Skip to content

build(deps): bump the rust group across 1 directory with 6 updates#43

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/rust-414e60c82f
Closed

build(deps): bump the rust group across 1 directory with 6 updates#43
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/rust-414e60c82f

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 28, 2026
edited
Loading

Bumps the rust group with 6 updates in the / directory:

Package From To
clap 4.5.60 4.6.1
rand 0.10.0 0.10.1
reqwest 0.13.2 0.13.3
tokio 1.50.0 1.52.1
toml 1.0.6+spec-1.1.0 1.1.2+spec-1.1.0
tempfile 3.26.0 3.27.0

Updates clap from 4.5.60 to 4.6.1

Release notes

Sourced from clap's releases.

v4.6.1

[4.6.1] - 2026-04-15

Fixes

  • (derive) Ensure rebuilds happen when an read env variable is changed
Changelog

Sourced from clap's changelog.

[4.6.1] - 2026-04-15

Fixes

  • (derive) Ensure rebuilds happen when an read env variable is changed

[4.6.0] - 2026-03-12

Compatibility

  • Update MSRV to 1.85

[4.5.61] - 2026-03-12

Internal

  • Update dependencies
Commits
  • 1420275 chore: Release
  • d2c817d docs: Update changelog
  • f88c94e Merge pull request #6341 from epage/sep
  • acbb822 fix(complete): Reduce risk of conflict with actual subcommands
  • a49fadb refactor(complete): Pull out subcommand separator
  • ddc008b Merge pull request #6332 from epage/update
  • 497dc50 chore: Update compatible dependencies
  • dca2326 Merge pull request #6331 from clap-rs/renovate/j178-prek-action-2.x
  • 54bdaa3 chore(deps): Update j178/prek-action action to v2
  • f0d30d9 chore: Release
  • Additional commits viewable in compare view

Updates rand from 0.10.0 to 0.10.1

Changelog

Sourced from rand's changelog.

[0.10.1] — 2026-02-11

This release includes a fix for a soundness bug; see #1763.

Changes

  • Document panic behavior of make_rng and add #[track_caller] (#1761)
  • Deprecate feature log (#1763)

#1761: rust-random/rand#1761 #1763: rust-random/rand#1763

Commits

Updates reqwest from 0.13.2 to 0.13.3

Release notes

Sourced from reqwest's releases.

v0.13.3

tl;dr

  • Fix CertificateRevocationList parsing of PEM values.
  • Fix logging in resolver to only show host, not full URL.
  • Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
  • Fix HTTP/3 to handle STOP_SENDING as not an error.
  • Fix HTTP/3 pool to remove timed out QUIC connections.
  • Fix HTTP/3 connection establishment picking IPv4 and IPv6.
  • Upgrade rustls-platform-verifier.
  • (wasm) Only use wasm-bindgen on unknown-* targets.

What's Changed

New Contributors

Full Changelog: seanmonstar/reqwest@v0.13.2...v0.13.3

Changelog

Sourced from reqwest's changelog.

v0.13.3

  • Fix CertificateRevocationList parsing of PEM values.
  • Fix logging in resolver to only show host, not full URL.
  • Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
  • Fix HTTP/3 to handle STOP_SENDING as not an error.
  • Fix HTTP/3 pool to remove timed out QUIC connections.
  • Fix HTTP/3 connection establishment picking IPv4 and IPv6.
  • Upgrade rustls-platform-verifier.
  • (wasm) Only use wasm-bindgen on unknown-* targets.
Commits

Updates tokio from 1.50.0 to 1.52.1

Release notes

Sourced from tokio's releases.

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

  • runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

  • io: AioSource::register_borrowed for I/O safety support (#7992)
  • net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

  • runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)
  • taskdump: add trace_with() for customized task dumps (#8025)
  • taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)
  • fs: support io_uring in AsyncRead for File (#7907)

Changed

  • runtime: improve spawn_blocking scalability with sharded queue (#7757)
  • runtime: use compare_exchange_weak() in worker queue (#8028)

Fixed

  • runtime: overflow second half of tasks when local queue is filled instead of first half (#8029)

Documented

  • docs: fix typo in oneshot::Sender::send docs (#8026)
  • docs: hide #[tokio::main] attribute in the docs of sync::watch (#8035)
  • net: add docs on ConnectionRefused errors with UDP sockets (#7870)

#7757: tokio-rs/tokio#7757 #7870: tokio-rs/tokio#7870 #7907: tokio-rs/tokio#7907 #7992: tokio-rs/tokio#7992 #8010: tokio-rs/tokio#8010 #8025: tokio-rs/tokio#8025 #8026: tokio-rs/tokio#8026 #8028: tokio-rs/tokio#8028 #8029: tokio-rs/tokio#8029

... (truncated)

Commits
  • 905c146 chore: prepare to release v1.52.1 (#8059)
  • 56aaa43 rt: revert #7757 to fix regression in spawn_blocking (#8057)
  • 57ff47a ci: update trybuild to expect output from rustc 1.95.0 (#8058)
  • 812de3e ci: bump taiki-e/cache-cargo-install-action from 1 to 3 (#8053)
  • ba82e73 ci: use Dependabot to keep github actions up to date (#8052)
  • 2e85f9d ci: replace cirrus-ci with freebsd-vm (#8041)
  • a7e1cd8 ci: update GitHub Actions workflows to use latest tool versions (#8047)
  • 5f7be0a chore: perpare 1.52.0 (#8045)
  • 36d12d2 taskdump: allow impl FnMut() in taskdumps instead of just fn() (#8040)
  • f943312 fs: support io-uring in AsyncRead for File (#7907)
  • Additional commits viewable in compare view

Updates toml from 1.0.6+spec-1.1.0 to 1.1.2+spec-1.1.0

Commits

Updates tempfile from 3.26.0 to 3.27.0

Changelog

Sourced from tempfile's changelog.

3.27.0

This release adds TempPath::try_from_path and deprecates TempPath::from_path.

Prior to this release, TempPath::from_path made no attempts to convert relative paths into absolute paths. The following code would have deleted the wrong file:

let tmp_path = TempPath::from_path("foo")
std::env::set_current_dir("/some/other/path").unwrap();
drop(tmp_path);

Now:

  1. TempPath::from_path will attempt to convert relative paths into absolute paths. However, this isn't always possible as we need to call std::env::current_dir, which can fail. If we fail to convert the relative path to an absolute path, we simply keep the relative path.
  2. The TempPath::try_from_path behaves exactly like TempPath::from_path, except that it returns an error if we fail to convert a relative path into an absolute path (or if the passed path is empty).

Neither function attempt to verify the existence of the file in question.

Thanks to @​meng-xu-cs for reporting this issue.

Commits
  • 5c8fa12 chore: release 3.27.0
  • e34e574 test: disable uds conflict test on redox
  • 772c795 test: add CWD guards
  • 2632fb9 fix: resolve relative paths when constructing TempPath
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the rust group across 1 directory with 6 updates
d7ac561 
Bumps the rust group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [clap](https://github.com/clap-rs/clap) | `4.5.60` | `4.6.1` |
| [rand](https://github.com/rust-random/rand) | `0.10.0` | `0.10.1` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.13.2` | `0.13.3` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.50.0` | `1.52.1` |
| [toml](https://github.com/toml-rs/toml) | `1.0.6+spec-1.1.0` | `1.1.2+spec-1.1.0` |
| [tempfile](https://github.com/Stebalien/tempfile) | `3.26.0` | `3.27.0` |



Updates `clap` from 4.5.60 to 4.6.1
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete-v4.5.60...clap_complete-v4.6.1)

Updates `rand` from 0.10.0 to 0.10.1
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand@0.10.0...0.10.1)

Updates `reqwest` from 0.13.2 to 0.13.3
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.13.2...v0.13.3)

Updates `tokio` from 1.50.0 to 1.52.1
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.50.0...tokio-1.52.1)

Updates `toml` from 1.0.6+spec-1.1.0 to 1.1.2+spec-1.1.0
- [Commits](toml-rs/toml@toml-v1.0.6...toml-v1.1.2)

Updates `tempfile` from 3.26.0 to 3.27.0
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](Stebalien/tempfile@v3.26.0...v3.27.0)

---
updated-dependencies:
- dependency-name: clap
  dependency-version: 4.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust
- dependency-name: rand
  dependency-version: 0.10.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: reqwest
  dependency-version: 0.13.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust
- dependency-name: tokio
  dependency-version: 1.52.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust
- dependency-name: toml
  dependency-version: 1.1.2+spec-1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust
- dependency-name: tempfile
  dependency-version: 3.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Apr 28, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 5, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 5, 2026
@dependabot dependabot Bot deleted the dependabot/cargo/rust-414e60c82f branch May 5, 2026 07:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants