WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

Bump the all-updates group across 1 directory with 15 updates #160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump the all-updates group across 1 directory with 15 updates #160

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 17, 2025
edited
Loading

Bumps the all-updates group with 13 updates in the /core directory:

Package From To
anyhow 1.0.98 1.0.100
tokio 1.47.0 1.48.0
tonic 0.14.0 0.14.2
tonic-prost 0.14.0 0.14.2
tonic-reflection 0.14.0 0.14.2
tonic-build 0.14.0 0.14.2
tracing-subscriber 0.3.19 0.3.20
bytemuck 1.23.2 1.24.0
tonic-prost-build 0.14.0 0.14.2
aya-ebpf 44ec978 d238b2e
which 7.0.3 8.0.0
bytes 1.10.1 1.11.0
libc 0.2.174 0.2.177

Updates anyhow from 1.0.98 to 1.0.100

Release notes

Sourced from anyhow's releases.

1.0.100

  • Teach clippy to lint formatting arguments in bail!, ensure!, anyhow! (#426)

1.0.99

  • Allow build-script cleanup failure with NFSv3 output directory to be non-fatal (#420)
Commits
  • 18c2598 Release 1.0.100
  • f271988 Merge pull request #426 from dtolnay/clippyfmt
  • 52f2115 Mark macros with clippy::format_args
  • da5fd9d Raise minimum tested compiler to rust 1.76
  • 211e409 Opt in to generate-macro-expansion when building on docs.rs
  • b48fc02 Enforce trybuild >= 1.0.108
  • d5f59fb Update ui test suite to nightly-2025-09-07
  • 238415d Update ui test suite to nightly-2025-08-24
  • 3bab070 Update actions/checkout@v4 -> v5
  • 4249254 Order cap-lints flag in the same order as thiserror build script
  • Additional commits viewable in compare view

Updates tokio from 1.47.0 to 1.48.0

Release notes

Sourced from tokio's releases.

Tokio v1.48.0

1.48.0 (October 14th, 2025)

The MSRV is increased to 1.71.

Added

  • fs: add File::max_buf_size (#7594)
  • io: export Chain of AsyncReadExt::chain (#7599)
  • net: add SocketAddr::as_abstract_name (#7491)
  • net: add TcpStream::quickack and TcpStream::set_quickack (#7490)
  • net: implement AsRef<Self> for TcpStream and UnixStream (#7573)
  • task: add LocalKey::try_get (#7666)
  • task: implement Ord for task::Id (#7530)

Changed

  • deps: bump windows-sys to version 0.61 (#7645)
  • fs: preserve max_buf_size when cloning a File (#7593)
  • macros: suppress clippy::unwrap_in_result in #[tokio::main] (#7651)
  • net: remove PollEvented noise from Debug formats (#7675)
  • process: upgrade Command::spawn_with to use FnOnce (#7511)
  • sync: remove inner mutex in SetOnce (#7554)
  • sync: use UnsafeCell::get_mut in Mutex::get_mut and RwLock::get_mut (#7569)
  • time: reduce the generated code size of Timeout<T>::poll (#7535)

Fixed

  • macros: fix hygiene issue in join! and try_join! (#7638)
  • net: fix copy/paste errors in udp peek methods (#7604)
  • process: fix error when runtime is shut down on nightly-2025-10-12 (#7672)
  • runtime: use release ordering in wake_by_ref() even if already woken (#7622)
  • sync: close the broadcast::Sender in broadcast::Sender::new() (#7629)
  • sync: fix implementation of unused RwLock::try_* methods (#7587)

Unstable

  • tokio: use cargo features instead of --cfg flags for taskdump and io_uring (#7655, #7621)
  • fs: support io_uring in fs::write (#7567)
  • fs: support io_uring with File::open() (#7617)
  • fs: support io_uring with OpenOptions (#7321)
  • macros: add local runtime flavor (#7375, #7597)

Documented

  • io: clarify the zero capacity case of AsyncRead::poll_read (#7580)
  • io: fix typos in the docs of AsyncFd readiness guards (#7583)
  • net: clarify socket gets closed on drop (#7526)
  • net: clarify the behavior of UCred::pid() on Cygwin (#7611)
  • net: clarify the supported platform of set_reuseport() and reuseport() (#7628)

... (truncated)

Commits
  • 556820f chore: prepare Tokio v1.48.0 (#7677)
  • fd1659a chore: prepare tokio-macros v2.6.0 (#7676)
  • 53e8aca ci: update nightly version to 2025-10-12 (#7670)
  • 9e5527d process: fix error when runtime is shut down on nightly-2025-10-12 (#7672)
  • 25a24de net: remove PollEvented noise from Debug formats (#7675)
  • c1fa25f task: clarify the behavior of several spawn_local methods (#7669)
  • e7e02fc fs: use FileOptions inside fs::File to support uring (#7617)
  • f7a7f62 ci: remove cargo-deny Unicode-DFS-2016 license exception config (#7619)
  • d1f1499 tokio: use cargo feature for taskdump support instead of cfg (#7655)
  • ad6f618 runtime: clarify the behavior of Handle::block_on (#7665)
  • Additional commits viewable in compare view

Updates tonic from 0.14.0 to 0.14.2

Release notes

Sourced from tonic's releases.

v0.14.2

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.1...v0.14.2

v0.14.1

Notable change is to relax the accidental MSRV bump in the last release.

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.0...v0.14.1

Commits

Updates tonic-prost from 0.14.0 to 0.14.2

Release notes

Sourced from tonic-prost's releases.

v0.14.2

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.1...v0.14.2

v0.14.1

Notable change is to relax the accidental MSRV bump in the last release.

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.0...v0.14.1

Commits

Updates tonic-reflection from 0.14.0 to 0.14.2

Release notes

Sourced from tonic-reflection's releases.

v0.14.2

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.1...v0.14.2

v0.14.1

Notable change is to relax the accidental MSRV bump in the last release.

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.0...v0.14.1

Commits

Updates tonic-build from 0.14.0 to 0.14.2

Release notes

Sourced from tonic-build's releases.

v0.14.2

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.1...v0.14.2

v0.14.1

Notable change is to relax the accidental MSRV bump in the last release.

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.0...v0.14.1

Commits

Updates tracing-subscriber from 0.3.19 to 0.3.20

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.20

Security Fix: ANSI Escape Sequence Injection (CVE-TBD)

Impact

Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:

  • Manipulate terminal title bars
  • Clear screens or modify terminal display
  • Potentially mislead users through terminal manipulation

In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.

Solution

Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.

Affected Versions

All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.

Recommendations

Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:

  • Logs user-provided input (form data, HTTP headers, query parameters, etc.)
  • Runs in environments where terminal output is displayed to users

Migration

This is a patch release with no breaking API changes. Simply update your Cargo.toml:

[dependencies]
tracing-subscriber = "0.3.20"

Acknowledgments

We would like to thank zefr0x who responsibly reported the issue at [email protected].

If you believe you have found a security vulnerability in any tokio-rs project, please email us at [email protected].

Commits

Updates bytemuck from 1.23.2 to 1.24.0

Changelog

Sourced from bytemuck's changelog.

bytemuck changelog

1.24

Commits

Updates bytemuck_derive from 1.10.1 to 1.10.2

Commits

Updates tonic-prost-build from 0.14.0 to 0.14.2

Release notes

Sourced from tonic-prost-build's releases.

v0.14.2

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.1...v0.14.2

v0.14.1

Notable change is to relax the accidental MSRV bump in the last release.

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.0...v0.14.1

Commits

Updates aya-ebpf from 44ec978 to d238b2e

Commits
  • d238b2e Release crates
  • acb1ddd docs: Add release documentation
  • 75cd7e8 build(deps): bump DavidAnson/markdownlint-cli2-action
  • 7a8ad14 Add macos-latest
  • 46221ad probe: use RAII to clean up in the error path
  • 72810f0 aya: ProbeKind is Entry/Return
  • a4a3c16 probe: use exhaustive matches
  • 1944c4a perf_event: refactor perf_event_open_trace_point
  • d4b2dde perf_event: inline perf_event_open_bpf
  • 7e07f85 perf_attach: privatize PerfLink
  • Additional commits viewable in compare view

Updates aya-log-ebpf from 44ec978 to d238b2e

Commits
  • d238b2e Release crates
  • acb1ddd docs: Add release documentation
  • 75cd7e8 build(deps): bump DavidAnson/markdownlint-cli2-action
  • 7a8ad14 Add macos-latest
  • 46221ad probe: use RAII to clean up in the error path
  • 72810f0 aya: ProbeKind is Entry/Return
  • a4a3c16 probe: use exhaustive matches
  • 1944c4a perf_event: refactor perf_event_open_trace_point
  • d4b2dde perf_event: inline perf_event_open_bpf
  • 7e07f85 perf_attach: privatize PerfLink
  • Additional commits viewable in compare view

Updates which from 7.0.3 to 8.0.0

Release notes

Sourced from which's releases.

8.0.0

What's Changed

  • Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks @​dsherret for this contribution to which!
  • Add more debug level tracing for otherwise silent I/O errors.
  • Call the NonFatalHandler in more places to catch previously ignored I/O errors.
  • Remove use of the either dependency.

New Contributors

Changelog

Sourced from which's changelog.

8.0.0

  • Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks @​dsherret for this contribution to which!
  • Add more debug level tracing for otherwise silent I/O errors.
  • Call the NonFatalHandler in more places to catch previously ignored I/O errors.
  • Remove use of the either dependency.
Commits
  • adac2cd bump version, update changelog
  • 84e152e reduce sys::Sys requirements, add some tracing for otherwise silent errors (#...
  • a0a6daf feat: add Sys trait for swapping out system (#109)
  • eef1998 Add actively maintained badge
  • See full diff in compare view

Updates bytes from 1.10.1 to 1.11.0

Release notes

Sourced from bytes's releases.

Bytes v1.11.0

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Changelog

Sourced from bytes's changelog.

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Commits

Updates libc from 0.2.174 to 0.2.177

Release notes

Sourced from libc's releases.

0.2.177

Added

  • Apple: Add TIOCGETA, TIOCSETA, TIOCSETAW, TIOCSETAF constants (#4736)
  • Apple: Add pthread_cond_timedwait_relative_np (#4719)
  • BSDs: Add _CS_PATH constant (#4738)
  • Linux-like: Add SIGEMT for mips* and sparc* architectures (#4730)
  • OpenBSD: Add elf_aux_info (#4729)
  • Redox: Add more sysconf constants (#4728)
  • Windows: Add wcsnlen (#4721)

Changed

  • WASIP2: Invert conditional to include p2 APIs (#4733)

0.2.176

Support

  • The default FreeBSD version has been raised from 11 to 12. This matches rustc since 1.78. (#2406)
  • Debug is now always implemented, rather than being gated behind the extra_traits feature. (#4624)

Added

@dependabot
Bump the all-updates group across 1 directory with 15 updates
d96bdf4 
Bumps the all-updates group with 13 updates in the /core directory:

| Package | From | To |
| --- | --- | --- |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.98` | `1.0.100` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.47.0` | `1.48.0` |
| [tonic](https://github.com/hyperium/tonic) | `0.14.0` | `0.14.2` |
| [tonic-prost](https://github.com/hyperium/tonic) | `0.14.0` | `0.14.2` |
| [tonic-reflection](https://github.com/hyperium/tonic) | `0.14.0` | `0.14.2` |
| [tonic-build](https://github.com/hyperium/tonic) | `0.14.0` | `0.14.2` |
| [tracing-subscriber](https://github.com/tokio-rs/tracing) | `0.3.19` | `0.3.20` |
| [bytemuck](https://github.com/Lokathor/bytemuck) | `1.23.2` | `1.24.0` |
| [tonic-prost-build](https://github.com/hyperium/tonic) | `0.14.0` | `0.14.2` |
| [aya-ebpf](https://github.com/aya-rs/aya) | ``44ec978`` | ``d238b2e`` |
| [which](https://github.com/harryfei/which-rs) | `7.0.3` | `8.0.0` |
| [bytes](https://github.com/tokio-rs/bytes) | `1.10.1` | `1.11.0` |
| [libc](https://github.com/rust-lang/libc) | `0.2.174` | `0.2.177` |



Updates `anyhow` from 1.0.98 to 1.0.100
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.98...1.0.100)

Updates `tokio` from 1.47.0 to 1.48.0
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.47.0...tokio-1.48.0)

Updates `tonic` from 0.14.0 to 0.14.2
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.0...v0.14.2)

Updates `tonic-prost` from 0.14.0 to 0.14.2
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.0...v0.14.2)

Updates `tonic-reflection` from 0.14.0 to 0.14.2
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.0...v0.14.2)

Updates `tonic-build` from 0.14.0 to 0.14.2
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.0...v0.14.2)

Updates `tracing-subscriber` from 0.3.19 to 0.3.20
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](tokio-rs/tracing@tracing-subscriber-0.3.19...tracing-subscriber-0.3.20)

Updates `bytemuck` from 1.23.2 to 1.24.0
- [Changelog](https://github.com/Lokathor/bytemuck/blob/main/changelog.md)
- [Commits](Lokathor/bytemuck@v1.23.2...v1.24.0)

Updates `bytemuck_derive` from 1.10.1 to 1.10.2
- [Changelog](https://github.com/Lokathor/bytemuck/blob/main/changelog.md)
- [Commits](Lokathor/bytemuck@bytemuck_derive-v1.10.1...bytemuck_derive-v1.10.2)

Updates `tonic-prost-build` from 0.14.0 to 0.14.2
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.0...v0.14.2)

Updates `aya-ebpf` from `44ec978` to `d238b2e`
- [Release notes](https://github.com/aya-rs/aya/releases)
- [Commits](aya-rs/aya@44ec978...d238b2e)

Updates `aya-log-ebpf` from `44ec978` to `d238b2e`
- [Release notes](https://github.com/aya-rs/aya/releases)
- [Commits](aya-rs/aya@44ec978...d238b2e)

Updates `which` from 7.0.3 to 8.0.0
- [Release notes](https://github.com/harryfei/which-rs/releases)
- [Changelog](https://github.com/harryfei/which-rs/blob/master/CHANGELOG.md)
- [Commits](harryfei/which-rs@7.0.3...8.0.0)

Updates `bytes` from 1.10.1 to 1.11.0
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.0)

Updates `libc` from 0.2.174 to 0.2.177
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/0.2.177/CHANGELOG.md)
- [Commits](rust-lang/libc@0.2.174...0.2.177)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-version: 1.0.100
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tokio
  dependency-version: 1.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-updates
- dependency-name: tonic
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tonic-prost
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tonic-reflection
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tonic-build
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tracing-subscriber
  dependency-version: 0.3.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: bytemuck
  dependency-version: 1.24.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-updates
- dependency-name: bytemuck_derive
  dependency-version: 1.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tonic-prost-build
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: aya-ebpf
  dependency-version: d238b2ea6f1b2c1aa09a9050415b1c96329af0aa
  dependency-type: direct:production
  dependency-group: all-updates
- dependency-name: aya-log-ebpf
  dependency-version: d238b2ea6f1b2c1aa09a9050415b1c96329af0aa
  dependency-type: direct:production
  dependency-group: all-updates
- dependency-name: which
  dependency-version: 8.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-updates
- dependency-name: bytes
  dependency-version: 1.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-updates
- dependency-name: libc
  dependency-version: 0.2.177
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Nov 17, 2025
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Nov 17, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 8, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@LorenzoTettamanti LorenzoTettamanti Awaiting requested review from LorenzoTettamanti LorenzoTettamanti is a code owner

@lorebrada lorebrada Awaiting requested review from lorebrada lorebrada is a code owner

Assignees

@LorenzoTettamanti LorenzoTettamanti

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@LorenzoTettamanti