Skip to content

Bump the all-dependencies-cargo group with 5 updates #304

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the all-dependencies-cargo group with 5 updates #304

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 1, 2026

Bumps the all-dependencies-cargo group with 5 updates:

Package From To
toml 0.9.8 0.9.10+spec-1.1.0
serde_json 1.0.145 1.0.148
git2 0.20.2 0.20.3
openssl-probe 0.1.6 0.2.0
reqwest 0.12.24 0.13.1

Updates toml from 0.9.8 to 0.9.10+spec-1.1.0

Commits
  • e32c7a2 chore: Release
  • df1c328 docs: Update changelog
  • b826cf4 feat(edit)!: Allow set_position(None) (#1080)
  • 8043f20 feat(edit)!: Allow set_position(None)
  • a02c0db feat: Support TOML 1.1 (#1079)
  • 5cfb838 feat(edit): Support TOML 1.1
  • 1eb4d60 feat(toml): Support TOML 1.1
  • 695d788 feat(edit)!: Multi-line inline tables with trailing commas
  • cc4f7ac feat(toml): Multi-line inline tables with trailing commas
  • 539f8c1 feat(datetime): Make seconds optional
  • Additional commits viewable in compare view

Updates serde_json from 1.0.145 to 1.0.148

Release notes

Sourced from serde_json's releases.

v1.0.148

  • Update zmij dependency to 1.0

v1.0.147

  • Switch float-to-string algorithm from Ryū to Żmij for better f32 and f64 serialization performance (#1304)

v1.0.146

Commits

Updates git2 from 0.20.2 to 0.20.3

Changelog

Sourced from git2's changelog.

0.20.3 - 2025-12-06

0.20.2...0.20.3

Changed

  • Bumped requirement to libgit2-sys 0.18.3, which updates libgit2 from 1.9.0 to 1.9.2. #1197
Commits

Updates openssl-probe from 0.1.6 to 0.2.0

Release notes

Sourced from openssl-probe's releases.

0.2.0 is the first release after openssl-probe maintenance has been handed over to the rustls team. Thanks to @​alexcrichton for creating and maintaining it for the past 9 years. We're happy to address any feedback you have for this crate.

Breaking changes

  • ProbeResult::cert_dir is now a Vec<PathBuf> rather than an Option<PathBuf>, allowing the library to yield multiple suggestions for directories which may contain certificate files.
  • Rather than using a single list of locations for certificate files and certificate directories, openssl-probe now uses much shorter per-platform lists. This should make the API faster and make it less likely to accidentally pick up locations that are unidiomatic for the platform.
  • Removed deprecated API

What's Changed

Commits
  • a03745e Yield multiple certificate directories
  • 994e183 Use platform-specific directories
  • 0e10789 Use per-platform definitions of CERTIFICATE_FILE_NAMES
  • a0ae1a2 Use full paths for CERTIFICATE_FILE_NAMES
  • c1c80e6 Extract consts for file and directory lists
  • 96e19a8 Move probe_from_env() to ProbeResult::from_env()
  • f2d158e Use top-down item ordering
  • d4c29ef Remove trivial wrapper function
  • 4645a45 Bump version to 0.2.0
  • 3fcf47a Remove deprecated functions
  • See full diff in compare view

Updates reqwest from 0.12.24 to 0.13.1

Release notes

Sourced from reqwest's releases.

v0.13.1

What's Changed

Full Changelog: seanmonstar/reqwest@v0.13.0...v0.13.1

v0.13.0

Breaking changes

  • rustls is now the default TLS backend, instead of native-tls.
  • rustls crypto provider defaults to aws-lc instead of ring. (rustls-no-provider exists if you want a different crypto provider)
  • rustls-tls has been renamed to rustls.
  • rustls roots features removed, rustls-platform-verifier is used by default.
    • To use different roots, call tls_certs_only(your_roots).
  • native-tls now includes ALPN. To disable, use native-tls-no-alpn.
  • query and form are now crate features, disabled by default.
  • Long-deprecated methods and crate features have been removed (such as trust-dns, which was renamed hickory-dns a while ago).
  • Many TLS-related methods renamed to improve autocompletion and discovery, but previous name left in place with a "soft" deprecation. (just documented, no warnings)
    • For example, prefer tls_backend_rustls() over use_rustls_tls().

Pull Requests in General

New Contributors

Full Changelog: seanmonstar/reqwest@v0.12.28...v0.13.0

v0.13.0-rc.1

👀 Discussion here if you give it try, thanks!

Main breaking changes

  • rustls is now default instead of native-tls
  • rustls provider defaults to aws-lc instead of ring (rustls-no-provider exists if you want to enable a different one)
  • rustls-tls renamed to rustls
  • rustls roots features removed, platform-verifier is used instead

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.13.1

  • Fixes compiling with rustls on Android targets.

v0.13.0

  • Breaking changes:
    • rustls is now the default TLS backend, instead of native-tls.
    • rustls crypto provider defaults to aws-lc instead of ring. (rustls-no-provider exists if you want a different crypto provider)
    • rustls-tls has been renamed to rustls.
    • rustls roots features removed, rustls-platform-verifier is used by default.
      • To use different roots, call tls_certs_only(your_roots).
    • native-tls now includes ALPN. To disable, use native-tls-no-alpn.
    • query and form are now crate features, disabled by default.
    • Long-deprecated methods and crate features have been removed (such as trust-dns, which was renamed hickory-dns a while ago).
  • Many TLS-related methods renamed to improve autocompletion and discovery, but previous name left in place with a "soft" deprecation. (just documented, no warnings)
    • For example, prefer tls_backend_rustls() over use_rustls_tls().

v0.12.28

  • Fix compiling on Windows if TLS and SOCKS features are not enabled.

v0.12.27

  • Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Piper.

v0.12.26

  • Fix sending Accept-Encoding header only with values configured with reqwest, regardless of underlying tower-http config.

v0.12.25

  • Add Error::is_upgrade() to determine if the error was from an HTTP upgrade.
  • Fix sending Proxy-Authorization if only username is configured.
  • Fix sending Proxy-Authorization to HTTPS proxies when the target is HTTP.
  • Refactor internal decompression handling to use tower-http.
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all-dependencies-cargo group with 5 updates
3920688 
Bumps the all-dependencies-cargo group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [toml](https://github.com/toml-rs/toml) | `0.9.8` | `0.9.10+spec-1.1.0` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.145` | `1.0.148` |
| [git2](https://github.com/rust-lang/git2-rs) | `0.20.2` | `0.20.3` |
| [openssl-probe](https://github.com/alexcrichton/openssl-probe) | `0.1.6` | `0.2.0` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.12.24` | `0.13.1` |


Updates `toml` from 0.9.8 to 0.9.10+spec-1.1.0
- [Commits](toml-rs/toml@toml-v0.9.8...toml-v0.9.10)

Updates `serde_json` from 1.0.145 to 1.0.148
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.145...v1.0.148)

Updates `git2` from 0.20.2 to 0.20.3
- [Changelog](https://github.com/rust-lang/git2-rs/blob/git2-0.20.3/CHANGELOG.md)
- [Commits](rust-lang/git2-rs@git2-0.20.2...git2-0.20.3)

Updates `openssl-probe` from 0.1.6 to 0.2.0
- [Release notes](https://github.com/alexcrichton/openssl-probe/releases)
- [Commits](rustls/openssl-probe@0.1.6...0.2.0)

Updates `reqwest` from 0.12.24 to 0.13.1
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.12.24...v0.13.1)

---
updated-dependencies:
- dependency-name: toml
  dependency-version: 0.9.10+spec-1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies-cargo
- dependency-name: serde_json
  dependency-version: 1.0.148
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies-cargo
- dependency-name: git2
  dependency-version: 0.20.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies-cargo
- dependency-name: openssl-probe
  dependency-version: 0.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies-cargo
- dependency-name: reqwest
  dependency-version: 0.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies-cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jan 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant