Skip to content

chore(deps)(deps): bump the rust-minor-patch group across 1 directory with 7 updates#48

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/backend/rust-minor-patch-e2117c5fb4
Open

chore(deps)(deps): bump the rust-minor-patch group across 1 directory with 7 updates#48
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/backend/rust-minor-patch-e2117c5fb4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown

Bumps the rust-minor-patch group with 7 updates in the /backend directory:

Package From To
axum 0.8.8 0.8.9
chrono 0.4.44 0.4.45
config 0.15.22 0.15.25
serde_json 1.0.149 1.0.150
tar 0.4.45 0.4.46
tokio 1.51.0 1.52.3
zip 8.5.0 8.6.0

Updates axum from 0.8.8 to 0.8.9

Release notes

Sourced from axum's releases.

axum-v0.8.9

  • added: WebSocketUpgrade::{requested_protocols, set_selected_protocol} for more flexible subprotocol selection (#3597)
  • changed: Update minimum rust version to 1.80 (#3620)
  • fixed: Set connect endpoint on correct field in MethodRouter (#3656)
  • fixed: Return specific error message when multipart body limit is exceeded (#3611)

#3597: tokio-rs/axum#3597 #3620: tokio-rs/axum#3620 #3656: tokio-rs/axum#3656 #3611: tokio-rs/axum#3611

Commits

Updates chrono from 0.4.44 to 0.4.45

Release notes

Sourced from chrono's releases.

0.4.45

What's Changed

Commits
  • 1703382 Prepare 0.4.45 release
  • 881f9ab tz_data: fix tzdata locations on Android
  • f14ead4 fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow
  • c6063e6 Update similar-asserts requirement from 1.6.1 to 2.0.0
  • 120686c Bump codecov/codecov-action from 5 to 6
  • See full diff in compare view

Updates config from 0.15.22 to 0.15.25

Changelog

Sourced from config's changelog.

[0.15.25] - 2026-06-26

Fixes

  • (ron) Support u64, and not just i64

[0.15.24] - 2026-06-16

Fixes

  • (json) Support u64, and not just i64

[0.15.23] - 2026-05-14

Fixes

  • Environment::convert_case: correctly apply casing to each key segment
Commits
  • 8fc857f chore: Release config version 0.15.25
  • cbf8542 docs: Update changelog
  • ac0ee7b fix(ron): map u64 values to ValueKind::U64 instead of lossy I64 cast (#761)
  • 55d4418 fix(ron): map u64 values to ValueKind::U64 instead of lossy I64 cast
  • 6314dde chore: Release config version 0.15.24
  • edd5da5 docs: Update changelog
  • 13c188b fix: support u64 for parse json file (#758)
  • be51260 chore(deps): Update pre-commit hook crate-ci/typos to v1.47.0 (#760)
  • 1de84e0 chore(deps): Update compatible (dev) (#759)
  • 8c27a5b chore(deps): Update pre-commit hook crate-ci/typos to v1.47.0
  • Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

Commits
  • a1ae73a Release 1.0.150
  • 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
  • 2037b63 Reject non-string enum object keys
  • 5d30df6 Resolve manual_assert_eq pedantic clippy lint
  • dc8003a Raise required compiler for preserve_order feature to 1.85
  • a42fa98 Unpin CI miri toolchain
  • 684a60e Pin CI miri to nightly-2026-02-11
  • 7c7da33 Raise required compiler to Rust 1.71
  • acf4850 Simplify Number::is_f64
  • 6b8ceab Resolve unnecessary_map_or clippy lint
  • Additional commits viewable in compare view

Updates tar from 0.4.45 to 0.4.46

Release notes

Sourced from tar's releases.

0.4.46

Security

See also GHSA-3cv2-h65g-fgmm

Other changes

New Contributors

Full Changelog: composefs/tar-rs@0.4.45...0.4.46

Commits

Updates tokio from 1.51.0 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

  • sync: fix underflow in mpsc channel len() (#8062)
  • sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
  • sync: require that an RwLock has max_readers != 0 (#8076)
  • sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

  • runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

  • io: AioSource::register_borrowed for I/O safety support (#7992)
  • net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

  • runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)
  • taskdump: add trace_with() for customized task dumps (#8025)
  • taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)
  • fs: support io_uring in AsyncRead for File (#7907)

... (truncated)

Commits

Updates zip from 8.5.0 to 8.6.0

Release notes

Sourced from zip's releases.

v8.6.0

🚀 Features

  • add compression not supported as enum error (#774)

🐛 Bug Fixes

  • allow for [u8] as filename (#775)

🚜 Refactor

  • mark ZipFlags as non-exhaustive and add test for HasZipMetadata (#777)
  • use and simplify is_dir (#776)

v8.5.1

🚜 Refactor

  • change magic finder to stack buffer (#763)
  • simplify extra field parsing (#764)
Changelog

Sourced from zip's changelog.

8.6.0 - 2026-04-25

🚀 Features

  • add compression not supported as enum error (#774)

🐛 Bug Fixes

  • allow for [u8] as filename (#775)

🚜 Refactor

  • mark ZipFlags as non-exhaustive and add test for HasZipMetadata (#777)
  • use and simplify is_dir (#776)

8.5.1 - 2026-04-06

🚜 Refactor

  • change magic finder to stack buffer (#763)
  • simplify extra field parsing (#764)
Commits
  • 771dfc5 chore: release v8.6.0 (#781)
  • 8e480cc chore(deps): update sha1 requirement from 0.10 to 0.11 (#767)
  • 2513bbe chore(deps): update aes requirement from 0.8 to 0.9 (#787)
  • 957e240 ci(deps): bump actions/cache from 5.0.4 to 5.0.5 (#786)
  • 0329d9d fix: allow for [u8] as filename (#775)
  • ddcf854 ci(deps): bump github/codeql-action from 4.35.1 to 4.35.2 (#788)
  • 42323a8 ci(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#785)
  • 901014a ci(deps): bump crate-ci/typos from 1.45.0 to 1.45.1 (#784)
  • 07702d4 feat: add compression not supported as enum error (#774)
  • 2d0c46b ci(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#783)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… with 7 updates

Bumps the rust-minor-patch group with 7 updates in the /backend directory:

| Package | From | To |
| --- | --- | --- |
| [axum](https://github.com/tokio-rs/axum) | `0.8.8` | `0.8.9` |
| [chrono](https://github.com/chronotope/chrono) | `0.4.44` | `0.4.45` |
| [config](https://github.com/rust-cli/config-rs) | `0.15.22` | `0.15.25` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.149` | `1.0.150` |
| [tar](https://github.com/composefs/tar-rs) | `0.4.45` | `0.4.46` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.51.0` | `1.52.3` |
| [zip](https://github.com/zip-rs/zip2) | `8.5.0` | `8.6.0` |



Updates `axum` from 0.8.8 to 0.8.9
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](tokio-rs/axum@axum-v0.8.8...axum-v0.8.9)

Updates `chrono` from 0.4.44 to 0.4.45
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](chronotope/chrono@v0.4.44...v0.4.45)

Updates `config` from 0.15.22 to 0.15.25
- [Changelog](https://github.com/rust-cli/config-rs/blob/main/CHANGELOG.md)
- [Commits](rust-cli/config-rs@v0.15.22...v0.15.25)

Updates `serde_json` from 1.0.149 to 1.0.150
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.149...v1.0.150)

Updates `tar` from 0.4.45 to 0.4.46
- [Release notes](https://github.com/composefs/tar-rs/releases)
- [Commits](composefs/tar-rs@0.4.45...0.4.46)

Updates `tokio` from 1.51.0 to 1.52.3
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.51.0...tokio-1.52.3)

Updates `zip` from 8.5.0 to 8.6.0
- [Release notes](https://github.com/zip-rs/zip2/releases)
- [Changelog](https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md)
- [Commits](zip-rs/zip2@v8.5.0...v8.6.0)

---
updated-dependencies:
- dependency-name: axum
  dependency-version: 0.8.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor-patch
- dependency-name: chrono
  dependency-version: 0.4.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor-patch
- dependency-name: config
  dependency-version: 0.15.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor-patch
- dependency-name: serde_json
  dependency-version: 1.0.150
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor-patch
- dependency-name: tar
  dependency-version: 0.4.46
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor-patch
- dependency-name: tokio
  dependency-version: 1.52.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-minor-patch
- dependency-name: zip
  dependency-version: 8.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants