fix(deps): update rust dependencies (non-major)

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change
axum	dev-dependencies	patch	0.8.8 → 0.8.9
axum	dependencies	patch	0.8.8 → 0.8.9
chrono	dependencies	patch	0.4.44 → 0.4.45
clap	dependencies	patch	4.6.0 → 4.6.1
hmac	dev-dependencies	minor	0.12 → 0.13
hmac	dependencies	minor	0.12 → 0.13
insta	dev-dependencies	minor	1.46.3 → 1.48.0
jsonschema	dependencies	minor	0.45 → 0.46
opentelemetry	dependencies	minor	0.31 → 0.32
opentelemetry-otlp	dependencies	minor	0.31 → 0.32
opentelemetry_sdk	dependencies	minor	0.31 → 0.32
proptest (source)	dev-dependencies	minor	1.10.0 → 1.11.0
rand (source)	dependencies	minor	0.9 → 0.10
reqwest	dev-dependencies	patch	0.13.2 → 0.13.4
reqwest	dependencies	patch	0.13.2 → 0.13.4
serde_json	dev-dependencies	patch	1.0.149 → 1.0.150
serde_json	dependencies	patch	1.0.149 → 1.0.150
sha1	dependencies	minor	0.10 → 0.11
sha2	dev-dependencies	minor	0.10 → 0.11
sha2	dependencies	minor	0.10 → 0.11
sqlx	dependencies	minor	0.8 → 0.9
tokio	dev-dependencies	minor	1.50.0 → 1.52.3
tokio	dependencies	minor	1.50.0 → 1.52.3
tower-http	dependencies	minor	0.6 → 0.7
tracing-opentelemetry	dependencies	minor	0.32 → 0.33

---

Release Notes

tokio-rs/axum (axum)

v0.8.9

Compare Source

• added: WebSocketUpgrade::{requested_protocols, set_selected_protocol} for more flexible subprotocol selection (#​3597)
• changed: Update minimum rust version to 1.80 (#​3620)
• fixed: Set connect endpoint on correct field in MethodRouter (#​3656)
• fixed: Return specific error message when multipart body limit is exceeded (#​3611)

chronotope/chrono (chrono)

v0.4.45: 0.4.45

Compare Source

What's Changed

• fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow by @​SAY-5 in #​1787
• tz_data: fix tzdata locations on Android by @​caruschalalamove in #​1789

Stranger6667/jsonschema (jsonschema)

v0.46.5

Fixed

• Percent-encoded characters in $ref URI fragments (e.g. #/$defs/Request%20class) are now decoded when stored as schema_path.

v0.46.4

Fixed

• Panic in the regex engine when matching against patterns with very large {0,N} quantifiers.

v0.46.3

Fixed

• Memory not reclaimed when a Validator for a schema with recursive $ref or $dynamicRef is dropped. #​1125
• Compilation failure on wasm32-wasip1 and wasm32-unknown-emscripten targets.

v0.46.2

Fixed

• required not enforced when additionalProperties is a schema object and required lists exactly 2 keys.

v0.46.1

Fixed

• required not enforced when properties has 15 or more entries and required lists exactly 2 keys.

v0.46.0

Added

• ValidatorMap for validating instances against subschemas identified by URI-fragment JSON pointer. #​1075
• CLI: Accept multiple values after -i/--instance (e.g. jsonschema validate schema.json -i *.json). #​1085
• dereference function to recursively inline $ref references. #​422
• CLI: jsonschema dereference subcommand to dereference a schema from the command line.

Breaking Changes

• Registry construction now uses an explicit prepare step, and with_registry now borrows the prepared registry. ValidationOptions::with_resource and ValidationOptions::with_resources were removed in favor of building a Registry first. See the Migration Guide for the details.

Performance

• Avoid registry clones and document clones during validator construction. This improves real-world schema compilation by roughly 10-20% in internal benchmarks.

v0.45.1

Fixed

• Incorrect handling of multipleOf validation for negative numeric instances.
• Incorrect handling of duration format when hours and seconds appear without minutes, or years and days without months.

proptest-rs/proptest (proptest)

v1.11.0

Compare Source

rust-random/rand (rand)

v0.10.1

Compare Source

This release includes a fix for a soundness bug; see #​1763.

Changes

• Document panic behavior of make_rng and add #[track_caller] (#​1761)
• Deprecate feature log (#​1763)

v0.10.0

Compare Source

Changes

• The dependency on rand_chacha has been replaced with a dependency on chacha20. This changes the implementation behind StdRng, but the output remains the same. There may be some API breakage when using the ChaCha-types directly as these are now the ones in chacha20 instead of rand_chacha (#​1642).
• Rename fns IndexedRandom::choose_multiple -> sample, choose_multiple_array -> sample_array, choose_multiple_weighted -> sample_weighted, struct SliceChooseIter -> IndexedSamples and fns IteratorRandom::choose_multiple -> sample, choose_multiple_fill -> sample_fill (#​1632)
• Use Edition 2024 and MSRV 1.85 (#​1653)
• Let Fill be implemented for element types, not sliceable types (#​1652)
• Fix OsError::raw_os_error on UEFI targets by returning Option<usize> (#​1665)
• Replace fn TryRngCore::read_adapter(..) -> RngReadAdapter with simpler struct RngReader (#​1669)
• Remove fns SeedableRng::from_os_rng, try_from_os_rng (#​1674)
• Remove Clone support for StdRng, ReseedingRng (#​1677)
• Use postcard instead of bincode to test the serde feature (#​1693)
• Avoid excessive allocation in IteratorRandom::sample when amount is much larger than iterator size (#​1695)
• Rename os_rng -> sys_rng, OsRng -> SysRng, OsError -> SysError (#​1697)
• Rename Rng -> RngExt as upstream rand_core has renamed RngCore -> Rng (#​1717)

Additions

• Add fns IndexedRandom::choose_iter, choose_weighted_iter (#​1632)
• Pub export Xoshiro128PlusPlus, Xoshiro256PlusPlus prngs (#​1649)
• Pub export ChaCha8Rng, ChaCha12Rng, ChaCha20Rng behind chacha feature (#​1659)
• Fn rand::make_rng() -> R where R: SeedableRng (#​1734)

Removals

• Removed ReseedingRng (#​1722)
• Removed unused feature "nightly" (#​1732)
• Removed feature small_rng (#​1732)

v0.9.4

Compare Source

Fixes

• Fix doc build (#​1766)

Full Changelog: rust-random/rand@0.9.3...0.9.4

v0.9.3

Compare Source

RustCrypto/hashes (sha1)

v0.11.0

Compare Source

launchbadge/sqlx (sqlx)

v0.9.0

Compare Source

Important Announcements

New Github Organization

Shortly after this release is published, the SQLx repository will be transferred to a new GitHub organization:
https://github.com/transact-rs/

This is because SQLx has not been owned or maintained by LaunchBadge, LLC. for a few years now, and has since been
informally transferred to the collective ownership of its principal authors. Moving the repository to a new
organization makes this change more clear, and also allows for potentially inviting outside collaborators.

Cargo.lock Removed from Tracking

The Cargo.lock has been removed from tracking in Git. CI should now always test with the latest versions of
all dependencies by default, alongside our pass that checks with cargo generate-lockfile -Z minimal-versions.

This should eliminate the need for any PRs that update dependencies to also update Cargo.lock or
contend with an endless stream of merge conflicts against it.

N.B. cargo install --locked sqlx-cli will no longer work. However, cargo install sqlx-cli has always
used the latest dependencies by default, ignoring the lockfile, so most users should not be affected. For users
requiring reproducible builds, consider maintaining your own lockfile instead; historically, we only ran cargo update
sporadically, so relying on SQLx's lockfile offered few guarantees anyway.

See the manual page for cargo install for details.

Breaking

As per our MSRV policy, the supported Rust version for this release cycle is 1.94.0.

• [#​3383]: feat: create sqlx.toml format [[@​abonander]]
  • SQLx and sqlx-cli now support per-crate configuration files (sqlx.toml)
  • New functionality includes, but is not limited to:
    • Rename DATABASE_URL for a crate (for multi-database workspaces)
    • Set global type overrides for the macros (supporting custom types)
    • Rename or relocate the _sqlx_migrations table (for multiple crates using the same database)
    • Set characters to ignore when hashing migrations (e.g. ignore whitespace)
  • More to be implemented in future releases.
  • Enable feature sqlx-toml to use.
    • sqlx-cli has it enabled by default, but sqlx does not.
    • Default features of library crates can be hard to completely turn off because of feature unification,
      so it's better to keep the default feature set as limited as possible.
      This is something we learned the hard way.
  • Guide: see sqlx::_config module in documentation.
  • Reference: [Link]
  • Examples (written for Postgres but can be adapted to other databases; PRs welcome!):
    • Multiple databases using DATABASE_URL renaming and global type overrides: [Link]
    • Multi-tenant database using _sqlx_migrations renaming and multiple schemas: [Link]
    • Force use of chrono when time is enabled (e.g. when using tower-sessions-sqlx-store): [Link]
      • Forcing bigdecimal when rust_decimal is enabled is also shown, but problems with chrono/time are more common.
  • Breaking changes:
    • Significant changes to the Migrate trait
    • sqlx::migrate::resolve_blocking() is now #[doc(hidden)] and thus SemVer-exempt.
• [#​3486]: fix(logs): Correct spelling of aquired_after_secs tracing field [[@​iamjpotts]]
  • Breaking behavior change: implementations parsing tracing logs from SQLx will need to update the spelling.
• [#​3495]: feat(postgres): remove lifetime from PgAdvisoryLockGuard [[@​bonsairobo]]
• [#​3526]: Return &mut Self from the migrator set_ methods [[@​nipunn1313]]
  • Minor breaking change: Migrator::set_ignore_missing and set_locking now return &mut Self instead of &Self
    which may break code in rare circumstances.
• [#​3541]: Postgres: force generic plan for better nullability inference. [[@​joeydewaal]]
  • Breaking change: may alter the output of the query!() macros for certain queries in Postgres.
• [#​3613]: fix: RawSql lifetime issues [[@​abonander]]
  • Breaking change: adds DB type parameter to all methods of RawSql
• [#​3670]: Bump ipnetwork to v0.21.1 [[@​BeauGieskens]]
• [#​3674]: Implement Decode, Encode and Type for Box, Arc, Cow and Rc [[@​joeydewaal]]
  • Breaking change: impl Decode for Cow now always decodes Cow::Owned, lifetime is unlinked
  • See this discussion for motivation: #​3674 (comment)
• [#​3723]: Add SqlStr [[@​joeydewaal]]
  • Breaking change: all query*() functions now take impl SqlSafeStr
    which is only implemented for &'static str and AssertSqlSafe.
    For all others, wrap in AssertSqlSafe(<query>).
  • This, along with [#​3960], finally allows returning owned queries as the type will be Query<'static, DB>.
  • SqlSafeStr trait is deliberately similar to std::panic::UnwindSafe,
    serving as a speedbump to warn users about naïvely building queries with format!()
    while allowing a workaround for advanced usage that is easy to spot on code review.
• [#​3800]: Escape PostgreSQL Options [[@​V02460]]
  • Breaking behavior change: options passed to PgConnectOptions::options() are now automatically escaped.
    Manual escaping of options is no longer necessary and may cause incorrect behavior.
• [#​3821]: Groundwork for 0.9.0-alpha.1 [[@​abonander]]
  • Increased MSRV to 1.86 and set rust-version
  • Deleted deprecated combination runtime+TLS features (e.g. runtime-tokio-native-tls)
  • Deleted re-export of unstable TransactionManager trait in sqlx.
    • Not technically a breaking change because it's #[doc(hidden)],
      but it will break SeaORM if not proactively fixed.
• [#​3924]: breaking(mysql): assume all non-binary collations compatible with str [[@​abonander]]
  • Text (or text-like) columns which previously were inferred to be Vec<u8> will be inferred to be String
    (this should ultimately fix more code than it breaks).
  • SET NAMES utf8mb4 COLLATE utf8_general_ci is no longer sent by default; instead, SET NAMES utf8mb4 is sent to
    allow the server to select the appropriate default collation (since this is version- and configuration-dependent).
  • MySqlConnectOptions::charset() and ::collation() now imply ::set_names(true) because they don't do anything otherwise.
  • Setting charset doesn't change what's sent in the Protocol::HandshakeResponse41 packet as that normally only
    matters for error messages before SET NAMES is sent.
    The default collation if set_names = false is utf8mb4_general_ci.
  • See this comment for details.
  • Incidental breaking change: RawSql::fetch_optional() now returns sqlx::Result<Option<DB::Row>>
    instead of sqlx::Result<DB::Row>. Whoops.
• [#​3928]: breaking(sqlite): libsqlite3-sys versioning, feature flags, safety changes [[@​abonander]]
  • SemVer policy changes: libsqlite3-sys version is now specified using a range.
    The maximum of the range may now be increased in any backwards-compatible release.
    The minimum of the range may only be increased in major releases.
    If you have libsqlite3-sys in your dependencies, Cargo should choose a compatible version automatically.
    If otherwise unconstrained, Cargo should choose the latest version supported.
  • SQLite extension loading (including through the new sqlx-toml feature) is now unsafe.
  • Added new non-default features corresponding to conditionally compiled SQLite APIs:
    • sqlite-deserialize enabling SqliteConnection::serialize() and SqliteConnection::deserialize()
    • sqlite-load-extension enabling SqliteConnectOptions::extension() and ::extension_with_entrypoint()
    • sqlite-unlock-notify enables internal use of sqlite3_unlock_notify()
  • SqliteValue and SqliteValueRef changes:
    • The sqlite3_value* interface reserves the right to be stateful.
      Without protection, any call could theoretically invalidate values previously returned, leading to dangling pointers.
    • SqliteValue is now !Sync and SqliteValueRef is !Send to prevent data races from concurrent accesses.
      • Instead, clone or wrap the SqliteValue in Mutex, or convert the SqliteValueRef to an owned value.
    • SqliteValue and any derived SqliteValueRefs now internally track if that value has been used to decode a
      borrowed &[u8] or &str and errors if it's used to decode any other type.
    • This is not expected to affect the vast majority of usages, which should only decode a single type
      per SqliteValue/SqliteValueRef.
    • See new docs on SqliteValue for details.
• [#​3949]: Postgres: move PgLTree::from to From<Vec<PgLTreeLabel>> implementation [[@​JerryQ17]]
• [#​3957]: refactor(sqlite): do not borrow bound values, delete lifetime on SqliteArguments [[@​iamjpotts]]
• [#​3958]: refactor(any): Remove lifetime parameter from AnyArguments [[@​iamjpotts]]
• [#​3960]: refactor(core): Remove lifetime parameter from Arguments trait [[@​iamjpotts]]
• [#​3993]: Unescape PostgreSQL passfile password [[@​V02460]]
  • Previously, .pgpass file handling did not process backslash-escapes in the password part.
    Now it does, which may change what password is sent to the server.
• [#​4008]: make #[derive(sqlx::Type)] automatically generate impl PgHasArrayType by default for newtype structs [[@​papaj-na-wrotkach]]
  • Manual implementations of PgHasArrayType for newtypes will conflict with the generated one.
    Delete the manual impl or add #[sqlx(no_pg_array)] where conflicts occur.
• [#​4077]: breaking: make offline optional to allow building without serde [[@​CathalMullan]]
• [#​4094]: Bump bit-vec to v0.8 [[@​zennozenith]]
• [#​4142]: feat(mysql): add mysql-rsa feature for non-TLS RSA auth [[@​dertin]]
  • Connections requiring RSA password encryption now need to enable the mysql-rsa feature
    or an error will be generated at runtime. RSA encryption is only used for plaintext (non-TLS) connections.
• [#​4255]: breaking(any+mysql): correctly convert text and blob types to AnyTypeInfo [[@​abonander]]

Added

• [#​3641]: feat(Postgres): support nested domain types [[@​joeydewaal]]
• [#​3651]: Add PgBindIter for encoding and use it as the implementation encoding &[T] [[@​tylerhawkes]]
• [#​3675]: feat: implement Encode, Decode, Type for Arc<str> and Arc<[u8]> (and Rc equivalents) [[@​joeydewaal]]
• [#​3791]: Smol+async global executor 1.80 dev [[@​martin-kolarik]]
  • Adds runtime-smol and runtime-async-global-executor features to replace usages of the deprecated async-std crate.
• [#​3859]: Add more JsonRawValue encode/decode impls. [[@​Dirbaio]]
• [#​3881]: CLi: made cli-lib modules publicly available for other crates [[@​silvestrpredko]]
• [#​3889]: Compile-time support for external drivers [[@​bobozaur]]
• [#​3917]: feat(sqlx.toml): support SQLite extensions in macros and sqlx-cli [[@​djarb]]
• [#​3918]: Feature: Add exclusion violation error kind [[@​barskern]]
• [#​3971]: Allow single-field named structs to be transparent [[@​Xiretza]]
• [#​4015]: feat(sqlite): no_tx migration support [[@​AlexTMjugador]]
• [#​4020]: Add Migrator::with_migrations() constructor [[@​xb284524239]]
• [#​3846]: Add the possibility to skip migrations [[@​Dosenpfand]]
• [#​4107]: Add SQLite extension entrypoint config to sqlx.toml, update SQLite extension example [[@​supleed2]]
• [#​4118]: [postgres] Display line number in error message [[@​mousetail]]
• [#​4123]: feat: add Json::into_inner() [[@​chrxn1c]]
• [#​4153]: Add on unimplemented diagnostic to SqlStr [[@​joeydewaal]]
• [#​4167]: add sqlite serialize/deserialize example [[@​mattrighetti]]
• [#​4228]: sqlx-postgres: Make PgNotification struct clone [[@​michaelvanstraten]]

Changed

• [#​3525]: Remove unnecessary boxfutures [[@​joeydewaal]]
• [#​3867]: sqlx-postgres: Bump etcetera to 0.10.0 [[@​miniduikboot]]
• [#​3709]: chore: replace once_cell OnceCell/Lazy with std OnceLock/LazyLock [[@​paolobarbolini]]
• [#​3890]: feat: Unify Debug implementations across PgRow, MySqlRow and SqliteRow [[@​davidcornu]]
• [#​3911]: chore: upgrade async-io to v2.4.1 [[@​zebrapurring]]
• [#​3938]: Move QueryLogger back [[@​joeydewaal]]
• [#​3956]: chore(sqlite): Remove unused test of removed git2 feature [[@​iamjpotts]]
• [#​3962]: Give SQLX_OFFLINE_DIR from environment precedence in macros [[@​psionic-k]]
• [#​3968]: chore(ci): Add timeouts to ci jobs [[@​iamjpotts]]
• [#​4002]: sqlx-postgres(tests): cleanup 2 unit tests. [[@​joeydewaal]]
• [#​4022]: refactor: tweaks after #​3791 [[@​abonander]]
• [#​4257]: Prefer to give real data to .bind() in README.md [[@​sobolevn]]
• [#​4042]: Update to webpki-roots 1 [[@​tottoto]]
• [#​4072]: chore: update hashlink to v0.11.0 [[@​anmolitor]]
• [#​4143]: Bump whoami to v2 [[@​tisonkun]]
• [#​4161]: sqlx-sqlite: relax libsqlite3-sys constraint to allow 0.36.x [[@​darioAnongba]]
• [#​4173]: ci: check direct minimal versions [[@​ricochet]]
  • Note: reverted in 0.9.0 release but still listed for contributor credit. See end of PR thread for details.
• [#​4189]: Bump flume to 0.12.0 [[@​opoplawski]]
• [#​4223]: test(sqlite): add regression test for ORDER BY + LIMIT nullability (#​4147) [[@​barry3406]]
• [#​4230]: chore: Update to cargo_metadata 0.23 [[@​tottoto]]
• [#​4233]: Change reference to dotenvy [[@​graemer957]]
• [#​4235]: chore: Update to validator 0.20 [[@​tottoto]]
• [#​4253]: chore: update example to axum 0.8 [[@​tottoto]]
• Release PR:
  • Upgraded all Rust-Crypto crates, rand
  • Upgraded etcetera to 0.11.0
  • Increased max of libsqlite3-sys version range to <0.38.0

Fixed

• [#​3840]: Fix docs.rs build of sqlx-sqlite [[@​gferon]]
• [#​3848]: fix(macros): don't mutate environment variables [[@​joeydewaal]]
• [#​3856]: fix(macros): slightly improve unsupported type error message [[@​dyc3]]
• [#​3857]: fix(mysql): validate parameter count for prepared statements [[@​cvzx]]
• [#​3861]: Fix NoHostnameTlsVerifier for rustls 0.23.24 and above [[@​elichai]]
• [#​3863]: Use unnamed statement in pg when not persistent [[@​ThomWright]]
• [#​3874]: Further reduce dependency on futures and futures-util [[@​paolobarbolini]]
• [#​3886]: fix: use Executor::fetch in QueryAs::fetch [[@​bobozaur]]
• [#​3910]: feat(ok): add correct handling of ok packets in MYSQL implementation [[@​0xfourzerofour]]
• [#​3914]: fix: regenerate test certificates [[@​abonander]]
• [#​3915]: fix: spec_error is used by try_from derive [[@​saiintbrisson]]
• [#​3919]: fix[sqlx-postgres]: do a checked_mul to prevent panic'ing [[@​nhatcher-frequenz]]
• [#​3923]: sqlx-mysql: Fix bug in cleanup test db's. [[@​joeydewaal]]
• [#​3950]: chore: Fix warnings for custom postgres_## cfg flags [[@​iamjpotts]]
• [#​3952]: Pool.close: close all connections before returning [[@​jpmelos]]
• [#​3975]: fix documentation for rustls native root certificates [[@​2ndDerivative]]
• [#​3977]: refactor(ci): Use separate job for postgres ssl auth tests [[@​iamjpotts]]
• [#​3980]: Correctly ROLLBACK transaction when dropped during BEGIN. [[@​kevincox]]
• [#​3981]: SQLite: fix transaction level accounting with bad custom command. [[@​kevincox]]
• [#​3986]: chore(core): Fix docstring for Query::try_bind [[@​iamjpotts]]
• [#​3987]: chore(deps): Resolve deprecation warning for chrono Date and ymd methods [[@​iamjpotts]]
• [#​3988]: refactor(sqlite): Resolve duplicate test target warning for macros.rs [[@​iamjpotts]]
• [#​3989]: chore(deps): Set default-features=false on sqlx in workspace.dependencies [[@​iamjpotts]]
• [#​3991]: fix(sqlite): regression when decoding nulls [[@​abonander]]
• [#​4006]: PostgreSQL SASL – run SHA256 in a blocking executor [[@​ThomWright]]
• [#​4007]: fix(compose): use OS-assigned ports for all conatiners [[@​papaj-na-wrotkach]]
• [#​4009]: Drop cached db connections in macros upon hitting an error [[@​swlynch99]]
• [#​4024]: fix(sqlite) Migrate revert with no-transaction [[@​Dosenpfand]]
• [#​4027]: native tls handshake: build TlsConnector in blocking threadpool [[@​daviduebler]]
• [#​4053]: fix(macros): smarter .env loading, caching, and invalidation [[@​abonander]]
  • Additional credit to [[@​AlexTMjugador]] ([#​4018]) and [[@​Diggsey]] ([#​4039]) for their proposed solutions
    which served as a useful comparison.
• [#​4068]: Fix typo in migration example from 'uesrs' to 'users' [[@​squidpickles]]
• [#​4069]: fix some spelling issues [[@​joeydewaal]]
• [#​4086]: fix(mysql): Work around for Issue #​2206 (ColumnNotFound error when querying) [[@​duelafn]]
• [#​4088]: (Fix) Handle nullability of SQLite rowid alias columns [[@​Lege19]]
• [#​4100]: postgres: update pgpass path on windows [[@​joeydewaal]]
• [#​4134]: fix CI: replace removed macOS runner, deprecated use of Command::cargo_bin() [[@​abonander]]
• [#​4136]: Ensure Deterministic Migration Order [[@​aoengin]]
• [#​4158]: Fix panic in JSONB decoder on invalid version byte [[@​jrey8343]]
• [#​4165]: sqlx-postgres: fix correct operator precedence in byte length check [[@​cuiweixie]]
• [#​4171]: fix(postgres): remove home crate in favor of std::env::home_dir [[@​ricochet]]
• [#​4172]: fix(sqlx-cli): bump openssl minimum to 0.10.46 [[@​ricochet]]
• [#​4176]: fix(mysql): return error instead of panic on truncated OK packet [[@​cvzx]]
• [#​4199]: fix(postgres): make advisory lock cancel safe [[@​joeydewaal]]
• [#​4201]: Fix SCRAM password SASLprep [[@​var4yn]]
• [#​4202]: fix: replace from_utf8_unchecked with from_utf8_lossy in SqliteError [[@​joaquinhuigomez]]
• [#​4203]: fix: use sqlite3_value_text for REGEXP to match SQLite coercion [[@​joaquinhuigomez]]
• [#​4219]: sqlite: lossily coerce invalid UTF-8 in custom collation callback [[@​joaquinhuigomez]]
• [#​4221]: fix: replace from_utf8_unchecked with from_utf8 in SQLite column name handling [[@​barry3406]]
• [#​4226]: fix(postgres): use non-prepared statements for metadata queries [[@​abonander]]
• [#​4227]: fix(macros-core): update unstable proc_macro APIs for recent nightly [[@​barry3406]]
• [#​4234]: fix: Use correct path in error when failing to create tmp dir in prepare [[@​Miesvanderlippe]]
• [#​4245]: fix(mysql): repair caching_sha2_password fast-auth path [[@​altmannmarcelo]]
• [#​4251]: fix(tls): potential deadlock in StdSocket::poll_ready() [[@​abonander]]

tower-rs/tower-http (tower-http)

v0.7.0

Compare Source

Changes since 0.6.11

Added

• csrf: add cross-site request forgery (CSRF) protection middleware, porting the cross-origin protection scheme introduced in Go 1.25 (#​699)

  use tower::ServiceBuilder;
  use tower_http::csrf::CsrfLayer;
  
  // Rejects cross-origin state-changing requests using `Sec-Fetch-Site`,
  // an `Origin` allow-list, and an `Origin`/`Host` fallback. No per-request
  // token state required.
  let layer = CsrfLayer::new().add_trusted_origin("https://example.com")?;
  
  let service = ServiceBuilder::new().layer(layer).service_fn(handler);

• timeout: add DeadlineBody for non-resetting body timeouts, applied via the new RequestBodyDeadlineLayer and ResponseBodyDeadlineLayer (#​688)

  Unlike TimeoutBody, which resets its deadline on every frame, DeadlineBody caps the total time of a body transfer. A slow client trickling one byte at a time never trips an idle timeout but will trip a deadline.

  use std::time::Duration;
  use tower::ServiceBuilder;
  use tower_http::timeout::RequestBodyDeadlineLayer;
  
  // Abort the request body transfer after 30s total, regardless of how
  // frequently data arrives.
  let service = ServiceBuilder::new()
      .layer(RequestBodyDeadlineLayer::new(Duration::from_secs(30)))
      .service_fn(handler);

• fs: add strong ETag support to ServeDir, including If-Match and If-None-Match precondition handling per RFC 9110. 304 Not Modified responses now carry the ETag and Last-Modified validators (#​691)

• fs: add a Backend trait to make ServeDir work with non-filesystem sources (e.g. embedded assets or object storage). The default TokioBackend preserves existing behavior. Use ServeDir::with_backend() to plug in custom implementations (#​684)

  use tower_http::services::fs::ServeDir;
  
  // `MyBackend` implements `tower_http::services::fs::Backend`.
  // The default `ServeDir::new()` continues to use `TokioBackend` (local FS).
  let service = ServeDir::with_backend("assets", MyBackend::new());

• fs: add html_as_default_extension option to ServeDir, appending .html when the request path has no extension (#​519)

• fs: add redirect_path_prefix option to ServeDir, prepending a prefix on trailing-slash redirects so the service can be mounted under a sub-path (#​486)

• validate-request: add ValidateRequestHeaderLayer::has_header_value() to reject requests when a header does not have an expected value (#​360)

• body: UnsyncBoxBody::new() constructor and From<ServeFileSystemResponseBody> conversion to avoid double-boxing when combining ServeDir responses with other body types (#​537)

• limit: implement Default for limit::ResponseBody when the wrapped body also implements Default (#​679)

Changed

• breaking: compression: the middleware now handles the * wildcard and identity;q=0 in Accept-Encoding per RFC 9110 §12.5.3. Requests that previously fell back to identity (e.g. *;q=0 or identity;q=0 with no other acceptable encoding) now receive a 406 Not Acceptable response. Clients that explicitly reject all encodings without listing an alternative will see different behavior. (#​693)

• breaking: compression: upgrade the SizeAbove predicate threshold from u16 to u64, allowing minimum sizes above 64 KiB (#​704)

• breaking: remove the implicit no-op tokio and async-compression features. These were kept as no-op features in 0.6.x for backwards compatibility after the switch to dep: syntax in #​642. Downstream crates that activate tower-http/tokio or tower http/async-compression should remove those feature entries; the underlying dependencies are still pulled in transitively by the features that need them (e.g. compression-gzip, fs, timeout). (#​628)

• breaking: trace/classify: include the gRPC error message in tracing output. GrpcCode and GrpcFailureClass are now #[non_exhaustive], and GrpcStatus is exported from the classify module (#​422)

• breaking: follow-redirect: FollowRedirect now forwards request Extensions to redirected requests instead of dropping them. The Standard policy drops extensions on cross-origin redirections (same-origin keeps them). Opt out with FollowRedirectLayer::preserve_extensions(false); keep specific types with FilterCredentials::allow_extension::<T>() or all of them with keep_all_extensions(). (#​706)

  use tower_http::follow_redirect::FollowRedirectLayer;
  
  // 0.7.0 forwards request `Extensions` across redirects by default.
  // Restore the previous behavior (drop all extensions) with:
  let layer = FollowRedirectLayer::new().preserve_extensions(false);

• breaking: follow-redirect: header and extension filtering is now cumulative. A value a policy drops on one hop is no longer replayed on later hops, so FilterCredentials no longer re-sends Cookie/Authorization to a same-origin target reached after cross-origin hop. Custom Policy::on_request impls now see the previous hop's filtered request, not the original. (#​706)

• trace: DefaultOnRequest, DefaultOnResponse, DefaultOnFailure, and DefaultOnEos now explicitly parent their tracing events to the request span rather than relying on the ambient span context. This fixes intermittent cases where events could appear without their request span attached (#​690)

• cors: relax the Vary header defaults (#​674)

• MSRV bumped from 1.64 to 1.65 (#​684)

Fixed

• fs: ServeDir and ServeFile now emit a Vary: Accept-Encoding response
  header when precompressed serving is configured, ensuring caches correctly
  distinguish between compressed and uncompressed variants (#​692)
• breaking: services: reject a trailing slash for file paths. File requests with a trailing slash now return 404 Not Found instead of serving the file (#​678)
• fs: fix ServeDir stripping the file extension when serving with identity encoding (#​686)
• compression: forward trailers from the inner body after compression finishes, fixing dropped gRPC status trailers (#​685)
• trace: fire on_eos when the inner body reports is_end_stream with a precise content-length (#​687)
• on-early-drop: suppress the early-drop guard when is_end_stream is reported after a data frame (#​687)
• set-header: make SetMultipleRequestHeaders and SetMultipleResponseHeaders Clone for non-Clone HTTP bodies (#​703)

Thanks

• @​jlizen
• @​seun-ja
• @​Oliboy50

New Contributors

• @​muhamadazmy made their first contribution in #​679
• @​Isvane made their first contribution

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (in timezone Asia/Tokyo)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[recuu-pfeg]

sha1/sha2 0.11 has breaking API changes in HMAC (Mac trait). Needs code updates in src/verify.rs. Will address after v0.6.0 release.