build(deps): bump serde from 1.0.198 to 1.0.199

[dependabot]

Bumps serde from 1.0.198 to 1.0.199.

Release notes

Sourced from serde's releases.

v1.0.199

• Fix ambiguous associated item when forward_to_deserialize_any! is used on an enum with Error variant (#2732, thanks @​aatifsyed)

Commits

• 1477028 Release 1.0.199
• 789740b Merge pull request #2732 from aatifsyed/master
• 8fe7539 fix: ambiguous associated type in forward_to_deserialize_any!
• f6623a3 Ignore cast_precision_loss pedantic clippy lint
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[mpizenberg]

Is there a way to configure it such that only important upgrades are proposed? Such as security updates? Or at least reduce the frequency of its interventions to something like a month? I think if we are never more than a month late on the latest releases of XYZ it's probably fine?

…

On Mon, Apr 29, 2024 at 5:37 AM dependabot[bot] ***@***.***> wrote: Bumps serde <https://github.com/serde-rs/serde> from 1.0.198 to 1.0.199. Release notes *Sourced from serde's releases <https://github.com/serde-rs/serde/releases>.* v1.0.199 - Fix ambiguous associated item when forward_to_deserialize_any! is used on an enum with Error variant (#2732 <https://redirect.github.com/serde-rs/serde/issues/2732>, thanks @​aatifsyed <https://github.com/aatifsyed>) Commits - 1477028 <serde-rs/serde@1477028> Release 1.0.199 - 789740b <serde-rs/serde@789740b> Merge pull request #2732 <https://redirect.github.com/serde-rs/serde/issues/2732> from aatifsyed/master - 8fe7539 <serde-rs/serde@8fe7539> fix: ambiguous associated type in forward_to_deserialize_any! - f6623a3 <serde-rs/serde@f6623a3> Ignore cast_precision_loss pedantic clippy lint - See full diff in compare view <serde-rs/serde@v1.0.198...v1.0.199> [image: Dependabot compatibility score] <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. ------------------------------ Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - @dependabot rebase will rebase this PR - @dependabot recreate will recreate this PR, overwriting any edits that have been made to it - @dependabot merge will merge this PR after your CI passes on it - @dependabot squash and merge will squash and merge this PR after your CI passes on it - @dependabot cancel merge will cancel a previously requested merge and block automerging - @dependabot reopen will reopen this PR if it is closed - @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency - @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) ------------------------------ You can view, comment on, or merge this pull request online at: #212 Commit Summary - 750f27a <750f27a> build(deps): bump serde from 1.0.198 to 1.0.199 File Changes (1 file <https://github.com/pubgrub-rs/pubgrub/pull/212/files>) - *M* Cargo.lock <https://github.com/pubgrub-rs/pubgrub/pull/212/files#diff-13ee4b2252c9e516a0547f2891aa2105c3ca71c6d7a1e682c69be97998dfc87e> (8) Patch Links: - https://github.com/pubgrub-rs/pubgrub/pull/212.patch - https://github.com/pubgrub-rs/pubgrub/pull/212.diff — Reply to this email directly, view it on GitHub <#212>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAWFOCONA5O52EAP6OI2V2LY7W57HAVCNFSM6AAAAABG5R7Q4CVHI2DSMVQWIX3LMV43ASLTON2WKOZSGI3DQMBVGQ3DSOI> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[konstin]

You can set the interval to monthly at

pubgrub/.github/dependabot.yml

Line 16 in 34bf75c

interval: "weekly"

[dependabot]

Superseded by #215.