Skip to content

deps(deps): bump the rust-minor-patch group across 1 directory with 4 updates#32

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/rust-minor-patch-6622636c25
Closed

deps(deps): bump the rust-minor-patch group across 1 directory with 4 updates#32
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/rust-minor-patch-6622636c25

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 11, 2026

Copy link
Copy Markdown
Contributor

Bumps the rust-minor-patch group with 4 updates in the / directory: tokio, tonic, jsonwebtoken and rand.

Updates tokio from 1.51.0 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

  • sync: fix underflow in mpsc channel len() (#8062)
  • sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
  • sync: require that an RwLock has max_readers != 0 (#8076)
  • sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

  • runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

  • io: AioSource::register_borrowed for I/O safety support (#7992)
  • net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

  • runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)
  • taskdump: add trace_with() for customized task dumps (#8025)
  • taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)
  • fs: support io_uring in AsyncRead for File (#7907)

... (truncated)

Commits

Updates tonic from 0.14.5 to 0.14.6

Release notes

Sourced from tonic's releases.

tonic-build-v0.14.6

Other

  • update rust edition and version to 2024 and 1.88, respectively (#2525)

tonic-health-v0.14.6

Other

  • update rust edition and version to 2024 and 1.88, respectively (#2525)

tonic-prost-build-v0.14.6

Other

  • Support well known types resolved by prost to their rust counterparts (#2544)
  • update rust edition and version to 2024 and 1.88, respectively (#2525)

tonic-prost-v0.14.6

Other

  • update rust edition and version to 2024 and 1.88, respectively (#2525)

tonic-reflection-v0.14.6

Other

  • fix panic when client drops connection early (#2596)
  • update rust edition and version to 2024 and 1.88, respectively (#2525)

tonic-types-v0.14.6

Other

  • update rust edition and version to 2024 and 1.88, respectively (#2525)

tonic-v0.14.6

Added

  • (transport/channel) expose ServerCertVerifier API (#2612)

Fixed

  • map no trailers ok status to unknown (#2543)

Other

  • add max_frame_size to client Endpoint (#2592)
  • Allow setting the HTTP/2 client header table size (#2582)
  • update rust edition and version to 2024 and 1.88, respectively (#2525)

tonic-web-v0.14.6

Other

... (truncated)

Commits
  • 6cb6056 chore: release v0.14.6 (#2624)
  • efde924 grpc: change helloworld example to pass request as a view (#2632)
  • d47b001 transport: add max_frame_size to client Endpoint (#2592)
  • 02c01c7 Allow setting the HTTP/2 client header table size (#2582)
  • 3185354 examples: add grpc version of helloworld (#2630)
  • f585303 fix(grpc): Fix grpc-google build (#2628)
  • ff7bcbb feat(grpc): Google call credentials (#2610)
  • f93037b feat(tonic-xds): make XdsChannelGrpc Sync (#2627)
  • d834beb grpc: Update Status to be a Result<> and make StatusErr which holds non-OK co...
  • 2392224 grpc: add route_guide example and make minor tweaks to the generated code API...
  • Additional commits viewable in compare view

Updates jsonwebtoken from 10.3.0 to 10.4.0

Changelog

Sourced from jsonwebtoken's changelog.

10.4.0 (2026-05-11)

  • Fix incorrect encoding for Ed25519 JWK thumbprints
  • Make Algorithm.family public and add Validation.new_for_family
  • EncodingKey and DecodingKey are now partially zeroized on drop (the intermediate PemEncodedKey isn't so far)
Commits

Updates rand from 0.10.0 to 0.10.1

Changelog

Sourced from rand's changelog.

[0.10.1] — 2026-02-11

This release includes a fix for a soundness bug; see #1763.

Changes

  • Document panic behavior of make_rng and add #[track_caller] (#1761)
  • Deprecate feature log (#1763)

#1761: rust-random/rand#1761 #1763: rust-random/rand#1763

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… updates

Bumps the rust-minor-patch group with 4 updates in the / directory: [tokio](https://github.com/tokio-rs/tokio), [tonic](https://github.com/hyperium/tonic), [jsonwebtoken](https://github.com/Keats/jsonwebtoken) and [rand](https://github.com/rust-random/rand).


Updates `tokio` from 1.51.0 to 1.52.3
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.51.0...tokio-1.52.3)

Updates `tonic` from 0.14.5 to 0.14.6
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](grpc/grpc-rust@v0.14.5...tonic-v0.14.6)

Updates `jsonwebtoken` from 10.3.0 to 10.4.0
- [Changelog](https://github.com/Keats/jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](Keats/jsonwebtoken@v10.3.0...v10.4.0)

Updates `rand` from 0.10.0 to 0.10.1
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand@0.10.0...0.10.1)

---
updated-dependencies:
- dependency-name: tokio
  dependency-version: 1.52.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-minor-patch
- dependency-name: tonic
  dependency-version: 0.14.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor-patch
- dependency-name: jsonwebtoken
  dependency-version: 10.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-minor-patch
- dependency-name: rand
  dependency-version: 0.10.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the area/deps Dependencies label May 11, 2026
@github-actions github-actions Bot added the area/config Configuration label May 11, 2026
@dependabot @github

dependabot Bot commented on behalf of github May 25, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 25, 2026
@dependabot dependabot Bot deleted the dependabot/cargo/rust-minor-patch-6622636c25 branch May 25, 2026 13:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/config Configuration area/deps Dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants