Skip to content

Bump the rust-dependencies group with 12 updates #1522

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the rust-dependencies group with 12 updates #1522

wants to merge 1 commit into from
+23 −23

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 10, 2025
edited
Loading

Bumps the rust-dependencies group with 12 updates:

Package From To
openssl 0.10.74 0.10.75
aws-config 1.8.8 1.8.10
aws-credential-types 1.2.8 1.2.9
pbkdf2 0.11.0 0.12.2
rustls 0.23.34 0.23.35
windows-sys 0.60.2 0.61.0
aws-runtime 1.5.13 1.5.14
aws-sdk-sts 1.89.0 1.90.0
cc 1.2.44 1.2.45
iri-string 0.7.8 0.7.9
openssl-sys 0.9.110 0.9.111
quote 1.0.41 1.0.42

Updates openssl from 0.10.74 to 0.10.75

Release notes

Sourced from openssl's releases.

openssl-v0.10.75

What's Changed

New Contributors

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.74...openssl-v0.10.75

Commits
  • 09b90d0 Merge pull request #2518 from alex/bump-for-release
  • 26533f3 Release openssl v0.10.75 and openssl-sys v0.9.111
  • 395ecca Merge pull request #2517 from alex/claude/fix-ocsp-find-status-011CUqcGFNKeKJ...
  • cc26867 Fix unsound OCSP find_status handling of optional next_update field
  • 95aa8e8 Merge pull request #2513 from botovq/libressl-stable
  • e735a32 CI: bump LibreSSL 4.x branches to latest releases
  • 21ab91d Merge pull request #2510 from huwcbjones/huw/sys/evp-mac
  • d9161dc sys/evp: add EVP_MAC symbols
  • 3fd4bf2 Merge pull request #2508 from goffrie/oaep-label
  • 52022fd Implement set_rsa_oaep_label for AWS-LC/BoringSSL
  • Additional commits viewable in compare view

Updates aws-config from 1.8.8 to 1.8.10

Commits

Updates aws-credential-types from 1.2.8 to 1.2.9

Commits

Updates pbkdf2 from 0.11.0 to 0.12.2

Commits

Updates rustls from 0.23.34 to 0.23.35

Commits
  • 7768cd2 Bump version to 0.23.35
  • 6ed925e Address nightly clippy::derivable_impls lints
  • 645095f Pass through attributes for enum_builder!
  • 90e28d6 fix: only add ocsp in ConfigBuilder::with_single_cert_with_ocsp if
  • See full diff in compare view

Updates windows-sys from 0.60.2 to 0.61.0

Release notes

Sourced from windows-sys's releases.

61

Major crate updates:

  • windows 0.59.0
  • windows-core 0.59.0
    • windows-implement 0.59.0
    • windows-interface 0.59.0
  • windows-targets 0.53.0
    • windows_i686_msvc 0.53.0
    • windows_x86_64_msvc 0.53.0
    • windows_aarch64_msvc 0.53.0
    • windows_i686_gnu 0.53.0
    • windows_x86_64_gnu 0.53.0
    • windows_i686_gnullvm 0.53.0
    • windows_x86_64_gnullvm 0.53.0
    • windows_aarch64_gnullvm 0.53.0
  • windows-bindgen 0.59.0
  • windows-registry 0.4.0
  • windows-result 0.3.0
  • windows-strings 0.3.0
  • cppwinrt 0.2.0

Minor crate updates:

  • windows-version 0.1.2

Excluded:

  • windows-sys 0.59.0

Things to keep in mind:

  • The tag/release names no longer map directly to the crate versions, so to find samples for a particular release requires looking at the releases page and finding the release that most recently updated a particular crate.

  • The windows-bindgen crate includes the major code generation overhaul that brings many improvements - be sure to check out the PR description for more information. The resulting code gen depends on the new version of windows-core and its dependencies, unless you include the --sys option. #3359

  • The cppwinrt crate constitutes a major update due to streamlining the error handling. #3415

  • The windows-registry, windows-strings, and windows-result crates are also major version updates since they include small breaking changes.

  • The windows-targets crate finally receives a major version update, the first in over a year. This is due to #3359 and #3342 potentially introducing breaking changes. Although unlikely, these updates introduced sufficient changes that make it hard to ensure that the windows-targets libs don't break existing code. As we're updating windows-targets anyway, I took the liberty to bump the MSRV to 1.60 - to match the latest version of windows-sys - and remove the old but unused doc macro feature. Both remained for compatibility with very old dependents of the windows-targets crate.

  • The windows-version crate receives a minor update to update its dependency on the windows-targets crate.

  • Beyond these specifics, this update is the culmination of around 6 months worth of work on the windows-rs project. The biggest improvements comes from the new code generation engine, but many other improvements are now also available for production. This includes support for many new lints, warnings, and suggestions provided by the Rust toolchain; much smaller code gen thanks to deriving many more traits; more efficient code gen; major improvements to WinRT type system and implementation support; more robust and consistent error handling; stock collection and async support; improved support for class hierarchies; and much more!

In addition to "what's changed" below, check out what's changed for notes for 0.60.0 and 0.59.0 for additional changes that roll up to the crates published as part of this release.

What's Changed

... (truncated)

Commits

Updates aws-runtime from 1.5.13 to 1.5.14

Commits

Updates aws-sdk-sts from 1.89.0 to 1.90.0

Commits

Updates cc from 1.2.44 to 1.2.45

Release notes

Sourced from cc's releases.

cc-v1.2.45

Other

  • Regenerate target info (#1606)
  • Use a default check for the "env" variable in apple_sdk_name (#1605)
Changelog

Sourced from cc's changelog.

1.2.45 - 2025-11-07

Other

  • Regenerate target info (#1606)
  • Use a default check for the "env" variable in apple_sdk_name (#1605)
Commits

Updates iri-string from 0.7.8 to 0.7.9

Changelog

Sourced from iri-string's changelog.

[0.7.9]

  • Fix decoding of percent-encoded invalid UTF-8 bytes.

Fixed

  • Fix decoding of percent-encoded invalid UTF-8 bytes.
    • Reported at #48.
    • Percent-encoded bytes starting with 0xF5 or above were wrongly handled as a 4-bytes long valid UTF-8 sequence.
Commits
  • 932e36b Merge branch 'release/v0.7.9'
  • bd1743f Bump version to v0.7.9
  • ff72e0a fix: leave percent-encoded invalid UTF-8 bytes as is
  • ec73ba7 Add an entry for fixed percent decoding
  • 1115af2 Check the first byte of UTF-8 sequence more precisely
  • 5006c52 Add the reported test case
  • 3ac803b refactor: resolve lints
  • b9eeb5c Make a PartialOrd implementation canonical
  • c9c515e Use core::ptr::eq
  • cea8a66 Remove unused must_use attribute
  • Additional commits viewable in compare view

Updates openssl-sys from 0.9.110 to 0.9.111

Release notes

Sourced from openssl-sys's releases.

openssl-sys-v0.9.111

What's Changed

New Contributors

Full Changelog: rust-openssl/rust-openssl@openssl-sys-v0.9.110...openssl-sys-v0.9.111

Commits
  • 09b90d0 Merge pull request #2518 from alex/bump-for-release
  • 26533f3 Release openssl v0.10.75 and openssl-sys v0.9.111
  • 395ecca Merge pull request #2517 from alex/claude/fix-ocsp-find-status-011CUqcGFNKeKJ...
  • cc26867 Fix unsound OCSP find_status handling of optional next_update field
  • 95aa8e8 Merge pull request #2513 from botovq/libressl-stable
  • e735a32 CI: bump LibreSSL 4.x branches to latest releases
  • 21ab91d Merge pull request #2510 from huwcbjones/huw/sys/evp-mac
  • d9161dc sys/evp: add EVP_MAC symbols
  • 3fd4bf2 Merge pull request #2508 from goffrie/oaep-label
  • 52022fd Implement set_rsa_oaep_label for AWS-LC/BoringSSL
  • Additional commits viewable in compare view

Updates quote from 1.0.41 to 1.0.42

Release notes

Sourced from quote's releases.

1.0.42

Commits
  • bb9e7a4 Release 1.0.42
  • 683c1d6 Merge pull request #311 from dtolnay/append
  • ed93e8e Revert PR 305
  • 1f2a959 Merge pull request #310 from dtolnay/up
  • 37448aa Raise required compiler to Rust 1.68
  • 39ac89e Resolve manual_let_else pedantic clippy lint
  • f3eac36 Raise required compiler to Rust 1.65
  • 7b490c5 Merge pull request #309 from dtolnay/append
  • 71dfa84 Apply pattern from PR 306 to append_separated & append_terminated
  • df32af7 Touch up PR 306
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the rust-dependencies group with 12 updates
efc9323 
Bumps the rust-dependencies group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [openssl](https://github.com/rust-openssl/rust-openssl) | `0.10.74` | `0.10.75` |
| [aws-config](https://github.com/smithy-lang/smithy-rs) | `1.8.8` | `1.8.10` |
| [aws-credential-types](https://github.com/smithy-lang/smithy-rs) | `1.2.8` | `1.2.9` |
| [pbkdf2](https://github.com/RustCrypto/password-hashes) | `0.11.0` | `0.12.2` |
| [rustls](https://github.com/rustls/rustls) | `0.23.34` | `0.23.35` |
| [windows-sys](https://github.com/microsoft/windows-rs) | `0.60.2` | `0.61.0` |
| [aws-runtime](https://github.com/smithy-lang/smithy-rs) | `1.5.13` | `1.5.14` |
| [aws-sdk-sts](https://github.com/awslabs/aws-sdk-rust) | `1.89.0` | `1.90.0` |
| [cc](https://github.com/rust-lang/cc-rs) | `1.2.44` | `1.2.45` |
| [iri-string](https://github.com/lo48576/iri-string) | `0.7.8` | `0.7.9` |
| [openssl-sys](https://github.com/rust-openssl/rust-openssl) | `0.9.110` | `0.9.111` |
| [quote](https://github.com/dtolnay/quote) | `1.0.41` | `1.0.42` |


Updates `openssl` from 0.10.74 to 0.10.75
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-v0.10.74...openssl-v0.10.75)

Updates `aws-config` from 1.8.8 to 1.8.10
- [Release notes](https://github.com/smithy-lang/smithy-rs/releases)
- [Changelog](https://github.com/smithy-lang/smithy-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/smithy-lang/smithy-rs/commits)

Updates `aws-credential-types` from 1.2.8 to 1.2.9
- [Release notes](https://github.com/smithy-lang/smithy-rs/releases)
- [Changelog](https://github.com/smithy-lang/smithy-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/smithy-lang/smithy-rs/commits)

Updates `pbkdf2` from 0.11.0 to 0.12.2
- [Commits](RustCrypto/password-hashes@pbkdf2-v0.11.0...pbkdf2-v0.12.2)

Updates `rustls` from 0.23.34 to 0.23.35
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](rustls/rustls@v/0.23.34...v/0.23.35)

Updates `windows-sys` from 0.60.2 to 0.61.0
- [Release notes](https://github.com/microsoft/windows-rs/releases)
- [Commits](https://github.com/microsoft/windows-rs/commits/0.61.0)

Updates `aws-runtime` from 1.5.13 to 1.5.14
- [Release notes](https://github.com/smithy-lang/smithy-rs/releases)
- [Changelog](https://github.com/smithy-lang/smithy-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/smithy-lang/smithy-rs/commits)

Updates `aws-sdk-sts` from 1.89.0 to 1.90.0
- [Release notes](https://github.com/awslabs/aws-sdk-rust/releases)
- [Commits](https://github.com/awslabs/aws-sdk-rust/commits)

Updates `cc` from 1.2.44 to 1.2.45
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](rust-lang/cc-rs@cc-v1.2.44...cc-v1.2.45)

Updates `iri-string` from 0.7.8 to 0.7.9
- [Changelog](https://github.com/lo48576/iri-string/blob/develop/CHANGELOG.md)
- [Commits](lo48576/iri-string@v0.7.8...v0.7.9)

Updates `openssl-sys` from 0.9.110 to 0.9.111
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-sys-v0.9.110...openssl-sys-v0.9.111)

Updates `quote` from 1.0.41 to 1.0.42
- [Release notes](https://github.com/dtolnay/quote/releases)
- [Commits](dtolnay/quote@1.0.41...1.0.42)

---
updated-dependencies:
- dependency-name: openssl
  dependency-version: 0.10.75
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: aws-config
  dependency-version: 1.8.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: aws-credential-types
  dependency-version: 1.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: pbkdf2
  dependency-version: 0.12.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: rustls
  dependency-version: 0.23.35
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: windows-sys
  dependency-version: 0.61.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: aws-runtime
  dependency-version: 1.5.14
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: aws-sdk-sts
  dependency-version: 1.90.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: cc
  dependency-version: 1.2.45
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: iri-string
  dependency-version: 0.7.9
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: openssl-sys
  dependency-version: 0.9.111
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: quote
  dependency-version: 1.0.42
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Nov 10, 2025
@dependabot dependabot bot requested a review from a team as a code owner November 10, 2025 08:57
@dependabot dependabot bot requested a review from abr-egn November 10, 2025 08:57
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Nov 10, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 10, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Nov 10, 2025
@dependabot dependabot bot deleted the dependabot/cargo/rust-dependencies-ae8fe2c1ec branch November 10, 2025 18:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@abr-egn abr-egn Awaiting requested review from abr-egn abr-egn is a code owner automatically assigned from mongodb/dbx-rust

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant