Skip to content

chore(deps): bump the patch-updates group across 1 directory with 6 updates#490

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/patch-updates-22581dbe26
Open

chore(deps): bump the patch-updates group across 1 directory with 6 updates#490
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/patch-updates-22581dbe26

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps the patch-updates group with 6 updates in the / directory:

Package From To
rand 0.10.1 0.10.2
uuid 1.23.3 1.23.4
jiff 0.2.28 0.2.31
quinn 0.11.9 0.11.11
rustls 0.23.40 0.23.41
mdns-sd 0.20.0 0.20.1

Updates rand from 0.10.1 to 0.10.2

Changelog

Sourced from rand's changelog.

[0.10.2] — 2026-07-02

Fixes

  • Fix possible memory safety violation due to deserialization of UniformChar from bad source (#1790)

Changes

  • Document required output order of fn partial_shuffle and apply #[must_use] (#1769)
  • Avoid usage of unsafe in contexts where non-local memory corruption could invalidate contract (#1791)

#1769: rust-random/rand#1769 #1790: rust-random/rand#1790 #1791: rust-random/rand#1791

Commits

Updates uuid from 1.23.3 to 1.23.4

Release notes

Sourced from uuid's releases.

v1.23.4

What's Changed

New Contributors

Full Changelog: uuid-rs/uuid@v1.23.3...v1.23.4

Commits
  • 3296d64 Merge pull request #890 from uuid-rs/cargo/v1.23.4
  • cba53d0 prepare for 1.23.4 release
  • e347af4 Merge pull request #889 from frostyplanet/main
  • e9bf55c doc: Fix broken link warnings
  • 5351af4 doc: Enable feature flag label for docs.rs
  • 1e6a966 Merge pull request #888 from uuid-rs/KodrAus-patch-1
  • c9619f6 fix up name of fuzz script in readme
  • See full diff in compare view

Updates jiff from 0.2.28 to 0.2.31

Changelog

Sourced from jiff's changelog.

0.2.31 (2026-06-29)

This release fixes a minor bug in tests that prevents the crate from running through standard build processes in Linux distributions downstream.

  • #594: Fix imports in recently added tests.

0.2.30 (2026-06-29)

This release fixes a safety soundness bug in Jiff's lower level printing APIs. There is also a nice performance improvement to civil::Date::weekday, which also improves downstread routines like civil::Date::nth_weekday and datetime<-->timestamp conversions in some cases.

Enhancements:

  • #591: Improve the performance of weekday calculations from Gregorian dates by 30-50%.

Bug fixes:

  • #592: Fix safety soundness bug when using a non-empty String destination buffer with lower level printing APIs inside of jiff::fmt.

0.2.29 (2026-06-20)

This release adds support for [defmt], which is a highly efficient logging framework that targets resource-constrained devices, like microcontrollers.

Enhancements:

  • #505: Add support for the defmt crate by implementing defmt::Format on the principle public types in Jiff.
  • #584: Add Zoned::UNIX_EPOCH as a constant.
  • #587: Change the Debug output for civil::ISOWeekDate to match the Debug output style of other primitive datetime types.

Bug fixes:

  • #525: Fix a bug that prevented time zone lookups when using an on-disk time zone database on Windows.
  • #539:

... (truncated)

Commits

Updates quinn from 0.11.9 to 0.11.11

Release notes

Sourced from quinn's releases.

quinn-proto 0.11.11

What's Changed

Commits
  • a7499b8 Bump versions for release
  • 7c1970f proto: yield error on too many gaps in assembler
  • fe5ac49 congestion: avoid double-reducing CUBIC fast convergence
  • c1e903b fix(quinn): handle overdue timers without polling the async timer
  • b3b20e1 quinn-udp: allow to use windows-sys 0.61
  • 6f03ca3 quinn-proto: drop Initials silently when saturated
  • 41c8527 quinn: fix ref count logic for ConnectionRef and EndpointRef
  • 73ea1dd Remove RecvStreams from blocked_readers on stop
  • cf16bfd Early return in RecvStream::drop()
  • af2e4e5 Fix the (pre-existing) rightward drift by inverting conditions
  • Additional commits viewable in compare view

Updates rustls from 0.23.40 to 0.23.41

Commits
  • 642a103 ci: drop Taplo job
  • 752c144 Drop nightly clippy tests
  • 8d8611a Fix new clippy::useless-borrows-in-formatting
  • ebf3297 Fix new clippy::manual_clear
  • 46808e7 ci: sync cargo-check-external-types nightly
  • 041a8d2 Cargo deny: allow RUSTSEC-2026-0173
  • 62e220e Take semver-compatible dependency updates
  • 3c14696 Upgrade to hickory-resolver 0.26
  • 848a2cc connect-tests: delete ech.rs
  • 5ce9cac Bump version to 0.23.41
  • Additional commits viewable in compare view

Updates mdns-sd from 0.20.0 to 0.20.1

Release notes

Sourced from mdns-sd's releases.

v0.20.1

This is a small feature and maintenance release.

New features

  • Add IfKind::Predicate and a new IfPredicate type, allowing interfaces to be selected with a custom predicate function (e.g. matching by interface name pattern). (#474, commit fd72146)

What's Changed

New Contributors

Full Changelog: keepsimple1/mdns-sd@v0.20.0...v0.20.1

Changelog

Sourced from mdns-sd's changelog.

Version 0.20.1 (2026-06-28)

This is a small feature and maintenance release.

New features

  • Add IfKind::Predicate and a new IfPredicate type, allowing interfaces to be selected with a custom predicate function (e.g. matching by interface name pattern). (#474, commit fd72146)

Other changes

  • chore(deps): update dependencies. (#454, commit 06bdad1)

All changes

  • fd72146 2026-06-22 Add IfPredicate for more flexible interface filtering (#474) (MAlba124)
  • 06bdad1 2026-06-16 chore(deps): update (#454) (CosminPerRam)

Thanks and welcome our new contributor @​MAlba124 !

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jul 2, 2026
@dependabot dependabot Bot force-pushed the dependabot/cargo/patch-updates-22581dbe26 branch 2 times, most recently from 3175f14 to 93b1250 Compare July 2, 2026 17:55
@forkwright

Copy link
Copy Markdown
Owner

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/cargo/patch-updates-22581dbe26 branch 8 times, most recently from e933c1f to e356f11 Compare July 6, 2026 22:12
@forkwright

Copy link
Copy Markdown
Owner

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/cargo/patch-updates-22581dbe26 branch from e356f11 to c8d8ac4 Compare July 7, 2026 09:26
@forkwright

Copy link
Copy Markdown
Owner

Reviewed 2026-07-07: real CI (Check/Clippy/Format/Test/Security-advisories) passes; only cargo-deny bans fails on duplicate flume+windows-sys from the transitive tree (non-security). Main is currently duplicate-free, so not merging red and not relaxing the policy. Left to dependabot — this patch group auto-merges once the transitive duplicate clears.

…pdates

Bumps the patch-updates group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [rand](https://github.com/rust-random/rand) | `0.10.1` | `0.10.2` |
| [uuid](https://github.com/uuid-rs/uuid) | `1.23.3` | `1.23.4` |
| [jiff](https://github.com/BurntSushi/jiff) | `0.2.28` | `0.2.31` |
| [quinn](https://github.com/quinn-rs/quinn) | `0.11.9` | `0.11.11` |
| [rustls](https://github.com/rustls/rustls) | `0.23.40` | `0.23.41` |
| [mdns-sd](https://github.com/keepsimple1/mdns-sd) | `0.20.0` | `0.20.1` |



Updates `rand` from 0.10.1 to 0.10.2
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand@0.10.1...0.10.2)

Updates `uuid` from 1.23.3 to 1.23.4
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](uuid-rs/uuid@v1.23.3...v1.23.4)

Updates `jiff` from 0.2.28 to 0.2.31
- [Release notes](https://github.com/BurntSushi/jiff/releases)
- [Changelog](https://github.com/BurntSushi/jiff/blob/master/CHANGELOG.md)
- [Commits](BurntSushi/jiff@jiff-static-0.2.28...jiff-static-0.2.31)

Updates `quinn` from 0.11.9 to 0.11.11
- [Release notes](https://github.com/quinn-rs/quinn/releases)
- [Commits](quinn-rs/quinn@quinn-0.11.9...quinn-0.11.11)

Updates `rustls` from 0.23.40 to 0.23.41
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](rustls/rustls@v/0.23.40...v/0.23.41)

Updates `mdns-sd` from 0.20.0 to 0.20.1
- [Release notes](https://github.com/keepsimple1/mdns-sd/releases)
- [Changelog](https://github.com/keepsimple1/mdns-sd/blob/main/CHANGELOG.md)
- [Commits](keepsimple1/mdns-sd@v0.20.0...v0.20.1)

---
updated-dependencies:
- dependency-name: jiff
  dependency-version: 0.2.31
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: mdns-sd
  dependency-version: 0.20.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: quinn
  dependency-version: 0.11.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: rand
  dependency-version: 0.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: rustls
  dependency-version: 0.23.41
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: uuid
  dependency-version: 1.23.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/patch-updates-22581dbe26 branch from c8d8ac4 to 1ad73ac Compare July 7, 2026 14:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant