  • ed1196c Add do throws(E) do-catch syntax -- SE-0413
  • Additional commits viewable in compare view

Updates zip from 8.1.0 to 8.6.0

Release notes

Sourced from zip's releases.

v8.6.0

🚀 Features

  • add compression not supported as enum error (#774)

🐛 Bug Fixes

  • allow for [u8] as filename (#775)

🚜 Refactor

  • mark ZipFlags as non-exhaustive and add test for HasZipMetadata (#777)
  • use and simplify is_dir (#776)

v8.5.1

🚜 Refactor

  • change magic finder to stack buffer (#763)
  • simplify extra field parsing (#764)

v8.5.0

🐛 Bug Fixes

  • remove zip64 comment and add zip64 extensible data sector (#747)

🚜 Refactor

  • remove useless magic in struct (#730)
  • change extra_field from Arc<Vec> to Arc<[u8]> (#741)

⚙️ Miscellaneous Tasks

  • cleanup README (#758)

v8.4.0

🚀 Features

  • add a check for building benches (#748)

🚜 Refactor

  • split part of read.rs for code readability (#744)
  • remove unused allow (#745)

⚡ Performance

  • skip BufReader for Stored files in make_reader (#739)

⚙️ Miscellaneous Tasks

... (truncated)

Changelog

Sourced from zip's changelog.

8.6.0 - 2026-04-25

🚀 Features

  • add compression not supported as enum error (#774)

🐛 Bug Fixes

  • allow for [u8] as filename (#775)

🚜 Refactor

  • mark ZipFlags as non-exhaustive and add test for HasZipMetadata (#777)
  • use and simplify is_dir (#776)

8.5.1 - 2026-04-06

🚜 Refactor

  • change magic finder to stack buffer (#763)
  • simplify extra field parsing (#764)

8.5.0 - 2026-04-01

🐛 Bug Fixes

  • remove zip64 comment and add zip64 extensible data sector (#747)

🚜 Refactor

  • remove useless magic in struct (#730)
  • change extra_field from Arc<Vec> to Arc<[u8]> (#741)

⚙️ Miscellaneous Tasks

  • cleanup README (#758)

8.4.0 - 2026-03-23

🚀 Features

  • add a check for building benches (#748)

🚜 Refactor

  • split part of read.rs for code readability (#744)
  • remove unused allow (#745)

⚡ Performance

... (truncated)

Commits
  • 771dfc5 chore: release v8.6.0 (#781)
  • 8e480cc chore(deps): update sha1 requirement from 0.10 to 0.11 (#767)
  • 2513bbe chore(deps): update aes requirement from 0.8 to 0.9 (#787)
  • 957e240 ci(deps): bump actions/cache from 5.0.4 to 5.0.5 (#786)
  • 0329d9d fix: allow for [u8] as filename (#775)
  • ddcf854 ci(deps): bump github/codeql-action from 4.35.1 to 4.35.2 (#788)
  • 42323a8 ci(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#785)
  • 901014a ci(deps): bump crate-ci/typos from 1.45.0 to 1.45.1 (#784)
  • 07702d4 feat: add compression not supported as enum error (#774)
  • 2d0c46b ci(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#783)
  • Additional commits viewable in compare view

Updates tempfile from 3.26.0 to 3.27.0

Changelog

Sourced from tempfile's changelog.

3.27.0

This release adds TempPath::try_from_path and deprecates TempPath::from_path.

Prior to this release, TempPath::from_path made no attempts to convert relative paths into absolute paths. The following code would have deleted the wrong file:

let tmp_path = TempPath::from_path("foo")
std::env::set_current_dir("/some/other/path").unwrap();
drop(tmp_path);

Now:

  1. TempPath::from_path will attempt to convert relative paths into absolute paths. However, this isn't always possible as we need to call std::env::current_dir, which can fail. If we fail to convert the relative path to an absolute path, we simply keep the relative path.
  2. The TempPath::try_from_path behaves exactly like TempPath::from_path, except that it returns an error if we fail to convert a relative path into an absolute path (or if the passed path is empty).

Neither function attempt to verify the existence of the file in question.

Thanks to @​meng-xu-cs for reporting this issue.

Commits
  • 5c8fa12 chore: release 3.27.0
  • e34e574 test: disable uds conflict test on redox
  • 772c795 test: add CWD guards
  • 2632fb9 fix: resolve relative paths when constructing TempPath
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 27, 2026
@dependabot dependabot Bot requested a review from ndhkaeru as a code owner June 27, 2026 06:46
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 27, 2026

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 3aec33d104

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread Cargo.lock
[[package]]
name = "aes"
version = "0.8.4"
version = "0.9.1"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Avoid locking yanked crypto dependencies

When the Dependency Policy job runs, .github/workflows/rust.yml:102 invokes cargo deny check advisories bans licenses sources, and deny.toml:8 sets yanked = "deny"; this lockfile update now selects yanked crates (aes 0.9.1 here, and hmac 0.13.0 later), so the dependency-policy CI will reject the PR even though the code itself is unchanged. Please hold the zip bump or pin to non-yanked transitive versions.

Useful? React with 👍 / 👎.

@ndhkaeru

Copy link
Copy Markdown
Owner

@dependabot rebase

… 12 updates

Bumps the cargo-minor-patch group with 12 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.102` | `1.0.103` |
| [dashmap](https://github.com/xacrimon/dashmap) | `6.1.0` | `6.2.1` |
| [ignore](https://github.com/BurntSushi/ripgrep) | `0.4.25` | `0.4.26` |
| [regex](https://github.com/rust-lang/regex) | `1.12.3` | `1.12.4` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.149` | `1.0.150` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.49.0` | `1.50.0` |
| [tracing-subscriber](https://github.com/tokio-rs/tracing) | `0.3.22` | `0.3.23` |
| [tree-sitter](https://github.com/tree-sitter/tree-sitter) | `0.26.6` | `0.26.9` |
| [tree-sitter-rust](https://github.com/tree-sitter/tree-sitter-rust) | `0.24.0` | `0.24.2` |
| [tree-sitter-swift](https://github.com/alex-pinkus/tree-sitter-swift) | `0.7.2` | `0.7.3` |
| [zip](https://github.com/zip-rs/zip2) | `8.1.0` | `8.6.0` |
| [tempfile](https://github.com/Stebalien/tempfile) | `3.26.0` | `3.27.0` |



Updates `anyhow` from 1.0.102 to 1.0.103
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.102...1.0.103)

Updates `dashmap` from 6.1.0 to 6.2.1
- [Release notes](https://github.com/xacrimon/dashmap/releases)
- [Commits](xacrimon/dashmap@v6.1.0...v6.2.1)

Updates `ignore` from 0.4.25 to 0.4.26
- [Release notes](https://github.com/BurntSushi/ripgrep/releases)
- [Changelog](https://github.com/BurntSushi/ripgrep/blob/master/CHANGELOG.md)
- [Commits](BurntSushi/ripgrep@ignore-0.4.25...ignore-0.4.26)

Updates `regex` from 1.12.3 to 1.12.4
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](rust-lang/regex@1.12.3...1.12.4)

Updates `serde_json` from 1.0.149 to 1.0.150
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.149...v1.0.150)

Updates `tokio` from 1.49.0 to 1.50.0
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.49.0...tokio-1.50.0)

Updates `tracing-subscriber` from 0.3.22 to 0.3.23
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](tokio-rs/tracing@tracing-subscriber-0.3.22...tracing-subscriber-0.3.23)

Updates `tree-sitter` from 0.26.6 to 0.26.9
- [Release notes](https://github.com/tree-sitter/tree-sitter/releases)
- [Commits](tree-sitter/tree-sitter@v0.26.6...v0.26.9)

Updates `tree-sitter-rust` from 0.24.0 to 0.24.2
- [Release notes](https://github.com/tree-sitter/tree-sitter-rust/releases)
- [Commits](tree-sitter/tree-sitter-rust@v0.24.0...v0.24.2)

Updates `tree-sitter-swift` from 0.7.2 to 0.7.3
- [Release notes](https://github.com/alex-pinkus/tree-sitter-swift/releases)
- [Commits](alex-pinkus/tree-sitter-swift@0.7.2...0.7.3)

Updates `zip` from 8.1.0 to 8.6.0
- [Release notes](https://github.com/zip-rs/zip2/releases)
- [Changelog](https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md)
- [Commits](zip-rs/zip2@v8.1.0...v8.6.0)

Updates `tempfile` from 3.26.0 to 3.27.0
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](Stebalien/tempfile@v3.26.0...v3.27.0)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-version: 1.0.103
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-minor-patch
- dependency-name: dashmap
  dependency-version: 6.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo-minor-patch
- dependency-name: ignore
  dependency-version: 0.4.26
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-minor-patch
- dependency-name: regex
  dependency-version: 1.12.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-minor-patch
- dependency-name: serde_json
  dependency-version: 1.0.150
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-minor-patch
- dependency-name: tempfile
  dependency-version: 3.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo-minor-patch
- dependency-name: tokio
  dependency-version: 1.50.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo-minor-patch
- dependency-name: tracing-subscriber
  dependency-version: 0.3.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-minor-patch
- dependency-name: tree-sitter
  dependency-version: 0.26.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-minor-patch
- dependency-name: tree-sitter-rust
  dependency-version: 0.24.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-minor-patch
- dependency-name: tree-sitter-swift
  dependency-version: 0.7.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-minor-patch
- dependency-name: zip
  dependency-version: 8.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump the cargo-minor-patch group with 12 updates build(deps): bump the cargo-minor-patch group across 1 directory with 12 updates Jun 27, 2026
@dependabot dependabot Bot force-pushed the dependabot/cargo/cargo-minor-patch-b55bc29f43 branch from 3aec33d to 3b85dd5 Compare June 27, 2026 06:56

@ndhkaeru ndhkaeru left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Routine minor/patch dependency bumps; CI green on all 3 OS.

@ndhkaeru ndhkaeru merged commit 5657f18 into main Jun 27, 2026
13 checks passed
@ndhkaeru ndhkaeru deleted the dependabot/cargo/cargo-minor-patch-b55bc29f43 branch June 27, 2026 07:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant