Skip to content

Bump rustls from 0.23.31 to 0.23.40#44

Open
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/cargo/dev/rustls-0.23.37
Open

Bump rustls from 0.23.31 to 0.23.40#44
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/cargo/dev/rustls-0.23.37

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 2, 2026
edited
Loading

Bumps rustls from 0.23.31 to 0.23.40.

Commits
  • b44c09f Prepare 0.23.40
  • e7a555f Prefer Ord::max to core::cmp
  • c0005be ech: base inner name padding on actual extension
  • 4e49529 ech: test inner name padding
  • 3e06ef1 ech: add both name and "gross" padding
  • c574ffd ech: avoid short-lived allocation for padding
  • 8bf935c ech: pop comment from match arm
  • 9088004 ech: expand maximum_name_length to usize ASAP
  • a612901 Default require_ems based on CryptoProvider FIPS status
  • 0541605 Cargo: version 0.23.38 -> 0.23.39
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Apr 2, 2026
@dependabot dependabot Bot mentioned this pull request Apr 2, 2026
Closed
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 2, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@deepsource-io
Copy link
Copy Markdown
Contributor

deepsource-io Bot commented Apr 2, 2026
edited
Loading

DeepSource Code Review

We reviewed changes in 127d8f1...bb17f5d on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade   Security  

Reliability  

Complexity  

Hygiene  

Code Review Summary

Analyzer Status Updated (UTC) Details
Secrets Apr 30, 2026 8:07p.m. Review ↗
JavaScript Apr 30, 2026 8:07p.m. Review ↗
Rust Apr 30, 2026 8:07p.m. Review ↗
SQL Apr 30, 2026 8:07p.m. Review ↗

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

@dependabot
Bump rustls from 0.23.31 to 0.23.40
bb17f5d 
Bumps [rustls](https://github.com/rustls/rustls) from 0.23.31 to 0.23.40.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](rustls/rustls@v/0.23.31...v/0.23.40)

---
updated-dependencies:
- dependency-name: rustls
  dependency-version: 0.23.37
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump rustls from 0.23.31 to 0.23.37 Bump rustls from 0.23.31 to 0.23.40 Apr 30, 2026
@dependabot dependabot Bot force-pushed the dependabot/cargo/dev/rustls-0.23.37 branch from 1bdc0ad to bb17f5d Compare April 30, 2026 20:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants