Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Bump the rust-dependencies group with 13 updates

Merged
Number: #1436
Type: Pull Request
State: Merged
Author: dependabot[bot] dependabot[bot]
Association: Contributor
Comments: 0
Created: July 28, 2025 at 03:39 PM UTC
(about 1 month ago)
Updated: July 28, 2025 at 05:19 PM UTC
(about 1 month ago)
Merged: July 28, 2025 at 05:19 PM UTC
(about 1 month ago)
by isabelatkinson
Time to Close: about 2 hours
Labels:
dependencies rust
Description:

Bumps the rust-dependencies group with 13 updates:

Package From To
base64 0.13.1 0.22.1
bitflags 1.3.2 2.9.0
rand 0.8.5 0.9.1
thiserror 1.0.69 2.0.12
webpki-roots 0.26.11 1.0.0
pbkdf2 0.11.0 0.12.2
rustls 0.23.29 0.23.30
tokio 1.46.1 1.47.0
dyn-clone 1.0.19 1.0.20
hyper-util 0.1.15 0.1.16
io-uring 0.7.8 0.7.9
redox_syscall 0.5.14 0.5.16
rustc-demangle 0.1.25 0.1.26

Updates base64 from 0.13.1 to 0.22.1

Changelog

Sourced from base64's changelog.

0.22.1

  • Correct the symbols used for the predefined alphabet::BIN_HEX.

0.22.0

  • DecodeSliceError::OutputSliceTooSmall is now conservative rather than precise. That is, the error will only occur if the decoded output cannot fit, meaning that Engine::decode_slice can now be used with exactly-sized output slices. As part of this, Engine::internal_decode now returns DecodeSliceError instead of DecodeError, but that is not expected to affect any external callers.
  • DecodeError::InvalidLength now refers specifically to the number of valid symbols being invalid (i.e. len % 4 == 1), rather than just the number of input bytes. This avoids confusing scenarios when based on interpretation you could make a case for either InvalidLength or InvalidByte being appropriate.
  • Decoding is somewhat faster (5-10%)

0.21.7

  • Support getting an alphabet's contents as a str via Alphabet::as_str()

0.21.6

  • Improved introductory documentation and example

0.21.5

  • Add Debug and Clone impls for the general purpose Engine

0.21.4

  • Make encoded_len const, allowing the creation of arrays sized to encode compile-time-known data lengths

0.21.3

  • Implement source instead of cause on Error types
  • Roll back MSRV to 1.48.0 so Debian can continue to live in a time warp
  • Slightly faster chunked encoding for short inputs
  • Decrease binary size

0.21.2

  • Rollback MSRV to 1.57.0 -- only dev dependencies need 1.60, not the main code

0.21.1

  • Remove the possibility of panicking during decoded length calculations
  • DecoderReader no longer sometimes erroneously ignores padding #226

Breaking changes

  • Engine.internal_decode return type changed
  • Update MSRV to 1.60.0

0.21.0

... (truncated)

Commits
  • e144006 v0.22.1
  • 64cca59 Merge pull request #271 from JobanSD/patch-1
  • 838355e Correct BinHex 4.0 alphabet according to specifications
  • bf15ccf Merge pull request #270 from marshallpierce/mp/clippy
  • fc6aabe Appease clippy
  • 9a518a2 Merge pull request #267 from bdura/patch-1
  • d96c80f Merge branch 'marshallpierce:master' into patch-1
  • 5d70ba7 Merge pull request #269 from marshallpierce/mp/decode-precisely
  • efb6c00 Release notes
  • 2b91084 Add some tests to boost coverage
  • Additional commits viewable in compare view

Updates bitflags from 1.3.2 to 2.9.0

Release notes

Sourced from bitflags's releases.

2.9.0

What's Changed

Full Changelog: https://github.com/bitflags/bitflags/compare/2.8.0...2.9.0

2.8.0

What's Changed

New Contributors

Full Changelog: https://github.com/bitflags/bitflags/compare/2.7.0...2.8.0

2.7.0

What's Changed

New Contributors

Full Changelog: https://github.com/bitflags/bitflags/compare/2.6.0...2.7.0

2.6.0

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from bitflags's changelog.

2.9.0

What's Changed

Full Changelog: https://github.com/bitflags/bitflags/compare/2.8.0...2.9.0

2.8.0

What's Changed

New Contributors

Full Changelog: https://github.com/bitflags/bitflags/compare/2.7.0...2.8.0

2.7.0

What's Changed

New Contributors

Full Changelog: https://github.com/bitflags/bitflags/compare/2.6.0...2.7.0

2.6.0

What's Changed

New Contributors

... (truncated)

Commits
  • e197bf5 Merge pull request #439 from KodrAus/cargo/2.9.0
  • 8df6e80 prepare for 2.9.0 release
  • e92f0ae Merge pull request #438 from KodrAus/fix/ui-tests
  • 226ff75 fix up UI tests
  • 2170a26 Merge pull request #437 from wysiwys/wysiwys/add-clear-method
  • 76dde58 add tests for clear() trait method
  • ce5d420 add clear() method to trait
  • 9e45d36 Merge pull request #434 from bitflags/KodrAus-patch-1
  • 617645a pin checkout action for miri job
  • 2c836f2 Merge pull request #433 from bitflags/ci/remove-scorecard
  • Additional commits viewable in compare view

Updates rand from 0.8.5 to 0.9.1

Changelog

Sourced from rand's changelog.

[0.9.1] - 2025-04-17

Security and unsafe

  • Revise "not a crypto library" policy again (#1565)
  • Remove zerocopy dependency from rand (#1579)

Fixes

  • Fix feature simd_support for recent nightly rust (#1586)

Changes

  • Allow fn rand::seq::index::sample_weighted and fn IndexedRandom::choose_multiple_weighted to return fewer than amount results (#1623), reverting an undocumented change (#1382) to the previous release.

Additions

  • Add rand::distr::Alphabetic distribution. (#1587)
  • Re-export rand_core (#1604)

[0.9.0] - 2025-01-27

Security and unsafe

  • Policy: "rand is not a crypto library" (#1514)
  • Remove fork-protection from ReseedingRng and ThreadRng. Instead, it is recommended to call ThreadRng::reseed on fork. (#1379)
  • Use zerocopy to replace some unsafe code (#1349, #1393, #1446, #1502)

Dependencies

  • Bump the MSRV to 1.63.0 (#1207, #1246, #1269, #1341, #1416, #1536); note that 1.60.0 may work for dependents when using --ignore-rust-version
  • Update to rand_core v0.9.0 (#1558)

Features

  • Support std feature without getrandom or rand_chacha (#1354)
  • Enable feature small_rng by default (#1455)
  • Remove implicit feature rand_chacha; use std_rng instead. (#1473)
  • Rename feature serde1 to serde (#1477)
  • Rename feature getrandom to os_rng (#1537)
  • Add feature thread_rng (#1547)

API changes: rand_core traits

  • Add fn RngCore::read_adapter implementing std::io::Read (#1267)
  • Add trait CryptoBlockRng: BlockRngCore; make trait CryptoRng: RngCore (#1273)
  • Add traits TryRngCore, TryCryptoRng (#1424, #1499)
  • Rename fn SeedableRng::from_rng -> try_from_rng and add infallible variant fn from_rng (#1424)
  • Rename fn SeedableRng::from_entropy -> from_os_rng and add fallible variant fn try_from_os_rng (#1424)
  • Add bounds Clone and AsRef to associated type SeedableRng::Seed (#1491)

API changes: Rng trait and top-level fns

  • Rename fn rand::thread_rng() to rand::rng() and remove from the prelude (#1506)
  • Remove fn rand::random() from the prelude (#1506)
  • Add top-level fns random_iter, random_range, random_bool, random_ratio, fill (#1488)
  • Re-introduce fn Rng::gen_iter as random_iter (#1305, #1500)
  • Rename fn Rng::gen to random to avoid conflict with the new gen keyword in Rust 2024 (#1438)
  • Rename fns Rng::gen_range to random_range, gen_bool to random_bool, gen_ratio to random_ratio (#1505)
  • Annotate panicking methods with #[track_caller] (#1442, #1447)

... (truncated)

Commits
  • ec6d5c0 Prepare rand_core v0.9.1 (#1591)
  • 6a06056 rand_core: introduce an UnwrapMut wrapper (#1589)
  • 8929123 Add Alphabetic distribution (#1587)
  • 06b1642 Remove unnecessary underscore from `impl<T, const N: usize> Distribution<[T; ...
  • 49d76cd rename extract to extract_lane (#1586)
  • e0a70fd Change to use array::from_fn in Distribution\<[T; N]> for StandardUniform ...
  • 0bc3f65 Move rand distr (#1577)
  • 2677c49 Revise "not a crypto library" policy and SECURITY.md (#1565)
  • bfd1826 SeedableRng docs: add note on (lack of) reproducibility (#1572)
  • c01aee7 Fix some links (#1571)
  • Additional commits viewable in compare view

Updates thiserror from 1.0.69 to 2.0.12

Release notes

Sourced from thiserror's releases.

2.0.12

  • Prevent elidable_lifetime_names pedantic clippy lint in generated impl (#413)

2.0.11

2.0.10

  • Support errors containing a generic type parameter's associated type in a field (#408)

2.0.9

  • Work around missing_inline_in_public_items clippy restriction being triggered in macro-generated code (#404)

2.0.8

  • Improve support for macro-generated derive(Error) call sites (#399)

2.0.7

  • Work around conflict with #[deny(clippy::allow_attributes)] (#397, thanks @​zertosh)

2.0.6

  • Suppress deprecation warning on generated From impls (#396)

2.0.5

  • Prevent deprecation warning on generated impl for deprecated type (#394)

2.0.4

  • Eliminate needless_lifetimes clippy lint in generated From impls (#391, thanks @​matt-phylum)

2.0.3

  • Support the same Path field being repeated in both Debug and Display representation in error message (#383)
  • Improve error message when a format trait used in error message is not implemented by some field (#384)

2.0.2

  • Fix hang on invalid input inside #[error(...)] attribute (#382)

2.0.1

  • Support errors that contain a dynamically sized final field (#375)
  • Improve inference of trait bounds for fields that are interpolated multiple times in an error message (#377)

2.0.0

Breaking changes

  • Referencing keyword-named fields by a raw identifier like {r#type} inside a format string is no longer accepted; simply use the unraw name like {type} (#347)

    This aligns thiserror with the standard library's formatting macros, which gained support for implicit argument capture later than the release of this feature in thiserror 1.x.

    #[derive(Error, Debug)]
#[error("... {type} ...")]  // Before: {r#type}
pub struct Error {
    pub r#type: Type,

... (truncated)

Commits
  • 95a5126 Release 2.0.12
  • 76490f7 Merge pull request #413 from dtolnay/elidablelifetime
  • 9f27b76 Ignore elidable_lifetime_names pedantic clippy lint
  • daf2a6f Resolve some elidable_lifetime_names pedantic clippy lint
  • 5f07160 Point standard library links to stable
  • 6706a51 Convert html links to intra-doc links
  • 2706873 More precise gitignore patterns
  • 70bc20d Remove **/*.rs.bk from project-specific gitignore
  • 0f532e3 Release 2.0.11
  • 3d15543 Merge pull request #410 from dtolnay/testnostd
  • Additional commits viewable in compare view

Updates webpki-roots from 0.26.11 to 1.0.0

Release notes

Sourced from webpki-roots's releases.

1.0.0

After 51 releases over about nine years, this is the first stable release of the webpki-roots and webpki-root-certs crates.

The 1.0.0 release is functionally equal to the 0.26.10 release. We will make a 0.26.11 release that uses 1.0.0 using the semver trick.

What's Changed

Full Changelog: https://github.com/rustls/webpki-roots/compare/v/0.26.10...v/1.0.0

Commits

Updates pbkdf2 from 0.11.0 to 0.12.2

Commits

Updates rustls from 0.23.29 to 0.23.30

Commits
  • 0ccbc63 Cargo: rustls version 0.23.29 -> 0.23.30
  • 4c16f03 Fix: Do not try to call deframer on junk data
  • 6b9df65 sign: make public_key_to_spki() public
  • 247fd66 conn: handle blocking at the connection level
  • caf6cbc conn: tweak style in complete_io()
  • 8b8ba56 Clarify the ambiguous process-level CryptoProvider error
  • See full diff in compare view

Updates tokio from 1.46.1 to 1.47.0

Release notes

Sourced from tokio's releases.

Tokio v1.47.0

1.47.0 (July 25th, 2025)

This release adds poll_proceed and cooperative to the coop module for cooperative scheduling, adds SetOnce to the sync module which provides similar functionality to [std::sync::OnceLock], and adds a new method sync::Notify::notified_owned() which returns an OwnedNotified without a lifetime parameter.

Added

  • coop: add cooperative and poll_proceed (#7405)
  • sync: add SetOnce (#7418)
  • sync: add sync::Notify::notified_owned() (#7465)

Changed

  • deps: upgrade windows-sys 0.52 → 0.59 (#7117)
  • deps: update to socket2 v0.6 (#7443)
  • sync: improve AtomicWaker::wake performance (#7450)

Documented

  • metrics: fix listed feature requirements for some metrics (#7449)
  • runtime: improve safety comments of Readiness<'_> (#7415)

#7405: tokio-rs/tokio#7405 #7415: tokio-rs/tokio#7415 #7418: tokio-rs/tokio#7418 #7449: tokio-rs/tokio#7449 #7450: tokio-rs/tokio#7450 #7465: tokio-rs/tokio#7465

Commits
  • 3911cb8 chore: prepare Tokio v1.47.0 (#7482)
  • d545aa2 sync: add sync::Notify::notified_owned() (#7465)
  • 911ab21 sync: add SetOnce (#7418)
  • 9e94fa7 task: remove raw-entry feature from hashbrown dep (#7252)
  • 0d234c3 ci: unfreeze wasm-unknown-unknown from rustc 1.81 (#7471)
  • 3754e05 ci: use ubuntu-24.04-arm instead of ubuntu-22.04-arm (#7470)
  • 6d868d9 sync: fix CancellationToken failing to cancel the ready futures (#7462)
  • 0a3fe46 sync: remove duplicated code in OnceCell tests (#7458)
  • 154d7d5 ci: cleanup legacy R-loom-multi-thread-alt label from the labeler (#7457)
  • 611b793 coop: add cooperative and poll_proceed (#7405)
  • Additional commits viewable in compare view

Updates dyn-clone from 1.0.19 to 1.0.20

Release notes

Sourced from dyn-clone's releases.

1.0.20

  • Support targets without alloc::sync::Arc (#32, thanks @​af-afk)
Commits
  • 1d2d15c Release 1.0.20
  • 0f48a72 Merge pull request #33 from dtolnay/thumbv6m
  • 3446ea0 Merge "Check if target has atomic before using arc"
  • 584d7d7 Merge pull request #34 from dtolnay/up
  • d1f30c1 Resolve uninlined_format_args pedantic clippy lint in test
  • 1e18d0b Resolve borrow_as_ptr pedantic clippy lint
  • ec7b093 Raise required compiler to Rust 1.60
  • 33d9177 Add CI on a target without atomic ptr
  • 9438fae Merge pull request 32 from af-afk/master
  • 02be822 Check if target has atomic before using ARC
  • Additional commits viewable in compare view

Updates hyper-util from 0.1.15 to 0.1.16

Changelog

Sourced from hyper-util's changelog.

0.1.16 (2025-07-22)

  • Add impl Clone for proxy::Tunnel service.
  • Fix proxy::Matcher to detect SOCKS4 schemes.
  • Fix legacy::Client pool idle checker to trigger less aggresively, saving CPU.
Commits
  • 5cefcd8 v0.1.16
  • 0d4ca3f chore(cargo): move tokio/net feature to client (#218)
  • 89b2cff fix(proxy): Fix SOCKS4 proxy protocol parsing and matching (#219)
  • 39fd779 tests(client): fix flaky pool test (#220)
  • 24714a3 fix(client): cap pool idle interval to a minimum (#217)
  • f0dcda3 deps: allow socket2 0.6 (#213)
  • dd63305 refactor(client): simplify pool idle task with async/await (#216)
  • afd758b fix(client): don't spawn pool idle interval if timeout is 0 (#215)
  • 9f7a5e0 feat(client): implement Clone for Tunnel (#212)
  • See full diff in compare view

Updates io-uring from 0.7.8 to 0.7.9

Commits

Updates redox_syscall from 0.5.14 to 0.5.16

Updates rustc-demangle from 0.1.25 to 0.1.26

Release notes

Sourced from rustc-demangle's releases.

rustc-demangle-v0.1.26

Other

  • Add new v0 demangling tags for pattern types
  • Do not publish the native-c crate
  • Use release-plz for releases
  • Add a CI workflow to publish new releases after a tag is pushed
Changelog

Sourced from rustc-demangle's changelog.

0.1.26 - 2025-07-16

Other

  • Add new v0 demangling tags for pattern types
  • Do not publish the native-c crate
  • Use release-plz for releases
  • Add a CI workflow to publish new releases after a tag is pushed
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
Pull Request Statistics
Commits:
1
Files Changed:
1
Additions:
+36
Deletions:
-26
Package Dependencies
Package:
hyper-util
Ecosystem:
cargo
Version Change:
0.1.15 → 0.1.16
Update Type:
Patch
Package:
tokio
Ecosystem:
cargo
Version Change:
1.46.1 → 1.47.0
Update Type:
Minor
Package:
rand
Ecosystem:
cargo
Version Change:
0.8.5 → 0.9.1
Update Type:
Minor
Package:
thiserror
Ecosystem:
cargo
Version Change:
1.0.69 → 2.0.12
Update Type:
Major
Package:
base64
Ecosystem:
cargo
Version Change:
0.13.1 → 0.22.1
Update Type:
Minor
Package:
bitflags
Ecosystem:
cargo
Version Change:
1.3.2 → 2.9.0
Update Type:
Major
Package:
rustls
Ecosystem:
cargo
Version Change:
0.23.29 → 0.23.30
Update Type:
Patch
Package:
redox_syscall
Ecosystem:
cargo
Version Change:
0.5.14 → 0.5.16
Update Type:
Patch
Package:
webpki-roots
Ecosystem:
cargo
Version Change:
0.26.11 → 1.0.0
Update Type:
Major
Package:
dyn-clone
Ecosystem:
cargo
Version Change:
1.0.19 → 1.0.20
Update Type:
Patch
Package:
io-uring
Ecosystem:
cargo
Version Change:
0.7.8 → 0.7.9
Update Type:
Patch
Package:
pbkdf2
Ecosystem:
cargo
Version Change:
0.11.0 → 0.12.2
Update Type:
Minor
Package:
rustc-demangle
Ecosystem:
cargo
Version Change:
0.1.25 → 0.1.26
Update Type:
Patch
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 4238039
UUID: 2701240049
Node ID: PR_kwDOCvnhg86hAabx
Host: GitHub
Repository: mongodb/mongo-rust-driver
Merge State: Unknown