Skip to content

build(deps): bump the per-dependency group with 9 updates #592

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the per-dependency group with 9 updates #592

dependabot wants to merge 1 commit into from
+351 −74

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 11, 2026
edited
Loading

Bumps the per-dependency group with 9 updates:

Package From To
anyhow 1.0.100 1.0.101
spin 0.9.8 0.10.0
regex 1.12.2 1.12.3
jsonschema 0.30.0 0.41.0
rand 0.9.2 0.10.0
clap 4.5.56 4.5.58
criterion 0.8.1 0.8.2
toml_edit 0.22.27 0.25.0+spec-1.1.0
zip 0.6.6 7.4.0

Updates anyhow from 1.0.100 to 1.0.101

Release notes

Sourced from anyhow's releases.

1.0.101

Commits
  • 80bfe29 Release 1.0.101
  • dff8c43 Merge pull request #437 from Ibitier/inline-ok-helper
  • 85d9ea9 Add #[inline] to anyhow::Ok helper
  • 54036cc Update ui test suite to nightly-2026-01-21
  • cce0579 Update actions/upload-artifact@v5 -> v6
  • f2c598c Update actions/upload-artifact@v4 -> v5
  • 2c0bda4 Update to 2021 edition
  • 0d82268 Remove rustc version requirement from readme
  • 67df012 Merge pull request #436 from dtolnay/up
  • c898488 Raise required compiler to Rust 1.68
  • Additional commits viewable in compare view

Updates spin from 0.9.8 to 0.10.0

Changelog

Sourced from spin's changelog.

[0.10.0] - 2025-03-26

Added

  • Mutex::try_lock_weak
  • RwLock::try_write_weak
  • RwLock::try_upgrade_weak

Changed

  • Updated MSRV to 1.60
  • Use dep: syntax in Cargo.toml
  • portable_atomic feature has been renamed to portable-atomic, for consistency.

Fixed

Commits

Updates regex from 1.12.2 to 1.12.3

Changelog

Sourced from regex's changelog.

1.12.3 (2025-02-03)

This release excludes some unnecessary things from the archive published to crates.io. Specifically, fuzzing data and various shell scripts are now excluded. If you run into problems, please file an issue.

Improvements:

  • #1319: Switch from a Cargo exclude list to an include list, and exclude some unnecessary stuff.
Commits
  • b028e4f 1.12.3
  • 5e195de regex-automata-0.4.14
  • a3433f6 regex-syntax-0.8.9
  • 0c07fae regex-lite-0.1.9
  • 6a81006 cargo: exclude development scripts and fuzzing data
  • 4733e28 automata: fix onepass::DFA::try_search_slots panic when too many slots are ...
  • See full diff in compare view

Updates jsonschema from 0.30.0 to 0.41.0

Release notes

Sourced from jsonschema's releases.

[Python] Release 0.41.0

Changed

  • Update pyo3 to 0.28.
  • Remove unused pythonize dependency.

Performance

  • Replace regex-based uri-template format validation with a hand-rolled RFC 6570 parser.
  • Specialize items keyword for simple type schemas ({"type": "string"}, {"type": "number"}, etc.) to eliminate dynamic dispatch overhead.
  • Precompute regex matches on known properties.
  • Faster unevaluatedProperties validation via O(1) property lookup and short-circuit oneOf evaluation.
  • Use HashMap for large set of properties.
  • Lower HashMap threshold from 40 to 15 properties for faster property lookups.

[Rust] Release 0.41.0

Performance

  • Replace regex-based uri-template format validation with a hand-rolled RFC 6570 parser.
  • Specialize items keyword for simple type schemas ({"type": "string"}, {"type": "number"}, etc.) to eliminate dynamic dispatch overhead.
  • Precompute regex matches on known properties.
  • Faster unevaluatedProperties validation via O(1) property lookup and short-circuit oneOf evaluation.
  • Use HashMap for large set of properties.
  • Lower HashMap threshold from 40 to 15 properties for faster property lookups.

[Python] Release 0.40.4

Added

  • Pre-built wheels for free-threaded Python (3.13t, 3.14t) on Linux, macOS, and Windows.

[Python] Release 0.40.3

Added

  • Pre-built wheels for musllinux (Alpine Linux) on x86_64 and aarch64.

[Python] Release 0.40.2

Changed

  • Switch HTTP client TLS crypto backend from aws-lc-rs to ring to fix import errors when building from source on some Linux distributions. #957

Fixed

  • Draft4Validator now correctly validates large Python integers outside the i64/u64 range (e.g., -9223372036854775809, 18446744073709551616) as valid for type: integer.

[Rust] Release 0.40.2

Changed

  • Exclude internal tracker field from ValidationError Debug output.
  • Switch HTTP client TLS crypto backend from aws-lc-rs to ring to simplify building from source on some Linux distributions. #957

... (truncated)

Changelog

Sourced from jsonschema's changelog.

[0.41.0] - 2026-02-04

Performance

  • Replace regex-based uri-template format validation with a hand-rolled RFC 6570 parser.
  • Specialize items keyword for simple type schemas ({"type": "string"}, {"type": "number"}, etc.) to eliminate dynamic dispatch overhead.
  • Precompute regex matches on known properties.
  • Faster unevaluatedProperties validation via O(1) property lookup and short-circuit oneOf evaluation.
  • Use HashMap for large set of properties.
  • Lower HashMap threshold from 40 to 15 properties for faster property lookups.

[0.40.2] - 2026-01-30

Changed

  • Exclude internal tracker field from ValidationError Debug output.
  • Switch HTTP client TLS crypto backend from aws-lc-rs to ring to simplify building from source on some Linux distributions. #957

Fixed

  • type: integer validation in Draft 4 now correctly accepts large integers outside the i64/u64 range when arbitrary-precision feature is enabled.

[0.40.1] - 2026-01-30

Changed

  • ValidationErrorKind::Custom now includes a keyword field containing the custom keyword name.

Performance

  • Faster validation via cost-based keyword ordering.
  • Faster patternProperties for simple prefix patterns (e.g., ^x-).

[0.40.0] - 2026-01-18

Added

  • HttpOptions and ValidationOptions::with_http_options() for configuring HTTP client behavior (timeouts, TLS verification, custom CA certificates) when fetching external schemas.
  • CLI: --timeout, --connect-timeout, --insecure, and --cacert flags for HTTP configuration.

[0.39.0] - 2026-01-16

Added

  • ValidationError::evaluation_path() for the dynamic path including $ref traversals.

Changed

  • BREAKING: Simplified custom keyword API - Keyword::validate no longer receives path parameters, and ValidationError::custom only takes a message.

... (truncated)

Commits
  • 008405d chore(rust): Release 0.41.0
  • e172a83 docs: Update benchmarks
  • 7bd9654 perf: Avoid re-building SchemaNode during recursive reference validation
  • 71c508b perf: Lower HashMap threshold from 40 to 15 properties for faster property lo...
  • 258cc95 perf: Replace regex-based uri-template format validation with a hand-rolled...
  • 1954c2c build(deps): bump crates/jsonschema-referencing/tests/suite
  • e142095 docs: Update benchmarks
  • 6e4cf58 perf: Fuse required with properties validator
  • a741634 perf: Fuse required with properties validator
  • 08f7b6b perf: Specialize items
  • Additional commits viewable in compare view

Updates rand from 0.9.2 to 0.10.0

Changelog

Sourced from rand's changelog.

[0.10.0] - 2026-02-08

Changes

  • The dependency on rand_chacha has been replaced with a dependency on chacha20. This changes the implementation behind StdRng, but the output remains the same. There may be some API breakage when using the ChaCha-types directly as these are now the ones in chacha20 instead of rand_chacha (#1642).
  • Rename fns IndexedRandom::choose_multiple -> sample, choose_multiple_array -> sample_array, choose_multiple_weighted -> sample_weighted, struct SliceChooseIter -> IndexedSamples and fns IteratorRandom::choose_multiple -> sample, choose_multiple_fill -> sample_fill (#1632)
  • Use Edition 2024 and MSRV 1.85 (#1653)
  • Let Fill be implemented for element types, not sliceable types (#1652)
  • Fix OsError::raw_os_error on UEFI targets by returning Option<usize> (#1665)
  • Replace fn TryRngCore::read_adapter(..) -> RngReadAdapter with simpler struct RngReader (#1669)
  • Remove fns SeedableRng::from_os_rng, try_from_os_rng (#1674)
  • Remove Clone support for StdRng, ReseedingRng (#1677)
  • Use postcard instead of bincode to test the serde feature (#1693)
  • Avoid excessive allocation in IteratorRandom::sample when amount is much larger than iterator size (#1695)
  • Rename os_rng -> sys_rng, OsRng -> SysRng, OsError -> SysError (#1697)
  • Rename Rng -> RngExt as upstream rand_core has renamed RngCore -> Rng (#1717)

Additions

  • Add fns IndexedRandom::choose_iter, choose_weighted_iter (#1632)
  • Pub export Xoshiro128PlusPlus, Xoshiro256PlusPlus prngs (#1649)
  • Pub export ChaCha8Rng, ChaCha12Rng, ChaCha20Rng behind chacha feature (#1659)
  • Fn rand::make_rng() -> R where R: SeedableRng (#1734)

Removals

  • Removed ReseedingRng (#1722)
  • Removed unused feature "nightly" (#1732)
  • Removed feature small_rng (#1732)

#1632: rust-random/rand#1632 #1642: rust-random/rand#1642 #1649: rust-random/rand#1649 #1652: rust-random/rand#1652 #1653: rust-random/rand#1653 #1659: rust-random/rand#1659 #1665: rust-random/rand#1665 #1669: rust-random/rand#1669 #1674: rust-random/rand#1674 #1677: rust-random/rand#1677 #1693: rust-random/rand#1693 #1695: rust-random/rand#1695 #1697: rust-random/rand#1697 #1717: rust-random/rand#1717 #1722: rust-random/rand#1722 #1732: rust-random/rand#1732 #1734: rust-random/rand#1734

Commits

Updates clap from 4.5.56 to 4.5.58

Release notes

Sourced from clap's releases.

v4.5.58

[4.5.58] - 2026-02-11

v4.5.57

[4.5.57] - 2026-02-03

Fixes

  • Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)
Changelog

Sourced from clap's changelog.

[4.5.58] - 2026-02-11

[4.5.57] - 2026-02-03

Fixes

  • Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)
Commits
  • 88f13cb chore: Release
  • fe2d731 docs: Update changelog
  • b256739 Merge pull request #6131 from mernen/do-not-suggest-opts-after-escape
  • 8aaf704 fix(complete): Do not suggest options after "--"
  • 4a86fee test(complete): Illustrate current behavior
  • 281f8ae Merge pull request #6126 from epage/p
  • 3cbce42 docs(cookbook): Make typed-derive easier to maintain
  • 9fd4dc9 docs(cookbook): Provide a custom TypedValueParser
  • 8f8e861 docs(cookbook): Add local enum to typed-derive
  • 926bafe docs(cookbook): Hint at overriding value_name
  • Additional commits viewable in compare view

Updates criterion from 0.8.1 to 0.8.2

Release notes

Sourced from criterion's releases.

criterion-plot-v0.8.2

Other

  • Update Readme

criterion-v0.8.2

Fixed

  • don't build alloca on unsupported targets

Other

  • (deps) bump crate-ci/typos from 1.40.0 to 1.43.0
  • Fix panic with uniform iteration durations in benchmarks
  • Update Readme
  • Exclude development scripts from published package
Changelog

Sourced from criterion's changelog.

0.8.2 - 2026-02-04

Fixed

  • don't build alloca on unsupported targets

Other

  • (deps) bump crate-ci/typos from 1.40.0 to 1.43.0
  • Fix panic with uniform iteration durations in benchmarks
  • Update Readme
  • Exclude development scripts from published package
Commits
  • 7f0d745 chore: release v0.8.2
  • 4a467ce chore(deps): bump crate-ci/typos from 1.40.0 to 1.43.0
  • b277a75 Fix panic with uniform iteration durations in benchmarks
  • 828af14 fix: don't build alloca on unsupported targets
  • b01316b Update Readme
  • 4c02a3b Exclude development scripts from published package
  • See full diff in compare view

Updates toml_edit from 0.22.27 to 0.25.0+spec-1.1.0

Commits
  • a8dac20 chore: Release
  • 34fe772 chore: Release
  • 7fa8e0d docs: Update changelog
  • 1fb6eba fix(serde)!: Allow borrowed keys and values (#1099)
  • 9fe1ab1 fix(serde)!: Allow borrowed values
  • 5154d6d fix(serde)!: Allow borrowed keys
  • a51f752 test(serde): Verify borrowing
  • dc7d979 feat(datetime)!: Track optional seconds, nanoseconds (#1098)
  • b09eace feat(datetime)!: Track optional seconds, nanoseconds
  • 82396e7 test(dateime): Verify Display
  • Additional commits viewable in compare view

Updates zip from 0.6.6 to 7.4.0

Release notes

Sourced from zip's releases.

v7.4.0

🚀 Features

  • Increase MSRV to 1.88 and update dependencies (#626)

v7.3.0

🚀 Features

  • cleanup the benchs and Cargo.toml (#606)
  • Add support for per-file comments (#543)

🐛 Bug Fixes

  • Document feature unreserved and make the mapping of extra fields public (#616)
  • Return an error if abort_file() fails when exceeding non-large-file limit (#598)

⚙️ Miscellaneous Tasks

  • Bump version to 7.3.0 (semver checks fail if it's still 7.3.0-pre1)

v7.3.0-pre1

🐛 Bug Fixes

  • Reject empty ZipCrypto password when encrypting files (can still be used when decrypting)
  • make zip crate safer and more readable (#536)

⚡ Performance

  • Optimizations for CP437 conversion (#559)

⚙️ Miscellaneous Tasks

  • Trigger release 7.3.0-pre1 to reset cargo-semver-checks baseline

v7.2.0

🚀 Features

  • add read_zipfile_from_stream_with_compressed_size (#70)
  • Allow choosing bzip2 rust backend (#329)

🐛 Bug Fixes

  • Need to include zip64 extra field in central directory (fix #353) (#360)
  • Fails to extract file which might or might not be malformed (#376) (#426)
  • (aes) Allow AES encryption while streaming (#463)
  • Default "platform" field in zip files should be set to the local platform, rather than always "Unix" (#470) (#471)

🚜 Refactor

  • Define cfg_if! and cfg_if_expr! internal macros (#438)

... (truncated)

Changelog

Sourced from zip's changelog.

7.4.0 - 2026-02-05

🚀 Features

  • Increase MSRV to 1.88 and update dependencies (#626)

7.3.0 - 2026-02-04

🚀 Features

  • cleanup the benchmarks and Cargo.toml (#606)
  • Add support for per-file comments (#543)

🐛 Bug Fixes

  • Document feature unreserved and make the mapping of extra fields public (#616)
  • Return an error if abort_file() fails when exceeding non-large-file limit (#598)

⚙️ Miscellaneous Tasks

  • Bump version to 7.3.0 (semver checks fail if it's still 7.3.0-pre1)

7.3.0-pre1 - 2026-01-27

🐛 Bug Fixes

  • Reject empty ZipCrypto password when encrypting files (can still be used when decrypting)
  • make zip crate safer and more readable (#536)

⚡ Performance

  • Optimizations for CP437 conversion (#559)

⚙️ Miscellaneous Tasks

  • Trigger release 7.3.0-pre1 to reset cargo-semver-checks baseline

7.2.0 - 2026-01-20

🚀 Features

  • add read_zipfile_from_stream_with_compressed_size (#70)
  • Allow choosing bzip2 rust backend (#329)

🐛 Bug Fixes

  • Need to include zip64 extra field in central directory (fix #353) (#360)
  • Fails to extract file which might or might not be malformed (#376) (#426)
  • (aes) Allow AES encryption while streaming (#463)
  • Default "platform" field in zip files should be set to the local platform, rather than always "Unix" (#470) (#471)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Feb 11, 2026
This was referenced Feb 11, 2026
Closed
Closed
Closed
Closed
Closed
@anakrish
Copy link
Collaborator

anakrish commented Feb 12, 2026

@dependabot rebase

@dependabot
build(deps): bump the per-dependency group with 9 updates
77dc01c 
Bumps the per-dependency group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.100` | `1.0.101` |
| [spin](https://github.com/mvdnes/spin-rs) | `0.9.8` | `0.10.0` |
| [regex](https://github.com/rust-lang/regex) | `1.12.2` | `1.12.3` |
| [jsonschema](https://github.com/Stranger6667/jsonschema) | `0.30.0` | `0.41.0` |
| [rand](https://github.com/rust-random/rand) | `0.9.2` | `0.10.0` |
| [clap](https://github.com/clap-rs/clap) | `4.5.56` | `4.5.58` |
| [criterion](https://github.com/criterion-rs/criterion.rs) | `0.8.1` | `0.8.2` |
| [toml_edit](https://github.com/toml-rs/toml) | `0.22.27` | `0.25.0+spec-1.1.0` |
| [zip](https://github.com/zip-rs/zip2) | `0.6.6` | `7.4.0` |


Updates `anyhow` from 1.0.100 to 1.0.101
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.100...1.0.101)

Updates `spin` from 0.9.8 to 0.10.0
- [Changelog](https://github.com/zesterer/spin-rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mvdnes/spin-rs/commits)

Updates `regex` from 1.12.2 to 1.12.3
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](rust-lang/regex@1.12.2...1.12.3)

Updates `jsonschema` from 0.30.0 to 0.41.0
- [Release notes](https://github.com/Stranger6667/jsonschema/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md)
- [Commits](Stranger6667/jsonschema@rust-v0.30.0...rust-v0.41.0)

Updates `rand` from 0.9.2 to 0.10.0
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand@rand_core-0.9.2...0.10.0)

Updates `clap` from 4.5.56 to 4.5.58
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete-v4.5.56...clap_complete-v4.5.58)

Updates `criterion` from 0.8.1 to 0.8.2
- [Release notes](https://github.com/criterion-rs/criterion.rs/releases)
- [Changelog](https://github.com/criterion-rs/criterion.rs/blob/master/CHANGELOG.md)
- [Commits](criterion-rs/criterion.rs@criterion-v0.8.1...criterion-v0.8.2)

Updates `toml_edit` from 0.22.27 to 0.25.0+spec-1.1.0
- [Commits](toml-rs/toml@v0.22.27...v0.25.0)

Updates `zip` from 0.6.6 to 7.4.0
- [Release notes](https://github.com/zip-rs/zip2/releases)
- [Changelog](https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zip-rs/zip2/commits/v7.4.0)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-version: 1.0.101
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: per-dependency
- dependency-name: spin
  dependency-version: 0.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: per-dependency
- dependency-name: regex
  dependency-version: 1.12.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: per-dependency
- dependency-name: jsonschema
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: per-dependency
- dependency-name: rand
  dependency-version: 0.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: per-dependency
- dependency-name: clap
  dependency-version: 4.5.58
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: per-dependency
- dependency-name: criterion
  dependency-version: 0.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: per-dependency
- dependency-name: toml_edit
  dependency-version: 0.25.0+spec-1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: per-dependency
- dependency-name: zip
  dependency-version: 7.4.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: per-dependency
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/per-dependency-1ed01a8c08 branch from 57c1d4f to 77dc01c Compare February 12, 2026 22:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@anakrish