Skip to content

chore(deps): bump all workspace dependencies#1500

Merged
chaliy merged 2 commits intomainfrom
claude/bump-all-dependencies-9TCh6
May 2, 2026
Merged

chore(deps): bump all workspace dependencies#1500
chaliy merged 2 commits intomainfrom
claude/bump-all-dependencies-9TCh6

Conversation

@chaliy
Copy link
Copy Markdown
Contributor

@chaliy chaliy commented May 2, 2026

What

  • Ran cargo update to bring the workspace lockfile to latest compatible versions.
  • Bumped explicit version pins in [workspace.dependencies]:
    • pyo3 0.28.2 → 0.28.3
    • napi 3.8.5 → 3.8.6
    • napi-derive 3.5.4 → 3.5.5

Why

Routine dependency hygiene. Pulls in upstream bug fixes and patch-level security updates across the workspace tree.

How

Notable lockfile updates from cargo update:

  • reqwest 0.13.2 → 0.13.3
  • rustls 0.23.38 → 0.23.40
  • rustls-platform-verifier 0.6.2 → 0.7.0
  • russh 0.60.1 → 0.60.2
  • aws-lc-rs 1.16.2 → 1.16.3, aws-lc-sys 0.39.1 → 0.40.0
  • wasm-bindgen 0.2.118 → 0.2.120, web-sys 0.3.95 → 0.3.97
  • jiff 0.2.23 → 0.2.24, jni 0.21.1 → 0.22.4, ctor 0.10.1 → 0.11.1
  • data-encoding 2.10 → 2.11, typenum 1.19 → 1.20, generic-array 1.3 → 1.4
  • ~30 transitive bumps total

No major-version stable bumps were available for the headline deps (rustls 0.24 only in -dev, no reqwest 0.14, no pyo3 0.29 yet, russh-keys 0.50 only in beta).

Test plan

  • cargo build --workspace --all-features — green
  • cargo check --workspace --all-features --all-targets — green
  • cargo test --workspace --lib --all-features — 2604 lib tests pass
  • cargo test --features http_client — green
  • cargo clippy --workspace --all-features --all-targets -- -D warnings — clean
  • cargo fmt --check — clean
  • CLI smoke test (bashkit -c '...') — works

Generated by Claude Code

@chaliy
chore(deps): bump all workspace dependencies
e654a6d 
Run `cargo update` and bump explicit version pins in workspace.dependencies:
- pyo3 0.28.2 -> 0.28.3
- napi 3.8.5 -> 3.8.6
- napi-derive 3.5.4 -> 3.5.5

Lockfile updates pull in latest compatible versions including reqwest 0.13.3,
rustls 0.23.40, russh 0.60.2, rustls-platform-verifier 0.7.0, jiff 0.2.24,
data-encoding 2.11, and other transitive bumps.
@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages Bot commented May 2, 2026
edited
Loading

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs		 bashkit 8982e4b Commit Preview URL

Branch Preview URL		 May 02 2026, 12:37 AM

@chaliy
chore(deps): regenerate cargo-vet exemptions for bumped deps
8982e4b 
Run `cargo vet regenerate exemptions` to refresh the exemption list
after the dependency bump. Updates exemption pins to new versions and
prunes exemptions for crates that left the dependency tree.
@chaliy chaliy merged commit cf937c9 into main May 2, 2026
34 checks passed
@chaliy chaliy deleted the claude/bump-all-dependencies-9TCh6 branch May 2, 2026 00:46
@codecov
Copy link
Copy Markdown

codecov Bot commented May 2, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chaliy