Skip to content

chore(deps): bump the dependencies group across 1 directory with 15 updates#58

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/dependencies-9aa842b02f
Closed

chore(deps): bump the dependencies group across 1 directory with 15 updates#58
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/dependencies-9aa842b02f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps the dependencies group with 12 updates in the / directory:

Package From To
caramelo 0.1.1-beta.2 0.1.1-beta.4
rand 0.10.1 0.10.2
vetis-smol 0.1.0-beta.3 0.1.0-beta.4
deboa 0.1.0-beta.17 0.1.0-beta.18
vetis-tokio 0.1.0-beta.3 0.1.0-beta.4
anyhow 1.0.102 1.0.103
aws-lc-rs 1.17.0 1.17.1
env_logger 0.11.10 0.11.11
hybrid-array 0.4.12 0.4.13
jiff 0.2.29 0.2.31
rustls-pki-types 1.14.1 1.15.0
xxhash-rust 0.8.15 0.8.16

Updates caramelo from 0.1.1-beta.2 to 0.1.1-beta.4

Commits

Updates rand from 0.10.1 to 0.10.2

Changelog

Sourced from rand's changelog.

[0.10.2] — 2026-07-02

Fixes

  • Fix possible memory safety violation due to deserialization of UniformChar from bad source (#1790)

Changes

  • Document required output order of fn partial_shuffle and apply #[must_use] (#1769)
  • Avoid usage of unsafe in contexts where non-local memory corruption could invalidate contract (#1791)

#1769: rust-random/rand#1769 #1790: rust-random/rand#1790 #1791: rust-random/rand#1791

Commits

Updates vetis-smol from 0.1.0-beta.3 to 0.1.0-beta.4

Commits

Updates deboa from 0.1.0-beta.17 to 0.1.0-beta.18

Commits

Updates vetis-tokio from 0.1.0-beta.3 to 0.1.0-beta.4

Commits

Updates anyhow from 1.0.102 to 1.0.103

Release notes

Sourced from anyhow's releases.

1.0.103

  • Fix Stacked Borrows violation (UB) in Error::downcast_mut (#451, #452)
Commits
  • 5bdb0e2 Release 1.0.103
  • e621bd3 Merge pull request #452 from dtolnay/downcast
  • 6e8c000 Eliminate pointer->reference->pointer during downcast
  • 67c4abd Add regression test for issue 451
  • 917a169 Update actions/upload-artifact@v6 -> v7
  • d9dc3fa Update actions/checkout@v6 -> v7
  • 841522b Raise minimum tested compiler to rust 1.85
  • See full diff in compare view

Updates aws-lc-rs from 1.17.0 to 1.17.1

Release notes

Sourced from aws-lc-rs's releases.

aws-lc-rs v1.17.1

🎉 AWS-LC FIPS v3 Module Has Been Validated

The AWS-LC FIPS v3 module has been awarded FIPS 140-3 validation by NIST's CMVP:

Seek guidance from a local FIPS compliance expert regarding requirements for your deployment environments. Please consult the Security Policies associated with our certificates if you have questions.

aws-lc-fips-sys (utilized via the fips feature of aws-lc-rs) currently uses the validated FIPS v3 module.

  • In the upcoming aws-lc-rs v1.18.0 release, we plan to switch aws-lc-fips-sys to our FIPS v4 branch.

What's Changed

Upstream AWS-LC (v5.1.0)

aws-lc-sys now aligns with AWS-LC v5.1.0 (previously v1.73.0). Notable upstream changes include:

Build Improvements

Issues Being Closed

Other Merged PRs

... (truncated)

Commits
  • 741dbf5 Prepare aws-lc-rs v1.17.1 (#1164)
  • e6d42b8 Prepare aws-lc-sys v0.42.0 (#1162)
  • bd7abf5 Harden GitHub Actions workflows against script injection (#1161)
  • 93b0123 Add wasm32-unknown-emscripten build and test support (#1059)
  • 7b8a0e7 feat(system-lib): auto-detect system AWS-LC from OPENSSL_* and pkg-config (#1...
  • a95c524 Prepare aws-lc-fips-sys v0.13.15 (#1158)
  • 00e016a Bump actions/checkout from 6 to 7 (#1157)
  • e7568de fix(system-lib): gate system AWS-LC on a declared minimum version (#1152)
  • dfe4525 fix(builder): select flag dialect by compiler driver mode, not target ABI (#1...
  • 26838da rsa: report specific key rejection for invalid sizes (#1153)
  • Additional commits viewable in compare view

Updates aws-lc-sys from 0.41.0 to 0.42.0

Commits
  • 741dbf5 Prepare aws-lc-rs v1.17.1 (#1164)
  • e6d42b8 Prepare aws-lc-sys v0.42.0 (#1162)
  • bd7abf5 Harden GitHub Actions workflows against script injection (#1161)
  • 93b0123 Add wasm32-unknown-emscripten build and test support (#1059)
  • 7b8a0e7 feat(system-lib): auto-detect system AWS-LC from OPENSSL_* and pkg-config (#1...
  • a95c524 Prepare aws-lc-fips-sys v0.13.15 (#1158)
  • 00e016a Bump actions/checkout from 6 to 7 (#1157)
  • e7568de fix(system-lib): gate system AWS-LC on a declared minimum version (#1152)
  • dfe4525 fix(builder): select flag dialect by compiler driver mode, not target ABI (#1...
  • 26838da rsa: report specific key rejection for invalid sizes (#1153)
  • Additional commits viewable in compare view

Updates env_logger from 0.11.10 to 0.11.11

Release notes

Sourced from env_logger's releases.

v0.11.11

[0.11.11] - 2026-06-25

Internal

  • Updated env_filter
Changelog

Sourced from env_logger's changelog.

[0.11.11] - 2026-06-25

Internal

  • Updated env_filter
Commits
  • b4d3f2b chore: Release
  • cc2b2ef chore: Release
  • 69e27d1 docs: Update changelog
  • 166880d Merge pull request #411 from epage/parse
  • 0a580d0 fix(filter): Remove 'parse' on no_std
  • 78d8ef1 Merge pull request #404 from cagatay-y/feature/filter-no_std
  • 132fe86 feat(filter): Add support for no_std environments
  • 4feafa4 refactor(env_filter): Fix unreachable pub warning
  • 92f8d8d Merge pull request #410 from rust-cli/renovate/crate-ci-typos-1.x
  • 4e57784 chore(deps): Update pre-commit hook crate-ci/typos to v1.47.0
  • Additional commits viewable in compare view

Updates hybrid-array from 0.4.12 to 0.4.13

Changelog

Sourced from hybrid-array's changelog.

0.4.13 (2026-06-27)

Added

  • ArraySize for U521 and U522 for NIST P-521 (#228)

#228: RustCrypto/hybrid-array#228

Commits

Updates jiff from 0.2.29 to 0.2.31

Changelog

Sourced from jiff's changelog.

0.2.31 (2026-06-29)

This release fixes a minor bug in tests that prevents the crate from running through standard build processes in Linux distributions downstream.

  • #594: Fix imports in recently added tests.

0.2.30 (2026-06-29)

This release fixes a safety soundness bug in Jiff's lower level printing APIs. There is also a nice performance improvement to civil::Date::weekday, which also improves downstread routines like civil::Date::nth_weekday and datetime<-->timestamp conversions in some cases.

Enhancements:

  • #591: Improve the performance of weekday calculations from Gregorian dates by 30-50%.

Bug fixes:

  • #592: Fix safety soundness bug when using a non-empty String destination buffer with lower level printing APIs inside of jiff::fmt.
Commits

Updates jiff-static from 0.2.29 to 0.2.31

Changelog

Sourced from jiff-static's changelog.

0.2.31 (2026-06-29)

This release fixes a minor bug in tests that prevents the crate from running through standard build processes in Linux distributions downstream.

  • #594: Fix imports in recently added tests.

0.2.30 (2026-06-29)

This release fixes a safety soundness bug in Jiff's lower level printing APIs. There is also a nice performance improvement to civil::Date::weekday, which also improves downstread routines like civil::Date::nth_weekday and datetime<-->timestamp conversions in some cases.

Enhancements:

  • #591: Improve the performance of weekday calculations from Gregorian dates by 30-50%.

Bug fixes:

  • #592: Fix safety soundness bug when using a non-empty String destination buffer with lower level printing APIs inside of jiff::fmt.
Commits

Updates rustls-pki-types from 1.14.1 to 1.15.0

Release notes

Sourced from rustls-pki-types's releases.

v/1.15.0

New feature: add a constructor for FipsStatus::Certified.

What's Changed

Full Changelog: rustls/pki-types@v/1.14.1...v/1.15.0

Commits

Updates vetis from 0.1.4-beta.8 to 0.1.4-beta.9

Commits

Updates xxhash-rust from 0.8.15 to 0.8.16

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…pdates

Bumps the dependencies group with 12 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [caramelo](https://github.com/ararog/caramelo) | `0.1.1-beta.2` | `0.1.1-beta.4` |
| [rand](https://github.com/rust-random/rand) | `0.10.1` | `0.10.2` |
| [vetis-smol](https://github.com/vetis-server/vetis) | `0.1.0-beta.3` | `0.1.0-beta.4` |
| [deboa](https://github.com/ararog/deboa) | `0.1.0-beta.17` | `0.1.0-beta.18` |
| [vetis-tokio](https://github.com/vetis-server/vetis) | `0.1.0-beta.3` | `0.1.0-beta.4` |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.102` | `1.0.103` |
| [aws-lc-rs](https://github.com/aws/aws-lc-rs) | `1.17.0` | `1.17.1` |
| [env_logger](https://github.com/rust-cli/env_logger) | `0.11.10` | `0.11.11` |
| [hybrid-array](https://github.com/RustCrypto/hybrid-array) | `0.4.12` | `0.4.13` |
| [jiff](https://github.com/BurntSushi/jiff) | `0.2.29` | `0.2.31` |
| [rustls-pki-types](https://github.com/rustls/pki-types) | `1.14.1` | `1.15.0` |
| [xxhash-rust](https://github.com/DoumanAsh/xxhash-rust) | `0.8.15` | `0.8.16` |



Updates `caramelo` from 0.1.1-beta.2 to 0.1.1-beta.4
- [Commits](https://github.com/ararog/caramelo/commits)

Updates `rand` from 0.10.1 to 0.10.2
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand@0.10.1...0.10.2)

Updates `vetis-smol` from 0.1.0-beta.3 to 0.1.0-beta.4
- [Commits](https://github.com/vetis-server/vetis/commits)

Updates `deboa` from 0.1.0-beta.17 to 0.1.0-beta.18
- [Release notes](https://github.com/ararog/deboa/releases)
- [Commits](https://github.com/ararog/deboa/commits)

Updates `vetis-tokio` from 0.1.0-beta.3 to 0.1.0-beta.4
- [Commits](https://github.com/vetis-server/vetis/commits)

Updates `anyhow` from 1.0.102 to 1.0.103
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.102...1.0.103)

Updates `aws-lc-rs` from 1.17.0 to 1.17.1
- [Release notes](https://github.com/aws/aws-lc-rs/releases)
- [Commits](aws/aws-lc-rs@v1.17.0...v1.17.1)

Updates `aws-lc-sys` from 0.41.0 to 0.42.0
- [Release notes](https://github.com/aws/aws-lc-rs/releases)
- [Commits](aws/aws-lc-rs@aws-lc-sys/v0.41.0...aws-lc-sys/v0.42.0)

Updates `env_logger` from 0.11.10 to 0.11.11
- [Release notes](https://github.com/rust-cli/env_logger/releases)
- [Changelog](https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md)
- [Commits](rust-cli/env_logger@v0.11.10...v0.11.11)

Updates `hybrid-array` from 0.4.12 to 0.4.13
- [Changelog](https://github.com/RustCrypto/hybrid-array/blob/master/CHANGELOG.md)
- [Commits](RustCrypto/hybrid-array@v0.4.12...v0.4.13)

Updates `jiff` from 0.2.29 to 0.2.31
- [Release notes](https://github.com/BurntSushi/jiff/releases)
- [Changelog](https://github.com/BurntSushi/jiff/blob/master/CHANGELOG.md)
- [Commits](BurntSushi/jiff@jiff-static-0.2.29...jiff-static-0.2.31)

Updates `jiff-static` from 0.2.29 to 0.2.31
- [Release notes](https://github.com/BurntSushi/jiff/releases)
- [Changelog](https://github.com/BurntSushi/jiff/blob/master/CHANGELOG.md)
- [Commits](BurntSushi/jiff@jiff-static-0.2.29...jiff-static-0.2.31)

Updates `rustls-pki-types` from 1.14.1 to 1.15.0
- [Release notes](https://github.com/rustls/pki-types/releases)
- [Commits](rustls/pki-types@v/1.14.1...v/1.15.0)

Updates `vetis` from 0.1.4-beta.8 to 0.1.4-beta.9
- [Commits](https://github.com/vetis-server/vetis/commits)

Updates `xxhash-rust` from 0.8.15 to 0.8.16
- [Commits](https://github.com/DoumanAsh/xxhash-rust/commits)

---
updated-dependencies:
- dependency-name: caramelo
  dependency-version: 0.1.1-beta.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: rand
  dependency-version: 0.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: vetis-smol
  dependency-version: 0.1.0-beta.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: deboa
  dependency-version: 0.1.0-beta.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: vetis-tokio
  dependency-version: 0.1.0-beta.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: anyhow
  dependency-version: 1.0.103
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: aws-lc-rs
  dependency-version: 1.17.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: aws-lc-sys
  dependency-version: 0.42.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: env_logger
  dependency-version: 0.11.11
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: hybrid-array
  dependency-version: 0.4.13
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: jiff
  dependency-version: 0.2.31
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: jiff-static
  dependency-version: 0.2.31
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: rustls-pki-types
  dependency-version: 1.15.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: vetis
  dependency-version: 0.1.4-beta.9
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: xxhash-rust
  dependency-version: 0.8.16
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor Author

Milestone

The specified milestone could not be found on this repository. If you view a milestone, the final part of the page URL, after milestone, is the identifier. For example: https://github.com/<org>/<repo>/milestone/3.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jul 2, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 3, 2026
@dependabot dependabot Bot deleted the dependabot/cargo/dependencies-9aa842b02f branch July 3, 2026 21:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant