[pull] master from hasura:master#7
Open
pull[bot] wants to merge 1614 commits into13banda:masterfrom
Open
Conversation
PR-URL: hasura/graphql-engine-mono#11321 GitOrigin-RevId: 0e71a2ddf1bcd046e060db6c5626333e8cabea2e
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.17.0 to 1.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/uuid-rs/uuid/releases">uuid's releases</a>.</em></p> <blockquote> <h2>v1.18.0</h2> <h2>What's Changed</h2> <ul> <li>Fix up mismatched_lifetime_syntaxes lint by <a href="https://github.com/KodrAus"><code>@KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/837">uuid-rs/uuid#837</a></li> <li>Conversions between <code>Timestamp</code> and <code>std::time::SystemTime</code> by <a href="https://github.com/dcormier"><code>@dcormier</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/835">uuid-rs/uuid#835</a></li> <li>Wrap the error type used in time conversions by <a href="https://github.com/KodrAus"><code>@KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/838">uuid-rs/uuid#838</a></li> <li>Prepare for 1.18.0 release by <a href="https://github.com/KodrAus"><code>@KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/839">uuid-rs/uuid#839</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dcormier"><code>@dcormier</code></a> made their first contribution in <a href="https://redirect.github.com/uuid-rs/uuid/pull/835">uuid-rs/uuid#835</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/uuid-rs/uuid/compare/v1.17.0...v1.18.0">https://github.com/uuid-rs/uuid/compare/v1.17.0...v1.18.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/uuid-rs/uuid/commit/60a49eb94fe1b4901d484de52dc305c7c21a2f85"><code>60a49eb</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/839">#839</a> from uuid-rs/cargo/v1.18.0</li> <li><a href="https://github.com/uuid-rs/uuid/commit/eb8c6970837cb02af04dfeac68a89453f84f890f"><code>eb8c697</code></a> prepare for 1.18.0 release</li> <li><a href="https://github.com/uuid-rs/uuid/commit/281f26fcd93c3b1eeeae8f4f05e89d9caebb5874"><code>281f26f</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/838">#838</a> from uuid-rs/chore/time-conversion</li> <li><a href="https://github.com/uuid-rs/uuid/commit/2d67ab2b5e261a68fb65a5bee50604516537307b"><code>2d67ab2</code></a> don't use allocated values in errors</li> <li><a href="https://github.com/uuid-rs/uuid/commit/c284ed562fdbe12cdeb6ca20e47e80f40cd21a68"><code>c284ed5</code></a> wrap the error type used in time conversions</li> <li><a href="https://github.com/uuid-rs/uuid/commit/87a4359f256c1426829bd21f66ca4327a9c5859c"><code>87a4359</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/835">#835</a> from dcormier/main</li> <li><a href="https://github.com/uuid-rs/uuid/commit/89273966259a90bf28abf17d934c9a8eede73a33"><code>8927396</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/837">#837</a> from uuid-rs/fix/lifetime-syntaxes</li> <li><a href="https://github.com/uuid-rs/uuid/commit/6dfb4b135cf91d2493e6b9aa23079cad41bde506"><code>6dfb4b1</code></a> Conversions between <code>Timestamp</code> and <code>std::time::SystemTime</code></li> <li><a href="https://github.com/uuid-rs/uuid/commit/b508383aff74d28e3a97dfd3a45b7a7ab86a4b2e"><code>b508383</code></a> fix up mismatched_lifetime_syntaxes lint</li> <li>See full diff in <a href="https://github.com/uuid-rs/uuid/compare/v1.17.0...v1.18.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 8fd31761b2da1eb554abf865008803657b7f2936
Originally merged and reverted since release hadn't completed: c2f657b9cef6403bd98c1ffafa21a5de55d15cf2 d519dbef32caa25df835f7b599fe3b79c5b1ce70 PR-URL: hasura/graphql-engine-mono#11323 GitOrigin-RevId: c7ac89c844ef50e120c3ed8ca3adf081c9f6545b
<!-- The PR description should answer 2 important questions: --> ### What Remove feature flag for authorization rules and include the new metadata versions in JSONSchema. - `promptql-docs` PR: hasura/promptql-docs#199 V3_GIT_ORIGIN_REV_ID: 438095d1384de023b0efabb263e3ffe666f80cf7
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.12 to 2.0.16. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.16</h2> <ul> <li>Add to "no-std" crates.io category (<a href="https://redirect.github.com/dtolnay/thiserror/issues/429">#429</a>)</li> </ul> <h2>2.0.15</h2> <ul> <li>Prevent <code>Error::provide</code> API becoming unavailable from a future new compiler lint (<a href="https://redirect.github.com/dtolnay/thiserror/issues/427">#427</a>)</li> </ul> <h2>2.0.14</h2> <ul> <li>Allow build-script cleanup failure with NFSv3 output directory to be non-fatal (<a href="https://redirect.github.com/dtolnay/thiserror/issues/426">#426</a>)</li> </ul> <h2>2.0.13</h2> <ul> <li>Documentation improvements</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/40b58536cc4570d7e94575d1c90ebb07edf9aba0"><code>40b5853</code></a> Release 2.0.16</li> <li><a href="https://github.com/dtolnay/thiserror/commit/83dfb5f99ba0ac9dc0ad800cc7adc64c28a2a918"><code>83dfb5f</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/429">#429</a> from dtolnay/nostd</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9b4a99fb90bdb8feb2d3d4212a6aa3427418ea2b"><code>9b4a99f</code></a> Add to "no-std" crates.io category</li> <li><a href="https://github.com/dtolnay/thiserror/commit/f6145ebe84b51697e4d3253b373866f1c8ac09ad"><code>f6145eb</code></a> Release 2.0.15</li> <li><a href="https://github.com/dtolnay/thiserror/commit/2717177976a162d75103acfb62aa229df02bc54f"><code>2717177</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/427">#427</a> from dtolnay/caplints</li> <li><a href="https://github.com/dtolnay/thiserror/commit/2cd13e67673cee27cf25fe55c5ceb277b687272b"><code>2cd13e6</code></a> Make error_generic_member_access compatible with -Dwarnings</li> <li><a href="https://github.com/dtolnay/thiserror/commit/eea6799e2d00bb542a98dada84f5cafe2839f38d"><code>eea6799</code></a> Release 2.0.14</li> <li><a href="https://github.com/dtolnay/thiserror/commit/a2aa6d7a5759c3c3669110d5dd2319b28e1ce995"><code>a2aa6d7</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/426">#426</a> from dtolnay/enotempty</li> <li><a href="https://github.com/dtolnay/thiserror/commit/f00ebc57bea45ffaa138c15448c3abc3181fbcfe"><code>f00ebc5</code></a> Allow build-script cleanup failure with NFSv3 output directory to be non-fatal</li> <li><a href="https://github.com/dtolnay/thiserror/commit/61f28da3dfea22cd417c86e038dac839cfb7eeea"><code>61f28da</code></a> Release 2.0.13</li> <li>Additional commits viewable in <a href="https://github.com/dtolnay/thiserror/compare/2.0.12...2.0.16">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: aed498040d7f52be7004d9bc00f95a5c7a15851b
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.22 to 0.12.23. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p> <blockquote> <h2>v0.12.23</h2> <h2>tl;dr</h2> <ul> <li>🇺🇩🇸 Add <code>ClientBuilder::unix_socket(path)</code> option that will force all requests over that Unix Domain Socket.</li> <li>🔁 Add <code>ClientBuilder::retries(policy)</code> and <code>reqwest::retry::Builder</code> to configure <a href="https://seanmonstar.com/blog/reqwest-retries/">automatic retries</a>.</li> <li>Add <code>ClientBuilder::dns_resolver2()</code> with more ergonomic argument bounds, allowing more resolver implementations.</li> <li>Add <code>http3_*</code> options to <code>blocking::ClientBuilder</code>.</li> <li>Fix default TCP timeout values to enabled and faster.</li> <li>Fix SOCKS proxies to default to port 1080</li> <li>(wasm) Add cache methods to <code>RequestBuilder</code>.</li> </ul> <h2>What's Changed</h2> <ul> <li>Minimize package size by <a href="https://github.com/weiznich"><code>@weiznich</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2759">seanmonstar/reqwest#2759</a></li> <li>chore(dev-dependencies): bump brotli by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2760">seanmonstar/reqwest#2760</a></li> <li>upgrade hickory-dns to 0.25 by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2761">seanmonstar/reqwest#2761</a></li> <li>Re-expose http3 options in blocking::clientBuilder by <a href="https://github.com/ducaale"><code>@ducaale</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2770">seanmonstar/reqwest#2770</a></li> <li>fix(proxy): restore default port 1080 for SOCKS proxies without explicit port by <a href="https://github.com/0x676e67"><code>@0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2771">seanmonstar/reqwest#2771</a></li> <li>ci: use msrv-aware cargo in msrv job by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2779">seanmonstar/reqwest#2779</a></li> <li>feat: add request cache option for wasm by <a href="https://github.com/Spxg"><code>@Spxg</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2775">seanmonstar/reqwest#2775</a></li> <li>style(client): use <code>std::task::ready!</code> macro to simplify <code>Poll</code> branch match by <a href="https://github.com/0x676e67"><code>@0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2781">seanmonstar/reqwest#2781</a></li> <li>fix: add default tcp keepalive and user_timeout values by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2780">seanmonstar/reqwest#2780</a></li> <li>feat: add unix_socket() option to client builder by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2624">seanmonstar/reqwest#2624</a></li> <li>Add retry policies by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2763">seanmonstar/reqwest#2763</a></li> <li>refactor: loosen retry <code>for_host</code> parameter bounds by <a href="https://github.com/Enduriel"><code>@Enduriel</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2792">seanmonstar/reqwest#2792</a></li> <li>feat: add dns_resolver2 that is more ergonomic and flexible by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2793">seanmonstar/reqwest#2793</a></li> <li>Prepare v0.12.23 by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2795">seanmonstar/reqwest#2795</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/weiznich"><code>@weiznich</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2759">seanmonstar/reqwest#2759</a></li> <li><a href="https://github.com/Spxg"><code>@Spxg</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2775">seanmonstar/reqwest#2775</a></li> <li><a href="https://github.com/Enduriel"><code>@Enduriel</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2792">seanmonstar/reqwest#2792</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.22...v0.12.23">https://github.com/seanmonstar/reqwest/compare/v0.12.22...v0.12.23</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p> <blockquote> <h2>v0.12.23</h2> <ul> <li>Add <code>ClientBuilder::unix_socket(path)</code> option that will force all requests over that Unix Domain Socket.</li> <li>Add <code>ClientBuilder::retries(policy)</code> and <code>reqwest::retry::Builder</code> to configure automatic retries.</li> <li>Add <code>ClientBuilder::dns_resolver2()</code> with more ergonomic argument bounds, allowing more resolver implementations.</li> <li>Add <code>http3_*</code> options to <code>blocking::ClientBuilder</code>.</li> <li>Fix default TCP timeout values to enabled and faster.</li> <li>Fix SOCKS proxies to default to port 1080</li> <li>(wasm) Add cache methods to <code>RequestBuilder</code>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/seanmonstar/reqwest/commit/ae7375b547495ccae67c0481d36fbe9a166ca12c"><code>ae7375b</code></a> v0.12.23</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/9aacdc1e2b7d45c3022a42b0d6eb2e8b7000085f"><code>9aacdc1</code></a> feat: add dns_resolver2 that is more ergonomic and flexible (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2793">#2793</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/221be11bc6869cdc6cfe125a3fb90fd2a3d211ab"><code>221be11</code></a> refactor: loosen retry <code>for_host</code> parameter bounds (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2792">#2792</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/acd1b059949a6760997fc486080a5ec54bb7172b"><code>acd1b05</code></a> feat: add reqwest::retry policies (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2763">#2763</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/54b6022b0f12917ce7f4c71e38b0925dc9661e21"><code>54b6022</code></a> feat: add <code>ClientBuilder::unix_socket()</code> option (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2624">#2624</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/6358cefd24ea4ea387787617f79815d859d8b6e5"><code>6358cef</code></a> fix: add default tcp keepalive and user_timeout values (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2780">#2780</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/21226a5bc3059a378b95267f2d743fbea44d4c3e"><code>21226a5</code></a> style(client): use <code>std::task::ready!</code> macro to simplify Poll branch matching...</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/82086e796b53da6625f1de39ce2d2cf29fcc50e8"><code>82086e7</code></a> feat: add request cache options for wasm (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2775">#2775</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/2a0f7a367004c900a816679fbf50e499c979ad9e"><code>2a0f7a3</code></a> ci: use msrv-aware cargo in msrv job (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2779">#2779</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/f1868036caea40079b389b0423bb9e7db6ecdad1"><code>f186803</code></a> fix(proxy): restore default port 1080 for SOCKS proxies without explicit port...</li> <li>Additional commits viewable in <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.22...v0.12.23">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 99429764335bf103f526f8809f02932fa6c1b3bf
Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/91d53adb3239cd4e12b671db7656c99b10fedc53"><code>91d53ad</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/409">#409</a> from cuviper/release-2.11.0</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/cf566a7060526aada9d7680a7cc3b9cf004a055a"><code>cf566a7</code></a> Release 2.11.0</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/2e173dcf755b55982ca8fb568cb823b72629ce73"><code>2e173dc</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/408">#408</a> from cuviper/is_sorted</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/e4bb7d03b92ad7768fb26b5f062fefda6af0dc72"><code>e4bb7d0</code></a> Add <code>is_sorted</code>{,<code>_by</code>,<code>_by_key</code>}</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0f40489b1a6f6a4781ec45f6b30f6e8327b1b04c"><code>0f40489</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/407">#407</a> from cuviper/sort_by_key</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ab9e461b895184bd4926a8d4555f05d1a6c50666"><code>ab9e461</code></a> Add <code>sort_by_key</code> and <code>sort_unstable_by_key</code></li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a468ca41bbbc04afd293e00ad57d7a8ed60cb89e"><code>a468ca4</code></a> Normalize to ASCII apostrophes</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7939ae9c21b12aa5386cb9d3ecb4f7bb598341a6"><code>7939ae9</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/406">#406</a> from cuviper/more-insert_sorted_by</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/354345b5a250be9d565e3b60f311a435141e6412"><code>354345b</code></a> Take <em>two</em> entries in <code>insert_sorted_by</code></li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/314ec7dbda48cfd7135e3aef894e7db627d6be21"><code>314ec7d</code></a> Add quick checks for <code>insert_sorted_by</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 3c59d4591d86bbb44aa0dbf9ef7a389b9c360a4c
Bumps [regex](https://github.com/rust-lang/regex) from 1.11.1 to 1.11.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p> <blockquote> <h1>1.11.2 (2025-08-24)</h1> <p>This is a new patch release of <code>regex</code> with some minor fixes. A larger number of typo or lint fix patches were merged. Also, we now finally recommend using <code>std::sync::LazyLock</code>.</p> <p>Improvements:</p> <ul> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1217">#1217</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1217">rust-lang/regex#1217</a>): Switch recommendation from <code>once_cell</code> to <code>std::sync::LazyLock</code>.</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1225">#1225</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1225">rust-lang/regex#1225</a>): Add <code>DFA::set_prefilter</code> to <code>regex-automata</code>.</li> </ul> <p>Bug fixes:</p> <ul> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1165">#1165</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/1150">rust-lang/regex#1150</a>): Remove <code>std</code> dependency from <code>perf-literal-multisubstring</code> crate feature.</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1165">#1165</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/1165">rust-lang/regex#1165</a>): Clarify the meaning of <code>(?R)$</code> in the documentation.</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1281">#1281</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/1281">rust-lang/regex#1281</a>): Remove <code>fuzz/</code> and <code>record/</code> directories from published crate on crates.io.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/regex/commit/d0aa586a4c15d3e8d86990f33b4d3635340af407"><code>d0aa586</code></a> 1.11.2</li> <li><a href="https://github.com/rust-lang/regex/commit/a3bf4ad84f0f12d148131032e2a4a8e9697868d0"><code>a3bf4ad</code></a> regex-cli-0.2.2</li> <li><a href="https://github.com/rust-lang/regex/commit/25a15e272b3ae5aee76b525902c2ab91b0d9e12e"><code>25a15e2</code></a> rure-0.2.3</li> <li><a href="https://github.com/rust-lang/regex/commit/45c3da7681af3a513bedba067c440b76bcc9a16e"><code>45c3da7</code></a> regex-lite-0.1.7</li> <li><a href="https://github.com/rust-lang/regex/commit/873ed800c535bc3ef0711c1ee6f2726b89a8508c"><code>873ed80</code></a> regex-automata-0.4.10</li> <li><a href="https://github.com/rust-lang/regex/commit/ea834f8e1fd7b72a3c1b2319b1a47f0c50d43082"><code>ea834f8</code></a> regex-syntax-0.8.6</li> <li><a href="https://github.com/rust-lang/regex/commit/86836fbe841893ca2e06ccf24067ecbc67b0b0c5"><code>86836fb</code></a> changelog: 1.11.2</li> <li><a href="https://github.com/rust-lang/regex/commit/63a26c1a7fac5ebbed88471ebada05f7a465ffc8"><code>63a26c1</code></a> cargo: ensure that 'perf' doesn't enable 'std' implicitly (<a href="https://redirect.github.com/rust-lang/regex/issues/1150">#1150</a>)</li> <li><a href="https://github.com/rust-lang/regex/commit/dd96592be2c019abb268026904826e79d919d3c4"><code>dd96592</code></a> doc: clarify CRLF mode effect</li> <li><a href="https://github.com/rust-lang/regex/commit/931dae01925415354720952bfaa568a7f9fb369b"><code>931dae0</code></a> cargo: point <code>repository</code> metadata to clonable URLs</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/1.11.1...1.11.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 57252cd7a99be78505695e8e2025baebe5c55047
V3_GIT_ORIGIN_REV_ID: b2a8911228d3d5f5f6191fe0ad4a87f6bfa2b205
V3_GIT_ORIGIN_REV_ID: 3f7ffd046ce6fb79b85336cf899487b197c7380a
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.142 to 1.0.143. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.143</h2> <ul> <li>Implement Clone and Debug for serde_json::Map iterators (<a href="https://redirect.github.com/serde-rs/json/issues/1264">#1264</a>, thanks <a href="https://github.com/xlambein"><code>@xlambein</code></a>)</li> <li>Implement Default for CompactFormatter (<a href="https://redirect.github.com/serde-rs/json/issues/1268">#1268</a>, thanks <a href="https://github.com/SOF3"><code>@SOF3</code></a>)</li> <li>Implement FromStr for serde_json::Map (<a href="https://redirect.github.com/serde-rs/json/issues/1271">#1271</a>, thanks <a href="https://github.com/mickvangelderen"><code>@mickvangelderen</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/10102c49bfd95e5b8d42a6c0b9530b1732a6fea8"><code>10102c4</code></a> Release 1.0.143</li> <li><a href="https://github.com/serde-rs/json/commit/2a5b85312c2eb0eec19f922993e1a6931535b5e3"><code>2a5b853</code></a> Replace super::super with absolute path within crate</li> <li><a href="https://github.com/serde-rs/json/commit/447170bd38099bc9636de4ff73c00e9d816a75f4"><code>447170b</code></a> Merge pull request 1271 from mickvangelderen/mick/impl-from-str-for-map</li> <li><a href="https://github.com/serde-rs/json/commit/ec190d6dfd4ecc5b31db76a7f1c26c54e99eee9f"><code>ec190d6</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1264">#1264</a> from xlambein/master</li> <li><a href="https://github.com/serde-rs/json/commit/8be664752fe8b8fc92b239155979fad39719c2fd"><code>8be6647</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1268">#1268</a> from SOF3/compact-default</li> <li><a href="https://github.com/serde-rs/json/commit/ba5b3cccea799018d236c1af24a34ae53b6c84cc"><code>ba5b3cc</code></a> Revert "Pin nightly toolchain used for miri job"</li> <li><a href="https://github.com/serde-rs/json/commit/fd35a02901648230ac04657a12b85f5c90fb9106"><code>fd35a02</code></a> Implement FromStr for Map<String, Value></li> <li><a href="https://github.com/serde-rs/json/commit/bea0fe6b3e1d06dcd46a38be42f775f22f6c2b8e"><code>bea0fe6</code></a> Implement Default for CompactFormatter</li> <li><a href="https://github.com/serde-rs/json/commit/0c0e9f6bfad856db30f389496d64ac2577d8c13b"><code>0c0e9f6</code></a> Add Clone and Debug impls to map iterators</li> <li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.142...v1.0.143">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: f347c3d00dc64f29696ca7cdaaf12d61c6476c89
Bumps [mimalloc](https://github.com/purpleprotocol/mimalloc_rust) from 0.1.47 to 0.1.48. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/purpleprotocol/mimalloc_rust/releases">mimalloc's releases</a>.</em></p> <blockquote> <h2>Version 0.1.48</h2> <h3>Changes</h3> <ul> <li>Mimalloc <code>v3</code> feature flag. (credits <a href="https://github.com/gschulze"><code>@gschulze</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/purpleprotocol/mimalloc_rust/commit/a5a76fd2c5a3a7c7b24d4765d53c71e41b32df74"><code>a5a76fd</code></a> v0.1.48</li> <li><a href="https://github.com/purpleprotocol/mimalloc_rust/commit/31607bf2c50d7b845bbd4dc18281fffbbc4ee6d8"><code>31607bf</code></a> Merge pull request <a href="https://redirect.github.com/purpleprotocol/mimalloc_rust/issues/144">#144</a> from gschulze/feature/3.x</li> <li><a href="https://github.com/purpleprotocol/mimalloc_rust/commit/aaa0114619926ce59471edaa80bf94b0d881b41e"><code>aaa0114</code></a> Allow unused macros in generated test code</li> <li><a href="https://github.com/purpleprotocol/mimalloc_rust/commit/54d6262e0ec1fa10c65ee502904ce62557c74461"><code>54d6262</code></a> Allow unused imports in generated test code</li> <li><a href="https://github.com/purpleprotocol/mimalloc_rust/commit/1f527f13bb560d8e08d526f0e5ddbc6bece83b80"><code>1f527f1</code></a> Proper feature flag propagation in binding tests</li> <li><a href="https://github.com/purpleprotocol/mimalloc_rust/commit/edee487dfadb23b31b4f6b82a89a61f4383c08d0"><code>edee487</code></a> Fix clippy lints</li> <li><a href="https://github.com/purpleprotocol/mimalloc_rust/commit/29c44c222412fa9d7ba66f9d6bbe03dc6cb9dcae"><code>29c44c2</code></a> Add workflows for v3</li> <li><a href="https://github.com/purpleprotocol/mimalloc_rust/commit/af52306816930ba3b5dae99538c026931e07043c"><code>af52306</code></a> Add support for testing v3 in CI</li> <li><a href="https://github.com/purpleprotocol/mimalloc_rust/commit/d84e46ef770dd97acb468d8ea9833377c39d207c"><code>d84e46e</code></a> Fix excludes in Cargo manifest</li> <li><a href="https://github.com/purpleprotocol/mimalloc_rust/commit/747b5b151432ffb671e99856874e2a7e34414fb3"><code>747b5b1</code></a> Introduce feature flag to switch between mimalloc major versions</li> <li>See full diff in <a href="https://github.com/purpleprotocol/mimalloc_rust/compare/v0.1.47...v0.1.48">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 20c29aff6359963197aa18dd4968206006b5c1bc
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = "0.3.20" </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: e81c812d47b59efc4826cca57c77788eec6ef5c9
Upgrade Rust. A lot of new clippy warnings about enums with particular oversized members. Boxed the ones that made sense, added ignores to stuff like errors that don't really happen that much on the whole. V3_GIT_ORIGIN_REV_ID: b519ea2bbef82728ff61e6b37ba062913a10e9c2
V3_GIT_ORIGIN_REV_ID: 0c828d93f884929ce92e3d9baf274f289a52b095
Add `forward_headers` config to `pre-ndc-request-plugin` which allows request headers to be forwarded to `pre-ndc-request` plugins. V3_GIT_ORIGIN_REV_ID: 37035e9ff39716b6fead05275e0dc9633f351198
PR-URL: hasura/graphql-engine-mono#11326 GitOrigin-RevId: 785bc0b56766c59f0ca71b5bf30585f8aa2b32f0
<!-- The PR description should answer 2 important questions: --> ### What Update engine to use `ndc-models` `v0.1.7` for `v0.1.x` requests. V3_GIT_ORIGIN_REV_ID: 6fd7ff81fc42d4dc8c70336a1e46632a261a3d12
V3_GIT_ORIGIN_REV_ID: 39b01640a8726b67aecf1a0171298c86dd608192
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.43 to 4.5.47. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.5.47</h2> <h2>[4.5.47] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Added <code>impl FromArgMatches for ()</code></li> <li>Added <code>impl Args for ()</code></li> <li>Added <code>impl Subcommand for ()</code></li> <li>Added <code>impl FromArgMatches for Infallible</code></li> <li>Added <code>impl Subcommand for Infallible</code></li> </ul> <h3>Fixes</h3> <ul> <li><em>(derive)</em> Update runtime error text to match <code>clap</code></li> </ul> <h2>v4.5.46</h2> <h2>[4.5.46] - 2025-08-26</h2> <h3>Features</h3> <ul> <li>Expose <code>StyledStr::push_str</code></li> </ul> <h2>v4.5.45</h2> <h2>[4.5.45] - 2025-08-12</h2> <h3>Fixes</h3> <ul> <li><em>(unstable-v5)</em> <code>ValueEnum</code> variants now use the full doc comment, not summary, for <code>PossibleValue::help</code></li> </ul> <h2>v4.5.44</h2> <h2>[4.5.44] - 2025-08-11</h2> <h3>Features</h3> <ul> <li>Add <code>Command::mut_subcommands</code></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.5.47] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Added <code>impl FromArgMatches for ()</code></li> <li>Added <code>impl Args for ()</code></li> <li>Added <code>impl Subcommand for ()</code></li> <li>Added <code>impl FromArgMatches for Infallible</code></li> <li>Added <code>impl Subcommand for Infallible</code></li> </ul> <h3>Fixes</h3> <ul> <li><em>(derive)</em> Update runtime error text to match <code>clap</code></li> </ul> <h2>[4.5.46] - 2025-08-26</h2> <h3>Features</h3> <ul> <li>Expose <code>StyledStr::push_str</code></li> </ul> <h2>[4.5.45] - 2025-08-12</h2> <h3>Fixes</h3> <ul> <li><em>(unstable-v5)</em> <code>ValueEnum</code> variants now use the full doc comment, not summary, for <code>PossibleValue::help</code></li> </ul> <h2>[4.5.44] - 2025-08-11</h2> <h3>Features</h3> <ul> <li>Add <code>Command::mut_subcommands</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/clap-rs/clap/commit/f046ca6a2b2da2ee0a46cb46544cebaba9f9a45a"><code>f046ca6</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/436949dde1cba64b565b78b7562cda7c6365665d"><code>436949d</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/1ddab84c3243908f4869d5587fe6bd262036a4d5"><code>1ddab84</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5954">#5954</a> from epage/tests</li> <li><a href="https://github.com/clap-rs/clap/commit/8a66dbf7c2c6ca050a65468180bc55a9d8425654"><code>8a66dbf</code></a> test(complete): Add more native cases</li> <li><a href="https://github.com/clap-rs/clap/commit/76465cf22381d9bcf188e35a259225509cebefd4"><code>76465cf</code></a> test(complete): Make things more consistent</li> <li><a href="https://github.com/clap-rs/clap/commit/232cedbe76e861c7cf0a4a7d6c1b79f4dc9a7191"><code>232cedb</code></a> test(complete): Remove redundant index</li> <li><a href="https://github.com/clap-rs/clap/commit/02244a69a3befca1a9bf488b1c258945ae53cfb0"><code>02244a6</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5949">#5949</a> from krobelus/option-name-completions-after-positionals</li> <li><a href="https://github.com/clap-rs/clap/commit/2e13847533d458991e3353b373e679ab65f1c8c3"><code>2e13847</code></a> fix(complete): Missing options in multi-val arg</li> <li><a href="https://github.com/clap-rs/clap/commit/74388d784b999da1f67a12b3481b4478b3d597bc"><code>74388d7</code></a> test(complete): Multi-valued, unbounded positional</li> <li><a href="https://github.com/clap-rs/clap/commit/5b3d45f72c94a4ce2a5a1837d2b40d58b22db1ff"><code>5b3d45f</code></a> refactor(complete): Extract function for options</li> <li>Additional commits viewable in <a href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.43...clap_complete-v4.5.47">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 0f0518566b734dcd9ef03f9e9e06cb88b84456aa
Bumps [serde_arrow](https://github.com/chmp/serde_arrow) from 0.13.5 to 0.13.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chmp/serde_arrow/releases">serde_arrow's releases</a>.</em></p> <blockquote> <h2>0.13.6</h2> <ul> <li><a href="https://github.com/jpopesculian"><code>@jpopesculian</code></a> added the option <code>bytes_as_large_binary</code> to <code>TracingOptions</code> (<a href="https://redirect.github.com/chmp/serde_arrow/pull/282">#282</a>)</li> <li><a href="https://github.com/jpopesculian"><code>@jpopesculian</code></a> added support to serialize strings as bytes (<a href="https://redirect.github.com/chmp/serde_arrow/pull/281">#281</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/chmp/serde_arrow/blob/main/Changes.md">serde_arrow's changelog</a>.</em></p> <blockquote> <h2>0.13.6</h2> <ul> <li><a href="https://github.com/jpopesculian"><code>@jpopesculian</code></a> added the option <code>bytes_as_large_binary</code> to <code>TracingOptions</code> (<a href="https://redirect.github.com/chmp/serde_arrow/pull/282">#281</a>)</li> <li><a href="https://github.com/jpopesculian"><code>@jpopesculian</code></a> added support to serialize strings as bytes (<a href="https://redirect.github.com/chmp/serde_arrow/pull/281">#281</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chmp/serde_arrow/commit/cd9de9c510d8b4a88a8b1a6179bc41bee665d94e"><code>cd9de9c</code></a> Add id-token write permission to publish flow</li> <li><a href="https://github.com/chmp/serde_arrow/commit/033d43afb6e82d3cf7fd0b38b6ec80ced375f1a0"><code>033d43a</code></a> Merge pull request <a href="https://redirect.github.com/chmp/serde_arrow/issues/283">#283</a> from chmp/release/0.13.6</li> <li><a href="https://github.com/chmp/serde_arrow/commit/0d3a24dd44b6bb5f400e2b793e7cb8cbaa22b265"><code>0d3a24d</code></a> Bump integration test requirements</li> <li><a href="https://github.com/chmp/serde_arrow/commit/d13d34114e68ea9b38295afa91846ae1c3f4c00d"><code>d13d341</code></a> mark any helper crates as publish=false</li> <li><a href="https://github.com/chmp/serde_arrow/commit/37a13793555db5c9667629b61152d75dfe6b96ab"><code>37a1379</code></a> Fix changelog formatting</li> <li><a href="https://github.com/chmp/serde_arrow/commit/8f242238052feffb1f7845be8b8cdfd55c5ee197"><code>8f24223</code></a> Update dev process</li> <li><a href="https://github.com/chmp/serde_arrow/commit/5836fb01c9aef91d3b0f4c1839b08cc3f79cea93"><code>5836fb0</code></a> Fix list rendering</li> <li><a href="https://github.com/chmp/serde_arrow/commit/c4c72565a1cb27ce3296b45bcaf3e0ba09c8011b"><code>c4c7256</code></a> Move Development to Contributing</li> <li><a href="https://github.com/chmp/serde_arrow/commit/34858d957d64c0e53c74d7928d85f26053175715"><code>34858d9</code></a> Update readme, add more related crates</li> <li><a href="https://github.com/chmp/serde_arrow/commit/0f67706472790d9c0fd1c5a49cad226e0f8ec335"><code>0f67706</code></a> Remove arrow2 from Readme</li> <li>Additional commits viewable in <a href="https://github.com/chmp/serde_arrow/compare/v0.13.5...v0.13.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 6a842f5af688fcfd4d5e4a8d30cfb73f19ea1ca1
Bumps [insta](https://github.com/mitsuhiko/insta) from 1.43.1 to 1.43.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mitsuhiko/insta/releases">insta's releases</a>.</em></p> <blockquote> <h2>1.43.2</h2> <h2>Release Notes</h2> <ul> <li>Fix panics when <code>cargo metadata</code> fails to execute or parse (e.g., when cargo is not in PATH or returns invalid output). Now falls back to using the manifest directory as the workspace root. <a href="https://redirect.github.com/mitsuhiko/insta/issues/798">#798</a> (<a href="https://github.com/adriangb"><code>@adriangb</code></a>)</li> <li>Fix clippy <code>uninlined_format_args</code> lint warnings. <a href="https://redirect.github.com/mitsuhiko/insta/issues/801">#801</a></li> <li>Changed diff line numbers to 1-based indexing. <a href="https://redirect.github.com/mitsuhiko/insta/issues/799">#799</a></li> <li>Preserve snapshot names with <code>INSTA_GLOB_FILTER</code>. <a href="https://redirect.github.com/mitsuhiko/insta/issues/786">#786</a></li> <li>Bumped <code>libc</code> crate to <code>0.2.174</code>, fixing building on musl targets, and increasing the MSRV of <code>insta</code> to <code>1.64.0</code> (released Sept 2022). <a href="https://redirect.github.com/mitsuhiko/insta/issues/784">#784</a></li> <li>Fix clippy 1.88 errors. <a href="https://redirect.github.com/mitsuhiko/insta/issues/783">#783</a></li> <li>Fix source path in snapshots for non-child workspaces. <a href="https://redirect.github.com/mitsuhiko/insta/issues/778">#778</a></li> <li>Add lifetime to Selector in redaction iterator. <a href="https://redirect.github.com/mitsuhiko/insta/issues/779">#779</a></li> </ul> <h2>Install cargo-insta 1.43.2</h2> <h3>Install prebuilt binaries via shell script</h3> <pre lang="sh"><code>curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-installer.sh | sh </code></pre> <h3>Install prebuilt binaries via powershell script</h3> <pre lang="sh"><code>powershell -ExecutionPolicy ByPass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-installer.ps1 | iex" </code></pre> <h2>Download cargo-insta 1.43.2</h2> <table> <thead> <tr> <th>File</th> <th>Platform</th> <th>Checksum</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-aarch64-apple-darwin.tar.xz">cargo-insta-aarch64-apple-darwin.tar.xz</a></td> <td>Apple Silicon macOS</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-aarch64-apple-darwin.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-x86_64-apple-darwin.tar.xz">cargo-insta-x86_64-apple-darwin.tar.xz</a></td> <td>Intel macOS</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-x86_64-apple-darwin.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-x86_64-pc-windows-msvc.zip">cargo-insta-x86_64-pc-windows-msvc.zip</a></td> <td>x64 Windows</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-x86_64-pc-windows-msvc.zip.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-x86_64-unknown-linux-gnu.tar.xz">cargo-insta-x86_64-unknown-linux-gnu.tar.xz</a></td> <td>x64 Linux</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-x86_64-unknown-linux-gnu.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-x86_64-unknown-linux-musl.tar.xz">cargo-insta-x86_64-unknown-linux-musl.tar.xz</a></td> <td>x64 MUSL Linux</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.43.2/cargo-insta-x86_64-unknown-linux-musl.tar.xz.sha256">checksum</a></td> </tr> </tbody> </table> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md">insta's changelog</a>.</em></p> <blockquote> <h2>1.43.2</h2> <ul> <li>Fix panics when <code>cargo metadata</code> fails to execute or parse (e.g., when cargo is not in PATH or returns invalid output). Now falls back to using the manifest directory as the workspace root. <a href="https://redirect.github.com/mitsuhiko/insta/issues/798">#798</a> (<a href="https://github.com/adriangb"><code>@adriangb</code></a>)</li> <li>Fix clippy <code>uninlined_format_args</code> lint warnings. <a href="https://redirect.github.com/mitsuhiko/insta/issues/801">#801</a></li> <li>Changed diff line numbers to 1-based indexing. <a href="https://redirect.github.com/mitsuhiko/insta/issues/799">#799</a></li> <li>Preserve snapshot names with <code>INSTA_GLOB_FILTER</code>. <a href="https://redirect.github.com/mitsuhiko/insta/issues/786">#786</a></li> <li>Bumped <code>libc</code> crate to <code>0.2.174</code>, fixing building on musl targets, and increasing the MSRV of <code>insta</code> to <code>1.64.0</code> (released Sept 2022). <a href="https://redirect.github.com/mitsuhiko/insta/issues/784">#784</a></li> <li>Fix clippy 1.88 errors. <a href="https://redirect.github.com/mitsuhiko/insta/issues/783">#783</a></li> <li>Fix source path in snapshots for non-child workspaces. <a href="https://redirect.github.com/mitsuhiko/insta/issues/778">#778</a></li> <li>Add lifetime to Selector in redaction iterator. <a href="https://redirect.github.com/mitsuhiko/insta/issues/779">#779</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mitsuhiko/insta/commit/01fc57f115b8b5a2c22f5c0be4f5427f3e5ac5ac"><code>01fc57f</code></a> Fix Windows runner configuration for releases</li> <li><a href="https://github.com/mitsuhiko/insta/commit/88c9a2f020b1a9abb3258063e0d55401ca2d95bb"><code>88c9a2f</code></a> Prepare CHANGELOG for 1.43.2 release (<a href="https://redirect.github.com/mitsuhiko/insta/issues/802">#802</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/d03c2a67b599c0e39f610298441013162a450eaa"><code>d03c2a6</code></a> Improve error handling for cargo workspace detection (<a href="https://redirect.github.com/mitsuhiko/insta/issues/800">#800</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/55987acdb68251b54a590be94db8bc97a694df39"><code>55987ac</code></a> Fix clippy uninlined_format_args lint warnings (<a href="https://redirect.github.com/mitsuhiko/insta/issues/801">#801</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/ae26e810a32bd46f955d63b1dd4e30efae389121"><code>ae26e81</code></a> Change diff line numbers to 1-based indexing (<a href="https://redirect.github.com/mitsuhiko/insta/issues/799">#799</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/26efb60d08206e17e7d476e9b42f152b2e16cf58"><code>26efb60</code></a> Release insta 1.43.2 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/791">#791</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/77937824766ae4a1299eadc634ee434d01033302"><code>7793782</code></a> Preserve snapshot names with INSTA_GLOB_FILTER (<a href="https://redirect.github.com/mitsuhiko/insta/issues/786">#786</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/1d6e0c715602e681a01fc538f3649ac16f769dc1"><code>1d6e0c7</code></a> chore: bump libc crate (<a href="https://redirect.github.com/mitsuhiko/insta/issues/784">#784</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/1a17ea955210036c5173fc9eb425f4434c535e83"><code>1a17ea9</code></a> chore: fix clippy 1.88 errors (<a href="https://redirect.github.com/mitsuhiko/insta/issues/783">#783</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/7d0de48695551aab4c5a352c07b7a956aee33b6b"><code>7d0de48</code></a> Fix source path in snapshots for non-child workspaces (<a href="https://redirect.github.com/mitsuhiko/insta/issues/778">#778</a>)</li> <li>Additional commits viewable in <a href="https://github.com/mitsuhiko/insta/compare/1.43.1...1.43.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: bdf2dcb58c6b4cdcbe8d85325507054a2503a1c0
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.18.0 to 1.18.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/uuid-rs/uuid/releases">uuid's releases</a>.</em></p> <blockquote> <h2>v1.18.1</h2> <h2>What's Changed</h2> <ul> <li>Unsafe cleanup by <a href="https://github.com/KodrAus"><code>@KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/841">uuid-rs/uuid#841</a></li> <li>Prepare for 1.18.1 release by <a href="https://github.com/KodrAus"><code>@KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/842">uuid-rs/uuid#842</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/uuid-rs/uuid/compare/v1.18.0...v1.18.1">https://github.com/uuid-rs/uuid/compare/v1.18.0...v1.18.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/uuid-rs/uuid/commit/50d8e797ed9628820d0aff617a5f199221b82aaa"><code>50d8e79</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/842">#842</a> from uuid-rs/cargo/v1.18.1</li> <li><a href="https://github.com/uuid-rs/uuid/commit/79485925e95d507c20bc0a37e86d326715ffec9e"><code>7948592</code></a> prepare for 1.18.1 release</li> <li><a href="https://github.com/uuid-rs/uuid/commit/6d847c79d072431c5131987a39318e11f8dbfa9b"><code>6d847c7</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/841">#841</a> from uuid-rs/chore/unsafe-cleanup</li> <li><a href="https://github.com/uuid-rs/uuid/commit/675cccc829fa8ce3f225392622aee1c41268b068"><code>675cccc</code></a> re-gate zerocopy behind unstable feature flag</li> <li><a href="https://github.com/uuid-rs/uuid/commit/4dd582806081d6718b7d0cac303c241d9a7eb0c9"><code>4dd5828</code></a> Remove some unsafe; stabilize zerocopy</li> <li>See full diff in <a href="https://github.com/uuid-rs/uuid/compare/v1.18.0...v1.18.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 749506e67f4911ca3cd4a3fc81b74961962f4c18
Bumps [log](https://github.com/rust-lang/log) from 0.4.27 to 0.4.28. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/log/releases">log's releases</a>.</em></p> <blockquote> <h2>0.4.28</h2> <h2>What's Changed</h2> <ul> <li>ci: drop really old trick and ensure MSRV for all feature combo by <a href="https://github.com/tisonkun"><code>@tisonkun</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/676">rust-lang/log#676</a></li> <li>chore: fix some typos in comment by <a href="https://github.com/xixishidibei"><code>@xixishidibei</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/677">rust-lang/log#677</a></li> <li>Unhide <code>#[derive(Debug)]</code> in example by <a href="https://github.com/ZylosLumen"><code>@ZylosLumen</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/688">rust-lang/log#688</a></li> <li>Chore: delete compare_exchange method for AtomicUsize on platforms without atomics by <a href="https://github.com/HaoliangXu"><code>@HaoliangXu</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li>Add <code>increment_severity()</code> and <code>decrement_severity()</code> methods for <code>Level</code> and <code>LevelFilter</code> by <a href="https://github.com/nebkor"><code>@nebkor</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> <li>Prepare for 0.4.28 release by <a href="https://github.com/KodrAus"><code>@KodrAus</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/695">rust-lang/log#695</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/xixishidibei"><code>@xixishidibei</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/677">rust-lang/log#677</a></li> <li><a href="https://github.com/ZylosLumen"><code>@ZylosLumen</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/688">rust-lang/log#688</a></li> <li><a href="https://github.com/HaoliangXu"><code>@HaoliangXu</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li><a href="https://github.com/nebkor"><code>@nebkor</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/log/compare/0.4.27...0.4.28">https://github.com/rust-lang/log/compare/0.4.27...0.4.28</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/log/blob/master/CHANGELOG.md">log's changelog</a>.</em></p> <blockquote> <h2>[0.4.28] - 2025-09-02</h2> <h2>What's Changed</h2> <ul> <li>ci: drop really old trick and ensure MSRV for all feature combo by <a href="https://github.com/tisonkun"><code>@tisonkun</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/676">rust-lang/log#676</a></li> <li>Chore: delete compare_exchange method for AtomicUsize on platforms without atomics by <a href="https://github.com/HaoliangXu"><code>@HaoliangXu</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li>Add <code>increment_severity()</code> and <code>decrement_severity()</code> methods for <code>Level</code> and <code>LevelFilter</code> by <a href="https://github.com/nebkor"><code>@nebkor</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/xixishidibei"><code>@xixishidibei</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/677">rust-lang/log#677</a></li> <li><a href="https://github.com/ZylosLumen"><code>@ZylosLumen</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/688">rust-lang/log#688</a></li> <li><a href="https://github.com/HaoliangXu"><code>@HaoliangXu</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li><a href="https://github.com/nebkor"><code>@nebkor</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/log/compare/0.4.27...0.4.28">https://github.com/rust-lang/log/compare/0.4.27...0.4.28</a></p> <h3>Notable Changes</h3> <ul> <li>MSRV is bumped to 1.61.0 in <a href="https://redirect.github.com/rust-lang/log/pull/676">rust-lang/log#676</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/log/commit/6e1735597bb21c5d979a077395df85e1d633e077"><code>6e17355</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/695">#695</a> from rust-lang/cargo/0.4.28</li> <li><a href="https://github.com/rust-lang/log/commit/57719dbef54de1c9b91b986845e4285d09c9e644"><code>57719db</code></a> focus on user-facing source changes in the changelog</li> <li><a href="https://github.com/rust-lang/log/commit/e0630c6485c6ca6da22888c319d2c3d2e53cb1ae"><code>e0630c6</code></a> prepare for 0.4.28 release</li> <li><a href="https://github.com/rust-lang/log/commit/60829b11f50e34497f4dcaff44561ee908c796f9"><code>60829b1</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/692">#692</a> from nebkor/up-and-down</li> <li><a href="https://github.com/rust-lang/log/commit/95d44f8af52df35d78adb766bef79d8f489022a0"><code>95d44f8</code></a> change names of log-level-changing methods to be more descriptive</li> <li><a href="https://github.com/rust-lang/log/commit/2b63dfada6394c537682de4834ae45eaf3bad216"><code>2b63dfa</code></a> Add <code>up()</code> and <code>down()</code> methods for <code>Level</code> and <code>LevelFilter</code></li> <li><a href="https://github.com/rust-lang/log/commit/3aa1359e926a39f841791207d6e57e00da3e68e2"><code>3aa1359</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/690">#690</a> from HaoliangXu/master</li> <li><a href="https://github.com/rust-lang/log/commit/1091f2cbd21817872235eff67b8e0e68e5ec4e41"><code>1091f2c</code></a> Chore:delete compare_exchange method for AtomicUsize on platforms</li> <li><a href="https://github.com/rust-lang/log/commit/24c5f44efd0828ed1c6dcec5adf5aebf97f0f400"><code>24c5f44</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/688">#688</a> from ZylosLumen/patch-1</li> <li><a href="https://github.com/rust-lang/log/commit/44984954670f3144af1d1f323e36690bb72788f4"><code>4498495</code></a> Unhide <code>#[derive(Debug)]</code> in example</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/log/compare/0.4.27...0.4.28">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: d18dcc3ab64466d7d8d0fb603e8059d3a28add20
Bumps [regex](https://github.com/rust-lang/regex) from 1.12.2 to 1.12.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p> <blockquote> <h1>1.12.3 (2025-02-03)</h1> <p>This release excludes some unnecessary things from the archive published to crates.io. Specifically, fuzzing data and various shell scripts are now excluded. If you run into problems, please file an issue.</p> <p>Improvements:</p> <ul> <li><a href="https://redirect.github.com/rust-lang/regex/pull/1319">#1319</a>: Switch from a Cargo <code>exclude</code> list to an <code>include</code> list, and exclude some unnecessary stuff.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/regex/commit/b028e4f40eac8959d05e82abf8404906b1c565c0"><code>b028e4f</code></a> 1.12.3</li> <li><a href="https://github.com/rust-lang/regex/commit/5e195de266e203441b2c8001d6ebefab1161a59e"><code>5e195de</code></a> regex-automata-0.4.14</li> <li><a href="https://github.com/rust-lang/regex/commit/a3433f691863d80300dfd6a52e332cb5a568e895"><code>a3433f6</code></a> regex-syntax-0.8.9</li> <li><a href="https://github.com/rust-lang/regex/commit/0c07fae444adf0802d84455e689f1143d2dd7790"><code>0c07fae</code></a> regex-lite-0.1.9</li> <li><a href="https://github.com/rust-lang/regex/commit/6a810068f030c023a12c93ccae49bc5fd907c4f6"><code>6a81006</code></a> cargo: exclude development scripts and fuzzing data</li> <li><a href="https://github.com/rust-lang/regex/commit/4733e28ba4f281f643ce93e4089eccbb9a9d5a5a"><code>4733e28</code></a> automata: fix <code>onepass::DFA::try_search_slots</code> panic when too many slots are ...</li> <li>See full diff in <a href="https://github.com/rust-lang/regex/compare/1.12.2...1.12.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 2009149221756159280564076f53474d2a7b88e6
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.42 to 0.4.44. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.44</h2> <h2>What's Changed</h2> <ul> <li>docs: match MSRV with <code>Cargo.toml</code> contents by <a href="https://github.com/coryan"><code>@coryan</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1772">chronotope/chrono#1772</a></li> <li>Add track_caller to non-deprecated functions by <a href="https://github.com/svix-jplatte"><code>@svix-jplatte</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1774">chronotope/chrono#1774</a></li> </ul> <h2>0.4.43</h2> <h2>What's Changed</h2> <ul> <li>Install extra components for lint workflow by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1741">chronotope/chrono#1741</a></li> <li>Upgrade windows-bindgen to 0.64 by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1742">chronotope/chrono#1742</a></li> <li>Improve windows-bindgen setup by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1744">chronotope/chrono#1744</a></li> <li>Drop stabilized feature doc_auto_cfg by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1745">chronotope/chrono#1745</a></li> <li>Faster RFC 3339 parsing by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1748">chronotope/chrono#1748</a></li> <li>Update windows-bindgen requirement from 0.64 to 0.65 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/chronotope/chrono/pull/1751">chronotope/chrono#1751</a></li> <li>add <code>NaiveDate::abs_diff</code> by <a href="https://github.com/Kinrany"><code>@Kinrany</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1752">chronotope/chrono#1752</a></li> <li>Add feature gated defmt support. by <a href="https://github.com/pebender"><code>@pebender</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1747">chronotope/chrono#1747</a></li> <li>Drop deny lints, eager Debug impls are a mixed blessing by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1753">chronotope/chrono#1753</a></li> <li>chore: minor improvement for docs by <a href="https://github.com/spuradage"><code>@spuradage</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1756">chronotope/chrono#1756</a></li> <li>Added doctest for the NaiveDate years_since function by <a href="https://github.com/LucasBou"><code>@LucasBou</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1755">chronotope/chrono#1755</a></li> <li>Prepare 0.4.43 by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1765">chronotope/chrono#1765</a></li> <li>Update copyright year to 2026 in LICENSE.txt by <a href="https://github.com/taozui472"><code>@taozui472</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1767">chronotope/chrono#1767</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chronotope/chrono/commit/c14b4599d07ef36ffa1f8a531fb0bc7eb3b42464"><code>c14b459</code></a> Bump version to 0.4.44</li> <li><a href="https://github.com/chronotope/chrono/commit/ea832c5090369eefa2cb6a47d643e2f7ade7ffa7"><code>ea832c5</code></a> Add track_caller to non-deprecated functions</li> <li><a href="https://github.com/chronotope/chrono/commit/cfae889a3a23507acf49b605794abba17effd2d7"><code>cfae889</code></a> Fix panic message in to_rfc2822</li> <li><a href="https://github.com/chronotope/chrono/commit/f8900b5a44228a7f6282c65e8c407d3ecb6dcb7b"><code>f8900b5</code></a> docs: match MSRV with <code>Cargo.toml</code> contents</li> <li><a href="https://github.com/chronotope/chrono/commit/45caaa970ce443b11106a710ee24bd2480e5ff99"><code>45caaa9</code></a> Update copyright year to 2026 in LICENSE.txt</li> <li><a href="https://github.com/chronotope/chrono/commit/1c0b8f011ab2f2e53c195df1866a1fb4c7fd193a"><code>1c0b8f0</code></a> Bump version to 0.4.43</li> <li><a href="https://github.com/chronotope/chrono/commit/a03e43b1c3ef3aea77f12200d84144f275560aa9"><code>a03e43b</code></a> Upgrade windows-bindgen to 0.66</li> <li><a href="https://github.com/chronotope/chrono/commit/4fedaba2a214aa560e1c6a70d0a09e6955ed3ff4"><code>4fedaba</code></a> Ignore bincode advisory</li> <li><a href="https://github.com/chronotope/chrono/commit/f4b7bbda679199e7509da813849a10242b2f7aa1"><code>f4b7bbd</code></a> Bump actions/checkout from 5 to 6</li> <li><a href="https://github.com/chronotope/chrono/commit/db129730e8f21ca66b3808c133b7147cbc62fc41"><code>db12973</code></a> Added doctest for the NaiveDate years_since function (<a href="https://redirect.github.com/chronotope/chrono/issues/1755">#1755</a>)</li> <li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.42...v0.4.44">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 436d5aeee20e5a02ccdb6da6c6df473a2f455c5e
Automated changelog update for release v2026.03.25. V3_GIT_ORIGIN_REV_ID: d02ae697c7f694fd97b2a088981ab0138f0b5944
PR-URL: hasura/graphql-engine-mono#11470 GitOrigin-RevId: 863b749ab4f74883d01bd04efbffabeac6363923
GitOrigin-RevId: fb00eb9880b78150f6f62e351956d93137cc6b2a
## Summary - bump `rust-toolchain.toml` to Rust 1.94.1, the latest stable release from the Rust stable channel dated 2026-03-26 - update every Rust-based Dockerfile to use `rust:1.94.1` - refresh `flake.lock` inputs for `crane`, `nixpkgs`, and `rust-overlay` so Nix resolves the updated toolchain - no Rust source changes were required after checking the workspace on 1.94.x ## Validation - `RUSTFLAGS="-D warnings" cargo check --workspace --all-targets` --------- Co-authored-by: dliub <dliub@users.noreply.github.com> Co-authored-by: Daniel Harvey <danieljamesharvey@gmail.com> V3_GIT_ORIGIN_REV_ID: daaccbd0da3484f0946cb0b6ad96172bc82908c2
Bumps [insta](https://github.com/mitsuhiko/insta) from 1.45.0 to 1.47.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mitsuhiko/insta/releases">insta's releases</a>.</em></p> <blockquote> <h2>1.47.1</h2> <h2>Release Notes</h2> <ul> <li>Revert sorting of sequences in <code>sort_maps</code>. The change in 1.47.0 sorted all <code>Seq</code> values (including <code>Vec</code>), not just non-deterministic collections like <code>HashSet</code>, which was a breaking change. <a href="https://redirect.github.com/mitsuhiko/insta/issues/876">#876</a></li> </ul> <h2>Install cargo-insta 1.47.1</h2> <h3>Install prebuilt binaries via shell script</h3> <pre lang="sh"><code>curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-installer.sh | sh </code></pre> <h3>Install prebuilt binaries via powershell script</h3> <pre lang="sh"><code>powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-installer.ps1 | iex" </code></pre> <h2>Download cargo-insta 1.47.1</h2> <table> <thead> <tr> <th>File</th> <th>Platform</th> <th>Checksum</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-aarch64-apple-darwin.tar.xz">cargo-insta-aarch64-apple-darwin.tar.xz</a></td> <td>Apple Silicon macOS</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-aarch64-apple-darwin.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-x86_64-apple-darwin.tar.xz">cargo-insta-x86_64-apple-darwin.tar.xz</a></td> <td>Intel macOS</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-x86_64-apple-darwin.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-x86_64-pc-windows-msvc.zip">cargo-insta-x86_64-pc-windows-msvc.zip</a></td> <td>x64 Windows</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-x86_64-pc-windows-msvc.zip.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-x86_64-unknown-linux-gnu.tar.xz">cargo-insta-x86_64-unknown-linux-gnu.tar.xz</a></td> <td>x64 Linux</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-x86_64-unknown-linux-gnu.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-x86_64-unknown-linux-musl.tar.xz">cargo-insta-x86_64-unknown-linux-musl.tar.xz</a></td> <td>x64 MUSL Linux</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-x86_64-unknown-linux-musl.tar.xz.sha256">checksum</a></td> </tr> </tbody> </table> <h2>1.47.0</h2> <h2>Release Notes</h2> <ul> <li>Add <code>Comparator</code> trait for customizing how snapshot values are compared. <a href="https://redirect.github.com/mitsuhiko/insta/issues/872">#872</a> (<a href="https://github.com/dstu"><code>@dstu</code></a>)</li> <li>Sort sequences in <code>sort_maps</code> to fix non-deterministic <code>HashSet</code> snapshots. <a href="https://redirect.github.com/mitsuhiko/insta/issues/876">#876</a></li> <li>Improve TOML serialization error message for unsupported types, suggesting <code>assert_json_snapshot!</code> or <code>assert_yaml_snapshot!</code> as alternatives. <a href="https://redirect.github.com/mitsuhiko/insta/issues/880">#880</a></li> <li>Remove unnecessary <code>Send + Sync</code> bounds from <code>Redaction</code>, allowing non-<code>Send</code> closures in dynamic redactions. <a href="https://redirect.github.com/mitsuhiko/insta/issues/874">#874</a></li> <li>Don't use <code>Arc</code> in <code>Settings</code> unnecessarily. <a href="https://redirect.github.com/mitsuhiko/insta/issues/873">#873</a> (<a href="https://github.com/dstu"><code>@dstu</code></a>)</li> <li>Upgrade <code>console</code> to 0.16 and MSRV to 1.66. <a href="https://redirect.github.com/mitsuhiko/insta/issues/885">#885</a></li> <li>Upgrade <code>toml-edit</code> to 0.25. <a href="https://redirect.github.com/mitsuhiko/insta/issues/882">#882</a> (<a href="https://github.com/alexanderkjall"><code>@alexanderkjall</code></a>)</li> </ul> <h2>Install cargo-insta 1.47.0</h2> <h3>Install prebuilt binaries via shell script</h3> <pre lang="sh"><code>curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.47.0/cargo-insta-installer.sh | sh </code></pre> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md">insta's changelog</a>.</em></p> <blockquote> <h2>1.47.1</h2> <ul> <li>Revert sorting of sequences in <code>sort_maps</code>. The change in 1.47.0 sorted all <code>Seq</code> values (including <code>Vec</code>), not just non-deterministic collections like <code>HashSet</code>, which was a breaking change. <a href="https://redirect.github.com/mitsuhiko/insta/issues/876">#876</a></li> </ul> <h2>1.47.0</h2> <ul> <li>Add <code>Comparator</code> trait for customizing how snapshot values are compared. <a href="https://redirect.github.com/mitsuhiko/insta/issues/872">#872</a> (<a href="https://github.com/dstu"><code>@dstu</code></a>)</li> <li>Sort sequences in <code>sort_maps</code> to fix non-deterministic <code>HashSet</code> snapshots. <a href="https://redirect.github.com/mitsuhiko/insta/issues/876">#876</a></li> <li>Improve TOML serialization error message for unsupported types, suggesting <code>assert_json_snapshot!</code> or <code>assert_yaml_snapshot!</code> as alternatives. <a href="https://redirect.github.com/mitsuhiko/insta/issues/880">#880</a></li> <li>Remove unnecessary <code>Send + Sync</code> bounds from <code>Redaction</code>, allowing non-<code>Send</code> closures in dynamic redactions. <a href="https://redirect.github.com/mitsuhiko/insta/issues/874">#874</a></li> <li>Don't use <code>Arc</code> in <code>Settings</code> unnecessarily. <a href="https://redirect.github.com/mitsuhiko/insta/issues/873">#873</a> (<a href="https://github.com/dstu"><code>@dstu</code></a>)</li> <li>Upgrade <code>console</code> to 0.16 and MSRV to 1.66. <a href="https://redirect.github.com/mitsuhiko/insta/issues/885">#885</a></li> <li>Upgrade <code>toml-edit</code> to 0.25. <a href="https://redirect.github.com/mitsuhiko/insta/issues/882">#882</a> (<a href="https://github.com/alexanderkjall"><code>@alexanderkjall</code></a>)</li> </ul> <h2>1.46.3</h2> <ul> <li>Fix inline escaped snapshots incorrectly stripping leading newlines when content contains control characters like carriage returns. The escaped format (used for snapshots with control chars) now correctly preserves the original content without stripping a non-existent formatting newline. <a href="https://redirect.github.com/mitsuhiko/insta/issues/865">#865</a></li> </ul> <h2>1.46.2</h2> <ul> <li>Fix inline snapshot corruption with carriage returns. The <code>leading_space()</code> function incorrectly treated <code>\r</code> as indentation, causing carriage returns to be stripped from snapshot content. <a href="https://redirect.github.com/mitsuhiko/insta/issues/866">#866</a></li> <li>Remove <code>< 0.4.17</code> upper bound on globset dependency. <a href="https://redirect.github.com/mitsuhiko/insta/issues/864">#864</a></li> </ul> <h2>1.46.1</h2> <ul> <li>Fix inline snapshot corruption when multiple snapshots appear inside <code>with_settings!</code> macro. <a href="https://redirect.github.com/mitsuhiko/insta/issues/858">#858</a></li> </ul> <h2>1.46.0</h2> <ul> <li>Add <code>INSTA_PENDING_DIR</code> environment variable for Bazel and other hermetic build systems. When set, pending snapshots are written to a separate directory while keeping the source tree read-only. We are very open to feedback on this feature. <a href="https://redirect.github.com/mitsuhiko/insta/issues/852">#852</a></li> <li>Fix documentation for <code>test.runner_fallback</code> config key. <a href="https://redirect.github.com/mitsuhiko/insta/issues/853">#853</a></li> </ul> <h2>1.45.1</h2> <ul> <li>Fix backward compatibility with TOML format produced by insta < 1.45.0. <a href="https://redirect.github.com/mitsuhiko/insta/issues/849">#849</a> (<a href="https://github.com/chitoku-k"><code>@chitoku-k</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mitsuhiko/insta/commit/fdbfc1508499f690672cd5d79281ef00f0581f44"><code>fdbfc15</code></a> Revert sort_maps sequence sorting, release 1.47.1 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/891">#891</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/46b6f2a2a3e208d30c2de71bb8331c9616feeaf6"><code>46b6f2a</code></a> Release 1.47.0 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/889">#889</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/aa129335d39262231edb836d3487af709d2d1b80"><code>aa12933</code></a> Upgrade <code>console</code> to 0.16, bump MSRV to 1.66 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/885">#885</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/98c084ccba9baaf9ad070f90131ce245e0686518"><code>98c084c</code></a> upgrade toml-edit to 0.25 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/882">#882</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/4e889b057350514a7c9befd1d31a25bb548e2cf8"><code>4e889b0</code></a> the test_glob test depends on both glob and json (<a href="https://redirect.github.com/mitsuhiko/insta/issues/883">#883</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/4d738e5e8a2ef18283bee248ec376a6c3212d062"><code>4d738e5</code></a> Bump <code>@tootallnate/once</code> and <code>@vscode/test-electron</code> in /vscode-insta (<a href="https://redirect.github.com/mitsuhiko/insta/issues/881">#881</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/09f2b8b50173b203fc681dd8772863c95b9440a4"><code>09f2b8b</code></a> Improve TOML serialization error message for unsupported types (<a href="https://redirect.github.com/mitsuhiko/insta/issues/880">#880</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/1373bbcfca2cd908bc808f656b9a9b26a2f168db"><code>1373bbc</code></a> Add Comparator trait (<a href="https://redirect.github.com/mitsuhiko/insta/issues/872">#872</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/ebe5a6e60f529236ab6a639e4d27ba30c9c1405a"><code>ebe5a6e</code></a> Sort sequences in <code>sort_maps</code> to fix non-deterministic <code>HashSet</code> snapshots (#...</li> <li><a href="https://github.com/mitsuhiko/insta/commit/eaf15ba7699ef8f2ba68a7022054f48b35b8d580"><code>eaf15ba</code></a> Remove unnecessary <code>Send + Sync</code> bounds from <code>Redaction</code> (<a href="https://redirect.github.com/mitsuhiko/insta/issues/874">#874</a>)</li> <li>Additional commits viewable in <a href="https://github.com/mitsuhiko/insta/compare/1.45.0...1.47.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: a023c0f60319e84e9c9cb7162dc98d3e4b6d41a8
Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.103 to 1.0.106. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/proc-macro2/releases">proc-macro2's releases</a>.</em></p> <blockquote> <h2>1.0.106</h2> <ul> <li>Optimize <code>Span::byte_range</code> (<a href="https://redirect.github.com/dtolnay/proc-macro2/issues/530">#530</a>)</li> </ul> <h2>1.0.105</h2> <ul> <li>Make std dependencies more easily discoverable in source code (<a href="https://redirect.github.com/dtolnay/proc-macro2/issues/528">#528</a>)</li> </ul> <h2>1.0.104</h2> <ul> <li>Add Rust 1.92.0's TokenStream Extend impls (<a href="https://redirect.github.com/dtolnay/proc-macro2/issues/527">#527</a>, <a href="https://redirect.github.com/rust-lang/rust/pull/145722">rust-lang/rust#145722</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/proc-macro2/commit/58ab776b95a4c2865554badbb6629c50971a9118"><code>58ab776</code></a> Release 1.0.106</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/1e18a0bb10f41371b39ede0c22e717d020b8a1e7"><code>1e18a0b</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/proc-macro2/issues/530">#530</a> from dtolnay/byterange</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/7f5973b73a68687868845b7ff08d8eae1d22c0ce"><code>7f5973b</code></a> Make char count bidirectional</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/08d1dd0bc3683aff781155809111045f9058ba73"><code>08d1dd0</code></a> Cache span end positions</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/8c4135f768d35f141326d7d9b2ebbcc892eddafe"><code>8c4135f</code></a> Release 1.0.105</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/2825fb1b74175cf7fe0c2a2980c8aa0a374921eb"><code>2825fb1</code></a> Make same crates available during probe as in crate root</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/cc5819cc4dbea4eb226bb1510e9152d26c8be24f"><code>cc5819c</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/proc-macro2/issues/528">#528</a> from dtolnay/nostd</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/e78151ecc1efea6b37540ec698ee00a491f4354c"><code>e78151e</code></a> Disable std prelude</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/2fbddd452b035f5ca280445e110e49054ac328d4"><code>2fbddd4</code></a> Delete html_root_url comment</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/aa54fc31874fe852ea740380d02648c99d64ffe8"><code>aa54fc3</code></a> Patch rustc-literal-escaper std dependencies</li> <li>Additional commits viewable in <a href="https://github.com/dtolnay/proc-macro2/compare/1.0.103...1.0.106">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 127344c086129cae7cce35c3ccfdb2926c26cef6
PR-URL: hasura/graphql-engine-mono#11475 GitOrigin-RevId: 5df163eb4d6378d64302a9992e45069a424065ee
## Summary
- When a rules-based permission condition referenced a session variable
not present in the user's session, the engine returned a hard
`SessionVariableNotFound` error instead of treating the condition as
non-matching
- This caused requests to fail even when an unconditional `allow` rule
had already granted access, because the `?` operator on the deny rule's
condition evaluation aborted the entire
`evaluate_model_authorization_rules` function
- Fix: treat a missing session variable as `null` in
`evaluate_value_expression`, so conditions like `equal(missing_var,
"true")` evaluate to `false` instead of erroring
### Example failing config
```json
{
"rulesBased": [
{ "allow": {} },
{ "deny": { "condition": { "equal": {
"left": { "sessionVariable": "x-hasura-custom-claim-no-chemical-access" },
"right": { "literal": "true" }
}}}}
]
}
```
Users without `x-hasura-custom-claim-no-chemical-access` in their
session got an error instead of being granted access by the
unconditional allow rule.
## Test plan
- [x] New unit test `test_missing_session_variable_treated_as_null` —
verifies missing session variable returns null (equals → false, isNull →
true)
- [x] New regression test
`test_deny_with_missing_session_variable_does_not_block_access` —
verifies the exact reported scenario
- [x] All existing `authorization-rules` and `plan` tests pass
🤖 Generated with [Claude Code](https://claude.com/claude-code)
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Daniel Harvey <danieljamesharvey@gmail.com>
V3_GIT_ORIGIN_REV_ID: 82c25b9ba9817ce7ead37b98ce43510d45266842
GitOrigin-RevId: 2b3be7472eede545bdd679ee59d89274003bb52f
Bumps [tokio-tungstenite](https://github.com/snapview/tokio-tungstenite) from 0.28.0 to 0.29.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/snapview/tokio-tungstenite/blob/master/CHANGELOG.md">tokio-tungstenite's changelog</a>.</em></p> <blockquote> <h1>0.29.0</h1> <ul> <li>Update <code>tungstenite</code> to <code>0.29.0</code>. See <a href="https://github.com/snapview/tungstenite-rs/blob/master/CHANGELOG.md"><code>tungstenite</code> release</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/snapview/tokio-tungstenite/commit/7930ff2f825a69cad44b928b19b6fb81bffc3f7a"><code>7930ff2</code></a> Bump version</li> <li><a href="https://github.com/snapview/tokio-tungstenite/commit/38d04656fe28be0000920201d6a49bf5ec3d537b"><code>38d0465</code></a> Update Readme (<a href="https://redirect.github.com/snapview/tokio-tungstenite/issues/369">#369</a>)</li> <li>See full diff in <a href="https://github.com/snapview/tokio-tungstenite/compare/v0.28.0...v0.29.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: ef3493aa943816f01ea065acd2d1ddd2685d25d8
Bumps [syn](https://github.com/dtolnay/syn) from 2.0.114 to 2.0.117. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/syn/releases">syn's releases</a>.</em></p> <blockquote> <h2>2.0.117</h2> <ul> <li>Fix parsing of <code>self::</code> pattern in first function argument (<a href="https://redirect.github.com/dtolnay/syn/issues/1970">#1970</a>)</li> </ul> <h2>2.0.116</h2> <ul> <li>Optimize parse_fn_arg_or_variadic for less lookahead on erroneous receiver (<a href="https://redirect.github.com/dtolnay/syn/issues/1968">#1968</a>)</li> </ul> <h2>2.0.115</h2> <ul> <li>Enable GenericArgument::Constraint parsing in non-full mode (<a href="https://redirect.github.com/dtolnay/syn/issues/1966">#1966</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/syn/commit/7bcb37cdb3399977658c8b52d2441d37e42e48f2"><code>7bcb37c</code></a> Release 2.0.117</li> <li><a href="https://github.com/dtolnay/syn/commit/9c6e7d3b8df7b30909d60395f88a6ca07688e1c1"><code>9c6e7d3</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/syn/issues/1970">#1970</a> from dtolnay/receiver</li> <li><a href="https://github.com/dtolnay/syn/commit/019a84847eded0cdb1f7856e0752ba618155cfc9"><code>019a848</code></a> Fix self:: pattern in first function argument</li> <li><a href="https://github.com/dtolnay/syn/commit/23f54f3cf61ddedd5daea4f347eca2d4b84c8abb"><code>23f54f3</code></a> Update test suite to nightly-2026-02-18</li> <li><a href="https://github.com/dtolnay/syn/commit/b99b9a627c46580343398472e7b08a131357a994"><code>b99b9a6</code></a> Unpin CI miri toolchain</li> <li><a href="https://github.com/dtolnay/syn/commit/a62e54a48b3b05add5df0e80fe93906509ad72ae"><code>a62e54a</code></a> Release 2.0.116</li> <li><a href="https://github.com/dtolnay/syn/commit/5a8ed9f32e572f35a952c05f25beb3bd976300a4"><code>5a8ed9f</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/syn/issues/1968">#1968</a> from dtolnay/receiver</li> <li><a href="https://github.com/dtolnay/syn/commit/813afcc7733b02a8ad0a829eef431e593a906379"><code>813afcc</code></a> Optimize parse_fn_arg_or_variadic for less lookahead on erroneous receiver</li> <li><a href="https://github.com/dtolnay/syn/commit/c17215011363b8e936b98a9053726abfbc2bdcc4"><code>c172150</code></a> Add regression test for issue 1718</li> <li><a href="https://github.com/dtolnay/syn/commit/0071ab367ca6c42f94209f8187de3e540231427f"><code>0071ab3</code></a> Ignore type_complexity clippy lint</li> <li>Additional commits viewable in <a href="https://github.com/dtolnay/syn/compare/2.0.114...2.0.117">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: a5db987e65e799c1d31b2da150028aefd2214bad
Adds a new optional `sessionVariableToTraceAttributeMap` field to `AuthConfigV4` that maps session variables to OpenTelemetry trace attributes (baggage). When configured, the specified session variable values are extracted after authentication and propagated as trace context to all downstream services (NDC connectors, auth webhooks, plugins, etc.). V3_GIT_ORIGIN_REV_ID: 9bf1987610be243315ffb3ecf192b281bed8a5eb
PR-URL: hasura/graphql-engine-mono#11483 Co-authored-by: Manas Agarwal <5352361+manasag@users.noreply.github.com> GitOrigin-RevId: b5a15be576bf1898893503b776f4cebf3555d0bb
Bumps [aws-credential-types](https://github.com/smithy-lang/smithy-rs) from 1.2.12 to 1.2.14. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/smithy-lang/smithy-rs/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: c72dfb8eef8782e8d9b14a7181dbeb8e552a6b57
PR-URL: hasura/graphql-engine-mono#11486 GitOrigin-RevId: c08dc08741e56b11e41276fe3a7210f16d6b7849
PR-URL: hasura/graphql-engine-mono#11484 GitOrigin-RevId: b68fd56f6a58bb54aa672bdb899069fafcccfa5c
PR-URL: hasura/graphql-engine-mono#11490 GitOrigin-RevId: a63f8f025832f538ff482b5dcdb0c7bf99fc71b7
GitOrigin-RevId: fd5cb0c81b83a5b3508ace930ad300a5c0f8f5c7
## Summary - fix the same `occured` -> `occurred` typo in validation error messages in `crates/graphql/lang-graphql/src/validation/error.rs` - make the equivalent change in `hasura/v3-engine` as the upstream `hasura/graphql-engine` fixes Equivalent to: - #10832 - #10833 Co-authored-by: dliub <dliub@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: f5751969a88e2497978ebac1cabda278eab0ab94
…in query logs (close #10814) GITHUB_PR_NUMBER: 10828 GITHUB_PR_URL: #10828 PR-URL: hasura/graphql-engine-mono#11480 Co-authored-by: Asish Kumar <87874775+officialasishkumar@users.noreply.github.com> Co-authored-by: Toan Nguyen <1615675+hgiasac@users.noreply.github.com> GitOrigin-RevId: 334fb2f195d4c0063c73b165d7c8723b8384309c
GITHUB_PR_NUMBER: 10723 GITHUB_PR_URL: #10723 PR-URL: hasura/graphql-engine-mono#11216 Co-authored-by: jack-chan-123 <183378634+jack-chan-123@users.noreply.github.com> Co-authored-by: Toan Nguyen <1615675+hgiasac@users.noreply.github.com> GitOrigin-RevId: d284cbe20619ce18d2938a2e41f456bff6602bb6
Automated changelog update for release v2026.04.23. V3_GIT_ORIGIN_REV_ID: d2220cfd9a0542474abb5c433a842310f5d438c1
## Summary This aligns v3-engine with the promptql-cloud fix in PR hasura/promptql-cloud#2683. NFKD normalization decomposes characters like `ï` into `i` + combining diaeresis (U+0308). This change strips those combining marks so page IDs are ASCII-only. - Adds `unicode-general-category = "0.6"` dependency to `crates/cloud/wiki/Cargo.toml` - Replaces the previous `\p{Mn}` regex step with an inline iterator filter during NFKD that strips Unicode combining mark categories: NonspacingMark (Mn), SpacingMark (Mc), and EnclosingMark (Me) ## Test plan - [ ] Existing `test_title_to_id` tests pass, including the diacritic cases (`naïve café` → `naive-cafe`) added in the prior commit on this branch - [ ] `cargo clippy -p wiki -- -D warnings` passes with no warnings - [ ] `cargo build -p wiki` compiles successfully 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Aisura <aisura@aisura.hasura.office> Co-authored-by: Abhinav Gupta <abhinav@hasura.io> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: f5d398a5de0e671e37523fd82aa0b70d3b2ff9a8
## Summary This PR resolves cargo audit security vulnerabilities identified in the project's Rust dependencies by updating affected crates in `Cargo.lock`. ### Vulnerabilities Fixed - **RUSTSEC-2026-0104** (`rustls-webpki` 0.103.10 → 0.103.13): Reachable panic in certificate revocation list parsing - **RUSTSEC-2026-0098** (`rustls-webpki` 0.103.10 → 0.103.13): Name constraints for URI names were incorrectly accepted - **RUSTSEC-2026-0099** (`rustls-webpki` 0.103.10 → 0.103.13): Name constraints were accepted for certificates asserting a wildcard name - **RUSTSEC-2026-0097** (`rand` 0.10.0 → 0.10.1, `rand` 0.9.2 → 0.9.4, `rand` 0.8.5 → 0.8.6): Rand is unsound with a custom logger using `rand::rng()` ### Remaining Warnings (non-actionable) - **RUSTSEC-2024-0436** (`paste` 1.0.15): Unmaintained crate warning — this is a transitive dependency of `parquet`/`datafusion` and cannot be updated until those upstream crates migrate away from it. This is a warning only, not a security vulnerability. ### Notes - Only `Cargo.lock` was modified — no `Cargo.toml` changes were needed as the fixes were compatible semver updates resolved via `cargo update`. - The project builds successfully after these changes (`cargo build` completed without errors). - This PR is needed to unblock PR #2481 and is required for the Stitch Fix Portkey integration workshop. ## Test plan - [x] `cargo audit` run — security vulnerabilities resolved - [x] `cargo build` — project compiles successfully - [ ] CI checks pass --------- Co-authored-by: Daniel Harvey <danieljamesharvey@gmail.com> Co-authored-by: Daniel Chambers <daniel@hasura.io> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: b9fbaaf4f9434cba9478e2bb961d9a4b78da1267
Bumps [openssl](https://github.com/rust-openssl/rust-openssl) from 0.10.75 to 0.10.78. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-openssl/rust-openssl/releases">openssl's releases</a>.</em></p> <blockquote> <h2>openssl-v0.10.78</h2> <h2>What's Changed</h2> <ul> <li>Fix Suite B flag assignments in verify.rs by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2592">rust-openssl/rust-openssl#2592</a></li> <li>Use cvt_p for OPENSSL_malloc error handling by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2593">rust-openssl/rust-openssl#2593</a></li> <li>Mark BIO_get_mem_data on AWS-LC to be unsafe by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2594">rust-openssl/rust-openssl#2594</a></li> <li>Set timeout for package installation step by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2595">rust-openssl/rust-openssl#2595</a></li> <li>Panic in Crypter::new when IV is required but not provided by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2596">rust-openssl/rust-openssl#2596</a></li> <li>openssl 4 support by <a href="https://github.com/reaperhulk"><code>@reaperhulk</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2591">rust-openssl/rust-openssl#2591</a></li> <li>Avoid panic for overlong OIDs by <a href="https://github.com/botovq"><code>@botovq</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2598">rust-openssl/rust-openssl#2598</a></li> <li>Fix dangling stack pointer in custom extension add callback by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2599">rust-openssl/rust-openssl#2599</a></li> <li>Add support for LibreSSL 4.3.x by <a href="https://github.com/botovq"><code>@botovq</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2603">rust-openssl/rust-openssl#2603</a></li> <li>fix inverted bounds assertion in AES key unwrap by <a href="https://github.com/reaperhulk"><code>@reaperhulk</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2604">rust-openssl/rust-openssl#2604</a></li> <li>Reject oversized length returns from password callback trampoline by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2605">rust-openssl/rust-openssl#2605</a></li> <li>Validate callback-returned lengths in PSK and cookie trampolines by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2607">rust-openssl/rust-openssl#2607</a></li> <li>Error for short out in MdCtxRef::digest_final() by <a href="https://github.com/botovq"><code>@botovq</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2608">rust-openssl/rust-openssl#2608</a></li> <li>Check derive output buffer length on OpenSSL 1.1.x by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2606">rust-openssl/rust-openssl#2606</a></li> <li>Release openssl v0.10.78 and openssl-sys v0.9.114 by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2609">rust-openssl/rust-openssl#2609</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-openssl/rust-openssl/compare/openssl-v0.10.77...openssl-v0.10.78">https://github.com/rust-openssl/rust-openssl/compare/openssl-v0.10.77...openssl-v0.10.78</a></p> <h2>openssl-v0.10.77</h2> <h2>What's Changed</h2> <ul> <li>CI: Hash-pin all action usage, avoid credential persistence in actions/checkout by <a href="https://github.com/woodruffw"><code>@woodruffw</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2587">rust-openssl/rust-openssl#2587</a></li> <li>Bump aws-lc-sys to 0.39 by <a href="https://github.com/goffrie"><code>@goffrie</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2588">rust-openssl/rust-openssl#2588</a></li> <li>md_ctx: enable sign/verify/reset on BoringSSL, LibreSSL, and AWS-LC by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2589">rust-openssl/rust-openssl#2589</a></li> <li>Release openssl v0.10.77 and openssl-sys v0.9.113 by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2590">rust-openssl/rust-openssl#2590</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/woodruffw"><code>@woodruffw</code></a> made their first contribution in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2587">rust-openssl/rust-openssl#2587</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-openssl/rust-openssl/compare/openssl-v0.10.76...openssl-v0.10.77">https://github.com/rust-openssl/rust-openssl/compare/openssl-v0.10.76...openssl-v0.10.77</a></p> <h2>openssl-v0.10.76</h2> <h2>What's Changed</h2> <ul> <li>feat: New methods EVP_PKEY_new_raw_*_key_ex and EVP_PKEY_is_a by <a href="https://github.com/FinnRG"><code>@FinnRG</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2521">rust-openssl/rust-openssl#2521</a></li> <li>Fix invalid value parsing of OCSP revocation reason by <a href="https://github.com/danpashin"><code>@danpashin</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2523">rust-openssl/rust-openssl#2523</a></li> <li>Bump actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2524">rust-openssl/rust-openssl#2524</a></li> <li>Bump aws-lc-sys from 0.27 to 0.34 by <a href="https://github.com/goffrie"><code>@goffrie</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2526">rust-openssl/rust-openssl#2526</a></li> <li>Expose X509_NAME_dup on all versions of OpenSSL by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2529">rust-openssl/rust-openssl#2529</a></li> <li>Unconditionally expose some *_dup() functions by <a href="https://github.com/botovq"><code>@botovq</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2530">rust-openssl/rust-openssl#2530</a></li> <li>reintroduce dir_name support for subject_alt_names by <a href="https://github.com/mqqz"><code>@mqqz</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2528">rust-openssl/rust-openssl#2528</a></li> <li>Fix cipher comparison with NID instead of pointers by <a href="https://github.com/lwestlund"><code>@lwestlund</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2531">rust-openssl/rust-openssl#2531</a></li> <li>Remove ASN1_STRING_data for LibreSSL 4.3.0 by <a href="https://github.com/botovq"><code>@botovq</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2534">rust-openssl/rust-openssl#2534</a></li> <li>drop openssl 1.0.2 by <a href="https://github.com/alex"><code>@alex</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2545">rust-openssl/rust-openssl#2545</a></li> <li>Bump actions/cache from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2542">rust-openssl/rust-openssl#2542</a></li> <li>Add Debug implementation for EcdsaSig{,Ref} by <a href="https://github.com/buytenh"><code>@buytenh</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2540">rust-openssl/rust-openssl#2540</a></li> <li>Add HKDF support by <a href="https://github.com/Zenkibou"><code>@Zenkibou</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2543">rust-openssl/rust-openssl#2543</a></li> <li>Enhance Debug implementation for Nid by <a href="https://github.com/buytenh"><code>@buytenh</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2547">rust-openssl/rust-openssl#2547</a></li> <li>Remove X509_VERIFY_PARAM_ID for LibreSSL 4.3.0 by <a href="https://github.com/botovq"><code>@botovq</code></a> in <a href="https://redirect.github.com/rust-openssl/rust-openssl/pull/2549">rust-openssl/rust-openssl#2549</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-openssl/rust-openssl/commit/a6debf535674c9a073f455158743e6ba094cf1b4"><code>a6debf5</code></a> Release openssl v0.10.78 and openssl-sys v0.9.114 (<a href="https://redirect.github.com/rust-openssl/rust-openssl/issues/2609">#2609</a>)</li> <li><a href="https://github.com/rust-openssl/rust-openssl/commit/09b425e5f59a2466d806e71a83a9a449c914c596"><code>09b425e</code></a> Check derive output buffer length on OpenSSL 1.1.x (<a href="https://redirect.github.com/rust-openssl/rust-openssl/issues/2606">#2606</a>)</li> <li><a href="https://github.com/rust-openssl/rust-openssl/commit/826c3888b77add418b394770e2b2e3a72d9f92fe"><code>826c388</code></a> Error for short out in MdCtxRef::digest_final() (<a href="https://redirect.github.com/rust-openssl/rust-openssl/issues/2608">#2608</a>)</li> <li><a href="https://github.com/rust-openssl/rust-openssl/commit/1d109020d98fff2fb2e45c39a373af3dff99b24c"><code>1d10902</code></a> Validate callback-returned lengths in PSK and cookie trampolines (<a href="https://redirect.github.com/rust-openssl/rust-openssl/issues/2607">#2607</a>)</li> <li><a href="https://github.com/rust-openssl/rust-openssl/commit/5af6895c907773699f37f583f409b862284062b1"><code>5af6895</code></a> Reject oversized length returns from password callback trampoline (<a href="https://redirect.github.com/rust-openssl/rust-openssl/issues/2605">#2605</a>)</li> <li><a href="https://github.com/rust-openssl/rust-openssl/commit/718d07ff8ff7be417d5b7a6a0047f1607520b3b6"><code>718d07f</code></a> fix inverted bounds assertion in AES key unwrap (<a href="https://redirect.github.com/rust-openssl/rust-openssl/issues/2604">#2604</a>)</li> <li><a href="https://github.com/rust-openssl/rust-openssl/commit/53cc69d2f3f0d7f19e46fe49c5ffb523785a3664"><code>53cc69d</code></a> Add support for LibreSSL 4.3.x (<a href="https://redirect.github.com/rust-openssl/rust-openssl/issues/2603">#2603</a>)</li> <li><a href="https://github.com/rust-openssl/rust-openssl/commit/0b41e793d6740ed2d6f2395a0c074d02568f9f66"><code>0b41e79</code></a> Fix dangling stack pointer in custom extension add callback (<a href="https://redirect.github.com/rust-openssl/rust-openssl/issues/2599">#2599</a>)</li> <li><a href="https://github.com/rust-openssl/rust-openssl/commit/cbdedf8105bfcce218fcdc09440d090431914710"><code>cbdedf8</code></a> Avoid panic for overlong OIDs (<a href="https://redirect.github.com/rust-openssl/rust-openssl/issues/2598">#2598</a>)</li> <li><a href="https://github.com/rust-openssl/rust-openssl/commit/1fc51efa3f63e38a3139e201edf3395e5a10f8ba"><code>1fc51ef</code></a> openssl 4 support (<a href="https://redirect.github.com/rust-openssl/rust-openssl/issues/2591">#2591</a>)</li> <li>Additional commits viewable in <a href="https://github.com/rust-openssl/rust-openssl/compare/openssl-v0.10.75...openssl-v0.10.78">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 0ffc510b56b57961e23a9dcf0cbb2aa4df49acfe
PR-URL: hasura/graphql-engine-mono#11507 GitOrigin-RevId: d72806789053859e9c6395827e4e9e9c0616f3ac
PR-URL: hasura/graphql-engine-mono#11491 GitOrigin-RevId: ee140d017a800ae0b70be6605545b8cd8c2b4853
PR-URL: hasura/graphql-engine-mono#11508 GitOrigin-RevId: a6a41d652ad33786c264700c0a1d037b1431a2d1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )