Skip to content

chore(deps): bump the dependencies group with 7 updates#614

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/dependencies-971dce44c7
Open

chore(deps): bump the dependencies group with 7 updates#614
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/dependencies-971dce44c7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps the dependencies group with 7 updates:

Package From To
bytes 1.12.0 1.12.1
http-body 1.0.1 1.1.0
http-body-util 0.1.3 0.1.4
humantime 2.3.0 2.4.0
rand 0.10.1 0.10.2
rustversion 1.0.22 1.0.23
trybuild 1.0.117 1.0.118

Updates bytes from 1.12.0 to 1.12.1

Release notes

Sourced from bytes's releases.

Bytes v1.12.1

1.12.1 (July 8th, 2026)

Fixed

  • Properly handle when Box::new panics (#837)
Changelog

Sourced from bytes's changelog.

1.12.1 (July 8th, 2026)

Fixed

  • Properly handle when Box::new panics (#837)
Commits

Updates http-body from 1.0.1 to 1.1.0

Commits

Updates http-body-util from 0.1.3 to 0.1.4

Release notes

Sourced from http-body-util's releases.

http-body-util-v0.1.4

What's Changed

  • Add Fused body combinator that always returns None once completed.
  • Add BodyExt::into_stream() to convert a body into a Stream.
  • Add Full::into_inner() to get the full Buf.
  • Add InspectFrame and InspectErr combinators.
Commits

Updates humantime from 2.3.0 to 2.4.0

Release notes

Sourced from humantime's releases.

2.4.0

What's Changed

Commits
  • fc09281 chore: prepare release 2.4.0
  • 8a022cc feat: allow creating Duration in const context
  • 27a4f77 Explicitly set rust-version to 1.60
  • acc3c19 ci: upgrade to actions/checkout v7
  • 3acf96b ci: fix workflow formatting
  • See full diff in compare view

Updates rand from 0.10.1 to 0.10.2

Changelog

Sourced from rand's changelog.

[0.10.2] — 2026-07-02

Fixes

  • Fix possible memory safety violation due to deserialization of UniformChar from bad source (#1790)

Changes

  • Document required output order of fn partial_shuffle and apply #[must_use] (#1769)
  • Avoid usage of unsafe in contexts where non-local memory corruption could invalidate contract (#1791)

#1769: rust-random/rand#1769 #1790: rust-random/rand#1790 #1791: rust-random/rand#1791

Commits

Updates rustversion from 1.0.22 to 1.0.23

Release notes

Sourced from rustversion's releases.

1.0.23

  • Set RUSTVERSION=1 during rustc --version command (#68)
Commits
  • 3a7c766 Release 1.0.23
  • 9b213c4 Merge pull request #68 from dtolnay/env
  • 8ffb0c2 Set RUSTVERSION=1 during rustc --version command
  • 79462fd Update actions/upload-artifact@v6 -> v7
  • ca1eafe Update actions/checkout@v6 -> v7
  • 119e831 Lint clippy::from_iter_instead_of_collect has been removed
  • a1dfebc Raise minimum tested compiler to rust 1.85
  • f717b8d Unpin CI miri toolchain
  • fb69332 Pin CI miri to nightly-2026-02-11
  • a389672 Update actions/upload-artifact@v5 -> v6
  • Additional commits viewable in compare view

Updates trybuild from 1.0.117 to 1.0.118

Release notes

Sourced from trybuild's releases.

1.0.118

  • Normalize cargo registry paths for any registry source (#331, thanks @​devjgm)
  • Limit custom registry to new normalization level (#334)
Commits
  • 7ce4c26 Release 1.0.118
  • b359f4a Update to 2024 edition
  • 3551315 Merge pull request #334 from dtolnay/customregistry
  • 5209787 Limit custom registry to new normalization level
  • 528223c Merge pull request 331 from devjgm/greg/trybuild-custom-registry-normalization
  • 69689b3 Update actions/upload-artifact@v6 -> v7
  • 585d6f7 Normalize cargo registry paths for any registry source
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [bytes](https://github.com/tokio-rs/bytes) | `1.12.0` | `1.12.1` |
| [http-body](https://github.com/hyperium/http-body) | `1.0.1` | `1.1.0` |
| [http-body-util](https://github.com/hyperium/http-body) | `0.1.3` | `0.1.4` |
| [humantime](https://github.com/chronotope/humantime) | `2.3.0` | `2.4.0` |
| [rand](https://github.com/rust-random/rand) | `0.10.1` | `0.10.2` |
| [rustversion](https://github.com/dtolnay/rustversion) | `1.0.22` | `1.0.23` |
| [trybuild](https://github.com/dtolnay/trybuild) | `1.0.117` | `1.0.118` |


Updates `bytes` from 1.12.0 to 1.12.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.12.0...v1.12.1)

Updates `http-body` from 1.0.1 to 1.1.0
- [Release notes](https://github.com/hyperium/http-body/releases)
- [Commits](hyperium/http-body@v1.0.1...v1.1.0)

Updates `http-body-util` from 0.1.3 to 0.1.4
- [Release notes](https://github.com/hyperium/http-body/releases)
- [Commits](hyperium/http-body@http-body-util-v0.1.3...http-body-util-v0.1.4)

Updates `humantime` from 2.3.0 to 2.4.0
- [Release notes](https://github.com/chronotope/humantime/releases)
- [Commits](chronotope/humantime@v2.3.0...v2.4.0)

Updates `rand` from 0.10.1 to 0.10.2
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand@0.10.1...0.10.2)

Updates `rustversion` from 1.0.22 to 1.0.23
- [Release notes](https://github.com/dtolnay/rustversion/releases)
- [Commits](dtolnay/rustversion@1.0.22...1.0.23)

Updates `trybuild` from 1.0.117 to 1.0.118
- [Release notes](https://github.com/dtolnay/trybuild/releases)
- [Commits](dtolnay/trybuild@1.0.117...1.0.118)

---
updated-dependencies:
- dependency-name: bytes
  dependency-version: 1.12.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: http-body
  dependency-version: 1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: http-body-util
  dependency-version: 0.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: humantime
  dependency-version: 2.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: rand
  dependency-version: 0.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: rustversion
  dependency-version: 1.0.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: trybuild
  dependency-version: 1.0.118
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the A-deps Area: Dependencies label Jul 13, 2026
@github-actions

Copy link
Copy Markdown

🐰 Bencher Report

Branchdependabot/cargo/dependencies-971dce44c7
Testbedgithub-ubuntu-latest

🚨 1 Alert

BenchmarkMeasure
Units
ViewBenchmark Result
(Result Δ%)
Upper Boundary
(Limit %)
empty_router/empty_routerLatency
milliseconds (ms)
📈 plot
🚷 threshold
🚨 alert (🔔)
14.02 ms
(+107.84%)Baseline: 6.75 ms
10.42 ms
(134.59%)

Click to view all benchmark results
BenchmarkLatencyBenchmark Result
microseconds (µs)
(Result Δ%)
Upper Boundary
microseconds (µs)
(Limit %)
empty_router/empty_router📈 view plot
🚷 view threshold
🚨 view alert (🔔)
14,024.00 µs
(+107.84%)Baseline: 6,747.51 µs
10,419.66 µs
(134.59%)

json_api/json_api📈 view plot
🚷 view threshold
1,071.90 µs
(-1.10%)Baseline: 1,083.84 µs
1,355.28 µs
(79.09%)
nested_routers/nested_routers📈 view plot
🚷 view threshold
1,017.00 µs
(+0.88%)Baseline: 1,008.09 µs
1,232.10 µs
(82.54%)
single_root_route/single_root_route📈 view plot
🚷 view threshold
974.95 µs
(+0.40%)Baseline: 971.10 µs
1,195.47 µs
(81.55%)
single_root_route_burst/single_root_route_burst📈 view plot
🚷 view threshold
16,847.00 µs
(-3.63%)Baseline: 17,481.48 µs
21,630.12 µs
(77.89%)
🐰 View full continuous benchmarking report in Bencher

@codecov

codecov Bot commented Jul 13, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

Flag Coverage Δ
rust 90.25% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

A-deps Area: Dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants