build(deps): bump the cargo-minor-patch group across 1 directory with 12 updates#7
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3aec33d104
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| [[package]] | ||
| name = "aes" | ||
| version = "0.8.4" | ||
| version = "0.9.1" |
There was a problem hiding this comment.
Avoid locking yanked crypto dependencies
When the Dependency Policy job runs, .github/workflows/rust.yml:102 invokes cargo deny check advisories bans licenses sources, and deny.toml:8 sets yanked = "deny"; this lockfile update now selects yanked crates (aes 0.9.1 here, and hmac 0.13.0 later), so the dependency-policy CI will reject the PR even though the code itself is unchanged. Please hold the zip bump or pin to non-yanked transitive versions.
Useful? React with 👍 / 👎.
|
@dependabot rebase |
… 12 updates Bumps the cargo-minor-patch group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [anyhow](https://github.com/dtolnay/anyhow) | `1.0.102` | `1.0.103` | | [dashmap](https://github.com/xacrimon/dashmap) | `6.1.0` | `6.2.1` | | [ignore](https://github.com/BurntSushi/ripgrep) | `0.4.25` | `0.4.26` | | [regex](https://github.com/rust-lang/regex) | `1.12.3` | `1.12.4` | | [serde_json](https://github.com/serde-rs/json) | `1.0.149` | `1.0.150` | | [tokio](https://github.com/tokio-rs/tokio) | `1.49.0` | `1.50.0` | | [tracing-subscriber](https://github.com/tokio-rs/tracing) | `0.3.22` | `0.3.23` | | [tree-sitter](https://github.com/tree-sitter/tree-sitter) | `0.26.6` | `0.26.9` | | [tree-sitter-rust](https://github.com/tree-sitter/tree-sitter-rust) | `0.24.0` | `0.24.2` | | [tree-sitter-swift](https://github.com/alex-pinkus/tree-sitter-swift) | `0.7.2` | `0.7.3` | | [zip](https://github.com/zip-rs/zip2) | `8.1.0` | `8.6.0` | | [tempfile](https://github.com/Stebalien/tempfile) | `3.26.0` | `3.27.0` | Updates `anyhow` from 1.0.102 to 1.0.103 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](dtolnay/anyhow@1.0.102...1.0.103) Updates `dashmap` from 6.1.0 to 6.2.1 - [Release notes](https://github.com/xacrimon/dashmap/releases) - [Commits](xacrimon/dashmap@v6.1.0...v6.2.1) Updates `ignore` from 0.4.25 to 0.4.26 - [Release notes](https://github.com/BurntSushi/ripgrep/releases) - [Changelog](https://github.com/BurntSushi/ripgrep/blob/master/CHANGELOG.md) - [Commits](BurntSushi/ripgrep@ignore-0.4.25...ignore-0.4.26) Updates `regex` from 1.12.3 to 1.12.4 - [Release notes](https://github.com/rust-lang/regex/releases) - [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md) - [Commits](rust-lang/regex@1.12.3...1.12.4) Updates `serde_json` from 1.0.149 to 1.0.150 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](serde-rs/json@v1.0.149...v1.0.150) Updates `tokio` from 1.49.0 to 1.50.0 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.49.0...tokio-1.50.0) Updates `tracing-subscriber` from 0.3.22 to 0.3.23 - [Release notes](https://github.com/tokio-rs/tracing/releases) - [Commits](tokio-rs/tracing@tracing-subscriber-0.3.22...tracing-subscriber-0.3.23) Updates `tree-sitter` from 0.26.6 to 0.26.9 - [Release notes](https://github.com/tree-sitter/tree-sitter/releases) - [Commits](tree-sitter/tree-sitter@v0.26.6...v0.26.9) Updates `tree-sitter-rust` from 0.24.0 to 0.24.2 - [Release notes](https://github.com/tree-sitter/tree-sitter-rust/releases) - [Commits](tree-sitter/tree-sitter-rust@v0.24.0...v0.24.2) Updates `tree-sitter-swift` from 0.7.2 to 0.7.3 - [Release notes](https://github.com/alex-pinkus/tree-sitter-swift/releases) - [Commits](alex-pinkus/tree-sitter-swift@0.7.2...0.7.3) Updates `zip` from 8.1.0 to 8.6.0 - [Release notes](https://github.com/zip-rs/zip2/releases) - [Changelog](https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md) - [Commits](zip-rs/zip2@v8.1.0...v8.6.0) Updates `tempfile` from 3.26.0 to 3.27.0 - [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md) - [Commits](Stebalien/tempfile@v3.26.0...v3.27.0) --- updated-dependencies: - dependency-name: anyhow dependency-version: 1.0.103 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: dashmap dependency-version: 6.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: cargo-minor-patch - dependency-name: ignore dependency-version: 0.4.26 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: regex dependency-version: 1.12.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: serde_json dependency-version: 1.0.150 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: tempfile dependency-version: 3.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: cargo-minor-patch - dependency-name: tokio dependency-version: 1.50.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: cargo-minor-patch - dependency-name: tracing-subscriber dependency-version: 0.3.23 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: tree-sitter dependency-version: 0.26.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: tree-sitter-rust dependency-version: 0.24.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: tree-sitter-swift dependency-version: 0.7.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: cargo-minor-patch - dependency-name: zip dependency-version: 8.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: cargo-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>
3aec33d to
3b85dd5
Compare
ndhkaeru
left a comment
There was a problem hiding this comment.
Routine minor/patch dependency bumps; CI green on all 3 OS.
Bumps the cargo-minor-patch group with 12 updates in the / directory:
1.0.1021.0.1036.1.06.2.10.4.250.4.261.12.31.12.41.0.1491.0.1501.49.01.50.00.3.220.3.230.26.60.26.90.24.00.24.20.7.20.7.38.1.08.6.03.26.03.27.0Updates
anyhowfrom 1.0.102 to 1.0.103Release notes
Sourced from anyhow's releases.
Commits
5bdb0e2Release 1.0.103e621bd3Merge pull request #452 from dtolnay/downcast6e8c000Eliminate pointer->reference->pointer during downcast67c4abdAdd regression test for issue 451917a169Update actions/upload-artifact@v6 -> v7d9dc3faUpdate actions/checkout@v6 -> v7841522bRaise minimum tested compiler to rust 1.85Updates
dashmapfrom 6.1.0 to 6.2.1Release notes
Sourced from dashmap's releases.
Commits
749ed1fv6.2.1d02b945v6.2.0b983625update dependencies94a294abump msrv to 1.85Updates
ignorefrom 0.4.25 to 0.4.26Commits
82313cfignore-0.4.2643e2f08ignore: fix parent gitignore matching across multiple roots79a23e0ignore: use named fields inIgnore4519153doc: clarify half-boundary syntax for the-w/--word-regexpflagcb66736core: bleat a DEBUG message when RIPGREP_CONFIG_PATH is not set9b84e15ignore/types: addcontainertype that covers bothDockerfileand `Contain...cd1f981fix: deriveDefaultwhen possibleUpdates
regexfrom 1.12.3 to 1.12.4Changelog
Sourced from regex's changelog.
Commits
7b96fdc1.12.47b89cf0deps: update to regex-syntax 0.8.111401679regex-syntax-0.8.11d709000changelog: 1.12.49825c74syntax: avoid re-canonicalizing the entire IntervalSet on push (#1308)a7f2ff6docs: clarify regex-lite word boundaries2c7b172docs: clarify unsupported Anchored::Pattern searches839d16bregex-syntax-0.8.10c4865a0syntax: fix negation handling in HIR translationd8761c0cargo: also includebenchesUpdates
serde_jsonfrom 1.0.149 to 1.0.150Release notes
Sourced from serde_json's releases.
Commits
a1ae73aRelease 1.0.1501a360b0Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys2037b63Reject non-string enum object keys5d30df6Resolve manual_assert_eq pedantic clippy lintdc8003aRaise required compiler for preserve_order feature to 1.85a42fa98Unpin CI miri toolchain684a60ePin CI miri to nightly-2026-02-117c7da33Raise required compiler to Rust 1.71acf4850Simplify Number::is_f646b8ceabResolve unnecessary_map_or clippy lintUpdates
tokiofrom 1.49.0 to 1.50.0Release notes
Sourced from tokio's releases.
... (truncated)
Commits
0273e45chore: prepare Tokio v1.50.0 (#7934)e3ee4e5chore: prepare tokio-macros v2.6.1 (#7943)8c980eaio: addwrite_all_vectoredtotokio-util(#7768)e35fd6dci: fix patch during clippy step (#7935)03fe44cruntime: fixevent_intervaldoc (#7932)d18e5dfio: fix race inMock::poll_write(#7882)f21f269runtime: fix race condition during the blocking pool shutdown (#7922)d81e8f0macros: remove (most) localusedeclarations intokio::select!(#7929)25e7f26rt: fix missing quotation in docs (#7925)e1a91efutil: fix typo in docs (#7926)Updates
tracing-subscriberfrom 0.3.22 to 0.3.23Release notes
Sourced from tracing-subscriber's releases.
Commits
54ede4dchore: prepare tracing-subscriber 0.3.23 (#3490)37558d5subscriber: allow ansi sanitization to be disabled (#3484)efc690fcore: add missing const (#3449)0c32367core: Use const initializers instead ofonce_cell9feb241docs: add arcswap reload crate to related (#3442)2d55f6fchore: prepare tracing 0.1.44 (#3439)10a9e83chore: prepare tracing-core 0.1.36 (#3440)ee82cf9tracing: fix record_all panic (#3432)9978c36chore: prepare tracing-mock 0.1.0-beta.3 (#3429)Updates
tree-sitterfrom 0.26.6 to 0.26.9Release notes
Sourced from tree-sitter's releases.
... (truncated)
Commits
7f53486release v0.26.977b96defix(wasm): validate memory reads (#5569) (#5613)a082228build(deps): bump wasmtime-c-api to v36.0.97aea015fix(wasm): load supertype tables for ABI 15 grammars (#5605) (#5606)2cad8b8fix(generate): consider reserved words when removing unused rulesddbe469fix(generate): rewriteparse_grammarwith forward DFS17f9796fix(generate): improve error message for nonterminals used in immediate token...17e4bf9fix(cli): account for process versions > 5 in the parse command's prettyec120d0build(deps): bump wasmtime-c-api to v36.0.87c3d842docs: note zero point unbounded behavior in query functionsUpdates
tree-sitter-rustfrom 0.24.0 to 0.24.2Release notes
Sourced from tree-sitter-rust's releases.
Commits
77a37470.24.2c9f1579Merge remote-tracking branch 'origin/v0.24.x'b3e615dFix bad error recovery when parsing repeated string literals (#307)4b81067Disable regeneration6651c80Regenerate parser96e3121Remove attestations from GH release job8a1ccae0.24.1ab43fdbParse string literals even in with unexpected prefixes (#306)261b202Raw reference/identifier conflict (#288)946595dInclude LICENSE (#263)Updates
tree-sitter-swiftfrom 0.7.2 to 0.7.3Release notes
Sourced from tree-sitter-swift's releases.
Commits
b8b22bfUpdate for 0.7.3 release55645a8Updating top repository version24585e2Merge pull request #583 from danfaer/feat/directives-in-type-bodies24db106Merge main into feat/directives-in-type-bodiesa923ac6Support bracket-qualified nested type access in type position03e31aeSupport parenthesized nonisolated modifier: nonisolated(unsafe)/(nonsending)1de03f1Allow #if/#elseif/#else/#endif directives inside type bodies3d38a39Updating top repository version30f3056Fix parsing of double-optional types (Type??) in lambda parametersed1196cAdd do throws(E) do-catch syntax -- SE-0413Updates
zipfrom 8.1.0 to 8.6.0Release notes
Sourced from zip's releases.
... (truncated)
Changelog
Sourced from zip's changelog.
... (truncated)
Commits
771dfc5chore: release v8.6.0 (#781)8e480ccchore(deps): update sha1 requirement from 0.10 to 0.11 (#767)2513bbechore(deps): update aes requirement from 0.8 to 0.9 (#787)957e240ci(deps): bump actions/cache from 5.0.4 to 5.0.5 (#786)0329d9dfix: allow for[u8]as filename (#775)ddcf854ci(deps): bump github/codeql-action from 4.35.1 to 4.35.2 (#788)42323a8ci(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#785)901014aci(deps): bump crate-ci/typos from 1.45.0 to 1.45.1 (#784)07702d4feat: addcompression not supportedas enum error (#774)2d0c46bci(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#783)Updates
tempfilefrom 3.26.0 to 3.27.0Changelog
Sourced from tempfile's changelog.
Commits
5c8fa12chore: release 3.27.0e34e574test: disable uds conflict test on redox772c795test: add CWD guards2632fb9fix: resolve relative paths when constructingTempPath