Update Rust

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change
cfg-if	dependencies	patch	1.0.0 → 1.0.4
html5ever	dependencies	minor	0.30.0 → 0.39.0
indoc	dependencies	patch	2.0.6 → 2.0.7
js-sys (source)	dependencies	patch	0.3.77 → 0.3.91
once_cell	dependencies	patch	1.21.1 → 1.21.4
pulldown-cmark	dependencies	patch	0.13.0 → 0.13.1
regex	dependencies	minor	1.11.1 → 1.12.3
ruma-common (source)	dependencies	minor	0.15.0 → 0.17.0
speculoos	dev-dependencies	minor	0.12.0 → 0.13.0
strum	dependencies	minor	0.27 → 0.28
strum_macros	dependencies	minor	0.27 → 0.28
uniffi	workspace.dependencies	digest	789a902 → 405cd66
uniffi_build	workspace.dependencies	digest	789a902 → 405cd66
uniffi_macros	workspace.dependencies	digest	789a902 → 405cd66
url	dependencies	patch	2.5.4 → 2.5.8
wasm-bindgen (source)	dependencies	patch	0.2.100 → 0.2.114
wasm-bindgen-futures (source)	dependencies	patch	0.4.50 → 0.4.64
wasm-bindgen-test	dev-dependencies	patch	0.3.50 → 0.3.64
web-sys (source)	dependencies	patch	0.3.77 → 0.3.91
widestring	dependencies	patch	1.2.0 → 1.2.1

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

rust-lang/cfg-if (cfg-if)

v1.0.4

Compare Source

• Support cfg(true) and cfg(false) (#​99)
• Set and test a MSRV of 1.32
• Have a single top-level rule

v1.0.3

Compare Source

• Revert "Remove @__identity rule."

v1.0.2

Compare Source

• Remove @__identity rule.

v1.0.1

Compare Source

• Remove compiler-builtins from rustc-dep-of-std dependencies
• Remove redundant configuration from Cargo.toml
• More readable formatting and identifier names. (#​39)
• Add expanded example to readme (#​38)

servo/html5ever (html5ever)

v0.35.0: 0.35.0

From this release forward, html5ever, xml5ever, markup5ever, and match_token are now released using a synced version number. Thus this release is version 0.35.0 of all of these crates.

Changes

• Version numbers of all crates apart from web_atoms are now in sync. (#​637)
• Remove dependency on the mac crate. (#​639)
• Remove unused TreeBuilder option. (#​631)
• Document scripting_enabled and iframe_srcdoc options (#​631)
• Don't return a string from TreeSink::attach_declarative_shadow_root (#​633)
• Determine the initial state for fragment parsing using the scripting flag of the context element (#​629)

dtolnay/indoc (indoc)

v2.0.7

Compare Source

• Support C-string literals indoc! {c"..."}, indoc! {cr"..."} (#​67)

matklad/once_cell (once_cell)

v1.21.4

Compare Source

• Fix unsoundness in OnceCell::wait under --features=parking_lot, #​295.

  If thread A calls wait, while thread B calls get_or_try_init(f), and, furthermore, f panics,
  the wait incorrectly returns and thread A observes uninitialized memory.

  Kudos to @​meng-xu-cs for a nice find!

v1.21.3

Compare Source

• Outline more initialization in race: #​284,
  #​285.

v1.21.2

Compare Source

• Relax success ordering from AcqRel to Release in race: #​278.

raphlinus/pulldown-cmark (pulldown-cmark)

v0.13.1: 0.13.1

Compare Source

Update dependencies.

Full Changelog: pulldown-cmark/pulldown-cmark@v0.13.0...v0.13.1

rust-lang/regex (regex)

v1.12.3

Compare Source

===================
This release excludes some unnecessary things from the archive published to
crates.io. Specifically, fuzzing data and various shell scripts are now
excluded. If you run into problems, please file an issue.

Improvements:

• #​1319:
  Switch from a Cargo exclude list to an include list, and exclude some
  unnecessary stuff.

v1.12.2

Compare Source

===================
This release fixes a cargo doc breakage on nightly when --cfg docsrs is
enabled. This caused documentation to fail to build on docs.rs.

Bug fixes:

• BUG #​1305:
  Switches the doc_auto_cfg feature to doc_cfg on nightly for docs.rs builds.

v1.12.1

Compare Source

===================
This release makes a bug fix in the new regex::Captures::get_match API
introduced in 1.12.0. There was an oversight with the lifetime parameter
for the Match returned. This is technically a breaking change, but given
that it was caught almost immediately and I've yanked the 1.12.0 release,
I think this is fine.

v1.12.0

Compare Source

===================
This release contains a smattering of bug fixes, a fix for excessive memory
consumption in some cases and a new regex::Captures::get_match API.

Improvements:

• FEATURE #​1146:
  Add Capture::get_match for returning the overall match without unwrap().

Bug fixes:

• BUG #​1083:
  Fixes a panic in the lazy DFA (can only occur for especially large regexes).
• BUG #​1116:
  Fixes a memory usage regression for large regexes (introduced in regex 1.9).
• BUG #​1195:
  Fix universal start states in sparse DFA.
• BUG #​1295:
  Fixes a panic when deserializing a corrupted dense DFA.
• BUG 8f5d9479:
  Make regex_automata::meta::Regex::find consistently return None when
  WhichCaptures::None is used.

v1.11.3

Compare Source

===================
This is a small patch release with an improvement in memory usage in some
cases.

Improvements:

• BUG #​1297:
  Improve memory usage by trimming excess memory capacity in some spots.

v1.11.2

Compare Source

===================
This is a new patch release of regex with some minor fixes. A larger number
of typo or lint fix patches were merged. Also, we now finally recommend using
std::sync::LazyLock.

Improvements:

• BUG #​1217:
  Switch recommendation from once_cell to std::sync::LazyLock.
• BUG #​1225:
  Add DFA::set_prefilter to regex-automata.

Bug fixes:

• BUG #​1165:
  Remove std dependency from perf-literal-multisubstring crate feature.
• BUG #​1165:
  Clarify the meaning of (?R)$ in the documentation.
• BUG #​1281:
  Remove fuzz/ and record/ directories from published crate on crates.io.

ruma/ruma (ruma-common)

v0.17.1: ruma-common 0.17.1

Compare Source

Bug fixes:

• Fix the Clone implementation of the Owned* types generated with the IdDst macro. It used to always create a new instance from the borrowed type instead of using the Clone implementation of the internal type.

Improvements:

• Add AppserviceUserIdentity::maybe_add_to_uri() to add an identity assertion to an http::Uri. This allows to reimplement the behavior of OutgoingRequestAppserviceExt::try_into_http_request_with_identity() outside of Ruma, if using this trait is inconvenient.
• Add MatrixVersion::V1_17.
• JoinRule holds arbitrary data in its fallback variant, with can be accessed with JoinRule::data(). It also means that this type won't fail to serialize for undocumented variants anymore.

v0.17.0: ruma-common 0.17.0

Compare Source

Breaking changes:

• Merge the PartialOrdAsRefStr derive macro into OrdAsRefStr, so both traits are always implemented using the same logic.
• Rename the PartialEqAsRefStr derive macro to EqAsRefStr and make it implement both PartialEq and Eq.
• The StringEnum derive macro also implements Ord, PartialOrd, Eq and PartialEq using the AsRef<str> implementation of the enum.
• The predefined push rules for legacy mentions PatternedPushRule::contains_user_name(), ConditionalPushRule::contains_display_name() and ConditionalPushRule::roomnotif() were removed, according to MSC4210. Their rule IDs are still available in PredefinedContentRuleId and PredefinedOverrideRuleId, and they are still supported in PatternedPushRule::applies_to() and ConditionalPushRule::applies(), for backwards-compatibility for clients.
• Macros no longer support importing the ruma and ruma-events crate from the matrix-sdk-appservice crate. This crate was dropped 2 years ago.
• Metadata was changed from a struct to a trait. It is a supertrait of OutgoingRequest and IncomingRequest, and its fields are now associated types or constants.
  • The authentication field of the Metadata struct is now an associated type named Authentication. The AuthScheme enum was changed from an enum to a trait. Its variants are now structs implementing the AuthScheme trait. The None variant was renamed to NoAuthentication and the ServerSignatures variant was moved to ruma-federation-api. The access_token argument of OutgoingRequest::try_into_http_request() is renamed to authentication_input and is generic over the Input associated type of the AuthScheme trait.
  • The history field of the Metadata struct is now an associated constant named PATH_BUILDER. The type of this constant is defined by the PathBuilder associated type, which must implement the PathBuilder trait. The considering argument of OutgoingRequest::try_into_http_request() is renamed to path_builder_input and is generic over the Input associated type of the PathBuilder trait. The Input of VersionHistory was changed from &'_ SupportedVersions to Cow<'_, SupportedVersions>.
  • The other fields of the Metadata struct are now associated constants with the same name converted to uppercase.
  • The metadata! macro generates the Metadata trait implementation for a type named Request by default. This type can be changed with an @for setting.
• The http_headers module is now behind the api cargo feature.
• OutgoingRequestAppserviceExt::try_into_http_request_with_user_id() is renamed to try_into_http_request_with_identity() and takes an AppserviceUserIdentity instead of a UserId. This allows to specify a device ID, according to MSC4326.
• IntoHttpError::NeedsAuthentication is a newtype variant renamed to Authentication that accepts any error type.
• Remove support for the following rules for the StringEnum, AsRefStr and FromString derive macros' rename_all attribute, because they either can be replaced by the (prefix = "prefix", rule = "rule") syntax or are unused as far as we know:
  • "PascalCase"
  • "SCREAMING-KEBAB-CASE"
  • "m.dotted.case"
  • "M_MATRIX_ERROR_CASE"
  • "m.lowercase"
  • "m.snake_case"
  • ".m.rule.snake_case"
  • "m.role.snake_case"

Bug fixes:

• With the request and response attribute macros, the Content-Type header defaults to application/octet-stream instead of application/json if the raw_body attribute is set on a field.
• Fix the check to make sure that all paths used to build VersionHistory contain the same number of variables. It was broken since the syntax was changed from :variable to {variable}.

Improvements:

• Add org.matrix.msc4380 unstable feature support to /versions.
• Add MatrixVersion::V1_16
• Remove support for the org.matrix.hydra.11 room version and the corresponding unstable-hydra cargo feature. It should only have been used for development, and room version 12 should be used instead.
• Metadata::make_endpoint_url() is also available as VersionHistory::make_endpoint_url().
• PushCondition::ContainsDisplayName is deprecated, according to MSC4210.
• Add SinglePath as a PathBuilder. It should be used for APIs that don't have a /versions endpoint and for endpoints that can't be versioned.
• AuthScheme data can be extracted from incoming HTTP requests with AuthScheme::extract_authentication().
• The StringEnum, AsRefStr and FromString derive macros allow to set a custom prefix alongside the rule to rename all the variants, like this: #[ruma_enum(rename_all(prefix = "m.", rule = "snake_case"))]. The previous syntax using #[ruma_enum(rename_all = "snake_case")] still works and assumes that the prefix is empty.

v0.16.0: ruma-common 0.16.0

Compare Source

Breaking changes:

• PushCondition::applies, ConditionalPushRule::applies, AnyPushRuleRef::applies, AnyPushRule::applies, Ruleset::applies, Ruleset::get_actions, Ruleset::get_match all became async, to allow for lazy evaluation of push rules.
• UserId parsing and deserialization are now compatible with all non-compliant user IDs in the wild by default, due to a clarification in the spec.
  • The compat-user-id cargo feature was removed.
  • UserId::validate_historical() and UserId::validate_strict() allow to check for spec compliance.
  • The (owned_)user_id! macros always validate against the strict grammar in the spec, regardless of the compat features that are enabled.
• (owned_)room_id! macros disallow the NUL byte, due to a clarification in the spec.
• (owned_)room_alias_id! macros disallow the NUL byte for the localpart, due to a clarification in the spec.
• MatrixVersion does not implement Display anymore as it is not correct to convert V1_0 to a string. Instead MatrixVersion::as_str() can be used that only returns None for that same variant.
• MatrixVersion::(into/from)_parts are no longer exposed as public methods. They were usually used to sort MatrixVersions, now the PartialOrd and Ord implementations can be used instead.
• Protocol and ProtocolInit are generic on the protocol instance type.
• Add support for endpoints that only allow appservices to call them, renaming AppserviceToken to AppserviceTokenOptional, with the new variant taking AppserviceToken's place.
• The redact* functions in canonical_json take RedactionRules instead of RoomVersionId. This avoids undefined behavior for unknown room versions.
• OutgoingRequest::try_into_http_request(), OutgoingRequestAppserviceExt::try_into_http_request_with_user_id() and Metadata::make_endpoint_url() take a SupportedVersions instead of a &[MatrixVersion].
• The metadata macro allows to specify stable and unstable feature flags for the paths in history.
  • VersionHistory::new() takes a &'static [(Option<&'static str>, &'static str)] for the unstable paths and a &'static [(StablePathSelector, &'static str)] for the stable paths.
  • VersionHistory::unstable_paths() returns an impl Iterator<Item = (Option<&'static str>, &'static str)>.
  • VersionHistory::stable_paths() returns an impl Iterator<Item = (StablePathSelector, &'static str)>.
  • VersionHistory::stable_endpoint_for() was renamed to version_path().
  • VersioningDecision's Stable variant was renamed to Version and Unstable was renamed to Feature.
• The syntax of variables in endpoint paths segments in the metadata macro has changed: the variable must now be surrounded by {} instead of being preceded by :. For example /_matrix/client/foo/{bar}. This matches the OpenAPI syntax and the new syntax supported by axum 0.8.
• JoinRule and its associated types where imported from ruma-events into the room module.
• space::SpaceRoomJoinRule was removed and replaced by room::JoinRuleSummary.
• directory::PublicRoomJoinRule was moved and renamed to room::JoinRuleKind.
  • It can be constructed with JoinRule::kind() and JoinRuleSummary::kind().
• Make PushConditionRoomCtx and PushConditionPowerLevelsCtx non-exhaustive.
• The versions field of SupportedVersions is now a BTreeSet<MatrixVersion>, to make sure that the versions are always deduplicated and sorted.
• NotificationPowerLevels now takes a NotificationPowerLevelsKey for the key, an enum that accepts any string.
  • The key field of PushCondition::SenderNotificationPermission uses the same type.
• RoomId::new() was renamed to RoomId::new_v1(), as several formats are now supported for this type.
• StateResolutionVersion::V2 now takes StateResolutionV2Rules as a unit field, to specify tweaks to be used when resolving state with version 2 of the state resolution algorithm.
  • This field can be accessed with StateResolutionVersion::v2_rules, returning None if state_res is not StateResolutionVersion::V2.
  • StateResolutionV2Rules has the following fields:
    • begin_iterative_auth_checks_with_empty_state_map, to determine whether to begin the first phase of iterative auth checks with an empty state map.
    • consider_conflicted_state_subgraph, to determine whether to include the conflicted state subgraph in the full conflicted state.

Bug fix:

• Set the disposition of RoomVersionRules::MSC2870 as unstable.

Improvements:

• Implement the Zeroize trait for the Base64 type.
• ProtocolInstance has an instance_id field, due to a clarification in the spec.
• The unstable-unspecified cargo feature was removed.
• Add AnyKeyName as a helper type to use KeyId APIs without validating the key name.
• Add IdentityServerBase64PublicKey as a helper type to decode identity server public keys encoded using standard or URL-safe base64.
• RoomVersion was imported from ruma-state-res and renamed to RoomVersionRules, along with the following changes:
  • RoomVersionRules::new() was removed and replaced by RoomVersionId::rules().
  • The RoomDisposition enum was renamed to RoomVersionDisposition.
  • The event_format field was renamed to event_id_format and the EventFormat enum was renamed to EventIdFormat.
  • The tweaks in the authorization rules were extracted into the AuthorizationRules struct, which is available in the authorization field of RoomVersionRules.
  • The special_case_aliases_auth field was renamed to special_case_room_aliases.
  • The strict_canonicaljson field was renamed to strict_canonical_json.
  • The extra_redaction_checks field was renamed to special_case_room_redaction.
  • The allow_knocking field was renamed to knocking.
  • The restricted_join_rules field was renamed to restricted_join_rule.
  • RedactionRules was added under the redaction field.
  • SignaturesRules was added under the signatures field.
• RoomVersionId has an MSC2870 variant for the org.matrix.msc2870 room version defined in MSC2870.
• Add OutgoingRequest::is_supported() and VersionHistory::is_supported() to be able to know if a server advertises support for an endpoint.
• Re-export ID_MAX_BYTES from ruma-identifiers-validation.
• Implement From<PublicRoomsChunk> for RoomSummary.
• Add content_field_redacts field to RedactionRules, which is used to determine whether the content or top-level redacts field should be used to determine what event an m.room.redaction event redacts.
• Add SpaceChildOrder which allows to validate the order of an m.space.child event.
• Add support for room version 12 and its unstable version org.matrix.hydra.11.
• Add explicitly_privilege_room_creators and additional_room_creators to AuthorizationRules to indicate whether room creators are considered to have "infinite" power level and whether additional room creators can be specified with the content.additional_creators field of an m.room.create event respectively.
• Add RoomPowerLevelsRules, to provide tweaks to how the power level of a user is determined, and add it to PushConditionPowerLevelsCtx via the rules field.
• Add room_id_format to RoomVersionRules, to identify the format to use for room IDs depending on the room version.
• Add RoomId::new_v2() for the new format of room IDs. RoomId::strip_sigil() allows to access the reference hash used in that format.
• Add unstable support for in-app-only notifications as per MSC3768 under a new unstable-msc3768 feature.
• Add room_create_event_id_as_room_id to AuthorizationRules to indicate whether the reference hash of the m.room.create event is used to construct the room ID. It has other implications, like the m.room.create event not having a room ID, and the m.room.create event not listed in the auth_events of a PDU.
• Add require_room_create_room_id and allow_room_create_in_auth_events to EventFormatRules to indicate whether the room ID is required for m.room.create events and whether the event ID of the m.room.create is allowed in the auth_events, respectively.

v0.15.4: ruma-common 0.15.4

Compare Source

Bug fix:

• Fix serde::default_on_error deserialization helper. It was working with serde_json::from_value but not other functions like serde_json::from_(str/slice). It now works with all 3 methods but is limited to deserializing JSON.

v0.15.3: ruma-common 0.15.3

Compare Source

Improvements:

• Add RoomSummary that represents the summary of a room's state.
  • Implement From<RoomSummary> for PublicRoomsChunk
• Add MatrixVersion::V1_15.
• PublicRoomJoinRule now includes all possible join rule kinds, due to a clarification in Matrix 1.15.
• Add serde::default_on_error() as a helper to ignore errors during deserialization.
• Implement conversions between PublicRoomJoinRule and SpaceRoomJoinRule.
• Add FeatureFlag as an enum whose variants are the flags of features supported by Ruma.
• Add SupportedVersions, a type to parse /versions responses to get lists of supported versions and features.

v0.15.2: ruma-common 0.15.2

Compare Source

Bug fixes:

• MatrixVersion::V1_0 now also matches Identity Service API versions r0.2.0 to r0.3.0.
• Allow configure exhaustive types via RUMA_UNSTABLE_EXHAUSTIVE_TYPES environment variable

Improvements:

• MatrixVersion implements PartialOrd and Ord. The variants are ordered by release date, with a newer version being greater than an older version.
• Signatures implements IntoIterator
• Implement PartialEqAsRefStr, Eq, PartialOrdAsRefStr, OrdAsRefStr for ruma_common::media::Method.
• DeviceId::new() generates a string with 10 chars instead of 8.
• Add ignore_invalid_vec_items, to assist deserialization of Vecs, where invalid items should be ignored.
• Add MatrixVersion::V1_14.

oknozor/speculoos (speculoos)

v0.13.0

Compare Source

What's Changed

• feat: Add support for JSON values by @​fooker in #​18

New Contributors

• @​fooker made their first contribution in #​18

Full Changelog: oknozor/speculoos@0.12.0...0.13.0

Peternator7/strum (strum)

v0.28.0

Compare Source

• #​461: Allow any kind of passthrough attributes on EnumDiscriminants.

  • Previously only list-style attributes (e.g. #[strum_discriminants(derive(...))]) were supported. Now path-only
    (e.g. #[strum_discriminants(non_exhaustive)]) and name/value (e.g. #[strum_discriminants(doc = "foo")])
    attributes are also supported.

• #​462: Add missing #[automatically_derived] to generated impls not
  covered by #​444.

• #​466: Bump MSRV to 1.71, required to keep up with updated syn and
  windows-sys dependencies. This is a breaking change if you're on an old version of rust.

• #​469: Use absolute paths in generated proc macro code to avoid
  potential name conflicts.

• #​465: Upgrade phf dependency to v0.13.

• #​473: Fix cargo fmt / clippy issues and add GitHub Actions CI.

• #​477: strum::ParseError now implements core::fmt::Display instead
  std::fmt::Display to make it #[no_std] compatible. Note the Error trait wasn't available in core until 1.81
  so strum::ParseError still only implements that in std.

• #​476: Breaking Change - EnumString now implements From<&str>
  (infallible) instead of TryFrom<&str> when the enum has a #[strum(default)] variant. This more accurately
  reflects that parsing cannot fail in that case. If you need the old TryFrom behavior, you can opt back in using
  parse_error_ty and parse_error_fn:

  #[derive(EnumString)]
  #[strum(parse_error_ty = strum::ParseError, parse_error_fn = make_error)]
  pub enum Color {
      Red,
      #[strum(default)]
      Other(String),
  }
  
  fn make_error(x: &str) -> strum::ParseError {
      strum::ParseError::VariantNotFound
  }

• #​431: Fix bug where EnumString ignored the parse_err_ty
  attribute when the enum had a #[strum(default)] variant.

• #​474: EnumDiscriminants will now copy default over from the
  original enum to the Discriminant enum.

  #[derive(Debug, Default, EnumDiscriminants)]
  #[strum_discriminants(derive(Default))] // <- Remove this in 0.28.
  enum MyEnum {
      #[default] // <- Will be the #[default] on the MyEnumDiscriminant
      #[strum_discriminants(default)] // <- Remove this in 0.28
      Variant0,
      Variant1 { a: NonDefault },
  }

v0.27.2

Compare Source

• #​141: Adding support for doc comments on EnumDiscriminants generated type.

  • The doc comment will be copied from the variant on the type itself.

• #​435:allow discriminants on empty enum.

• #​443: Change enum table callbacks to FnMut.

• #​444: Add #[automatically_derived] to the impls by @​dandedotdev in #​444

  • This should make the linter less noisy with warnings in generated code.

• #​440: Implement a suffix attribute for serialization of enum variants.

  #[derive(strum::Display)]
  #[strum(suffix=".json")]
  #[strum(serialize_all="snake_case")]
  enum StorageConfiguration {
    PostgresProvider,
    S3StorageProvider,
    AzureStorageProvider,
  }
  
  fn main() {
    let response = SurveyResponse::Other("It was good".into());
    println!("Loading configuration from: {}", StorageConfiguration::PostgresProvider);
    // prints: Loaded Configuration from: postgres_provider.json
  }

• #​446: Drop needless rustversion dependency.

servo/rust-url (url)

v2.5.8

Compare Source

v2.5.7

What's Changed

v.2.5.6

• Bump versions by @​valenting in #​1062
• version bump to 2.5.6 by @​edgul in #​1065
• Use no-std instead of no_std in Cargo.toml by @​valenting in #​1064
• fix: add Serde std feature if needed by @​reneca in #​1068

v.2.5.7

• make serde std feature use optional syntax by @​klensy in #​1071

New Contributors

• @​reneca made their first contribution in #​1068

Full Changelog: servo/rust-url@v2.5.5...v2.5.7

v2.5.5

Compare Source

What's Changed

• ci: downgrade crates when building for Rust 1.67.0 by @​mxinden in #​1003
• ci: run unit tests with sanitizers by @​mxinden in #​1002
• fix small typo by @​hkBst in #​1011
• chore: fix clippy errors on main by @​dsherret in #​1019
• perf: remove heap allocation in parse_query by @​dsherret in #​1020
• perf: slightly improve parsing a port by @​dsherret in #​1022
• perf: improve to_file_path() by @​dsherret in #​1018
• perf: make parse_scheme slightly faster by @​dsherret in #​1025
• update LICENSE-MIT by @​wmjae in #​1029
• perf: url encode path segments in longer string slices by @​dsherret in #​1026
• Disable the default features on serde by @​rilipco in #​1033
• docs: base url relative join by @​tisonkun in #​1013
• perf: remove heap allocation in parse_host by @​dsherret in #​1021
• Update tests to Unicode 16.0 by @​hsivonen in #​1045
• Add some some basic functions to Mime by @​mrobinson in #​1047
• ran cargo clippy --fix -- -Wclippy::use_self by @​mrobinson in #​1048
• Fix MSRV and clippy CI by @​Manishearth in #​1058
• Update Url::domain docs to show that it includes subdomain by @​supercoolspy in #​1057
• set_hostname should error when encountering colon ':' by @​edgul in #​1060
• version bump to 2.5.5 by @​edgul in #​1061

New Contributors

• @​mxinden made their first contribution in #​1003
• @​hkBst made their first contribution in #​1011
• @​wmjae made their first contribution in #​1029
• @​rilipco made their first contribution in #​1033
• @​tisonkun made their first contribution in #​1013
• @​supercoolspy made their first contribution in #​1057

Full Changelog: servo/rust-url@v2.5.4...v2.5.5

wasm-bindgen/wasm-bindgen (wasm-bindgen)

v0.2.114

Compare Source

Added

• Added [WbgGeneric] WebIDL extended attribute for opting stable dictionary and interface
  definitions into typed generics (the same signatures unstable APIs use), avoiding legacy
  &JsValue fallbacks. Applied to all new VideoFrame-related types.
  #​5008

• Added unchecked_optional_param_type attribute for marking exported function parameters as
  optional in TypeScript (?:) and JSDoc ([paramName]) output. Mutually exclusive with
  unchecked_param_type. Required parameters after optional parameters are rejected at compile time.
  #​5002

• Added termination detection for panic=unwind builds. When a non-JS exception (e.g. a Rust
  panic) escapes from Wasm, the instance is marked as terminated and subsequent calls from JS
  into Wasm will throw a Module terminated error instead of re-entering corrupted state.
  #​5005

• When --reset-state is combined with panic=unwind builds, the Wasm instance is
  automatically reset after a fatal termination, allowing subsequent calls to succeed
  instead of throwing a Module terminated error.
  #​5013

Changed

• Replaced runtime 0x80000000 vtable bit-flag for closure unwind safety with a
  compile-time const UNWIND_SAFE: bool generic on the invoke shim, OwnedClosure,
  and BorrowedClosure. Removes OwnedClosureUnwind and deduplicates internal
  closure helpers. The public API is unchanged.
  #​5003

• Removed unused IntoWasmClosureRef*::WithLifetime types,
  WasmClosure::to_wasm_slice, and a lifetime from
  IntoWasmClosureRef*; moved Static associated type into WasmClosure.
  #​5003

Fixed

• Fixed exported structs/enums/functions with the same js_name but different
  js_namespace values producing symbol collisions at compile time, by deriving
  internal wasm symbols from a qualified name that includes the namespace.
  #​4977

• Fixed soundness hole in ScopedClosure's UpcastFrom that allowed to extend the lifetime after the original ScopedClosure was dropped.
  #​5006

v0.2.113

Compare Source

Changed

• Reduced usage of unsafe code: replaced transmute/transmute_copy with safe
  alternatives for Boolean/Null/Undefined constants and ArrayTuple conversions,
  unified duplicated AsRef/From impls for generic imported types, and removed the
  __wbindgen_object_is_undefined intrinsic in favor of a safe Rust-side equivalent.
  #​4993

• Renamed __wbindgen_object_is_null_or_undefined intrinsic to
  __wbindgen_is_null_or_undefined and removed the __wbindgen_object_is_undefined
  intrinsic, replacing it with a safe Rust-side check. The is_null_or_undefined check
  now uses safe &JsValue ABI instead of raw u32.
  #​4994

Fixed

• Fixed incorrect method naming for stable web-sys methods that reference unstable
  types (e.g. texImage2D taking a VideoFrame parameter). These methods were
  being named in a separate unstable expansion namespace, producing overly-short
  names like tex_image_2d instead of the correct
  tex_image_2d_with_u32_and_u32_and_video_frame. The fix separates the signature
  classification to distinguish "from unstable IDL" (authoritative overrides) from
  "stable method using an unstable type", ensuring the latter is named as part of
  the stable expansion.
  #​4991

v0.2.112

Compare Source

Removed

• Removed ImmediateClosure type introduced in 0.2.109. Stack-borrowed &dyn Fn / &mut dyn FnMut
  closures are now treated as unwind safe by default (panics are caught and converted to JS exceptions
  with proper unwinding). A unified ScopedClosure::immediate approach may be revisited in a future
  release.
  #​4986

v0.2.111

Compare Source

Fixed

• Restored backwards compatibility for breaking changes introduced in 0.2.110:
  re-added deprecated Promise::then2 binding, reverted Promise::all_settled
  stable signature to take &JsValue instead of owned Object, and added
  default type parameters (= JsValue) to ArrayIntoIter, ArrayIter, and
  Iter structs.
  #​4979

v0.2.110

Compare Source

Changed

• Refactor new closure methods - ensures that all closure constructor functions have the variants Closure::foo(), Closure::foo_aborting() and
  Closure::foo_assert_unwind_safe() this then fully allows switching from the UnwindSafe bound now being applies on foo() to use one of the
  alternatives, given these limitations of AssertUnwindSafe. The same applies to ImmediateClosure. In addition, mutable reentrancy guards are
  added for ImmediateClosure, and it is updated to be pass-by-value as well.
  #​4975

Fixed

• Fixed a regression where Array.of1,... variants using generic Array<T> broke inference.
  Reverted to use non-generic JsValue arguments. In addition extends generic class hoisting to
  for constructors to also include static_method_of methods returning the own type, to allow
  Array::of generic to now be on the Array<T> impl block.
  #​4974

v0.2.109

Compare Source

Added

• Added support for erasable generic type parameters on imported JavaScript types,
  using sound type erasure in JS bindgen boundary. Includes updated js-sys bindings
  with generic implementations for many standard JS types and functions including
  Array<T>, Promise<T>, Map<K, V>, Iterator<T>, and more.
  #​4876

• Added ScopedClosure<'a, T> as a unified closure type with lifetime parameter. ScopedClosure::borrow(&f) (for immutable Fn) and ScopedClosure::borrow_mut(&mut f) (for mutable FnMut) create borrowed closures that can capture non-'static references, ideal for immediate/synchronous JS callbacks. Closure<T> is now a type alias for ScopedClosure<'static, T>, maintaining backwards compatibility. Also added IntoWasmAbi implementation for Closure<T> enabling pass-by-value ownership transfer to JavaScript.

• Added ImmediateClosure<'a, T> as a lightweight, unwind-safe replacement for
  &dyn FnMut in immediate/synchronous callbacks. Unlike ScopedClosure, it has
  no JS call on creation, no JS call on drop, and no GC overhead—the same ABI as
  &dyn FnMut but with panic safety. Use ImmediateClosure::new(&f) for
  immutable Fn closures (easier to satisfy unwind safety) or ImmediateClosure::new_mut(&mut f) for
  mutable FnMut closures. Closure parameter types are automatically inferred from context.
  Also implements From<&ImmediateClosure<T>> for ScopedClosure<T> for API migration.
  #​4950

• Implement #[wasm_bindgen(catch)] exception handling directly in Wasm using
  WebAssembly.JSTag when Wasm exception handling is available. This generates
  smaller and faster code by avoiding JavaScript handleError wrapper functions.
  #​4942

• Add Node.js worker_threads support for atomics builds. When targeting Node.js with atomics enabled, wasm-bindgen now generates initSync({ module, memory, thread_stack_size }) and __wbg_get_imports(memory) functions that allow worker threads to initialize with a shared WebAssembly.Memory and pre-compiled module. Auto-initialization occurs only on the main thread for backwards compatibility.

• Added a panic message when a getter has more than one argument.
  #​4936

• Added support for WebIDL namespace attributes in wasm-bindgen-webidl. This enables
  APIs like the CSS Custom Highlight API which adds the highlights attribute to the CSS namespace.
  #​4930

• Added stable ShowPopoverOptions dictionary and show_popover_with_options() method to
  HtmlElement, and unstable TogglePopoverOptions dictionary per the WHATWG HTML spec.
  #​4968

• Added unstable Geolocation API types per the latest W3C spec: GeolocationCoordinates,
  GeolocationPosition, and GeolocationPositionError. The Geolocation interface now
  has both stable methods (using the old Position/PositionError types with [Throws])
  and unstable methods (using the new types without [Throws]}, matching actual browser behavior).
  #​2578

• Added matrixTransform() method to DOMPointReadOnly in web-sys.
  #​4962

• Added the web and node targets to the --experimental-reset-state-function flag.
  #​4909

• Added oncancel event handler to GlobalEventHandlers (available on HtmlElement,
  Document, Window, etc.).
  #​4542

• Added CommandEvent and CommandEventInit from the Invoker Commands API.
  #​4552

• Added AbstractRange, StaticRange, and StaticRangeInit interfaces.
  #​4221

• Updated WebCodecs API to Working Draft 2026-01-29 and MediaRecorder API to 2025-04-17.
  Added rotation and flip to VideoDecoderConfig.
  #​4411

• Added support for unstable WebIDL to override stable attribute types, allowing
  corrected type signatures behind web_sys_unstable_apis. Applied to MouseEvent
  coordinate attributes (clientX, clientY, screenX, screenY, offsetX,
  offsetY, pageX, pageY) which now return f64 instead of i32 when
  unstable APIs are enabled, per the CSSOM View spec draft.
  #​4935

• Added support for unstable WebIDL to override stable method return types. This
  enables User Timing Level 3 APIs where Performance.mark() and Performance.measure()
  return PerformanceMark and PerformanceMeasure respectively (instead of undefined)
  when web_sys_unstable_apis is enabled. Also added PerformanceMarkOptions,
  PerformanceMeasureOptions, and the detail attribute on marks/measures.
  #​3734

• Added non-standard mode option for FileSystemFileHandle.createSyncAccessHandle().
  Also improved WebIDL generator to track stability at the signature level, allowing
  stable methods to have unstable overloads.
  #​4928

• Updated WebGPU bindings to the February 2026 spec. Dictionary fields with union
  types now generate multiple type-safe setters (e.g. set_resource_gpu_sampler(),
  set_resource_gpu_texture_view()) alongside a deprecated fallback setter. Sequence
  arguments in unstable APIs now use typed slices (&[T]) instead of &JsValue.
  Fixed inner string enum types to use JsString in generic positions, added BigInt
  to builtin identifiers, and fixed dictionary field feature gates to not over-constrain
  getters with setter type requirements.
  #​4955

• Improved dictionary union type expansion: stable fallback setters are no longer
  deprecated, and unstable builder methods now use the first typed variant instead
  of &JsValue. Dictionaries with required union fields now generate expanded
  constructors for each variant (e.g. new(), new_with_gpu_texture_view()),
  with duplicate-signature variants elided.
  #​4966

Changed

• Increased externref stack size from 128 to 1024 slots to prevent "table index is out of bounds"
  errors in applications with deep call stacks or many concurrent async operations.
  #​4951

• Closure::new(), Closure::once(), and related methods now require UnwindSafe bounds on closures when building with panic=unwind. New _aborting variants (new_aborting(), once_aborting(), etc.) are provided for closures that don't need panic catching and want to avoid the UnwindSafe requirement.
  #​4893

• global does not use the unsafe-eval new Function trick anymore allowing to have CSP strict compliant packages with wasm-bindgen.
  #​4910

• eval and Function constructors are now gated behind the unsafe-eval feature.
  #​4914

Fixed

• Fixed incorrect JS export names when LLVM merges identical functions at opt-level >= 2.
  #​4946

• Fixed incorrect Closure adapter deduplication when wasm-ld's Identical Code Folding merges
  invoke functions for different closure types into the same export.
  #​4953

• Fixed ReferenceError when using Rust struct names that conflict with JS builtins (e.g., Array).
  The constructor now correctly uses the aliased FinalizationRegistry identifier.
  #​4932

• Fixed Element::scroll_top(), Element::scroll_left(), and HtmlElement::scroll_top()
  to return f64 instead of i32 per the CSSOM View spec, behind web_sys_unstable_apis.
  The stable API is unchanged for backwards compatibility.
  #​4525

• Added spec-compliant i32 parameter types for CanvasRenderingContext2d::get_image_data()
  and put_image_data() (and OffscreenCanvasRenderingContext2d equivalents) behind
  web_sys_unstable_apis. Per the HTML spec, getImageData and `putImageDa

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 83.37%. Comparing base (3408a75) to head (24eb63a).

❗ There is a different number of reports uploaded between BASE (3408a75) and HEAD (24eb63a). Click for more details.

HEAD has 6 uploads less than BASE

Flag	BASE (3408a75)	HEAD (24eb63a)
unittests	3	1
unittests-rust	1	0
unittests-ios	1	0
uitests	1	0
uitests-ios	1	0

Additional details and impacted files

@@            Coverage Diff             @@
##             main      #59      +/-   ##
==========================================
- Coverage   89.14%   83.37%   -5.77%     
==========================================
  Files         169       18     -151     
  Lines       19641     1582   -18059     
  Branches      296      296              
==========================================
- Hits        17508     1319   -16189     
+ Misses       2130      260    -1870     
  Partials        3        3              

Flag	Coverage Δ
uitests	?
uitests-ios	?
unittests	83.37% <ø> (-4.46%)	⬇️
unittests-ios	?
unittests-react	83.37% <ø> (ø)
unittests-rust	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[renovate]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Cargo.lock

Command failed: cargo update --config net.git-fetch-with-cli=true --manifest-path crates/wysiwyg/Cargo.toml --package [email protected] --precise 0.2.114
    Updating crates.io index
error: failed to select a version for the requirement `wasm-bindgen = "=0.2.100"`
candidate versions found which didn't match: 0.2.114
location searched: crates.io index
required by package `web-sys v0.3.77`
    ... which satisfies dependency `web-sys = "^0.3.60"` (locked to 0.3.77) of package `wysiwyg v2.41.1 (/tmp/renovate/repos/github/element-hq/matrix-rich-text-editor/crates/wysiwyg)`
    ... which satisfies path dependency `wysiwyg` (locked to 2.41.1) of package `uniffi-wysiwyg-composer v2.41.1 (/tmp/renovate/repos/github/element-hq/matrix-rich-text-editor/bindings/wysiwyg-ffi)`

File name: Cargo.lock

Command failed: cargo update --config net.git-fetch-with-cli=true --manifest-path bindings/wysiwyg-wasm/Cargo.toml --package [email protected] --precise 0.3.91
    Updating crates.io index
error: failed to select a version for the requirement `js-sys = "=0.3.77"`
candidate versions found which didn't match: 0.3.91
location searched: crates.io index
required by package `web-sys v0.3.77`
    ... which satisfies dependency `web-sys = "^0.3.60"` (locked to 0.3.77) of package `wysiwyg v2.41.1 (/tmp/renovate/repos/github/element-hq/matrix-rich-text-editor/crates/wysiwyg)`
    ... which satisfies path dependency `wysiwyg` (locked to 2.41.1) of package `uniffi-wysiwyg-composer v2.41.1 (/tmp/renovate/repos/github/element-hq/matrix-rich-text-editor/bindings/wysiwyg-ffi)`

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud