Skip to content

Bump the cargo group across 1 directory with 9 updates#3

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/cargo-apk/cargo-3c2a54f3d3
Open

Bump the cargo group across 1 directory with 9 updates#3
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/cargo-apk/cargo-3c2a54f3d3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown

Bumps the cargo group with 1 update in the /cargo-apk directory: cargo.

Updates cargo from 0.70.1 to 0.96.0

Commits
  • f2d3ce0 [beta 1.95] Fix symlink_and_directory when running in a long target dir name ...
  • 066daaf Bump cargo-test-support version to 0.11.1
  • 5f5c355 Fix symlink_and_directory when running in a long target dir name (#16775)
  • 8b15816 [beta 1.95] Update tar to 0.4.45 (#16770)
  • e1fc8be Update tar to 0.4.45
  • 23e2412 Add a test for a tar file with a symlink and directory of the same name
  • e8eb843 [beta-1.95] Add missing truncate when writing .crate files (#16713)
  • ec49c75 Add missing truncate when writing .crate files (#16688)
  • 6ab9b00 [beta 1.95] backport test fixes (#16715)
  • 493d9c6 fix(script): surpress unused_features lint for embedded (#16714)
  • Additional commits viewable in compare view

Updates crossbeam-channel from 0.3.9 to 0.5.15

Release notes

Sourced from crossbeam-channel's releases.

crossbeam-channel 0.5.15

  • Fix regression introduced in 0.5.12 that can lead to a double free when dropping unbounded channel. (#1187)

crossbeam-channel 0.5.14

  • Fix stack overflow when sending large value to unbounded channel. (#1146, #1147)
  • Add Select::new_biased function. (#1150)
  • Remove inefficient spinning. (#1154)
  • Suppress buggy clippy::zero_repeat_side_effects lint in macro generated code. (#1123)

crossbeam-channel 0.5.13

  • Add select_biased! macro. (#1040)

crossbeam-channel 0.5.12

  • Fix memory leak in unbounded channel. (#1084)

crossbeam-channel 0.5.11

  • Remove dependency on cfg-if. (#1072)

crossbeam-channel 0.5.10

  • Relax the minimum supported Rust version to 1.60. (#1056)
  • Optimize Drop implementation of bounded channel. (#1057)

crossbeam-channel 0.5.9

  • Bump the minimum supported Rust version to 1.61. (#1037)

crossbeam-channel 0.5.8

  • Fix race condition in unbounded channel. (#972)

crossbeam-channel 0.5.7

  • Improve handling of very large timeout. (#953)

crossbeam-channel 0.5.6

  • Bump the minimum supported Rust version to 1.38. (#877)

crossbeam-channel 0.5.5

  • Replace Spinlock with Mutex. (#835)

crossbeam-channel 0.5.4

  • Workaround a bug in upstream related to TLS access on AArch64 Linux. (#802)

crossbeam-channel 0.5.3

  • Fix panic on very large timeout. (#798)

crossbeam-channel 0.5.2

  • Fix stacked borrows violations when -Zmiri-tag-raw-pointers is enabled. (#763, #764)

crossbeam-channel 0.5.1

  • Fix memory leak in unbounded channel. (#669)
Changelog

Sourced from crossbeam-channel's changelog.

Version 0.8.4

  • Remove dependency on cfg-if. (#1072)

Version 0.8.3

  • Bump the minimum supported Rust version to 1.61. (#1037)

Version 0.8.2

  • Bump the minimum supported Rust version to 1.38. (#877)

Version 0.8.1

  • Support targets that do not have atomic CAS on stable Rust (#698)

Version 0.8.0

  • Bump the minimum supported Rust version to 1.36.
  • Bump crossbeam-channel to 0.5.
  • Bump crossbeam-deque to 0.8.
  • Bump crossbeam-epoch to 0.9.
  • Bump crossbeam-queue to 0.3.
  • Bump crossbeam-utils to 0.8.

Version 0.7.3

  • Fix breakage with nightly feature due to rust-lang/rust#65214.
  • Bump crossbeam-channel to 0.4.
  • Bump crossbeam-epoch to 0.8.
  • Bump crossbeam-queue to 0.2.
  • Bump crossbeam-utils to 0.7.

Version 0.7.2

  • Bump crossbeam-channel to 0.3.9.
  • Bump crossbeam-epoch to 0.7.2.
  • Bump crossbeam-utils to 0.6.6.

Version 0.7.1

  • Bump crossbeam-utils to 0.6.5.

Version 0.7.0

  • Remove ArcCell, MsQueue, and TreiberStack.
  • Change the interface of ShardedLock to match RwLock.
  • Add SegQueue::len().
  • Rename SegQueue::try_pop() to SegQueue::pop().
  • Change the return type of SegQueue::pop() to Result.

... (truncated)

Commits
  • d35ffde Prepare for the next release
  • 6ec74ec crossbeam-channel: prevent double free on Drop (#1187)
  • ccd83ac Prepare for the next release
  • 54988eb Calculate layout in const context
  • 761d0b6 Port #1146 & #1147 to deque::Injector and queue::SegQueue
  • 8144fbb Remove optimistic spinning from Context::wait_until
  • a92f6c4 Bump peter-evans/create-pull-request from 5 to 7 (#1153)
  • 66d41a9 channel: Add new_biased constructor for biased channel selection (#1150)
  • d0d0a80 CachePadded: Use 128-byte alignment on arm64ec
  • f757eef Add comment about fixed rustc bug
  • Additional commits viewable in compare view

Updates git2 from 0.16.0 to 0.20.4

Changelog

Sourced from git2's changelog.

0.20.4 - 2026-02-02

0.20.3...0.20.4

Fixed

  • Fix undefined behavior when dereferencing empty Buf. #1213

0.20.3 - 2025-12-06

0.20.2...0.20.3

Changed

  • Bumped requirement to libgit2-sys 0.18.3, which updates libgit2 from 1.9.0 to 1.9.2. #1197

0.20.2 - 2025-05-05

0.20.1...0.20.2

Added

  • Added Status::WT_UNREADABLE. #1151

Fixed

  • Added missing codes for GIT_EDIRECTORY, GIT_EMERGECONFLICT, GIT_EUNCHANGED, GIT_ENOTSUPPORTED, and GIT_EREADONLY to Error::raw_code. #1153
  • Fixed missing initialization in Indexer::new. #1160

0.20.1 - 2025-03-17

0.20.0...0.20.1

Added

  • Added Repository::branch_upstream_merge() #1131
  • Added Index::conflict_get() #1134
  • Added Index::conflict_remove() #1133
  • Added opts::set_cache_object_limit() #1118
  • Added Repo::merge_file_from_index() and associated MergeFileOptions and MergeFileResult. #1062

Changed

  • The url dependency minimum raised to 2.5.4

... (truncated)

Commits
  • 8852d7d Merge pull request #1214 from weihanglo/backport-from-raw-parts
  • 0b274f7 Bump to 0.20.4
  • 73a5d5d Add test for dereference of an empty Buf
  • ce56683 fix: check ptr nullity before calling from_raw_parts
  • 7cf345c Merge pull request #1197 from ehuss/git2-0.20-br
  • dd41077 Bump git2 to 0.20.3
  • a6a58e2 Merge pull request #1195 from ehuss/update-libgit2
  • 1fb5f64 Merge pull request #1161 from ehuss/bump-version
  • 26bfd30 Update version of git2 to 0.20.2
  • eef4592 Merge pull request #1160 from ehuss/indexer-init
  • Additional commits viewable in compare view

Updates idna from 0.2.0 to 1.1.0

Release notes

Sourced from idna's releases.

idna v1.0.3

What's Changed

New Contributors

Full Changelog: servo/rust-url@v2.5.2...idna-v1.0.3

idna v1.0.1

What's Changed

Full Changelog: servo/rust-url@v2.5.1...idna-v1.0.1

Tagging idna v0.2.2

No release notes provided.

Commits

Updates libgit2-sys from 0.14.1+1.5.0 to 0.18.5+1.9.4

Changelog

Sourced from libgit2-sys's changelog.

Changelog

0.21.0 - 2026-05-18

0.20.4...main

Added

  • Added experimental SHA256 repository support behind the new unstable-sha256 Cargo feature, along with *_ext API variants that accept an ObjectFormat. #1206
  • Added opts::set_cache_max_size() and opts::get_cached_memory(). #1188
  • Added Repository::object_format() and a new ObjectFormat enum. #1204
  • Added Repository::set_config(). #1208
  • Added merge_file() along with MergeFileInput. #1210
  • Added Repository::refdb_compress() for packing loose refs. #1221
  • Added public Refdb type, along with Repository::refdb() and Repository::set_refdb(). Repository::refdb_compress() now delegates to Refdb::compress(). #1228
  • Added Revspec::into_objects(). #1230
  • Added BlameHunk::final_committer(), BlameHunk::orig_committer(), BlameHunk::summary(), and BlameHunk::summary_bytes(). #1231
  • Implemented Clone for Reference. #1233
  • Added Repository::author_from_env() and Repository::committer_from_env(). #1237
  • Added impl From<Utf8Error> for Error. #1239

Changed

  • ❗ The ssh, https, and cred Cargo features are no longer enabled by default. Previously default = ["ssh", "https"]; now default = []. Enable them explicitly if you rely on credential helpers or transport support. #1168
  • CredentialHelper and the url dependency are now gated behind the new cred Cargo feature. Enabling ssh or https transitively enables cred. #1168
  • ❗ Updated to the 2021 edition. #1173
  • ❗ Many string accessors that previously returned Option<&str> now return Result<&str, Error> or Result<Option<&str>, Error>, so callers can distinguish a missing value from a non-UTF-8 one. #1241
  • BlameHunk::final_signature, BlameHunk::final_committer, BlameHunk::orig_signature, and BlameHunk::orig_committer now return Option to avoid segfaults when signature information is missing.

... (truncated)

Commits

Updates rand from 0.7.2 to 0.9.4

Changelog

Sourced from rand's changelog.

[0.9.4] — 2026-04-13

Fixes

#1766: rust-random/rand#1766

[0.9.3] — 2026-04-11

This release back-ports a fix from v0.10. See also #1763.

Changes

  • Deprecate feature log (#1764)
  • Replace usages of doc_auto_cfg (#1764)

#1763: rust-random/rand#1763

[0.9.2] — 2025-07-20

Deprecated

  • Deprecate rand::rngs::mock module and StepRng generator (#1634)

Additions

  • Enable WeightedIndex<usize> (de)serialization (#1646)

[0.9.1] - 2025-04-17

Security and unsafe

  • Revise "not a crypto library" policy again (#1565)
  • Remove zerocopy dependency from rand (#1579)

Fixes

  • Fix feature simd_support for recent nightly rust (#1586)

Changes

  • Allow fn rand::seq::index::sample_weighted and fn IndexedRandom::choose_multiple_weighted to return fewer than amount results (#1623), reverting an undocumented change (#1382) to the previous release.

Additions

  • Add rand::distr::Alphabetic distribution. (#1587)
  • Re-export rand_core (#1604)

[0.9.0] - 2025-01-27

Security and unsafe

  • Policy: "rand is not a crypto library" (#1514)
  • Remove fork-protection from ReseedingRng and ThreadRng. Instead, it is recommended to call ThreadRng::reseed on fork. (#1379)
  • Use zerocopy to replace some unsafe code (#1349, #1393, #1446, #1502)

Dependencies

  • Bump the MSRV to 1.63.0 (#1207, #1246, #1269, #1341, #1416, #1536); note that 1.60.0 may work for dependents when using --ignore-rust-version
  • Update to rand_core v0.9.0 (#1558)

Features

  • Support std feature without getrandom or rand_chacha (#1354)
  • Enable feature small_rng by default (#1455)

... (truncated)

Commits

Updates tar from 0.4.41 to 0.4.46

Release notes

Sourced from tar's releases.

0.4.46

Security

See also GHSA-3cv2-h65g-fgmm

Other changes

New Contributors

Full Changelog: composefs/tar-rs@0.4.45...0.4.46

Commits
  • fc459c1 Release 0.4.46
  • 43e05a8 ci: Add crates.io trusted publishing workflow
  • bba5666 Update repo links
  • cd94c46 docs: Document TOCTOU / concurrent-mutation threat model
  • 1b4997c builder: Expand docs for follow_symlinks and append_dir_all
  • bab14dd archive: Fix another PAX header desync (GHSA-3cv2-h65g-fgmm)
  • 2349b49 Add support of absolute paths
  • 39d0311 Update some links
  • 59d803e Update astral-tokio-tar requirement from 0.5 to 0.6
  • 8296b9a ci: Fix and re-enable reverse dependency testing (#444)
  • Additional commits viewable in compare view

Updates thread_local from 0.3.6 to 1.1.9

Release notes

Sourced from thread_local's releases.

v1.1.9

Other

  • Add release-plz for automated releases
  • Remove once_cell dependency
  • Bump MSRV to 1.61
Changelog

Sourced from thread_local's changelog.

1.1.9 - 2025-06-12

Other

  • Add release-plz for automated releases
  • Remove once_cell dependency
  • Bump MSRV to 1.61
Commits

Updates time from 0.3.36 to 0.3.52

Release notes

Sourced from time's releases.

v0.3.52

See the changelog for details.

v0.3.51

See the changelog for details.

v0.3.49

See the changelog for details.

v0.3.48

See the changelog for details.

v0.3.47

See the changelog for details.

v0.3.46

See the changelog for details.

v0.3.45

See the changelog for details.

v0.3.44

See the changelog for details.

v0.3.43

See the changelog for details.

v0.3.42

See the changelog for details.

v0.3.41

See the changelog for details.

v0.3.40

See the changelog for details.

v0.3.39

See the changelog for details.

v0.3.38

See the changelog for details.

v0.3.37

See the changelog for details.

Changelog

Sourced from time's changelog.

0.3.52 [2026-06-30]

Fixed

  • Subsecond values in the time! macro are parsed using the textual representation, ensuring accuracy. Previously, they were parsed using the floating point representation, which could result in a loss of precision and even invalid values.
  • The date! macro could previously create an invalid value that would then panic at compile time. The macro now emits a proper error instead.
  • When parsing an invalid format description, an edge case would inadvertently panic. This now returns an error as intended.

Added

  • Support default values when parsing

0.3.51 [2026-06-22]

Fixed

  • time compiles with macros enabled. This version is otherwise identical to v0.3.50.

0.3.50 [2026-06-22] [YANKED]

This version was yanked because it would not compile when the macros feature was enabled.

Added

  • Timestamp type

Fixed

  • [year] in a runtime-parsed version 3 format description when the large-dates feature is not enabled now succeeds. This previously failed due to a missing #[cfg].

Performance

  • Further gains when parsing with the non-deprecated parts of the RFC 2822 well-known format
  • Gains when formatting with the ISO 8601 well-known format
  • Date arithmetic is improved in common situations

0.3.49 [2026-06-13]

Fixed

  • Due to a long-standing bug in the Rust compiler, v0.3.48 caused a number of crates to stop compiling. A patch has been added that avoids triggering the bug.

0.3.48 [2026-06-12] [YANKED]

... (truncated)

Commits
  • 7cf4780 v0.3.52 release
  • 0e5b04f Fix trusted publishing workflow
  • 6e4140a Support default values when parsing
  • 10ac36a Add more doctests to Timestamp
  • 6b0d468 Restore lexer depth on the unclosed-bracket error path
  • 0abc06d Add trusted publishing
  • 43cf0c0 Preferentially group shards by target
  • 749c0ad Bump number of shards for ordinary build
  • 24e6985 Run some CI steps in parallel
  • 0eda8a2 Shard powerset type checking
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the cargo group with 1 update in the /cargo-apk directory: [cargo](https://github.com/rust-lang/cargo).


Updates `cargo` from 0.70.1 to 0.96.0
- [Changelog](https://github.com/rust-lang/cargo/blob/master/CHANGELOG.md)
- [Commits](rust-lang/cargo@0.70.1...0.96.0)

Updates `crossbeam-channel` from 0.3.9 to 0.5.15
- [Release notes](https://github.com/crossbeam-rs/crossbeam/releases)
- [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/main/CHANGELOG.md)
- [Commits](crossbeam-rs/crossbeam@crossbeam-channel-0.3.9...crossbeam-channel-0.5.15)

Updates `git2` from 0.16.0 to 0.20.4
- [Changelog](https://github.com/rust-lang/git2-rs/blob/main/CHANGELOG.md)
- [Commits](rust-lang/git2-rs@git2-curl-0.16.0...git2-0.20.4)

Updates `idna` from 0.2.0 to 1.1.0
- [Release notes](https://github.com/servo/rust-url/releases)
- [Commits](https://github.com/servo/rust-url/commits)

Updates `libgit2-sys` from 0.14.1+1.5.0 to 0.18.5+1.9.4
- [Changelog](https://github.com/rust-lang/git2-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/git2-rs/commits)

Updates `rand` from 0.7.2 to 0.9.4
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/0.9.4/CHANGELOG.md)
- [Commits](rust-random/rand@0.7.2...0.9.4)

Updates `tar` from 0.4.41 to 0.4.46
- [Release notes](https://github.com/composefs/tar-rs/releases)
- [Commits](composefs/tar-rs@0.4.41...0.4.46)

Updates `thread_local` from 0.3.6 to 1.1.9
- [Release notes](https://github.com/Amanieu/thread_local-rs/releases)
- [Changelog](https://github.com/Amanieu/thread_local-rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Amanieu/thread_local-rs/commits/v1.1.9)

Updates `time` from 0.3.36 to 0.3.52
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](time-rs/time@v0.3.36...v0.3.52)

---
updated-dependencies:
- dependency-name: cargo
  dependency-version: 0.96.0
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: crossbeam-channel
  dependency-version: 0.5.15
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: git2
  dependency-version: 0.20.4
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: idna
  dependency-version: 1.1.0
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: libgit2-sys
  dependency-version: 0.18.5+1.9.4
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: rand
  dependency-version: 0.9.4
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: tar
  dependency-version: 0.4.46
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: thread_local
  dependency-version: 1.1.9
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: time
  dependency-version: 0.3.52
  dependency-type: indirect
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 30, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants