Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Bump the rust-dependencies group with 12 updates

Open
Number: #1410
Type: Pull Request
State: Open
Author: dependabot[bot] dependabot[bot]
Association: Contributor
Comments: 0
Created: July 07, 2025 at 10:53 AM UTC
(2 months ago)
Updated: July 07, 2025 at 02:03 PM UTC
(2 months ago)
Labels:
dependencies rust
Description:

Bumps the rust-dependencies group with 12 updates:

Package From To
base64 0.13.1 0.22.1
bitflags 1.3.2 2.9.0
rand 0.8.5 0.9.1
serde_with 3.13.0 3.14.0
thiserror 1.0.69 2.0.12
webpki-roots 0.26.11 1.0.0
pbkdf2 0.11.0 0.12.2
reqwest 0.12.20 0.12.22
tokio 1.45.1 1.46.1
cc 1.2.27 1.2.29
h2 0.4.10 0.4.11
serde_with_macros 3.13.0 3.14.0

Updates base64 from 0.13.1 to 0.22.1

Changelog

Sourced from base64's changelog.

0.22.1

  • Correct the symbols used for the predefined alphabet::BIN_HEX.

0.22.0

  • DecodeSliceError::OutputSliceTooSmall is now conservative rather than precise. That is, the error will only occur if the decoded output cannot fit, meaning that Engine::decode_slice can now be used with exactly-sized output slices. As part of this, Engine::internal_decode now returns DecodeSliceError instead of DecodeError, but that is not expected to affect any external callers.
  • DecodeError::InvalidLength now refers specifically to the number of valid symbols being invalid (i.e. len % 4 == 1), rather than just the number of input bytes. This avoids confusing scenarios when based on interpretation you could make a case for either InvalidLength or InvalidByte being appropriate.
  • Decoding is somewhat faster (5-10%)

0.21.7

  • Support getting an alphabet's contents as a str via Alphabet::as_str()

0.21.6

  • Improved introductory documentation and example

0.21.5

  • Add Debug and Clone impls for the general purpose Engine

0.21.4

  • Make encoded_len const, allowing the creation of arrays sized to encode compile-time-known data lengths

0.21.3

  • Implement source instead of cause on Error types
  • Roll back MSRV to 1.48.0 so Debian can continue to live in a time warp
  • Slightly faster chunked encoding for short inputs
  • Decrease binary size

0.21.2

  • Rollback MSRV to 1.57.0 -- only dev dependencies need 1.60, not the main code

0.21.1

  • Remove the possibility of panicking during decoded length calculations
  • DecoderReader no longer sometimes erroneously ignores padding #226

Breaking changes

  • Engine.internal_decode return type changed
  • Update MSRV to 1.60.0

0.21.0

... (truncated)

Commits
  • e144006 v0.22.1
  • 64cca59 Merge pull request #271 from JobanSD/patch-1
  • 838355e Correct BinHex 4.0 alphabet according to specifications
  • bf15ccf Merge pull request #270 from marshallpierce/mp/clippy
  • fc6aabe Appease clippy
  • 9a518a2 Merge pull request #267 from bdura/patch-1
  • d96c80f Merge branch 'marshallpierce:master' into patch-1
  • 5d70ba7 Merge pull request #269 from marshallpierce/mp/decode-precisely
  • efb6c00 Release notes
  • 2b91084 Add some tests to boost coverage
  • Additional commits viewable in compare view

Updates bitflags from 1.3.2 to 2.9.0

Release notes

Sourced from bitflags's releases.

2.9.0

What's Changed

Full Changelog: https://github.com/bitflags/bitflags/compare/2.8.0...2.9.0

2.8.0

What's Changed

New Contributors

Full Changelog: https://github.com/bitflags/bitflags/compare/2.7.0...2.8.0

2.7.0

What's Changed

New Contributors

Full Changelog: https://github.com/bitflags/bitflags/compare/2.6.0...2.7.0

2.6.0

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from bitflags's changelog.

2.9.0

What's Changed

Full Changelog: https://github.com/bitflags/bitflags/compare/2.8.0...2.9.0

2.8.0

What's Changed

New Contributors

Full Changelog: https://github.com/bitflags/bitflags/compare/2.7.0...2.8.0

2.7.0

What's Changed

New Contributors

Full Changelog: https://github.com/bitflags/bitflags/compare/2.6.0...2.7.0

2.6.0

What's Changed

New Contributors

... (truncated)

Commits
  • e197bf5 Merge pull request #439 from KodrAus/cargo/2.9.0
  • 8df6e80 prepare for 2.9.0 release
  • e92f0ae Merge pull request #438 from KodrAus/fix/ui-tests
  • 226ff75 fix up UI tests
  • 2170a26 Merge pull request #437 from wysiwys/wysiwys/add-clear-method
  • 76dde58 add tests for clear() trait method
  • ce5d420 add clear() method to trait
  • 9e45d36 Merge pull request #434 from bitflags/KodrAus-patch-1
  • 617645a pin checkout action for miri job
  • 2c836f2 Merge pull request #433 from bitflags/ci/remove-scorecard
  • Additional commits viewable in compare view

Updates rand from 0.8.5 to 0.9.1

Changelog

Sourced from rand's changelog.

[0.9.1] - 2025-04-17

Security and unsafe

  • Revise "not a crypto library" policy again (#1565)
  • Remove zerocopy dependency from rand (#1579)

Fixes

  • Fix feature simd_support for recent nightly rust (#1586)

Changes

  • Allow fn rand::seq::index::sample_weighted and fn IndexedRandom::choose_multiple_weighted to return fewer than amount results (#1623), reverting an undocumented change (#1382) to the previous release.

Additions

  • Add rand::distr::Alphabetic distribution. (#1587)
  • Re-export rand_core (#1604)

[0.9.0] - 2025-01-27

Security and unsafe

  • Policy: "rand is not a crypto library" (#1514)
  • Remove fork-protection from ReseedingRng and ThreadRng. Instead, it is recommended to call ThreadRng::reseed on fork. (#1379)
  • Use zerocopy to replace some unsafe code (#1349, #1393, #1446, #1502)

Dependencies

  • Bump the MSRV to 1.63.0 (#1207, #1246, #1269, #1341, #1416, #1536); note that 1.60.0 may work for dependents when using --ignore-rust-version
  • Update to rand_core v0.9.0 (#1558)

Features

  • Support std feature without getrandom or rand_chacha (#1354)
  • Enable feature small_rng by default (#1455)
  • Remove implicit feature rand_chacha; use std_rng instead. (#1473)
  • Rename feature serde1 to serde (#1477)
  • Rename feature getrandom to os_rng (#1537)
  • Add feature thread_rng (#1547)

API changes: rand_core traits

  • Add fn RngCore::read_adapter implementing std::io::Read (#1267)
  • Add trait CryptoBlockRng: BlockRngCore; make trait CryptoRng: RngCore (#1273)
  • Add traits TryRngCore, TryCryptoRng (#1424, #1499)
  • Rename fn SeedableRng::from_rng -> try_from_rng and add infallible variant fn from_rng (#1424)
  • Rename fn SeedableRng::from_entropy -> from_os_rng and add fallible variant fn try_from_os_rng (#1424)
  • Add bounds Clone and AsRef to associated type SeedableRng::Seed (#1491)

API changes: Rng trait and top-level fns

  • Rename fn rand::thread_rng() to rand::rng() and remove from the prelude (#1506)
  • Remove fn rand::random() from the prelude (#1506)
  • Add top-level fns random_iter, random_range, random_bool, random_ratio, fill (#1488)
  • Re-introduce fn Rng::gen_iter as random_iter (#1305, #1500)
  • Rename fn Rng::gen to random to avoid conflict with the new gen keyword in Rust 2024 (#1438)
  • Rename fns Rng::gen_range to random_range, gen_bool to random_bool, gen_ratio to random_ratio (#1505)
  • Annotate panicking methods with #[track_caller] (#1442, #1447)

... (truncated)

Commits
  • ec6d5c0 Prepare rand_core v0.9.1 (#1591)
  • 6a06056 rand_core: introduce an UnwrapMut wrapper (#1589)
  • 8929123 Add Alphabetic distribution (#1587)
  • 06b1642 Remove unnecessary underscore from `impl<T, const N: usize> Distribution<[T; ...
  • 49d76cd rename extract to extract_lane (#1586)
  • e0a70fd Change to use array::from_fn in Distribution\<[T; N]> for StandardUniform ...
  • 0bc3f65 Move rand distr (#1577)
  • 2677c49 Revise "not a crypto library" policy and SECURITY.md (#1565)
  • bfd1826 SeedableRng docs: add note on (lack of) reproducibility (#1572)
  • c01aee7 Fix some links (#1571)
  • Additional commits viewable in compare view

Updates serde_with from 3.13.0 to 3.14.0

Release notes

Sourced from serde_with's releases.

serde_with v3.14.0

Added

  • Add support for Range, RangeFrom, RangeTo, RangeInclusive (#851) RangeToInclusive is currently unsupported by serde.
  • Add schemars implementations for Bound, Range, RangeFrom, RangeTo, RangeInclusive.
  • Added support for schemars v1 under the schemars_1 feature flag
Commits

Updates thiserror from 1.0.69 to 2.0.12

Release notes

Sourced from thiserror's releases.

2.0.12

  • Prevent elidable_lifetime_names pedantic clippy lint in generated impl (#413)

2.0.11

2.0.10

  • Support errors containing a generic type parameter's associated type in a field (#408)

2.0.9

  • Work around missing_inline_in_public_items clippy restriction being triggered in macro-generated code (#404)

2.0.8

  • Improve support for macro-generated derive(Error) call sites (#399)

2.0.7

  • Work around conflict with #[deny(clippy::allow_attributes)] (#397, thanks @​zertosh)

2.0.6

  • Suppress deprecation warning on generated From impls (#396)

2.0.5

  • Prevent deprecation warning on generated impl for deprecated type (#394)

2.0.4

  • Eliminate needless_lifetimes clippy lint in generated From impls (#391, thanks @​matt-phylum)

2.0.3

  • Support the same Path field being repeated in both Debug and Display representation in error message (#383)
  • Improve error message when a format trait used in error message is not implemented by some field (#384)

2.0.2

  • Fix hang on invalid input inside #[error(...)] attribute (#382)

2.0.1

  • Support errors that contain a dynamically sized final field (#375)
  • Improve inference of trait bounds for fields that are interpolated multiple times in an error message (#377)

2.0.0

Breaking changes

  • Referencing keyword-named fields by a raw identifier like {r#type} inside a format string is no longer accepted; simply use the unraw name like {type} (#347)

    This aligns thiserror with the standard library's formatting macros, which gained support for implicit argument capture later than the release of this feature in thiserror 1.x.

    #[derive(Error, Debug)]
#[error("... {type} ...")]  // Before: {r#type}
pub struct Error {
    pub r#type: Type,

... (truncated)

Commits
  • 95a5126 Release 2.0.12
  • 76490f7 Merge pull request #413 from dtolnay/elidablelifetime
  • 9f27b76 Ignore elidable_lifetime_names pedantic clippy lint
  • daf2a6f Resolve some elidable_lifetime_names pedantic clippy lint
  • 5f07160 Point standard library links to stable
  • 6706a51 Convert html links to intra-doc links
  • 2706873 More precise gitignore patterns
  • 70bc20d Remove **/*.rs.bk from project-specific gitignore
  • 0f532e3 Release 2.0.11
  • 3d15543 Merge pull request #410 from dtolnay/testnostd
  • Additional commits viewable in compare view

Updates webpki-roots from 0.26.11 to 1.0.0

Release notes

Sourced from webpki-roots's releases.

1.0.0

After 51 releases over about nine years, this is the first stable release of the webpki-roots and webpki-root-certs crates.

The 1.0.0 release is functionally equal to the 0.26.10 release. We will make a 0.26.11 release that uses 1.0.0 using the semver trick.

What's Changed

Full Changelog: https://github.com/rustls/webpki-roots/compare/v/0.26.10...v/1.0.0

Commits

Updates pbkdf2 from 0.11.0 to 0.12.2

Commits

Updates reqwest from 0.12.20 to 0.12.22

Release notes

Sourced from reqwest's releases.

v0.12.22

tl;dr

  • Fix socks proxies when resolving IPv6 destinations.

What's Changed

Full Changelog: https://github.com/seanmonstar/reqwest/compare/v0.12.21...v0.12.22

v0.12.21

tl;dr

  • Fix socks proxy to use socks4a:// instead of socks4h://.
  • Fix Error::is_timeout() to check for hyper and IO timeouts too.
  • Fix request Error to again include URLs when possible.
  • Fix socks connect error to include more context.
  • (wasm) implement Default for Body.

What's Changed

New Contributors

Full Changelog: https://github.com/seanmonstar/reqwest/compare/v0.12.20...v0.12.21

Changelog

Sourced from reqwest's changelog.

v0.12.22

  • Fix socks proxies when resolving IPv6 destinations.

v0.12.21

  • Fix socks proxy to use socks4a:// instead of socks4h://.
  • Fix Error::is_timeout() to check for hyper and IO timeouts too.
  • Fix request Error to again include URLs when possible.
  • Fix socks connect error to include more context.
  • (wasm) implement Default for Body.
Commits

Updates tokio from 1.45.1 to 1.46.1

Release notes

Sourced from tokio's releases.

Tokio v1.46.1

1.46.1 (July 4th, 2025)

This release fixes incorrect spawn locations in runtime task hooks for tasks spawned using tokio::spawn rather than Runtime::spawn. This issue only effected the spawn location in TaskMeta::spawned_at, and did not effect task locations in Tracing events.

Unstable

  • runtime: add TaskMeta::spawn_location tracking where a task was spawned (#7440)

#7440: tokio-rs/tokio#7440

Tokio v1.46.0

1.46.0 (July 2nd, 2025)

Fixed

  • net: fixed TcpStream::shutdown incorrectly returning an error on macOS (#7290)

Added

  • sync: mpsc::OwnedPermit::{same_channel, same_channel_as_sender} methods (#7389)
  • macros: biased option for join! and try_join!, similar to select! (#7307)
  • net: support for cygwin (#7393)
  • net: support pope::OpenOptions::read_write on Android (#7426)
  • net: add Clone implementation for net::unix::SocketAddr (#7422)

Changed

  • runtime: eliminate unnecessary lfence while operating on queue::Local<T> (#7340)
  • task: disallow blocking in LocalSet::{poll,drop} (#7372)

Unstable

  • runtime: add TaskMeta::spawn_location tracking where a task was spawned (#7417)
  • runtime: removed borrow from LocalOptions parameter to runtime::Builder::build_local (#7346)

Documented

  • io: clarify behavior of seeking when start_seek is not used (#7366)
  • io: document cancellation safety of AsyncWriteExt::flush (#7364)
  • net: fix docs for recv_buffer_size method (#7336)
  • net: fix broken link of RawFd in TcpSocket docs (#7416)
  • net: update AsRawFd doc link to current Rust stdlib location (#7429)
  • readme: fix double period in reactor description (#7363)
  • runtime: add doc note that on_*_task_poll is unstable (#7311)
  • sync: update broadcast docs on allocation failure (#7352)
  • time: add a missing panic scenario of time::advance (#7394)

#7290: tokio-rs/tokio#7290 #7307: tokio-rs/tokio#7307

... (truncated)

Commits
  • ab3ff69 chore: prepare to release v1.46.1 (#7444)
  • a0d5b8a runtime(unstable): fix task hook spawn locations for tokio::spawn (#7440)
  • a1ee3ef chore: fix some minor typos in the comments (#7442)
  • 171cd14 changelog: fix typo in pipe::OpenOptions for 1.46.0 (#7439)
  • 3f1f268 chore: prepare Tokio v1.46.0 (#7437)
  • 3e890cc rt(unstable): add spawn Location to TaskMeta (#7417)
  • 69290a6 net: derive Clone for net::unix::SocketAddr (#7422)
  • e2b1758 fuzz: cfg fuzz tests under cfg(test) (#7428)
  • b7a75b5 net: update AsRawFd doc link to current Rust stdlib location (#7429)
  • 6b705b3 net: allow pipe::OpenOptions::read_write on Android (#7426)
  • Additional commits viewable in compare view

Updates cc from 1.2.27 to 1.2.29

Release notes

Sourced from cc's releases.

cc-v1.2.29

Other

  • Fix target parsing for powerpc (#1490)

cc-v1.2.28

Other

  • Recognize mlibc environment (#1488)
  • Fix clippy warnings about not using variables in format! strings (#1489)
Changelog

Sourced from cc's changelog.

1.2.29 - 2025-07-05

Other

  • Fix target parsing for powerpc (#1490)

1.2.28 - 2025-07-04

Other

  • Recognize mlibc environment (#1488)
  • Fix clippy warnings about not using variables in format! strings (#1489)
Commits

Updates h2 from 0.4.10 to 0.4.11

Release notes

Sourced from h2's releases.

v0.4.11

What's Changed

New Contributors

Full Changelog: https://github.com/hyperium/h2/compare/v0.4.10...v0.4.11

Changelog

Sourced from h2's changelog.

0.4.11 (June 30, 2025)

  • Fix client to not return an error when a clean shutdown otherwise doesn't get a TLS close_notify, which some servers don't bother sending.
Commits
  • 6b27688 v0.4.11
  • 69294bb refactor: change local reset counter to use type system more
  • 97704b5 fix: not return UnexpectedEof when server drops without close_notify (#847)
  • 27d1272 style: fix anonymous lifetime syntax
  • See full diff in compare view

Updates serde_with_macros from 3.13.0 to 3.14.0

Release notes

Sourced from serde_with_macros's releases.

serde_with v3.14.0

Added

  • Add support for Range, RangeFrom, RangeTo, RangeInclusive (#851) RangeToInclusive is currently unsupported by serde.
  • Add schemars implementations for Bound, Range, RangeFrom, RangeTo, RangeInclusive.
  • Added support for schemars v1 under the schemars_1 feature flag
Commits
  • 16ea265 Bump version to 3.14 (#865)
  • 6b963ec Bump version to 3.14
  • ff8df7a Dead code cleanup (#864)
  • e3a5f16 Fix function naming scheme
  • 20a8cf6 Remove unused derives and dead functions in schemars code
  • efe145b Extract common DropGuard struct and NumberExt trait
  • 1c3a1d3 Remove unused derives from internal Conten...

    Description has been truncated

Pull Request Statistics
Commits:
1
Files Changed:
1
Additions:
+39
Deletions:
-13
Package Dependencies
Package:
reqwest
Ecosystem:
cargo
Version Change:
0.12.20 → 0.12.22
Update Type:
Patch
Package:
tokio
Ecosystem:
cargo
Version Change:
1.45.1 → 1.46.1
Update Type:
Minor
Package:
rand
Ecosystem:
cargo
Version Change:
0.8.5 → 0.9.1
Update Type:
Minor
Package:
thiserror
Ecosystem:
cargo
Version Change:
1.0.69 → 2.0.12
Update Type:
Major
Package:
h2
Ecosystem:
cargo
Version Change:
0.4.10 → 0.4.11
Update Type:
Patch
Package:
cc
Ecosystem:
cargo
Version Change:
1.2.27 → 1.2.29
Update Type:
Patch
Package:
base64
Ecosystem:
cargo
Version Change:
0.13.1 → 0.22.1
Update Type:
Minor
Package:
bitflags
Ecosystem:
cargo
Version Change:
1.3.2 → 2.9.0
Update Type:
Major
Package:
webpki-roots
Ecosystem:
cargo
Version Change:
0.26.11 → 1.0.0
Update Type:
Major
Package:
serde_with
Ecosystem:
cargo
Version Change:
3.13.0 → 3.14.0
Update Type:
Minor
Package:
pbkdf2
Ecosystem:
cargo
Version Change:
0.11.0 → 0.12.2
Update Type:
Minor
Package:
serde_with_macros
Ecosystem:
cargo
Version Change:
3.13.0 → 3.14.0
Update Type:
Minor
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 2895587
UUID: 2646340819
Node ID: PR_kwDOCvnhg86du_TT
Host: GitHub
Repository: mongodb/mongo-rust-driver
Mergeable: Yes
Merge State: Unstable
Rebaseable: Yes