Skip to content

chore(deps): bump the all-minor-patches group across 1 directory with 8 updates#91

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/all-minor-patches-c1d344ddc7
Open

chore(deps): bump the all-minor-patches group across 1 directory with 8 updates#91
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/all-minor-patches-c1d344ddc7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps the all-minor-patches group with 8 updates in the / directory:

Package From To
rustc-hash 2.1.2 2.1.3
serde_json 1.0.149 1.0.150
regex 1.12.3 1.13.0
reqwest 0.13.3 0.13.4
open 5.3.4 5.3.6
rand 0.10.1 0.10.2
tar 0.4.45 0.4.46
rust-embed 8.11.0 8.12.0

Updates rustc-hash from 2.1.2 to 2.1.3

Changelog

Sourced from rustc-hash's changelog.

2.1.3

Commits

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

Commits
  • a1ae73a Release 1.0.150
  • 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
  • 2037b63 Reject non-string enum object keys
  • 5d30df6 Resolve manual_assert_eq pedantic clippy lint
  • dc8003a Raise required compiler for preserve_order feature to 1.85
  • a42fa98 Unpin CI miri toolchain
  • 684a60e Pin CI miri to nightly-2026-02-11
  • 7c7da33 Raise required compiler to Rust 1.71
  • acf4850 Simplify Number::is_f64
  • 6b8ceab Resolve unnecessary_map_or clippy lint
  • Additional commits viewable in compare view

Updates regex from 1.12.3 to 1.13.0

Changelog

Sourced from regex's changelog.

1.13.0 (2026-07-09)

This release includes a new API, a regex! macro, for lazy compilation of a regex from a string literal. If you use regexes a lot, it's likely you've already written one exactly like it. The new macro can be used like this:

use regex::regex;
fn is_match(line: &str) -> bool {
// The regex will be compiled approximately once and reused automatically.
// This avoids the footgun of using Regex::new here, which would
// guarantee that it would be compiled every time this routine is called.
// This would likely make this routine much slower than it needs to be.
regex!(r"bar|baz").is_match(line)
}
let hay = "
path/to/foo:54:Blue Harvest
path/to/bar:90:Something, Something, Something, Dark Side
path/to/baz:3:It's a Trap!
";
let matches = hay.lines().filter(|line| is_match(line)).count();
assert_eq!(matches, 2);

Improvements:

  • #709: Add a new regex! macro for efficient and automatic reuse of a compiled regex.

1.12.4 (2026-06-09)

This release includes a performance optimization for compilation of regexes with very large character classes.

Improvements:

  • #1308: Avoid re-canonicalizing the entire interval set when pushing new class ranges.
Commits
  • 926af2e 1.13.0
  • 7d941a9 regex-automata-0.4.15
  • e358341 api: add regex! macro for lazy compilation
  • c420333 automata: disable miri on a couple doc tests
  • b9d2cf7 github: add FUNDING link
  • 0858006 docs: add AI policy for contributors
  • 468fc64 automata: reject dense DFA start states that are match states
  • 7b96fdc 1.12.4
  • 7b89cf0 deps: update to regex-syntax 0.8.11
  • 1401679 regex-syntax-0.8.11
  • Additional commits viewable in compare view

Updates reqwest from 0.13.3 to 0.13.4

Release notes

Sourced from reqwest's releases.

v0.13.4

tl;dr

  • Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.
  • Add ClientBuilder::http2_keep_alive_* options for the blocking client.
  • Add TLS 1.3 support when using native-tls backend.
  • Fix redirect handling to strip sensitive headers when the scheme changes.
  • Fix HTTP/3 happy-eyeball connection creation.
  • Upgrade hickory-resolver to 0.26.

What's Changed

New Contributors

Full Changelog: seanmonstar/reqwest@v0.13.3...v0.13.4

Changelog

Sourced from reqwest's changelog.

v0.13.4

  • Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.
  • Add ClientBuilder::http2_keep_alive_* options for the blocking client.
  • Add TLS 1.3 support when using native-tls backend.
  • Fix redirect handling to strip sensitive headers when the scheme changes.
  • Fix HTTP/3 happy-eyeball connection creation.
  • Upgrade hickory-resolver to 0.26.
Commits
  • 11489b3 v0.13.4
  • d31ffbb feat: Expose HTTP2 keep alive configurations in blocking client (#3043)
  • 79ed0d7 feat: support TLS 1.3 as min version under native-tls 🎉 (#2975)
  • fb7bf6a fix: remove unwrap in hickory initialization (#3041)
  • 3da616f fix: update hickory-resolver to 0.26 and adjust code accordingly (#3040)
  • c77e7b2 fix(http3): use happy eyeballs for h3 connect (#3030)
  • 9cbb65b chore: clean up minimal-versions CI job (#3039)
  • 17a7dc5 chore: upgrade MSRV to 1.85 (#3038)
  • 03db63a fix(redirect): strip sensitive headers on scheme change across redirects (#3034)
  • 4b813a8 feat: add tls_sslkeylogfile builder method (#2923)
  • Additional commits viewable in compare view

Updates open from 5.3.4 to 5.3.6

Release notes

Sourced from open's releases.

v5.3.6

Bug Fixes

  • use PowerShell instead of wslview on WSL WSL users reported that wslu's wslview is discontinued and unavailable in some package managers. The regression tests cover the WSL command builder and initially failed because the first generated command was still wslview.

    Build the WSL opener as a PowerShell Start-Process -FilePath script argument with the target quoted as data, then retain the xdg-open, gio, gnome-open, and kde-open fallbacks. Update the user-facing docs and keep the WSL command builder testable from host builds without adding dev-dependencies.

Commit Statistics

  • 2 commits contributed to the release.
  • 48 days passed between releases.
  • 1 commit was understood as conventional.
  • 1 unique issue was worked on: #122

Commit Details

  • #122
    • Use PowerShell instead of wslview on WSL (44d1d41)
  • Uncategorized
    • Merge pull request #123 from Byron/avoid-wslview (41c4cf0)

v5.3.5

Bug Fixes

  • delegate to winebrowser under Wine When running a Windows-targeted binary under Wine, open requests previously fell back to Wine's bundled explorer.exe, which lacks proper host desktop integration.

    This change detects the Wine environment at runtime (via WINEPREFIX, WINELOADER, or WINEDEBUG) and prepends a winebrowser command to the launcher list. winebrowser is Wine's official utility for forwarding file/URL requests to the host OS's default handler (e.g., xdg-open on Linux, open on macOS).

    If winebrowser is unavailable or fails, the existing cmd /c start fallback is used automatically, preserving backward compatibility. No public API changes or compile-time flags are introduced.

Commit Statistics

  • 3 commits contributed to the release.
  • 22 days passed between releases.
  • 1 commit was understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

... (truncated)

Changelog

Sourced from open's changelog.

5.3.6 (2026-06-29)

Bug Fixes

  • use PowerShell instead of wslview on WSL WSL users reported that wslu's wslview is discontinued and unavailable in some package managers. The regression tests cover the WSL command builder and initially failed because the first generated command was still wslview.

    Build the WSL opener as a PowerShell Start-Process -FilePath script argument with the target quoted as data, then retain the xdg-open, gio, gnome-open, and kde-open fallbacks. Update the user-facing docs and keep the WSL command builder testable from host builds without adding dev-dependencies.

Commit Statistics

  • 2 commits contributed to the release.
  • 48 days passed between releases.
  • 1 commit was understood as conventional.
  • 1 unique issue was worked on: #122

Commit Details

  • #122
    • Use PowerShell instead of wslview on WSL (44d1d41)
  • Uncategorized
    • Merge pull request #123 from Byron/avoid-wslview (41c4cf0)

5.3.5 (2026-05-12)

Bug Fixes

  • delegate to winebrowser under Wine When running a Windows-targeted binary under Wine, open requests previously fell back to Wine's bundled explorer.exe, which lacks proper host desktop integration.

    This change detects the Wine environment at runtime (via WINEPREFIX, WINELOADER, or WINEDEBUG) and prepends a winebrowser command to the launcher list. winebrowser is Wine's official utility for forwarding file/URL requests to the host OS's default handler (e.g., xdg-open on Linux, open on macOS).

    If winebrowser is unavailable or fails, the existing cmd /c start fallback is used automatically, preserving backward compatibility. No public API changes or compile-time flags are introduced.

Commit Statistics

... (truncated)

Commits

Updates rand from 0.10.1 to 0.10.2

Changelog

Sourced from rand's changelog.

[0.10.2] — 2026-07-02

Fixes

  • Fix possible memory safety violation due to deserialization of UniformChar from bad source (#1790)

Changes

  • Document required output order of fn partial_shuffle and apply #[must_use] (#1769)
  • Avoid usage of unsafe in contexts where non-local memory corruption could invalidate contract (#1791)

#1769: rust-random/rand#1769 #1790: rust-random/rand#1790 #1791: rust-random/rand#1791

Commits

Updates tar from 0.4.45 to 0.4.46

Release notes

Sourced from tar's releases.

0.4.46

Security

See also GHSA-3cv2-h65g-fgmm

Other changes

New Contributors

Full Changelog: composefs/tar-rs@0.4.45...0.4.46

Commits

Updates rust-embed from 8.11.0 to 8.12.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… 8 updates

Bumps the all-minor-patches group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [rustc-hash](https://github.com/rust-lang/rustc-hash) | `2.1.2` | `2.1.3` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.149` | `1.0.150` |
| [regex](https://github.com/rust-lang/regex) | `1.12.3` | `1.13.0` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.13.3` | `0.13.4` |
| [open](https://github.com/Byron/open-rs) | `5.3.4` | `5.3.6` |
| [rand](https://github.com/rust-random/rand) | `0.10.1` | `0.10.2` |
| [tar](https://github.com/composefs/tar-rs) | `0.4.45` | `0.4.46` |
| rust-embed | `8.11.0` | `8.12.0` |



Updates `rustc-hash` from 2.1.2 to 2.1.3
- [Changelog](https://github.com/rust-lang/rustc-hash/blob/main/CHANGELOG.md)
- [Commits](rust-lang/rustc-hash@v2.1.2...v2.1.3)

Updates `serde_json` from 1.0.149 to 1.0.150
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.149...v1.0.150)

Updates `regex` from 1.12.3 to 1.13.0
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](rust-lang/regex@1.12.3...1.13.0)

Updates `reqwest` from 0.13.3 to 0.13.4
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.13.3...v0.13.4)

Updates `open` from 5.3.4 to 5.3.6
- [Release notes](https://github.com/Byron/open-rs/releases)
- [Changelog](https://github.com/Byron/open-rs/blob/main/changelog.md)
- [Commits](Byron/open-rs@v5.3.4...v5.3.6)

Updates `rand` from 0.10.1 to 0.10.2
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand@0.10.1...0.10.2)

Updates `tar` from 0.4.45 to 0.4.46
- [Release notes](https://github.com/composefs/tar-rs/releases)
- [Commits](composefs/tar-rs@0.4.45...0.4.46)

Updates `rust-embed` from 8.11.0 to 8.12.0

---
updated-dependencies:
- dependency-name: rustc-hash
  dependency-version: 2.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-minor-patches
- dependency-name: serde_json
  dependency-version: 1.0.150
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-minor-patches
- dependency-name: regex
  dependency-version: 1.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-minor-patches
- dependency-name: reqwest
  dependency-version: 0.13.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-minor-patches
- dependency-name: open
  dependency-version: 5.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-minor-patches
- dependency-name: rand
  dependency-version: 0.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-minor-patches
- dependency-name: tar
  dependency-version: 0.4.46
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-minor-patches
- dependency-name: rust-embed
  dependency-version: 8.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-minor-patches
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants