Skip to content

chore(deps): bump the cargo group across 2 directories with 2 updates#27

Merged
hyperpolymath merged 1 commit into
mainfrom
dependabot/cargo/indieweb2-bastion/graphql-dns-api/cargo-f829448643
May 11, 2026
Merged

chore(deps): bump the cargo group across 2 directories with 2 updates#27
hyperpolymath merged 1 commit into
mainfrom
dependabot/cargo/indieweb2-bastion/graphql-dns-api/cargo-f829448643

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 8, 2026

Bumps the cargo group with 2 updates in the /indieweb2-bastion/graphql-dns-api directory: hickory-proto and openssl.
Bumps the cargo group with 1 update in the /indieweb2-bastion/odns-rs directory: hickory-proto.

Updates hickory-proto from 0.24.4 to 0.26.1

Release notes

Sourced from hickory-proto's releases.

v0.26.1

This point release for the 0.26 release series brings in several bug fixes, and no user-facing changes. Two security reports are addressed: RUSTSEC-2026-0120 and RUSTSEC-2026-0119.

What's Changed

Full Changelog: hickory-dns/hickory-dns@v0.26.0...v0.26.1

0.26.0

13 months after the release of 0.25.0, we finally have a bigger feature release of Hickory DNS, the suite of DNS libraries and authoritative/recursive name servers written in pure Rust. A lot of work has gone into this release, so we wanted to take a moment to release this before we continue work on deploying the Hickory DNS recursive resolver at Let's Encrypt (and did you see that Hickory is being used in some of Google's Pixel devices?). Because of the ongoing work, we expect that 0.27.0 might happen quite a bit sooner than in 13 months from now.

These release notes describe a number of high-level improvements as well as API changes that are likely to break a larger fraction of our downstream users. Feedback (both on these notes and the release itself) is always welcome in our issue tracker or via our Discord server.

Most of the following notes are broken up by specific components: the server binary and our library crates. However, for this release we've made several changes to the structure of our crates itself:

  • Network protocol support has moved out of the hickory-proto crate, into a new hickory-net crate (#3394); this allows the hickory-proto crate to cleanly focus on message encoding and decoding.
  • The hickory-client crate has been subsumed into hickory-net, in the client module (#3366). No future releases of the hickory-client crate are expected.
  • The hickory-recursor crate has been merged into hickory-resolver (#3370), guarded by a recursor feature which must be enabled explicitly. The recursor implementation was already tightly coupled to the resolver internals, so keeping it separate didn't really make sense.

Additionally, substantial cross-crate changes have been made to improve our error handling:

hickory-dns (the server binary)

hickory-server (the library API)

... (truncated)

Commits
  • f093210 Limit number of names that may be compressed
  • a9b884b Skip search when name compression is disabled
  • 6e70e93 Limit number of name pointers stored in BinEncoder
  • c2bdb8c Add benchmark for encoding message with many names
  • 9e0b528 Bump version to 0.26.1
  • 14cc3c8 net: respect caller timeout for DoT TCP connect
  • fc2e3f4 resolver: release connections lock before TCP/TLS handshake
  • bbdfcd2 Add tests combining NSEC and NSEC3 via CNAME chain
  • 994076b Update rustls-webpki to 0.103.13
  • 3b265fb net: check query name is in zone when building encloser candidates
  • Additional commits viewable in compare view

Updates openssl from 0.10.78 to 0.10.79

Release notes

Sourced from openssl's releases.

openssl-v0.10.79

What's Changed

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79

Commits
  • 649f2d9 Release openssl 0.10.79 and openssl-sys 0.9.115 (#2632)
  • 257f9b2 Fix output buffer overflow for AES key-wrap-with-padding ciphers (#2630)
  • d43e917 Reject non-UTF-8 OCSP responder URLs in X509Ref::ocsp_responders (#2631)
  • f46519c Add PkeyCtxRef::set_context_string for ML-DSA (#2629)
  • ad9ae31 Bind OSSL_PARAM_modified and use it for seed_into (#2628)
  • 4e25c9b Fix process abort when verify/PSK callbacks fire after SSL_CTX swap (#2624)
  • 3dd8f42 Add PKeyRef::seed_into for ML-DSA/ML-KEM seed extraction (#2626)
  • 2c5e5a8 parallelize more builds in CI for cold caches (#2625)
  • 6685591 Add PKey::private_key_from_seed for ML-DSA/ML-KEM key import (#2621)
  • 8f8fdce Drop once_cell in favor of std::sync::{LazyLock, OnceLock} (#2623)
  • Additional commits viewable in compare view

Updates hickory-proto from 0.24.4 to 0.26.1

Release notes

Sourced from hickory-proto's releases.

v0.26.1

This point release for the 0.26 release series brings in several bug fixes, and no user-facing changes. Two security reports are addressed: RUSTSEC-2026-0120 and RUSTSEC-2026-0119.

What's Changed

Full Changelog: hickory-dns/hickory-dns@v0.26.0...v0.26.1

0.26.0

13 months after the release of 0.25.0, we finally have a bigger feature release of Hickory DNS, the suite of DNS libraries and authoritative/recursive name servers written in pure Rust. A lot of work has gone into this release, so we wanted to take a moment to release this before we continue work on deploying the Hickory DNS recursive resolver at Let's Encrypt (and did you see that Hickory is being used in some of Google's Pixel devices?). Because of the ongoing work, we expect that 0.27.0 might happen quite a bit sooner than in 13 months from now.

These release notes describe a number of high-level improvements as well as API changes that are likely to break a larger fraction of our downstream users. Feedback (both on these notes and the release itself) is always welcome in our issue tracker or via our Discord server.

Most of the following notes are broken up by specific components: the server binary and our library crates. However, for this release we've made several changes to the structure of our crates itself:

  • Network protocol support has moved out of the hickory-proto crate, into a new hickory-net crate (#3394); this allows the hickory-proto crate to cleanly focus on message encoding and decoding.
  • The hickory-client crate has been subsumed into hickory-net, in the client module (#3366). No future releases of the hickory-client crate are expected.
  • The hickory-recursor crate has been merged into hickory-resolver (#3370), guarded by a recursor feature which must be enabled explicitly. The recursor implementation was already tightly coupled to the resolver internals, so keeping it separate didn't really make sense.

Additionally, substantial cross-crate changes have been made to improve our error handling:

hickory-dns (the server binary)

hickory-server (the library API)

... (truncated)

Commits
  • f093210 Limit number of names that may be compressed
  • a9b884b Skip search when name compression is disabled
  • 6e70e93 Limit number of name pointers stored in BinEncoder
  • c2bdb8c Add benchmark for encoding message with many names
  • 9e0b528 Bump version to 0.26.1
  • 14cc3c8 net: respect caller timeout for DoT TCP connect
  • fc2e3f4 resolver: release connections lock before TCP/TLS handshake
  • bbdfcd2 Add tests combining NSEC and NSEC3 via CNAME chain
  • 994076b Update rustls-webpki to 0.103.13
  • 3b265fb net: check query name is in zone when building encloser candidates
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump the cargo group across 2 directories with 2 updates
1f0c470 
Bumps the cargo group with 2 updates in the /indieweb2-bastion/graphql-dns-api directory: [hickory-proto](https://github.com/hickory-dns/hickory-dns) and [openssl](https://github.com/rust-openssl/rust-openssl).
Bumps the cargo group with 1 update in the /indieweb2-bastion/odns-rs directory: [hickory-proto](https://github.com/hickory-dns/hickory-dns).


Updates `hickory-proto` from 0.24.4 to 0.26.1
- [Release notes](https://github.com/hickory-dns/hickory-dns/releases)
- [Changelog](https://github.com/hickory-dns/hickory-dns/blob/main/CHANGELOG.md)
- [Commits](hickory-dns/hickory-dns@v0.24.4...v0.26.1)

Updates `openssl` from 0.10.78 to 0.10.79
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79)

Updates `hickory-proto` from 0.24.4 to 0.26.1
- [Release notes](https://github.com/hickory-dns/hickory-dns/releases)
- [Changelog](https://github.com/hickory-dns/hickory-dns/blob/main/CHANGELOG.md)
- [Commits](hickory-dns/hickory-dns@v0.24.4...v0.26.1)

---
updated-dependencies:
- dependency-name: hickory-proto
  dependency-version: 0.26.1
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: openssl
  dependency-version: 0.10.79
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: hickory-proto
  dependency-version: 0.26.1
  dependency-type: direct:production
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels May 8, 2026
@dependabot dependabot Bot mentioned this pull request May 8, 2026
Closed
@hyperpolymath hyperpolymath merged commit beebfdc into main May 11, 2026
17 of 21 checks passed
@hyperpolymath hyperpolymath deleted the dependabot/cargo/indieweb2-bastion/graphql-dns-api/cargo-f829448643 branch May 11, 2026 03:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hyperpolymath