Skip to content

chore(deps): bump the rust-dependencies group across 1 directory with 33 updates#460

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/rsworkspace/rust-dependencies-068616d900
Closed

chore(deps): bump the rust-dependencies group across 1 directory with 33 updates#460
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/rsworkspace/rust-dependencies-068616d900

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps the rust-dependencies group with 33 updates in the /rsworkspace directory:

Package From To
async-nats 0.49.0 0.49.1
bytes 1.11.1 1.12.0
buffa 0.7.0 0.8.1
buffa-types 0.7.0 0.8.1
tokio 1.52.1 1.52.3
tower-http 0.6.8 0.7.0
sqlx 0.8.6 0.9.0
serde_json 1.0.149 1.0.150
jsonschema 0.46.5 0.46.8
anyhow 1.0.102 1.0.103
moka 0.12.10 0.12.15
toml 0.8.23 1.1.2+spec-1.1.0
http 1.4.0 1.4.2
sha2 0.10.8 0.11.0
wiremock 0.6.3 0.6.5
filetime 0.2.27 0.2.29
time 0.3.47 0.3.53
uuid 1.23.1 1.23.4
hmac 0.12.1 0.13.0
jsonwebtoken 10.3.0 10.4.0
rustls-pki-types 1.14.0 1.15.0
x509-parser 0.16.0 0.18.1
data-encoding 2.10.0 2.11.0
rand_core 0.6.4 0.10.1
rcgen 0.13.2 0.14.8
testcontainers 0.27.0 0.27.3
pkcs8 0.10.2 0.11.0
trybuild 1.0.116 1.0.117
quote 1.0.45 1.0.46
syn 2.0.117 2.0.118
chrono 0.4.44 0.4.45
cron 0.15.0 0.17.0
bytesize 2.3.1 2.4.0

Updates async-nats from 0.49.0 to 0.49.1

Release notes

Sourced from async-nats's releases.

async-nats/v0.49.1

Overview

Release focusing on fixing behaviour around server connectivity.

What's Changed

Full Changelog: nats-io/nats.rs@async-nats/v0.49.0...async-nats/v0.49.1

Commits

Updates bytes from 1.11.1 to 1.12.0

Release notes

Sourced from bytes's releases.

Bytes v1.12.0

1.12.0 (June 18th, 2026)

Added

  • Add BytesMut::extend_from_within() (#818)
  • Add BytesMut::try_unsplit() (#746)

Fixed

  • Fix panic in get_int if nbytes is zero (#806)

Changed

  • Pass vtable data by value (#826)
  • Exclude development scripts from published package (#810)

Documented

  • Document that BytesMut::{reserve,try_reserve} doesn't preserve unused capacity (#808)
Changelog

Sourced from bytes's changelog.

1.12.0 (June 18th, 2026)

Added

  • Add BytesMut::extend_from_within() (#818)
  • Add BytesMut::try_unsplit() (#746)

Fixed

  • Fix panic in get_int if nbytes is zero (#806)

Changed

  • Pass vtable data by value (#826)
  • Exclude development scripts from published package (#810)

Documented

  • Document that BytesMut::{reserve,try_reserve} doesn't preserve unused capacity (#808)
Commits

Updates buffa from 0.7.0 to 0.8.1

Release notes

Sourced from buffa's releases.

v0.8.1

What's Changed

Full Changelog: anthropics/buffa@v0.8.0...v0.8.1

v0.8.0

What's Changed

... (truncated)

Changelog

Sourced from buffa's changelog.

0.8.1 - 2026-07-01

A single-fix patch release: unknown-field limit accounting for zero-copy views now matches owned conversion exactly, establishing the guarantee that a view which decodes successfully always converts to an owned message. No API changes, and regenerating code is not required — the fix lives in the runtime.

Fixed

  • Zero-copy view decoding now charges the unknown-field limit per re-materializable field — one per unknown record plus, for unknown group records, one per nested field — instead of one per coalesced span, and conversion replays under exactly the field budget and group-nesting depth recorded at decode time (previously a fixed recursion limit, which could reject deep unknown groups decoded under a raised with_recursion_limit). Decode-time accounting now matches what to_owned_message re-materializes, which gives views a guarantee: a view produced by decode_view always converts via to_owned_message without error (the Result remains for hand-written impls and push_raw-built views). Behavioral tightening: payloads whose unknown-field count exceeds the limit but previously slipped through view decode via span coalescing — e.g. a ~2 MiB run of >1M contiguous 2-byte unknown records under the default limit, or an unknown group with more nested fields than the limit — now fail at view decode with UnknownFieldLimitExceeded. Consumers that converted such views already got this error at conversion; view-only consumers that re-encoded such payloads without converting (e.g. a zero-copy passthrough proxy) now see it at decode — raise the bound with DecodeOptions::with_unknown_field_limit if such payloads are trusted and expected. The accounting lives in the runtime (UnknownFieldsView::push_record), so previously generated code is fixed without regeneration. (#266)

[0.8.0] - 2026-06-25

The headline of this release is that the owned representation of every field kind is now pluggable end to end: string, bytes, repeated, singular message, and map fields each accept a crate-local type via a small from_wire-style trait (ProtoString, ProtoBytes, ProtoList, ProtoBox, MapStorage), so an inline-string or small-vector representation can avoid the per-field heap allocation without giving up the generated codec. Alongside that, UTF-8 validation on the decode path now defaults to smoothutf8 with the slack-buffer fast path — view decode is +15–22% on the string-heavy benchmark messages — and an opt-in FooLazyView family lets a caller decode a few fields of a large message without recursing into untouched sub-trees. There are eight breaking changes, all on the trait surface or generated-code shape; regenerate code with the matching buffa-codegen, then the convenience entry points (decode, decode_from_slice, merge_from_slice, DecodeOptions) are unchanged.

... (truncated)

Commits
  • a7c47f1 release: v0.8.1 (#267)
  • 3e72fbb release: v0.8.0 (#242)
  • e5a95d7 decode: validate string fields with smoothutf8 (default-on fast-utf8 feature)...
  • 3c65020 view: HasMessageView::decode_view default; MessageField::unwrap/expect (#240)
  • 2de1264 Avoid quadratic extension JSON dedup (#237)
  • 6d1d1a4 DecodeOptions: add explicit unbounded reader option (#236)
  • f0ca1ca Make plugin option parsing strict (#235)
  • 0e7f280 Fix extern_path refs to use deconflicted nested module names (#233)
  • 48b59c7 benchmarks: fair-profile cross-impl comparison on bare metal (#227)
  • f7199f9 Add diagnostic hints to custom-type traits (#213) (#229)
  • Additional commits viewable in compare view

Updates buffa-types from 0.7.0 to 0.8.1

Release notes

Sourced from buffa-types's releases.

v0.8.1

What's Changed

Full Changelog: anthropics/buffa@v0.8.0...v0.8.1

v0.8.0

What's Changed

... (truncated)

Changelog

Sourced from buffa-types's changelog.

0.8.1 - 2026-07-01

A single-fix patch release: unknown-field limit accounting for zero-copy views now matches owned conversion exactly, establishing the guarantee that a view which decodes successfully always converts to an owned message. No API changes, and regenerating code is not required — the fix lives in the runtime.

Fixed

  • Zero-copy view decoding now charges the unknown-field limit per re-materializable field — one per unknown record plus, for unknown group records, one per nested field — instead of one per coalesced span, and conversion replays under exactly the field budget and group-nesting depth recorded at decode time (previously a fixed recursion limit, which could reject deep unknown groups decoded under a raised with_recursion_limit). Decode-time accounting now matches what to_owned_message re-materializes, which gives views a guarantee: a view produced by decode_view always converts via to_owned_message without error (the Result remains for hand-written impls and push_raw-built views). Behavioral tightening: payloads whose unknown-field count exceeds the limit but previously slipped through view decode via span coalescing — e.g. a ~2 MiB run of >1M contiguous 2-byte unknown records under the default limit, or an unknown group with more nested fields than the limit — now fail at view decode with UnknownFieldLimitExceeded. Consumers that converted such views already got this error at conversion; view-only consumers that re-encoded such payloads without converting (e.g. a zero-copy passthrough proxy) now see it at decode — raise the bound with DecodeOptions::with_unknown_field_limit if such payloads are trusted and expected. The accounting lives in the runtime (UnknownFieldsView::push_record), so previously generated code is fixed without regeneration. (#266)

[0.8.0] - 2026-06-25

The headline of this release is that the owned representation of every field kind is now pluggable end to end: string, bytes, repeated, singular message, and map fields each accept a crate-local type via a small from_wire-style trait (ProtoString, ProtoBytes, ProtoList, ProtoBox, MapStorage), so an inline-string or small-vector representation can avoid the per-field heap allocation without giving up the generated codec. Alongside that, UTF-8 validation on the decode path now defaults to smoothutf8 with the slack-buffer fast path — view decode is +15–22% on the string-heavy benchmark messages — and an opt-in FooLazyView family lets a caller decode a few fields of a large message without recursing into untouched sub-trees. There are eight breaking changes, all on the trait surface or generated-code shape; regenerate code with the matching buffa-codegen, then the convenience entry points (decode, decode_from_slice, merge_from_slice, DecodeOptions) are unchanged.

... (truncated)

Commits
  • a7c47f1 release: v0.8.1 (#267)
  • 3e72fbb release: v0.8.0 (#242)
  • e5a95d7 decode: validate string fields with smoothutf8 (default-on fast-utf8 feature)...
  • 3c65020 view: HasMessageView::decode_view default; MessageField::unwrap/expect (#240)
  • 2de1264 Avoid quadratic extension JSON dedup (#237)
  • 6d1d1a4 DecodeOptions: add explicit unbounded reader option (#236)
  • f0ca1ca Make plugin option parsing strict (#235)
  • 0e7f280 Fix extern_path refs to use deconflicted nested module names (#233)
  • 48b59c7 benchmarks: fair-profile cross-impl comparison on bare metal (#227)
  • f7199f9 Add diagnostic hints to custom-type traits (#213) (#229)
  • Additional commits viewable in compare view

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

  • sync: fix underflow in mpsc channel len() (#8062)
  • sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
  • sync: require that an RwLock has max_readers != 0 (#8076)
  • sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

Updates tower-http from 0.6.8 to 0.7.0

Release notes

Sourced from tower-http's releases.

tower-http-0.7.0

Changes since 0.6.11

Added

  • csrf: add cross-site request forgery (CSRF) protection middleware, porting the cross-origin protection scheme introduced in Go 1.25 (#699)

    use tower::ServiceBuilder;
    use tower_http::csrf::CsrfLayer;
    // Rejects cross-origin state-changing requests using Sec-Fetch-Site,
    // an Origin allow-list, and an Origin/Host fallback. No per-request
    // token state required.
    let layer = CsrfLayer::new().add_trusted_origin("https://example.com")?;
    let service = ServiceBuilder::new().layer(layer).service_fn(handler);

  • timeout: add DeadlineBody for non-resetting body timeouts, applied via the new RequestBodyDeadlineLayer and ResponseBodyDeadlineLayer (#688)

    Unlike TimeoutBody, which resets its deadline on every frame, DeadlineBody caps the total time of a body transfer. A slow client trickling one byte at a time never trips an idle timeout but will trip a deadline.

    use std::time::Duration;
    use tower::ServiceBuilder;
    use tower_http::timeout::RequestBodyDeadlineLayer;
    // Abort the request body transfer after 30s total, regardless of how
    // frequently data arrives.
    let service = ServiceBuilder::new()
    .layer(RequestBodyDeadlineLayer::new(Duration::from_secs(30)))
    .service_fn(handler);

  • fs: add strong ETag support to ServeDir, including If-Match and If-None-Match precondition handling per RFC 9110. 304 Not Modified responses now carry the ETag and Last-Modified validators (#691)

  • fs: add a Backend trait to make ServeDir work with non-filesystem sources (e.g. embedded assets or object storage). The default TokioBackend preserves existing behavior. Use ServeDir::with_backend() to plug in custom implementations (#684)

    use tower_http::services::fs::ServeDir;
    // MyBackend implements tower_http::services::fs::Backend.
    // The default ServeDir::new() continues to use TokioBackend (local FS).
    let service = ServeDir::with_backend("assets", MyBackend::new());

  • fs: add html_as_default_extension option to ServeDir, appending .html when the request path has no extension (#519)

  • fs: add redirect_path_prefix option to ServeDir, prepending a prefix on trailing-slash redirects so the service can be mounted under a sub-path (#486)

  • validate-request: add ValidateRequestHeaderLayer::has_header_value() to reject requests when a header does not have an expected value (#360)

  • body: UnsyncBoxBody::new() constructor and From<ServeFileSystemResponseBody> conversion to avoid double-boxing when combining ServeDir responses with other body types (#537)

  • limit: implement Default for limit::ResponseBody when the wrapped body also implements Default (#679)

Changed

... (truncated)

Commits
  • b194fcf v0.7.0
  • af828a6 feat(follow_redirect)!: preserve request extensions across redirects (#706)
  • 8cb8d99 feat(ValidateRequestHeaderLayer): add has_header("...").with_value("...") fun...
  • 3b56d2d feat!: Add configurable Backend trait for ServeDir, bump MSRV 1.65 (#684)
  • 8508716 Add redirect_path_prefix option (#486)
  • 56327b2 Add Windows drive-prefix path regression test (#705)
  • 54c6db8 feat(compression)!: upgrade SizeAbove threshold from u16 to u64 (#704)
  • 68cd6d8 Add DeadlineBody for non-resetting body timeouts (#688)
  • fa8a98c feat(fs): add strong ETag support to ServeDir (#691)
  • 36d2205 fix: Make SetMultiple*Header Clone for !Clone http bodies (#703)
  • Additional commits viewable in compare view

Updates sqlx from 0.8.6 to 0.9.0

Changelog

Sourced from sqlx's changelog.

0.9.0 - 2026-05-06

Important Announcements

New Github Organization

Shortly after this release is published, the SQLx repository will be transferred to a new GitHub organization: https://github.com/transact-rs/

This is because SQLx has not been owned or maintained by LaunchBadge, LLC. for a few years now, and has since been informally transferred to the collective ownership of its principal authors. Moving the repository to a new organization makes this change more clear, and also allows for potentially inviting outside collaborators.

Cargo.lock Removed from Tracking

The Cargo.lock has been removed from tracking in Git. CI should now always test with the latest versions of all dependencies by default, alongside our pass that checks with cargo generate-lockfile -Z minimal-versions.

This should eliminate the need for any PRs that update dependencies to also update Cargo.lock or contend with an endless stream of merge conflicts against it.

N.B. cargo install --locked sqlx-cli will no longer work. However, cargo install sqlx-cli has always used the latest dependencies by default, ignoring the lockfile, so most users should not be affected. For users requiring reproducible builds, consider maintaining your own lockfile instead; historically, we only ran cargo update sporadically, so relying on SQLx's lockfile offered few guarantees anyway.

See [the manual page for cargo install][man-cargo-install] for details.

Breaking

As per our MSRV policy, the supported Rust version for this release cycle is 1.94.0.

  • [#3383]: feat: create sqlx.toml format [[@​abonander]]
    • SQLx and sqlx-cli now support per-crate configuration files (sqlx.toml)
    • New functionality includes, but is not limited to:
      • Rename DATABASE_URL for a crate (for multi-database workspaces)
      • Set global type overrides for the macros (supporting custom types)
      • Rename or relocate the _sqlx_migrations table (for multiple crates using the same database)
      • Set characters to ignore when hashing migrations (e.g. ignore whitespace)
    • More to be implemented in future releases.
    • Enable feature sqlx-toml to use.
      • sqlx-cli has it enabled by default, but sqlx does not.
      • Default features of library crates can be hard to completely turn off because of [feature unification], so it's better to keep the default feature set as limited as possible. [This is something we learned the hard way.][preferred-crates]
    • Guide: see sqlx::_config module in documentation.
    • Reference: [Link]
    • Examples (written for Postgres but can be adapted to other databases; PRs welcome!):
      • Multiple databases using DATABASE_URL renaming and global type overrides: [Link]
      • Multi-tenant database using _sqlx_migrations renaming and multiple schemas: [Link]
      • Force use of chrono when time is enabled (e.g. when using tower-sessions-sqlx-store): [[Link][preferred-crates]]
        • Forcing bigdecimal when rust_decimal is enabled is also shown, but problems with chrono/time are more common.

... (truncated)

Commits
  • 75bc048 Release 0.9.0 (#4256)
  • 6956cef Prefer to give real data to .bind() in README.md (#4257)
  • 45ba990 Add the possibility to skip migrations (#3846)
  • 66533fa Ensure Deterministic Migration Order (#4136)
  • db47fe3 ci: check direct minimal versions (#4173)
  • 9ecb76d Unescape PostgreSQL passfile password (#3993)
  • c0a3218 breaking(any+mysql): correctly convert text and blob types to AnyTypeInfo (...
  • d82b781 test(sqlite): add regression test for ORDER BY + LIMIT nullability (#4223)
  • b77ba16 chore: update to axum 0.8 (#4253)
  • c0ec9c0 fix(tls): potential deadlock in StdSocket::poll_ready() (#4251)
  • Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

Commits
  • a1ae73a Release 1.0.150
  • 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
  • 2037b63 Reject non-string enum object keys
  • 5d30df6 Resolve manual_assert_eq pedantic clippy lint
  • dc8003a Raise required compiler for preserve_order feature to 1.85
  • a42fa98 Unpin CI miri toolchain
  • 684a60e Pin CI miri to nightly-2026-02-11
  • 7c7da33 Raise required compiler to Rust 1.71
  • acf4850 Simplify Number::is_f64
  • 6b8ceab Resolve unnecessary_map_or clippy lint
  • Additional commits viewable in compare view

Updates jsonschema from 0.46.5 to 0.46.8

Release notes

Sourced from jsonsch...

Description has been truncated

… 33 updates

Bumps the rust-dependencies group with 33 updates in the /rsworkspace directory:

| Package | From | To |
| --- | --- | --- |
| [async-nats](https://github.com/nats-io/nats.rs) | `0.49.0` | `0.49.1` |
| [bytes](https://github.com/tokio-rs/bytes) | `1.11.1` | `1.12.0` |
| [buffa](https://github.com/anthropics/buffa) | `0.7.0` | `0.8.1` |
| [buffa-types](https://github.com/anthropics/buffa) | `0.7.0` | `0.8.1` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.52.1` | `1.52.3` |
| [tower-http](https://github.com/tower-rs/tower-http) | `0.6.8` | `0.7.0` |
| [sqlx](https://github.com/launchbadge/sqlx) | `0.8.6` | `0.9.0` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.149` | `1.0.150` |
| [jsonschema](https://github.com/Stranger6667/jsonschema) | `0.46.5` | `0.46.8` |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.102` | `1.0.103` |
| [moka](https://github.com/moka-rs/moka) | `0.12.10` | `0.12.15` |
| [toml](https://github.com/toml-rs/toml) | `0.8.23` | `1.1.2+spec-1.1.0` |
| [http](https://github.com/hyperium/http) | `1.4.0` | `1.4.2` |
| [sha2](https://github.com/RustCrypto/hashes) | `0.10.8` | `0.11.0` |
| [wiremock](https://github.com/LukeMathWalker/wiremock-rs) | `0.6.3` | `0.6.5` |
| [filetime](https://github.com/alexcrichton/filetime) | `0.2.27` | `0.2.29` |
| [time](https://github.com/time-rs/time) | `0.3.47` | `0.3.53` |
| [uuid](https://github.com/uuid-rs/uuid) | `1.23.1` | `1.23.4` |
| [hmac](https://github.com/RustCrypto/MACs) | `0.12.1` | `0.13.0` |
| [jsonwebtoken](https://github.com/Keats/jsonwebtoken) | `10.3.0` | `10.4.0` |
| [rustls-pki-types](https://github.com/rustls/pki-types) | `1.14.0` | `1.15.0` |
| [x509-parser](https://github.com/rusticata/x509-parser) | `0.16.0` | `0.18.1` |
| [data-encoding](https://github.com/ia0/data-encoding) | `2.10.0` | `2.11.0` |
| [rand_core](https://github.com/rust-random/rand_core) | `0.6.4` | `0.10.1` |
| [rcgen](https://github.com/rustls/rcgen) | `0.13.2` | `0.14.8` |
| [testcontainers](https://github.com/testcontainers/testcontainers-rs) | `0.27.0` | `0.27.3` |
| [pkcs8](https://github.com/RustCrypto/formats) | `0.10.2` | `0.11.0` |
| [trybuild](https://github.com/dtolnay/trybuild) | `1.0.116` | `1.0.117` |
| [quote](https://github.com/dtolnay/quote) | `1.0.45` | `1.0.46` |
| [syn](https://github.com/dtolnay/syn) | `2.0.117` | `2.0.118` |
| [chrono](https://github.com/chronotope/chrono) | `0.4.44` | `0.4.45` |
| [cron](https://github.com/zslayton/cron) | `0.15.0` | `0.17.0` |
| [bytesize](https://github.com/bytesize-rs/bytesize) | `2.3.1` | `2.4.0` |



Updates `async-nats` from 0.49.0 to 0.49.1
- [Release notes](https://github.com/nats-io/nats.rs/releases)
- [Commits](nats-io/nats.rs@async-nats/v0.49.0...async-nats/v0.49.1)

Updates `bytes` from 1.11.1 to 1.12.0
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.11.1...v1.12.0)

Updates `buffa` from 0.7.0 to 0.8.1
- [Release notes](https://github.com/anthropics/buffa/releases)
- [Changelog](https://github.com/anthropics/buffa/blob/main/CHANGELOG.md)
- [Commits](anthropics/buffa@v0.7.0...v0.8.1)

Updates `buffa-types` from 0.7.0 to 0.8.1
- [Release notes](https://github.com/anthropics/buffa/releases)
- [Changelog](https://github.com/anthropics/buffa/blob/main/CHANGELOG.md)
- [Commits](anthropics/buffa@v0.7.0...v0.8.1)

Updates `tokio` from 1.52.1 to 1.52.3
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.52.1...tokio-1.52.3)

Updates `tower-http` from 0.6.8 to 0.7.0
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](tower-rs/tower-http@tower-http-0.6.8...tower-http-0.7.0)

Updates `sqlx` from 0.8.6 to 0.9.0
- [Changelog](https://github.com/transact-rs/sqlx/blob/main/CHANGELOG.md)
- [Commits](transact-rs/sqlx@v0.8.6...v0.9.0)

Updates `serde_json` from 1.0.149 to 1.0.150
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.149...v1.0.150)

Updates `jsonschema` from 0.46.5 to 0.46.8
- [Release notes](https://github.com/Stranger6667/jsonschema/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md)
- [Commits](Stranger6667/jsonschema@cli-v0.46.5...ruby-v0.46.8)

Updates `anyhow` from 1.0.102 to 1.0.103
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.102...1.0.103)

Updates `moka` from 0.12.10 to 0.12.15
- [Release notes](https://github.com/moka-rs/moka/releases)
- [Changelog](https://github.com/moka-rs/moka/blob/main/CHANGELOG.md)
- [Commits](moka-rs/moka@v0.12.10...v0.12.15)

Updates `toml` from 0.8.23 to 1.1.2+spec-1.1.0
- [Commits](toml-rs/toml@toml-v0.8.23...toml-v1.1.2)

Updates `http` from 1.4.0 to 1.4.2
- [Release notes](https://github.com/hyperium/http/releases)
- [Changelog](https://github.com/hyperium/http/blob/master/CHANGELOG.md)
- [Commits](hyperium/http@v1.4.0...v1.4.2)

Updates `sha2` from 0.10.8 to 0.11.0
- [Commits](RustCrypto/hashes@sha2-v0.10.8...sha2-v0.11.0)

Updates `wiremock` from 0.6.3 to 0.6.5
- [Changelog](https://github.com/LukeMathWalker/wiremock-rs/blob/main/CHANGELOG.md)
- [Commits](LukeMathWalker/wiremock-rs@v0.6.3...v0.6.5)

Updates `filetime` from 0.2.27 to 0.2.29
- [Commits](alexcrichton/filetime@0.2.27...0.2.29)

Updates `time` from 0.3.47 to 0.3.53
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](time-rs/time@v0.3.47...v0.3.53)

Updates `uuid` from 1.23.1 to 1.23.4
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](uuid-rs/uuid@v1.23.1...v1.23.4)

Updates `hmac` from 0.12.1 to 0.13.0
- [Commits](RustCrypto/MACs@hmac-v0.12.1...hmac-v0.13.0)

Updates `jsonwebtoken` from 10.3.0 to 10.4.0
- [Changelog](https://github.com/Keats/jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](Keats/jsonwebtoken@v10.3.0...v10.4.0)

Updates `rustls-pki-types` from 1.14.0 to 1.15.0
- [Release notes](https://github.com/rustls/pki-types/releases)
- [Commits](rustls/pki-types@v/1.14.0...v/1.15.0)

Updates `x509-parser` from 0.16.0 to 0.18.1
- [Changelog](https://github.com/rusticata/x509-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rusticata/x509-parser/commits)

Updates `data-encoding` from 2.10.0 to 2.11.0
- [Commits](ia0/data-encoding@v2.10.0...v2.11.0)

Updates `rand_core` from 0.6.4 to 0.10.1
- [Release notes](https://github.com/rust-random/rand_core/releases)
- [Changelog](https://github.com/rust-random/rand_core/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand_core@v0.6.4...v0.10.1)

Updates `rcgen` from 0.13.2 to 0.14.8
- [Release notes](https://github.com/rustls/rcgen/releases)
- [Commits](rustls/rcgen@v0.13.2...v0.14.8)

Updates `testcontainers` from 0.27.0 to 0.27.3
- [Release notes](https://github.com/testcontainers/testcontainers-rs/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-rs/blob/main/CHANGELOG.md)
- [Commits](testcontainers/testcontainers-rs@0.27.0...0.27.3)

Updates `pkcs8` from 0.10.2 to 0.11.0
- [Commits](RustCrypto/formats@pkcs8/v0.10.2...pkcs8/v0.11.0)

Updates `trybuild` from 1.0.116 to 1.0.117
- [Release notes](https://github.com/dtolnay/trybuild/releases)
- [Commits](dtolnay/trybuild@1.0.116...1.0.117)

Updates `quote` from 1.0.45 to 1.0.46
- [Release notes](https://github.com/dtolnay/quote/releases)
- [Commits](dtolnay/quote@1.0.45...1.0.46)

Updates `syn` from 2.0.117 to 2.0.118
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](dtolnay/syn@2.0.117...2.0.118)

Updates `chrono` from 0.4.44 to 0.4.45
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](chronotope/chrono@v0.4.44...v0.4.45)

Updates `cron` from 0.15.0 to 0.17.0
- [Release notes](https://github.com/zslayton/cron/releases)
- [Commits](https://github.com/zslayton/cron/commits)

Updates `bytesize` from 2.3.1 to 2.4.0
- [Release notes](https://github.com/bytesize-rs/bytesize/releases)
- [Changelog](https://github.com/bytesize-rs/bytesize/blob/master/CHANGELOG.md)
- [Commits](bytesize-rs/bytesize@bytesize-v2.3.1...bytesize-v2.4.0)

---
updated-dependencies:
- dependency-name: async-nats
  dependency-version: 0.49.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: bytes
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: buffa
  dependency-version: 0.8.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: buffa-types
  dependency-version: 0.8.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: tokio
  dependency-version: 1.52.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: tower-http
  dependency-version: 0.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: sqlx
  dependency-version: 0.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: serde_json
  dependency-version: 1.0.150
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: jsonschema
  dependency-version: 0.46.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: anyhow
  dependency-version: 1.0.103
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: moka
  dependency-version: 0.12.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: toml
  dependency-version: 1.1.2+spec-1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: rust-dependencies
- dependency-name: http
  dependency-version: 1.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: sha2
  dependency-version: 0.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: wiremock
  dependency-version: 0.6.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: filetime
  dependency-version: 0.2.29
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: time
  dependency-version: 0.3.53
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: uuid
  dependency-version: 1.23.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: hmac
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: jsonwebtoken
  dependency-version: 10.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: rustls-pki-types
  dependency-version: 1.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: x509-parser
  dependency-version: 0.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: data-encoding
  dependency-version: 2.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: rand_core
  dependency-version: 0.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: rcgen
  dependency-version: 0.14.8
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: testcontainers
  dependency-version: 0.27.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: pkcs8
  dependency-version: 0.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: trybuild
  dependency-version: 1.0.117
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: quote
  dependency-version: 1.0.46
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: syn
  dependency-version: 2.0.118
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: chrono
  dependency-version: 0.4.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: cron
  dependency-version: 0.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: bytesize
  dependency-version: 2.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jul 2, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 3, 2026
@dependabot dependabot Bot deleted the dependabot/cargo/rsworkspace/rust-dependencies-068616d900 branch July 3, 2026 05:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants