Skip to content

chore(deps): bump the rust-minor group with 6 updates#4

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/rust-minor-a6380bc905
Closed

chore(deps): bump the rust-minor group with 6 updates#4
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/rust-minor-a6380bc905

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 22, 2026
edited
Loading

Bumps the rust-minor group with 6 updates:

Package From To
clap 4.5.57 4.6.0
clap_complete 4.5.66 4.6.0
clap_complete_nushell 4.5.10 4.6.0
anyhow 1.0.101 1.0.102
chrono 0.4.43 0.4.44
tempfile 3.24.0 3.27.0

Updates clap from 4.5.57 to 4.6.0

Release notes

Sourced from clap's releases.

v4.5.60

[4.5.60] - 2026-02-19

Fixes

  • (help) Quote empty default values, possible values

v4.5.59

[4.5.59] - 2026-02-16

Fixes

  • Command::ignore_errors no longer masks help/version on subcommands

v4.5.58

[4.5.58] - 2026-02-11

Changelog

Sourced from clap's changelog.

[4.6.0] - 2026-03-12

Compatibility

  • Update MSRV to 1.85

[4.5.61] - 2026-03-12

Internal

  • Update dependencies

[4.5.60] - 2026-02-19

Fixes

  • (help) Quote empty default values, possible values

[4.5.59] - 2026-02-16

Fixes

  • Command::ignore_errors no longer masks help/version on subcommands

[4.5.58] - 2026-02-11

Commits

Updates clap_complete from 4.5.66 to 4.6.0

Changelog

Sourced from clap_complete's changelog.

[4.6.0] - 2026-03-12

Compatibility

  • Update MSRV to 1.85

[4.5.61] - 2026-03-12

Internal

  • Update dependencies

[4.5.60] - 2026-02-19

Fixes

  • (help) Quote empty default values, possible values

[4.5.59] - 2026-02-16

Fixes

  • Command::ignore_errors no longer masks help/version on subcommands

[4.5.58] - 2026-02-11

[4.5.57] - 2026-02-03

Fixes

  • Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

[4.5.56] - 2026-01-29

Fixes

  • On conflict error, don't show conflicting arguments in the usage

[4.5.55] - 2026-01-27

Fixes

  • Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

[4.5.54] - 2026-01-02

Fixes

  • (help) Move [default] to its own paragraph when PossibleValue::help is present in --help

... (truncated)

Commits

Updates clap_complete_nushell from 4.5.10 to 4.6.0

Release notes

Sourced from clap_complete_nushell's releases.

v4.5.60

[4.5.60] - 2026-02-19

Fixes

  • (help) Quote empty default values, possible values

v4.5.59

[4.5.59] - 2026-02-16

Fixes

  • Command::ignore_errors no longer masks help/version on subcommands

v4.5.58

[4.5.58] - 2026-02-11

v4.5.57

[4.5.57] - 2026-02-03

Fixes

  • Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

v4.5.56

[4.5.56] - 2026-01-29

Fixes

  • On conflict error, don't show conflicting arguments in the usage

v4.5.55

[4.5.55] - 2026-01-27

Fixes

  • Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

v4.5.54

[4.5.54] - 2026-01-02

Fixes

  • (help) Move [default] to its own paragraph when PossibleValue::help is present in --help

v4.5.53

[4.5.53] - 2025-11-19

Features

... (truncated)

Changelog

Sourced from clap_complete_nushell's changelog.

[4.6.0] - 2026-03-12

Compatibility

  • Update MSRV to 1.85

[4.5.61] - 2026-03-12

Internal

  • Update dependencies

[4.5.60] - 2026-02-19

Fixes

  • (help) Quote empty default values, possible values

[4.5.59] - 2026-02-16

Fixes

  • Command::ignore_errors no longer masks help/version on subcommands

[4.5.58] - 2026-02-11

[4.5.57] - 2026-02-03

Fixes

  • Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

[4.5.56] - 2026-01-29

Fixes

  • On conflict error, don't show conflicting arguments in the usage

[4.5.55] - 2026-01-27

Fixes

  • Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

[4.5.54] - 2026-01-02

Fixes

  • (help) Move [default] to its own paragraph when PossibleValue::help is present in --help

... (truncated)

Commits

Updates anyhow from 1.0.101 to 1.0.102

Release notes

Sourced from anyhow's releases.

1.0.102

Commits
  • 5c657b3 Release 1.0.102
  • e737fb6 Merge pull request #442 from dtolnay/backtrace
  • 7fe62b5 Further simply backtrace conditional compilation
  • c8cb5ca Merge pull request #441 from dtolnay/backtrace
  • de27df7 Delete CI use of --features=backtrace
  • 9b67e5d Merge pull request #440 from dtolnay/backtrace
  • efdb11a Simplify std_backtrace conditional code
  • b8a9a70 Merge pull request #439 from dtolnay/backtrace
  • a42fc2c Remove feature = "backtrace" conditional code
  • 2a2a3ce Re-word backtrace feature comment
  • Additional commits viewable in compare view

Updates chrono from 0.4.43 to 0.4.44

Release notes

Sourced from chrono's releases.

0.4.44

What's Changed

Commits
  • c14b459 Bump version to 0.4.44
  • ea832c5 Add track_caller to non-deprecated functions
  • cfae889 Fix panic message in to_rfc2822
  • f8900b5 docs: match MSRV with Cargo.toml contents
  • See full diff in compare view

Updates tempfile from 3.24.0 to 3.27.0

Changelog

Sourced from tempfile's changelog.

3.27.0

This release adds TempPath::try_from_path and deprecates TempPath::from_path.

Prior to this release, TempPath::from_path made no attempts to convert relative paths into absolute paths. The following code would have deleted the wrong file:

let tmp_path = TempPath::from_path("foo")
std::env::set_current_dir("/some/other/path").unwrap();
drop(tmp_path);

Now:

  1. TempPath::from_path will attempt to convert relative paths into absolute paths. However, this isn't always possible as we need to call std::env::current_dir, which can fail. If we fail to convert the relative path to an absolute path, we simply keep the relative path.
  2. The TempPath::try_from_path behaves exactly like TempPath::from_path, except that it returns an error if we fail to convert a relative path into an absolute path (or if the passed path is empty).

Neither function attempt to verify the existence of the file in question.

Thanks to @​meng-xu-cs for reporting this issue.

3.26.0

3.25.0

  • Allow getrandom 0.4.x while retaining support for getrandom 0.3.x.
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Mar 22, 2026
@dependabot
chore(deps): bump the rust-minor group with 6 updates
7265b0f 
Bumps the rust-minor group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [clap](https://github.com/clap-rs/clap) | `4.5.57` | `4.6.0` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.66` | `4.6.0` |
| [clap_complete_nushell](https://github.com/clap-rs/clap) | `4.5.10` | `4.6.0` |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.101` | `1.0.102` |
| [chrono](https://github.com/chronotope/chrono) | `0.4.43` | `0.4.44` |
| [tempfile](https://github.com/Stebalien/tempfile) | `3.24.0` | `3.27.0` |


Updates `clap` from 4.5.57 to 4.6.0
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete-v4.5.57...clap_complete-v4.6.0)

Updates `clap_complete` from 4.5.66 to 4.6.0
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete-v4.5.66...clap_complete-v4.6.0)

Updates `clap_complete_nushell` from 4.5.10 to 4.6.0
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete_nushell-v4.5.10...clap_complete_nushell-v4.6.0)

Updates `anyhow` from 1.0.101 to 1.0.102
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.101...1.0.102)

Updates `chrono` from 0.4.43 to 0.4.44
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](chronotope/chrono@v0.4.43...v0.4.44)

Updates `tempfile` from 3.24.0 to 3.27.0
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](Stebalien/tempfile@v3.24.0...v3.27.0)

---
updated-dependencies:
- dependency-name: clap
  dependency-version: 4.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-minor
- dependency-name: clap_complete
  dependency-version: 4.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-minor
- dependency-name: clap_complete_nushell
  dependency-version: 4.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-minor
- dependency-name: anyhow
  dependency-version: 1.0.102
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor
- dependency-name: chrono
  dependency-version: 0.4.44
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor
- dependency-name: tempfile
  dependency-version: 3.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/rust-minor-a6380bc905 branch from 2fa8faa to 7265b0f Compare March 23, 2026 07:31
@hyperpolymath hyperpolymath deleted the dependabot/cargo/rust-minor-a6380bc905 branch March 26, 2026 16:41
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 26, 2026

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@hyperpolymath hyperpolymath mentioned this pull request May 26, 2026
Merged
3 tasks
hyperpolymath added a commit that referenced this pull request May 26, 2026
@hyperpolymath @claude
docs(future-improvements): refresh status (4 of 10 items shipped) (#42)
600f6fc 
## Summary

\`FUTURE-IMPROVEMENTS.md\` was written on **2026-02-08** when
panic-attack was at **v1.0.0**, surveying ten Eclexia-scan-driven
improvement ideas. We're now at **v2.5.0**; four of the ten items have
shipped but the doc still presents them as future work.

This PR adds a status block at the top of the file and inline **Status:
SHIPPED** markers on the four landed sections, with file/line evidence
so a reader can verify the claims at a glance.

### Shipped (4)

| # | Improvement | Code reference |
|---|-------------|----------------|
| 1 | Test Code Exclusion | \`Analyzer::strip_cfg_test_modules_rs\` —
\`src/assail/analyzer.rs:923-934\` |
| 2 | Framework Detection Accuracy | \`Analyzer::detect_frameworks\` —
\`src/assail/analyzer.rs:4993\` |
| 3 | Safe Unwrap Variant Distinction | \`safe_unwrap_calls\` field on
\`ProgramStatistics\` / \`FileStatistics\` — \`src/types.rs:451,518\` |
| 6 | Differential Scanning | \`Commands::Diff\` — \`src/main.rs:483\`;
logic in \`src/report/diff.rs\` |

### Outstanding (6)

- **#4 Language-Specific Severity Calibration** — no "Hardened" tier
yet; *was* gated on #1+#3 (now both shipped, so genuinely unblocked).
- **#5 Workspace-Level Consolidated Reporting** — no Cargo workspace
mode in CLI.
- **#7 Allocation Site Context** — no \`AllocationCategory\` enum.
- **#8 Resource Dimension Awareness** — long-term, no plugin surface.
- **#9 Error Handling Maturity** — no metric yet.
- **#10 Configurable CI Thresholds** — no \`[thresholds]\` parser; *was*
gated on #1-4 (now mostly unblocked).

## Preservation

- The historical header (\`Date: 2026-02-08\`, \`Tool version:
panic-attack v1.0.0\`) is preserved as a historical record of what was
true at scan time.
- A new \`Audit refreshed: 2026-05-26\` line records when this status
update was performed.
- Body text of each improvement section is unchanged — only the priority
line on shipped items gets a "Status: SHIPPED" suffix.

## Test plan

- [x] Markdown renders correctly (status table, inline markers)
- [x] All cited file:line locations grep clean against current main
- [x] Signed commit

## Not in this PR

Acting on the now-unblocked items (#4, #10) is separate work. Filing
this hygiene update first so future planning has accurate ground truth.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hyperpolymath