Skip to content

Comments

build(deps): bump the cargo group across 1 directory with 6 updates#1

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/cargo/cargo-50db7e712c
Open

build(deps): bump the cargo group across 1 directory with 6 updates#1
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/cargo/cargo-50db7e712c

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jan 5, 2026

Bumps the cargo group with 5 updates in the / directory:

Package From To
alloy-json-abi 0.7.1 0.8.0
tokio 1.37.0 1.38.2
ammonia 3.3.0 3.3.1
crossbeam-channel 0.5.12 0.5.15
openssl 0.10.64 0.10.75

Updates alloy-json-abi from 0.7.1 to 0.8.0

Release notes

Sourced from alloy-json-abi's releases.

alloy-core v0.8.0

Breaking Changes

  • [primitives] ethereum_ssz and "ssz" feature have been removed. ethereum_ssz 0.7 and above will depend on alloy-primitives, instead of the opposite. alloy-rs/core#701
  • [sol-types] Odd size integers are now represented by the corresponding ruint, rather than rounded up to the next primitive integer (e.g. uint96 -> U96, rather than u128). alloy-rs/core#677
  • [sol-macro] JSON inputs preserve contract specifiers, creating separate libraries for them if different from the main name. Example: if a struct MyLib.Struct exists inside of a JSON ABI, library MyLib { ... } is created containing that struct and referenced everywhere else using MyLib::Struct, unless the macro is invoked with sol!(MyLib, "..."), in which case it will be inside of interface MyLib { ... } as usual. alloy-rs/core#694
  • [sol-type-parser] API changes to utilities and parser methods. alloy-rs/core#703

What's Changed

New Contributors

Full Changelog: alloy-rs/core@v0.7.7...v0.8.0

alloy-core v0.7.7

What's Changed

... (truncated)

Changelog

Sourced from alloy-json-abi's changelog.

0.8.0 - 2024-08-21

Bug Fixes

  • Parsing stack overflow (#703)

Dependencies

  • [deps] Bump proptest-derive (#708)

Documentation

  • Typo

Features

  • Derive ser deser on Sealed (#710)
  • [sol-macro] Support namespaces (#694)
  • Derive Hash for Sealed (#707)
  • [sol-types] Implement traits for longer tuples (#699)

Miscellaneous Tasks

  • Release 0.8.0
  • [primitives] Re-use ruint mask function (#698)
  • Derive hash for parity (#686)
  • Add some TODO comments

Other

  • Implement specific bit types for integers (#677)
  • Add testcase for overflowing_from_sign_and_abs (#696)

Styling

  • Remove ethereum_ssz dependency (#701)

0.7.7 - 2024-07-08

Bug Fixes

  • Small fixes for DynSolValue strategies (#683)
  • Fixed bytes dyn abi packed encoding (#671)
  • [primitives] Include in aliases export to prevent having to import from aliases::{..} (#655)

Documentation

  • [primitives] Fix rustdoc for Signature (#680)
  • [sol-types] Update README.md using crate docs (#679)
  • Add per-crate changelogs (#669)

... (truncated)

Commits

Updates tokio from 1.37.0 to 1.38.2

Release notes

Sourced from tokio's releases.

Tokio v1.38.2

This release fixes a soundness issue in the broadcast channel. The channel accepts values that are Send but !Sync. Previously, the channel called clone() on these values without synchronizing. This release fixes the channel by synchronizing calls to .clone() (Thanks Austin Bonander for finding and reporting the issue).

Fixed

  • sync: synchronize clone() call in broadcast channel (#7232)

#7232: tokio-rs/tokio#7232

Tokio v1.38.1

1.38.1 (July 16th, 2024)

This release fixes the bug identified as (#6682), which caused timers not to fire when they should.

Fixed

  • time: update wake_up while holding all the locks of sharded time wheels (#6683)

#6682: tokio-rs/tokio#6682 #6683: tokio-rs/tokio#6683

Tokio v1.38.0

This release marks the beginning of stabilization for runtime metrics. It stabilizes RuntimeMetrics::worker_count. Future releases will continue to stabilize more metrics.

Added

  • fs: add File::create_new (#6573)
  • io: add copy_bidirectional_with_sizes (#6500)
  • io: implement AsyncBufRead for Join (#6449)
  • net: add Apple visionOS support (#6465)
  • net: implement Clone for NamedPipeInfo (#6586)
  • net: support QNX OS (#6421)
  • sync: add Notify::notify_last (#6520)
  • sync: add mpsc::Receiver::{capacity,max_capacity} (#6511)
  • sync: add split method to the semaphore permit (#6472, #6478)
  • task: add tokio::task::join_set::Builder::spawn_blocking (#6578)
  • wasm: support rt-multi-thread with wasm32-wasi-preview1-threads (#6510)

Changed

  • macros: make #[tokio::test] append #[test] at the end of the attribute list (#6497)
  • metrics: fix blocking_threads count (#6551)
  • metrics: stabilize RuntimeMetrics::worker_count (#6556)
  • runtime: move task out of the lifo_slot in block_in_place (#6596)
  • runtime: panic if global_queue_interval is zero (#6445)
  • sync: always drop message in destructor for oneshot receiver (#6558)
  • sync: instrument Semaphore for task dumps (#6499)

... (truncated)

Commits

Updates ammonia from 3.3.0 to 3.3.1

Release notes

Sourced from ammonia's releases.

3.3.1

  • fix: unexpected namespace switches after cleanup can cause mXSS (reported by zzm0902@shu.edu.cn, backport 4.1.2)
Changelog

Sourced from ammonia's changelog.

3.3.1

  • fix: unexpected namespace switches after cleanup can cause mXSS (backport 4.1.2, reported by zzm0902@shu.edu.cn)
Commits

Updates crossbeam-channel from 0.5.12 to 0.5.15

Release notes

Sourced from crossbeam-channel's releases.

crossbeam-channel 0.5.15

  • Fix regression introduced in 0.5.12 that can lead to a double free when dropping unbounded channel. (#1187)

crossbeam-channel 0.5.14

  • Fix stack overflow when sending large value to unbounded channel. (#1146, #1147)
  • Add Select::new_biased function. (#1150)
  • Remove inefficient spinning. (#1154)
  • Suppress buggy clippy::zero_repeat_side_effects lint in macro generated code. (#1123)

crossbeam-channel 0.5.13

  • Add select_biased! macro. (#1040)
Commits
  • d35ffde Prepare for the next release
  • 6ec74ec crossbeam-channel: prevent double free on Drop (#1187)
  • ccd83ac Prepare for the next release
  • 54988eb Calculate layout in const context
  • 761d0b6 Port #1146 & #1147 to deque::Injector and queue::SegQueue
  • 8144fbb Remove optimistic spinning from Context::wait_until
  • a92f6c4 Bump peter-evans/create-pull-request from 5 to 7 (#1153)
  • 66d41a9 channel: Add new_biased constructor for biased channel selection (#1150)
  • d0d0a80 CachePadded: Use 128-byte alignment on arm64ec
  • f757eef Add comment about fixed rustc bug
  • Additional commits viewable in compare view

Updates openssl from 0.10.64 to 0.10.75

Release notes

Sourced from openssl's releases.

openssl-v0.10.75

What's Changed

New Contributors

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.74...openssl-v0.10.75

openssl-v0.10.74

What's Changed

... (truncated)

Commits
  • 09b90d0 Merge pull request #2518 from alex/bump-for-release
  • 26533f3 Release openssl v0.10.75 and openssl-sys v0.9.111
  • 395ecca Merge pull request #2517 from alex/claude/fix-ocsp-find-status-011CUqcGFNKeKJ...
  • cc26867 Fix unsound OCSP find_status handling of optional next_update field
  • 95aa8e8 Merge pull request #2513 from botovq/libressl-stable
  • e735a32 CI: bump LibreSSL 4.x branches to latest releases
  • 21ab91d Merge pull request #2510 from huwcbjones/huw/sys/evp-mac
  • d9161dc sys/evp: add EVP_MAC symbols
  • 3fd4bf2 Merge pull request #2508 from goffrie/oaep-label
  • 52022fd Implement set_rsa_oaep_label for AWS-LC/BoringSSL
  • Additional commits viewable in compare view

Updates ruint from 1.12.1 to 1.12.3

Release notes

Sourced from ruint's releases.

v1.12.3

belated repo release for already-released package version

What's Changed

New Contributors

Full Changelog: recmo/uint@v1.12.1...v1.12.3

Changelog

Sourced from ruint's changelog.

[1.12.3] - 2024-06-03

Changed

  • Use borrowing/carrying ops in add/sub, remove bound checks in shifts (#366)
  • Make mul_mod non-allocating (#373)

Fixed

  • Add alloc requirement to num-traits feature #363

#363: recmo/uint#363 #366: recmo/uint#366 #373: recmo/uint#373

Commits
  • 0c07a4c Merge pull request #376 from DaniPopes/release-1.12.3
  • c5a588e chore: release 1.12.3
  • 7dc999e Merge pull request #375 from DaniPopes/rm-likely
  • bbcfec4 chore: likely/unlikely does not work on stable
  • fb9482f Merge pull request #374 from DaniPopes/less-always
  • 71eb7d5 Merge branch 'main' into less-always
  • dc928b2 Merge pull request #373 from DaniPopes/non-allocating-mul-mod
  • 1475c2f chore: reduce inline(always) in algorithms
  • d0f31a1 perf: non-allocating mul_mod
  • b041f09 Merge pull request #372 from YichiZhang0613/fix_inconsistency
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump the cargo group across 1 directory with 6 updates
544a772 
Bumps the cargo group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [alloy-json-abi](https://github.com/alloy-rs/core) | `0.7.1` | `0.8.0` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.37.0` | `1.38.2` |
| [ammonia](https://github.com/rust-ammonia/ammonia) | `3.3.0` | `3.3.1` |
| [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam) | `0.5.12` | `0.5.15` |
| [openssl](https://github.com/rust-openssl/rust-openssl) | `0.10.64` | `0.10.75` |



Updates `alloy-json-abi` from 0.7.1 to 0.8.0
- [Release notes](https://github.com/alloy-rs/core/releases)
- [Changelog](https://github.com/alloy-rs/core/blob/main/CHANGELOG.md)
- [Commits](alloy-rs/core@v0.7.1...v0.8.0)

Updates `tokio` from 1.37.0 to 1.38.2
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.37.0...tokio-1.38.2)

Updates `ammonia` from 3.3.0 to 3.3.1
- [Release notes](https://github.com/rust-ammonia/ammonia/releases)
- [Changelog](https://github.com/rust-ammonia/ammonia/blob/master/CHANGELOG.md)
- [Commits](rust-ammonia/ammonia@v3.3.0...v3.3.1)

Updates `crossbeam-channel` from 0.5.12 to 0.5.15
- [Release notes](https://github.com/crossbeam-rs/crossbeam/releases)
- [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md)
- [Commits](crossbeam-rs/crossbeam@crossbeam-channel-0.5.12...crossbeam-channel-0.5.15)

Updates `openssl` from 0.10.64 to 0.10.75
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-v0.10.64...openssl-v0.10.75)

Updates `ruint` from 1.12.1 to 1.12.3
- [Release notes](https://github.com/recmo/uint/releases)
- [Changelog](https://github.com/recmo/uint/blob/main/CHANGELOG.md)
- [Commits](recmo/uint@v1.12.1...v1.12.3)

---
updated-dependencies:
- dependency-name: alloy-json-abi
  dependency-version: 0.8.0
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: tokio
  dependency-version: 1.38.2
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: ammonia
  dependency-version: 3.3.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: crossbeam-channel
  dependency-version: 0.5.15
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: openssl
  dependency-version: 0.10.75
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: ruint
  dependency-version: 1.12.3
  dependency-type: indirect
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jan 5, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants