Skip to content

chore(deps): bump open from 5.3.3 to 5.3.6#135

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/open-5.3.6
Open

chore(deps): bump open from 5.3.3 to 5.3.6#135
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/open-5.3.6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps open from 5.3.3 to 5.3.6.

Release notes

Sourced from open's releases.

v5.3.6

Bug Fixes

  • use PowerShell instead of wslview on WSL WSL users reported that wslu's wslview is discontinued and unavailable in some package managers. The regression tests cover the WSL command builder and initially failed because the first generated command was still wslview.

    Build the WSL opener as a PowerShell Start-Process -FilePath script argument with the target quoted as data, then retain the xdg-open, gio, gnome-open, and kde-open fallbacks. Update the user-facing docs and keep the WSL command builder testable from host builds without adding dev-dependencies.

Commit Statistics

  • 2 commits contributed to the release.
  • 48 days passed between releases.
  • 1 commit was understood as conventional.
  • 1 unique issue was worked on: #122

Commit Details

  • #122
    • Use PowerShell instead of wslview on WSL (44d1d41)
  • Uncategorized
    • Merge pull request #123 from Byron/avoid-wslview (41c4cf0)

v5.3.5

Bug Fixes

  • delegate to winebrowser under Wine When running a Windows-targeted binary under Wine, open requests previously fell back to Wine's bundled explorer.exe, which lacks proper host desktop integration.

    This change detects the Wine environment at runtime (via WINEPREFIX, WINELOADER, or WINEDEBUG) and prepends a winebrowser command to the launcher list. winebrowser is Wine's official utility for forwarding file/URL requests to the host OS's default handler (e.g., xdg-open on Linux, open on macOS).

    If winebrowser is unavailable or fails, the existing cmd /c start fallback is used automatically, preserving backward compatibility. No public API changes or compile-time flags are introduced.

Commit Statistics

  • 3 commits contributed to the release.
  • 22 days passed between releases.
  • 1 commit was understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

... (truncated)

Changelog

Sourced from open's changelog.

5.3.6 (2026-06-29)

Bug Fixes

  • use PowerShell instead of wslview on WSL WSL users reported that wslu's wslview is discontinued and unavailable in some package managers. The regression tests cover the WSL command builder and initially failed because the first generated command was still wslview.

    Build the WSL opener as a PowerShell Start-Process -FilePath script argument with the target quoted as data, then retain the xdg-open, gio, gnome-open, and kde-open fallbacks. Update the user-facing docs and keep the WSL command builder testable from host builds without adding dev-dependencies.

Commit Statistics

  • 2 commits contributed to the release.
  • 48 days passed between releases.
  • 1 commit was understood as conventional.
  • 1 unique issue was worked on: #122

Commit Details

  • #122
    • Use PowerShell instead of wslview on WSL (44d1d41)
  • Uncategorized
    • Merge pull request #123 from Byron/avoid-wslview (41c4cf0)

5.3.5 (2026-05-12)

Bug Fixes

  • delegate to winebrowser under Wine When running a Windows-targeted binary under Wine, open requests previously fell back to Wine's bundled explorer.exe, which lacks proper host desktop integration.

    This change detects the Wine environment at runtime (via WINEPREFIX, WINELOADER, or WINEDEBUG) and prepends a winebrowser command to the launcher list. winebrowser is Wine's official utility for forwarding file/URL requests to the host OS's default handler (e.g., xdg-open on Linux, open on macOS).

    If winebrowser is unavailable or fails, the existing cmd /c start fallback is used automatically, preserving backward compatibility. No public API changes or compile-time flags are introduced.

Commit Statistics

... (truncated)

Commits
  • cfb39d8 Release open v5.3.6
  • 41c4cf0 Merge pull request #123 from Byron/avoid-wslview
  • 44d1d41 fix: use PowerShell instead of wslview on WSL (#122)
  • b98fc01 Release open v5.3.5
  • bb28d04 Merge pull request #121 from gsurrel/wine-awareness
  • f72e644 review
  • db81369 fix(windows): delegate to winebrowser under Wine
  • 7bd519c Release open v5.3.4
  • 7db5738 Merge pull request #119 from benzeneringlq/fix-macos-detach-silent-failure
  • 8e122d4 fix(macos): align with_detached() implementation with with()
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [open](https://github.com/Byron/open-rs) from 5.3.3 to 5.3.6.
- [Release notes](https://github.com/Byron/open-rs/releases)
- [Changelog](https://github.com/Byron/open-rs/blob/main/changelog.md)
- [Commits](Byron/open-rs@v5.3.3...v5.3.6)

---
updated-dependencies:
- dependency-name: open
  dependency-version: 5.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
cargo/open 5.3.6 🟢 4.2
Details
CheckScoreReason
Maintained🟢 1010 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Code-Review🟢 4Found 8/17 approved changesets -- score normalized to 4
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • Cargo.lock

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants