Skip to content

chore(dep): bump the deps group with 9 updates #208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 3, 2025
Merged

chore(dep): bump the deps group with 9 updates #208

merged 1 commit into from
Nov 3, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 1, 2025

Bumps the deps group with 9 updates:

Package From To
tokio 1.47.1 1.48.0
clap 4.5.48 4.5.51
openssl 0.10.73 0.10.74
pyo3 0.26.0 0.27.1
toml 0.9.7 0.9.8
regex 1.11.3 1.12.2
clap_complete 4.5.58 4.5.60
unicode-width 0.2.1 0.2.2
reqwest 0.12.23 0.12.24

Updates tokio from 1.47.1 to 1.48.0

Release notes

Sourced from tokio's releases.

Tokio v1.48.0

1.48.0 (October 14th, 2025)

The MSRV is increased to 1.71.

Added

  • fs: add File::max_buf_size (#7594)
  • io: export Chain of AsyncReadExt::chain (#7599)
  • net: add SocketAddr::as_abstract_name (#7491)
  • net: add TcpStream::quickack and TcpStream::set_quickack (#7490)
  • net: implement AsRef<Self> for TcpStream and UnixStream (#7573)
  • task: add LocalKey::try_get (#7666)
  • task: implement Ord for task::Id (#7530)

Changed

  • deps: bump windows-sys to version 0.61 (#7645)
  • fs: preserve max_buf_size when cloning a File (#7593)
  • macros: suppress clippy::unwrap_in_result in #[tokio::main] (#7651)
  • net: remove PollEvented noise from Debug formats (#7675)
  • process: upgrade Command::spawn_with to use FnOnce (#7511)
  • sync: remove inner mutex in SetOnce (#7554)
  • sync: use UnsafeCell::get_mut in Mutex::get_mut and RwLock::get_mut (#7569)
  • time: reduce the generated code size of Timeout<T>::poll (#7535)

Fixed

  • macros: fix hygiene issue in join! and try_join! (#7638)
  • net: fix copy/paste errors in udp peek methods (#7604)
  • process: fix error when runtime is shut down on nightly-2025-10-12 (#7672)
  • runtime: use release ordering in wake_by_ref() even if already woken (#7622)
  • sync: close the broadcast::Sender in broadcast::Sender::new() (#7629)
  • sync: fix implementation of unused RwLock::try_* methods (#7587)

Unstable

  • tokio: use cargo features instead of --cfg flags for taskdump and io_uring (#7655, #7621)
  • fs: support io_uring in fs::write (#7567)
  • fs: support io_uring with File::open() (#7617)
  • fs: support io_uring with OpenOptions (#7321)
  • macros: add local runtime flavor (#7375, #7597)

Documented

  • io: clarify the zero capacity case of AsyncRead::poll_read (#7580)
  • io: fix typos in the docs of AsyncFd readiness guards (#7583)
  • net: clarify socket gets closed on drop (#7526)
  • net: clarify the behavior of UCred::pid() on Cygwin (#7611)
  • net: clarify the supported platform of set_reuseport() and reuseport() (#7628)

... (truncated)

Commits
  • 556820f chore: prepare Tokio v1.48.0 (#7677)
  • fd1659a chore: prepare tokio-macros v2.6.0 (#7676)
  • 53e8aca ci: update nightly version to 2025-10-12 (#7670)
  • 9e5527d process: fix error when runtime is shut down on nightly-2025-10-12 (#7672)
  • 25a24de net: remove PollEvented noise from Debug formats (#7675)
  • c1fa25f task: clarify the behavior of several spawn_local methods (#7669)
  • e7e02fc fs: use FileOptions inside fs::File to support uring (#7617)
  • f7a7f62 ci: remove cargo-deny Unicode-DFS-2016 license exception config (#7619)
  • d1f1499 tokio: use cargo feature for taskdump support instead of cfg (#7655)
  • ad6f618 runtime: clarify the behavior of Handle::block_on (#7665)
  • Additional commits viewable in compare view

Updates clap from 4.5.48 to 4.5.51

Release notes

Sourced from clap's releases.

v4.5.51

[4.5.51] - 2025-10-29

Fixes

  • (help) Correctly calculate padding for short flags that take a value
  • (help) Don't panic on short flags using ArgAction::Count

v4.5.50

[4.5.50] - 2025-10-20

Features

  • Accept Cow where String and &str are accepted
Changelog

Sourced from clap's changelog.

[4.5.51] - 2025-10-29

Fixes

  • (help) Correctly calculate padding for short flags that take a value
  • (help) Don't panic on short flags using ArgAction::Count

[4.5.50] - 2025-10-20

Features

  • Accept Cow where String and &str are accepted

[4.5.49] - 2025-10-13

Fixes

  • (help) Correctly wrap when ANSI escape codes are present
Commits
  • b49dae2 chore: Release
  • d37b0b5 docs: Update changelog
  • 3398b6a Merge pull request #6009 from gtema/complete_try_generate
  • 21fc9e4 feat(clap-complete): Introduce fallible generator
  • bd01bdc Merge pull request #6012 from epage/sub
  • ed0c63d docs(derive): Specify arg_required_else_help is set for users
  • e2188d9 chore(deps): Update Rust Stable to v1.87 (#6004)
  • e01f2b7 docs: Cleanup unused links
  • 6b12a81 chore: Release
  • 8dd92a7 docs: Update changelog
  • Additional commits viewable in compare view

Updates openssl from 0.10.73 to 0.10.74

Release notes

Sourced from openssl's releases.

openssl-v0.10.74

What's Changed

... (truncated)

Commits
  • adebeb3 Merge pull request #2500 from alex/bump-version
  • 65164e8 Release openssl v0.10.74 and openssl-sys v0.9.110
  • ff176da Merge pull request #2499 from rust-openssl/botovq-rm-libressl-3.4
  • 348f25e Remove support for LibreSSL < 3.5
  • a821988 Bump oldest libressl CI runner to 3.5.3
  • db109f7 Merge pull request #2498 from rust-openssl/botovq-libressl-4.2
  • 1ce898e Merge pull request #2497 from rust-openssl/botovq-simplify-cfg
  • 1280087 Add support for LibreSSL 4.2.0 (stable release)
  • 9b67d52 Simplify 'cfg(any(ossl102, ossl110))'
  • 8d46245 Merge pull request #2490 from rust-openssl/botovq-rm-libressl-3.3
  • Additional commits viewable in compare view

Updates pyo3 from 0.26.0 to 0.27.1

Release notes

Sourced from pyo3's releases.

PyO3 0.27.1

This release fixes a clippy lint regression in PyO3 0.27.0, and exposes the PySendResult type (the return value from Bound<PyIterator>::send).

Thank you to the following contributors for the improvements:

@​alex @​davidhewitt @​reaperhulk @​tpoliaw

PyO3 0.27.0

This release is the first PyO3 release to be tested against Python 3.14.0 final. There are no significant changes to 3.14 support since PyO3 0.26 which was tested against the 3.14 release candidates.

Support for PyPy 3.9 and PyPy 3.10 (both no longer supported upstream) has been dropped.

The FromPyObject trait has been reworked in a similar fashion to the IntoPyObject trait introduced in PyO3 0.23. This has established a performant and flexible implementation of both these traits and no further changes to the traits are anticipated in the future. Thank you for the patience upgrading through these incremental improvements at the core of PyO3.

The .downcast() family of functions are now deprecated in favour of the .cast() family of functions, which are an incremental improvement to API usability and to error messages on failed conversions.

Operations on the PyCapsule type have been changed without deprecation to fix some issues with lifetimes of return values (in .name() and .reference() specifically). The capsule API now also encourages checking of capsule names, which is one of the few defences available to protect the validity of casting data read by the capsule API.

There are also many other incremental improvements, bug fixes and smaller features.

Please consult the migration guide for help upgrading.

Thank you to everyone who contributed code, documentation, design ideas, bug reports, and feedback. The following contributors' commits are included in this release:

@​alex @​altendky @​bazaah @​bschoenmaeckers @​crepererum @​davidhewitt @​dependabot[bot] @​elbaro @​Icxolu @​jqnatividad @​mbrobbel @​NilsIrl @​rvben @​sanders41 @​tdyas @​Tpt @​vvsagar

Changelog

Sourced from pyo3's changelog.

[0.27.1] - 2025-10-21

Fixed

  • Fix clippy:declare_interior_mutable_const warning from #[pyfunction]. #5538
  • Expose pyo3::types::PySendResult in public API. #5539

[0.27.0] - 2025-10-19

Packaging

  • Extend range of supported versions of hashbrown optional dependency to include version 0.16. #5428
  • Bump optional num-bigint dependency minimum version to 0.4.4. #5471
  • Test against Python 3.14 final release. #5499
  • Drop support for PyPy 3.9 and 3.10. #5516
  • Provide a better error message when building an outdated PyO3 for a too-new Python version. #5519

Added

  • Add FromPyObjectOwned as convenient trait bound for FromPyObject when the data is not borrowed from Python. #4390
  • Add Borrowed::extract, same as PyAnyMethods::extract, but does not restrict the lifetime by deref. #4390
  • experimental-inspect: basic support for #[derive(IntoPyObject)] (no struct fields support yet). #5365
  • experimental-inspect: support #[pyo3(get, set)] and #[pyclass(get_all, set_all)]. #5370
  • Add PyTypeCheck::classinfo_object that returns an object that can be used as parameter in isinstance or issubclass. #5387
  • Implement PyTypeInfo on datetime.* types even when the limited API is enabled. #5388
  • Implement PyTypeInfo on PyIterator, PyMapping and PySequence. #5402
  • Implement PyTypeInfo on PyCode when using the stable ABI. #5403
  • Implement PyTypeInfo on PyWeakrefReference when using the stable ABI. #5404
  • Add pyo3::sync::RwLockExt trait, analogous to pyo3::sync::MutexExt for readwrite locks. #5435
  • Add PyString::from_bytes. #5437
  • Implement AsRef<[u8]> for PyBytes. #5445
  • Add CastError and CastIntoError. #5468
  • Add PyCapsuleMethods::pointer_checked and PyCapsuleMethods::is_valid_checked. #5474
  • Add Borrowed::cast, Borrowed::cast_exact and Borrowed::cast_unchecked. #5475
  • Add conversions for jiff::civil::ISOWeekDate. #5478
  • Add conversions for &Cstr, Cstring and Cow<Cstr>. #5482
  • add #[pyclass(skip_from_py_object)] option, to opt-out of the FromPyObject: PyClass + Clone blanket impl. #5488
  • Add PyErr::add_note. #5489
  • Add FromPyObject impl for Cow<Path> & Cow<OsStr>. #5497
  • Add #[pyclass(from_py_object)] pyclass option, to opt-in to the extraction of pyclasses by value (requires Clone). #5506

Changed

  • Rework FromPyObject trait for flexibility and performance: #4390
    • Add a second lifetime to FromPyObject, to allow borrowing data from Python objects (e.g. &str from Python str).
    • Replace extract_bound with extract, which takes Borrowed<'a, 'py, PyAny>.
  • Optimize FromPyObject implementations for Vec<u8> and [u8; N] from bytes and bytearray. #5244
  • Deprecate #[pyfn] attribute. #5384
  • Fetch type name dynamically on cast errors instead of using PyTypeCheck::NAME. #5387
  • Deprecate PyTypeCheck::NAME in favour of PyTypeCheck::classinfo_object which provides the type information at runtime. #5387

... (truncated)

Commits

Updates toml from 0.9.7 to 0.9.8

Commits
  • 93e9146 chore: Release
  • 7de1b4e docs: Update changelog
  • 1b579c3 feat(serde): Support integer, bools, and chars as keys (#1050)
  • ac1e077 feat(serde): Support chars as keys
  • f3dec32 feat(serde): Support bools as keys
  • 139b30a feat(serde): Support integer keys
  • 2d65a88 test(serde): Show existing key behavior
  • 80217f8 chore(deps): Update actions/checkout action to v5 (#1047)
  • b36e351 chore(deps): Update actions/checkout action to v5
  • 7d2c649 chore(deps): Update actions/setup-python action to v6 (#1048)
  • Additional commits viewable in compare view

Updates regex from 1.11.3 to 1.12.2

Changelog

Sourced from regex's changelog.

1.12.2 (2025-10-13)

This release fixes a cargo doc breakage on nightly when --cfg docsrs is enabled. This caused documentation to fail to build on docs.rs.

Bug fixes:

1.12.1 (2025-10-10)

This release makes a bug fix in the new regex::Captures::get_match API introduced in 1.12.0. There was an oversight with the lifetime parameter for the Match returned. This is technically a breaking change, but given that it was caught almost immediately and I've yanked the 1.12.0 release, I think this is fine.

1.12.0 (2025-10-10)

This release contains a smattering of bug fixes, a fix for excessive memory consumption in some cases and a new regex::Captures::get_match API.

Improvements:

Bug fixes:

Commits

Updates clap_complete from 4.5.58 to 4.5.60

Commits
  • 33d24d8 chore: Release
  • 9332409 docs: Update changelog
  • b7adce5 Merge pull request #6166 from fabalchemy/fix-dynamic-powershell-completion
  • 009bba4 fix(clap_complete): Improve powershell registration
  • d89d57d chore: Release
  • f18b67e docs: Update changelog
  • 9d218eb Merge pull request #6165 from epage/shirt
  • 126440c fix(help): Correctly calculate padding for short-only args
  • 9e3c05e test(help): Show panic with short, valueless arg
  • c9898d0 test(help): Verify short with value
  • Additional commits viewable in compare view

Updates unicode-width from 0.2.1 to 0.2.2

Commits

Updates reqwest from 0.12.23 to 0.12.24

Release notes

Sourced from reqwest's releases.

v0.12.24

Highlights

  • Refactor cookie handling to an internal middleware.
  • Refactor internal random generator.
  • Refactor base64 encoding to reduce a copy.
  • Documentation updates.

What's Changed

New Contributors

Full Changelog: seanmonstar/reqwest@v0.12.23...v0.12.24

Changelog

Sourced from reqwest's changelog.

v0.12.24

  • Refactor cookie handling to an internal middleware.
  • Refactor internal random generator.
  • Refactor base64 encoding to reduce a copy.
  • Documentation updates.
Commits
  • b126ca4 v0.12.24
  • 4023493 refactor: change fast_random from xorshift to siphash a counter
  • fd61bc9 refactor(cookie): avoid duplicate cookie insertion (#2834)
  • 0bfa526 test(multipart): fix build failure with no-default-features (#2801)
  • 994b8a0 docs: typo in retry max_retries_per_request (#2824)
  • da0702b refactor(cookie): de-duplicate cookie support as CookieService middleware (...
  • 7ebddea chore: align internal name usage of TotalTimeout (#2657)
  • b540a4e chore(readme): use correct CI status badge
  • e4550c4 docs: fix method name in changelog entry (#2807)
  • f4694a2 perf(util): avoid extra copy when base64 encoding (#2805)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(dep): bump the deps group with 9 updates
06580a7 
Bumps the deps group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [tokio](https://github.com/tokio-rs/tokio) | `1.47.1` | `1.48.0` |
| [clap](https://github.com/clap-rs/clap) | `4.5.48` | `4.5.51` |
| [openssl](https://github.com/rust-openssl/rust-openssl) | `0.10.73` | `0.10.74` |
| [pyo3](https://github.com/pyo3/pyo3) | `0.26.0` | `0.27.1` |
| [toml](https://github.com/toml-rs/toml) | `0.9.7` | `0.9.8` |
| [regex](https://github.com/rust-lang/regex) | `1.11.3` | `1.12.2` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.58` | `4.5.60` |
| [unicode-width](https://github.com/unicode-rs/unicode-width) | `0.2.1` | `0.2.2` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.12.23` | `0.12.24` |


Updates `tokio` from 1.47.1 to 1.48.0
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.47.1...tokio-1.48.0)

Updates `clap` from 4.5.48 to 4.5.51
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete-v4.5.48...clap_complete-v4.5.51)

Updates `openssl` from 0.10.73 to 0.10.74
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-v0.10.73...openssl-v0.10.74)

Updates `pyo3` from 0.26.0 to 0.27.1
- [Release notes](https://github.com/pyo3/pyo3/releases)
- [Changelog](https://github.com/PyO3/pyo3/blob/v0.27.1/CHANGELOG.md)
- [Commits](PyO3/pyo3@v0.26.0...v0.27.1)

Updates `toml` from 0.9.7 to 0.9.8
- [Commits](toml-rs/toml@toml-v0.9.7...toml-v0.9.8)

Updates `regex` from 1.11.3 to 1.12.2
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](rust-lang/regex@1.11.3...1.12.2)

Updates `clap_complete` from 4.5.58 to 4.5.60
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete-v4.5.58...clap_complete-v4.5.60)

Updates `unicode-width` from 0.2.1 to 0.2.2
- [Commits](unicode-rs/unicode-width@v0.2.1...v0.2.2)

Updates `reqwest` from 0.12.23 to 0.12.24
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.12.23...v0.12.24)

---
updated-dependencies:
- dependency-name: tokio
  dependency-version: 1.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: deps
- dependency-name: clap
  dependency-version: 4.5.51
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: deps
- dependency-name: openssl
  dependency-version: 0.10.74
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: deps
- dependency-name: pyo3
  dependency-version: 0.27.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: deps
- dependency-name: toml
  dependency-version: 0.9.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: deps
- dependency-name: regex
  dependency-version: 1.12.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: deps
- dependency-name: clap_complete
  dependency-version: 4.5.60
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: deps
- dependency-name: unicode-width
  dependency-version: 0.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: deps
- dependency-name: reqwest
  dependency-version: 0.12.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Nov 1, 2025
@clearloop clearloop merged commit 356a0cb into master Nov 3, 2025
4 checks passed
@clearloop clearloop deleted the dependabot/cargo/deps-6f2a17ddcc branch November 3, 2025 07:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@clearloop clearloop clearloop approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@clearloop