Skip to content

Comments

Bump the cargo group across 1 directory with 11 updates#97

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/cargo-c21e56a80c
Closed

Bump the cargo group across 1 directory with 11 updates#97
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/cargo-c21e56a80c

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 20, 2026
edited
Loading

Bumps the cargo group with 11 updates in the / directory:

Package From To
clap 4.5.53 4.5.54
clap_complete 4.5.61 4.5.65
tracing 0.1.42 0.1.44
tracing-subscriber 0.3.21 0.3.22
uuid 1.18.1 1.19.0
thiserror 2.0.17 2.0.18
time 0.3.44 0.3.45
serde_json 1.0.145 1.0.149
url 2.5.7 2.5.8
hostname 0.4.1 0.4.2
zip 6.0.0 7.1.0

Updates clap from 4.5.53 to 4.5.54

Release notes

Sourced from clap's releases.

v4.5.54

[4.5.54] - 2026-01-02

Fixes

  • (help) Move [default] to its own paragraph when PossibleValue::help is present in --help
Changelog

Sourced from clap's changelog.

[4.5.54] - 2026-01-02

Fixes

  • (help) Move [default] to its own paragraph when PossibleValue::help is present in --help
Commits

Updates clap_complete from 4.5.61 to 4.5.65

Commits
  • a99bd42 chore: Release
  • 485d781 docs: Update changelog
  • 0acc8c8 Merge pull request #6209 from saiarcot895/fix-optional-value-option-zsh
  • 6c2cff6 fix: Allow optional value arguments for Zsh shell completion
  • 58723e5 test: Generate completions with multi/optional value options
  • 4ecbf54 chore: Release
  • f04062b docs: Update changelog
  • d68caa8 Merge pull request #6205 from maheshbansod/default-val-no-desc
  • a062eaf fix: Default vals on new line if possible values
  • 15509af test: Demonstrate default value ui bug on no desc
  • Additional commits viewable in compare view

Updates tracing from 0.1.42 to 0.1.44

Release notes

Sourced from tracing's releases.

tracing 0.1.44

Fixed

  • Fix record_all panic (#3432)

Changed

  • tracing-core: updated to 0.1.36 (#3440)

#3432: tokio-rs/tracing#3432 #3440: tokio-rs/tracing#3440

tracing 0.1.43

Important

The previous release [0.1.42] was yanked because #3382 was a breaking change. See further details in #3424. This release contains all the changes from that version, plus a revert for the problematic part of the breaking PR.

Fixed

  • Revert "make valueset macro sanitary" (#3425)

#3382: tokio-rs/tracing#3382 #3424: tokio-rs/tracing#3424 #3425: tokio-rs/tracing#3425 [0.1.42]: https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42

Commits

Updates tracing-subscriber from 0.3.21 to 0.3.22

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.22

Important

The previous release [0.3.21] was yanked as it depended explicitly on [tracing-0.1.42], which was yanked due to a breaking change (see #3424 for details). This release contains all the changes from the previous release, plus an update to the newer version of tracing.

Changed

  • tracing: updated to 0.1.43 (#3427)

#3424: tokio-rs/tracing#3424 #3427: tokio-rs/tracing#3427 [0.3.21]: https://github.com/tokio-rs/tracing/releases/tag/tracing-subscriber-0.3.21 [tracing-0.1.42]: https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42

Commits

Updates uuid from 1.18.1 to 1.19.0

Release notes

Sourced from uuid's releases.

v1.19.0

What's Changed

Full Changelog: uuid-rs/uuid@v1.18.1...v1.19.0

Commits
  • 7527cef Merge pull request #849 from uuid-rs/cargo/v1.19.0
  • d0422fa prepare for 1.19.0 release
  • f9a36e2 Merge pull request #848 from paolobarbolini/maintenance
  • 029a57e Fix most clippy warnings
  • e73bb27 Upgrade to 2021 edition
  • c597622 Merge pull request #843 from paolobarbolini/serde_core-migration
  • 9835bd6 Switch serde dependency to serde_core
  • See full diff in compare view

Updates thiserror from 2.0.17 to 2.0.18

Release notes

Sourced from thiserror's releases.

2.0.18

Commits
  • dc0f6a2 Release 2.0.18
  • 0275292 Touch up PR 443
  • 3c33bc6 Merge pull request #443 from LucaCappelletti94/master
  • 995939c Reproduce issue 442
  • 21653d1 Made clippy lifetime allows conditional
  • 45e5388 Update actions/upload-artifact@v5 -> v6
  • 386aac1 Update actions/upload-artifact@v4 -> v5
  • ec50561 Update actions/checkout@v5 -> v6
  • 247eab5 Update name of empty_enum clippy lint
  • 91b181f Raise required compiler to Rust 1.68
  • Additional commits viewable in compare view

Updates time from 0.3.44 to 0.3.45

Release notes

Sourced from time's releases.

v0.3.45

See the changelog for details.

Changelog

Sourced from time's changelog.

0.3.45 [2026-01-13]

Added

  • time::format_description::StaticFormatDescription type alias for &'static [BorrowedFormatItem<'static>]. This is the type returned by the time::macros::format_description! macro.

Changed

  • The minimum supported Rust version is now 1.83.0.
  • All floating point methods on Duration are now const fn.
  • All setters on Parsed are now const fn.
  • The serde dependency has been replaced with serde_core, This reduces compile times by not including unused parts of serde.
  • Date::from_julian_day uses a new algorithm, resulting in an approximately 16% performance improvement. This method is used internally by numerous other methods.
  • util::is_leap_year uses a new algorithm, resulting in an approximately 8% performance improvement.
Commits
  • d41b5e1 v0.3.45 release
  • 69db9fb Add noop to utils benchmark
  • 30ba933 Change from_julian_day algorithm
  • 267d847 Change leap year algorithm
  • 41e21ef Make util tests more opaque
  • 8f5981a Test whether every year 0-399 is leap year
  • 6365c4c Improve accuracy of Date benchmarks
  • a4fc845 Dependency upgrade
  • c468474 Rename lints for latest rustc
  • 037af66 Add type alias for format_description! output
  • Additional commits viewable in compare view

Updates serde_json from 1.0.145 to 1.0.149

Release notes

Sourced from serde_json's releases.

v1.0.149

  • Align arbitrary_precision number strings with zmij's formatting (#1306, thanks @​b41sh)

v1.0.148

  • Update zmij dependency to 1.0

v1.0.147

  • Switch float-to-string algorithm from Ryū to Żmij for better f32 and f64 serialization performance (#1304)

v1.0.146

Commits

Updates url from 2.5.7 to 2.5.8

Commits

Updates hostname from 0.4.1 to 0.4.2

Release notes

Sourced from hostname's releases.

0.4.2

What's Changed

Commits
  • c697709 Drop unsupported mips targets
  • fedf49b Add Dependabot config
  • 78bd371 Use separate job for MSRV checks
  • ed1ace4 Upgrade to windows-bindgen 0.65
  • 5682e0c Enable codegen tests on non-Windows platforms
  • fc4492a Drop explicit html_root_url
  • e3687ed Remove CHANGELOG.md in favor of GitHub Releases
  • ad7ef34 Update version in Cargo.lock
  • ef9e3c4 Release 0.4.2
  • 673020f Bump windows-link dependency 0.2
  • Additional commits viewable in compare view

Updates zip from 6.0.0 to 7.1.0

Release notes

Sourced from zip's releases.

v7.1.0

🚀 Features

  • display the underlying error in Display impl for ZipError::Display (#483)
  • Enable creation of ZipArchive without reparsing (#485)

🐛 Bug Fixes

  • Return InvalidPassword rather than panic when AES key is the wrong length (#457)
  • bench with auto zip64 comment (#505)
  • add condition for getrandom dependency (#504)
  • (zipcrypto) Support streaming ZipCrypto encryption, don't store entire file in memory (#462)

🚜 Refactor

  • Clean up imports and move types (#461)
  • Replace handwritten Ord and PartialOrd for DateTime (#484)

⚙️ Miscellaneous Tasks

  • Lock lzma-rust2 to at least 0.15.5 (#491)

v7.0.0

⚠️ Breaking Changes

  • Removed the following features: getrandom, hmac, pbkdf2, sha1, zeroize.
  • Removed lzma-static and xz-static feature flags, which were deprecated synonyms of lzma and xz. (#405, #425)

🚀 Features

  • (SimpleFileOptions) const DEFAULT implementation (#474)
  • ZipWriter set_auto_large_file() method to enable large-file data descriptor when necessary (#468)

🐛 Bug Fixes

  • print previous error when failing to search another cde (#460)
  • cargo doc warnings (#472)
  • Write ZIP64 data descriptors when large_file option is true (#467)
  • Pin generic-array to an old version to work around RustCrypto/traits#2036 until next RustCrypto & aes-crypto releases (#458)

⚙️ Miscellaneous Tasks

  • Revert version bump so that release-plz will trigger
  • expose more flate2 feature flags (#476)
  • Next release will be 7.0.0
  • release v6.0.0 (#442)

Deps

  • Bump lzma-rust2 to v0.15 (#465)*] Remove lzma-static and xz-static feature flags, which are deprecated synonyms of lzma and xz. (#405, #425)
Changelog

Sourced from zip's changelog.

7.1.0 - 2026-01-14

🚀 Features

  • display the underlying error in Display impl for ZipError::Display (#483)
  • Enable creation of ZipArchive without reparsing (#485)

🐛 Bug Fixes

  • Return InvalidPassword rather than panic when AES key is the wrong length (#457)
  • bench with auto zip64 comment (#505)
  • add condition for getrandom dependency (#504)
  • (zipcrypto) Support streaming ZipCrypto encryption, don't store entire file in memory (#462)

🚜 Refactor

  • Clean up imports and move types (#461)
  • Replace handwritten Ord and PartialOrd for DateTime (#484)

⚙️ Miscellaneous Tasks

  • Lock lzma-rust2 to at least 0.15.5 (#491)

7.0.0 - 2025-12-05

⚠️ Breaking Changes

  • Removed the following features: getrandom, hmac, pbkdf2, sha1, zeroize.
  • Removed lzma-static and xz-static feature flags, which were deprecated synonyms of lzma and xz. (#405, #425)

🚀 Features

  • (SimpleFileOptions) const DEFAULT implementation (#474)
  • ZipWriter set_auto_large_file() method to enable large-file data descriptor when necessary (#468)

🐛 Bug Fixes

  • print previous error when failing to search another cde (#460)
  • cargo doc warnings (#472)
  • Write ZIP64 data descriptors when large_file option is true (#467)
  • Pin generic-array to an old version to work around RustCrypto/traits#2036 until next RustCrypto & aes-crypto releases (#458)

⚙️ Miscellaneous Tasks

  • Revert version bump so that release-plz will trigger
  • expose more flate2 feature flags (#476)
  • Next release will be 7.0.0
  • release v6.0.0 (#442)

Deps

... (truncated)

Commits
  • ffcf8ad chore: release v7.1.0 (#517)
  • 003531d ci: Work around github/codeql-action#1572
  • b1c776b chore(deps): Remove temporary dependency on rustversion (#513)
  • 24e5188 chore(deps): update fuzzing deps and Dependabot config (#515)
  • 2f167eb fix: Return InvalidPassword rather than panic when AES key is the wrong lengt...
  • 8b2f161 ci: Configure concurrency groups: one per commit on master, one per ref elsew...
  • 3e0f5df docs: Potential fixes for 5 code quality findings in examples/write_sample.rs...
  • d3e20ba chore(deps): Update misc. dependencies (#508)
  • 671ab75 style: Clarify an error message, and address other code-quality findings in w...
  • 884d8f6 docs(examples): prevent path traversal in extract example (#512)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the cargo group across 1 directory with 11 updates
dca6360 
Bumps the cargo group with 11 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [clap](https://github.com/clap-rs/clap) | `4.5.53` | `4.5.54` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.61` | `4.5.65` |
| [tracing](https://github.com/tokio-rs/tracing) | `0.1.42` | `0.1.44` |
| [tracing-subscriber](https://github.com/tokio-rs/tracing) | `0.3.21` | `0.3.22` |
| [uuid](https://github.com/uuid-rs/uuid) | `1.18.1` | `1.19.0` |
| [thiserror](https://github.com/dtolnay/thiserror) | `2.0.17` | `2.0.18` |
| [time](https://github.com/time-rs/time) | `0.3.44` | `0.3.45` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.145` | `1.0.149` |
| [url](https://github.com/servo/rust-url) | `2.5.7` | `2.5.8` |
| [hostname](https://github.com/djc/hostname) | `0.4.1` | `0.4.2` |
| [zip](https://github.com/zip-rs/zip2) | `6.0.0` | `7.1.0` |



Updates `clap` from 4.5.53 to 4.5.54
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete-v4.5.53...clap_complete-v4.5.54)

Updates `clap_complete` from 4.5.61 to 4.5.65
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete-v4.5.61...clap_complete-v4.5.65)

Updates `tracing` from 0.1.42 to 0.1.44
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](tokio-rs/tracing@tracing-0.1.42...tracing-0.1.44)

Updates `tracing-subscriber` from 0.3.21 to 0.3.22
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](tokio-rs/tracing@tracing-subscriber-0.3.21...tracing-subscriber-0.3.22)

Updates `uuid` from 1.18.1 to 1.19.0
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](uuid-rs/uuid@v1.18.1...v1.19.0)

Updates `thiserror` from 2.0.17 to 2.0.18
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](dtolnay/thiserror@2.0.17...2.0.18)

Updates `time` from 0.3.44 to 0.3.45
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](time-rs/time@v0.3.44...v0.3.45)

Updates `serde_json` from 1.0.145 to 1.0.149
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.145...v1.0.149)

Updates `url` from 2.5.7 to 2.5.8
- [Release notes](https://github.com/servo/rust-url/releases)
- [Commits](servo/rust-url@v2.5.7...v2.5.8)

Updates `hostname` from 0.4.1 to 0.4.2
- [Release notes](https://github.com/djc/hostname/releases)
- [Commits](djc/hostname@v0.4.1...v0.4.2)

Updates `zip` from 6.0.0 to 7.1.0
- [Release notes](https://github.com/zip-rs/zip2/releases)
- [Changelog](https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md)
- [Commits](zip-rs/zip2@v6.0.0...v7.1.0)

---
updated-dependencies:
- dependency-name: clap
  dependency-version: 4.5.54
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: clap_complete
  dependency-version: 4.5.65
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: tracing
  dependency-version: 0.1.44
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: tracing-subscriber
  dependency-version: 0.3.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: uuid
  dependency-version: 1.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: thiserror
  dependency-version: 2.0.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: time
  dependency-version: 0.3.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: serde_json
  dependency-version: 1.0.149
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: url
  dependency-version: 2.5.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: hostname
  dependency-version: 0.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: zip
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jan 20, 2026
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 27, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jan 27, 2026
@dependabot dependabot bot deleted the dependabot/cargo/cargo-c21e56a80c branch January 27, 2026 00:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants