Skip to content

Comments

chore(deps): bump the prod-dependencies group across 1 directory with 41 updates#287

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/prod-dependencies-7ac86bdbcf
Open

chore(deps): bump the prod-dependencies group across 1 directory with 41 updates#287
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/prod-dependencies-7ac86bdbcf

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 21, 2026

Bumps the prod-dependencies group with 41 updates in the / directory:

Package From To
anyhow 1.0.98 1.0.102
async-trait 0.1.83 0.1.89
chrono 0.4.38 0.4.43
clap 4.5.41 4.5.60
colored 2.1.0 3.1.1
derive_builder 0.20.1 0.20.2
directories 5.0.1 6.0.0
educe 0.5.11 0.6.0
fake 2.10.0 4.4.0
gethostname 0.4.3 1.1.0
glob 0.3.1 0.3.3
human-panic 2.0.2 2.0.6
ignore 0.4.23 0.4.25
indicatif 0.18.3 0.18.4
inquire 0.6.2 0.9.3
itertools 0.13.0 0.14.0
jsonschema 0.30.0 0.33.0
jsonwebtoken 10.2.0 10.3.0
minijinja 2.3.1 2.16.0
mockall 0.12.1 0.14.0
normpath 1.3.0 1.5.0
pathdiff 0.2.2 0.2.3
petgraph 0.6.5 0.8.3
regex 1.11.1 1.12.3
reqwest 0.12.9 0.12.28
schemars 1.2.0 1.2.1
secrecy 0.8.0 0.10.3
sha256 1.5.0 1.6.0
shellexpand 3.1.0 3.1.1
strip-ansi-escapes 0.2.0 0.2.1
strum 0.26.3 0.27.2
thiserror 1.0.69 2.0.12
tokio 1.46.1 1.49.0
tonic 0.14.2 0.14.5
tracing-appender 0.2.3 0.2.4
which 6.0.3 8.0.0
assert_cmd 2.0.16 2.1.2
assert_fs 1.1.2 1.1.3
escargot 0.5.12 0.5.15
predicates 3.1.2 3.1.4
tempfile 3.20.0 3.25.0

Updates anyhow from 1.0.98 to 1.0.102

Release notes

Sourced from anyhow's releases.

1.0.102

1.0.101

1.0.100

  • Teach clippy to lint formatting arguments in bail!, ensure!, anyhow! (#426)

1.0.99

  • Allow build-script cleanup failure with NFSv3 output directory to be non-fatal (#420)
Commits
  • 5c657b3 Release 1.0.102
  • e737fb6 Merge pull request #442 from dtolnay/backtrace
  • 7fe62b5 Further simply backtrace conditional compilation
  • c8cb5ca Merge pull request #441 from dtolnay/backtrace
  • de27df7 Delete CI use of --features=backtrace
  • 9b67e5d Merge pull request #440 from dtolnay/backtrace
  • efdb11a Simplify std_backtrace conditional code
  • b8a9a70 Merge pull request #439 from dtolnay/backtrace
  • a42fc2c Remove feature = "backtrace" conditional code
  • 2a2a3ce Re-word backtrace feature comment
  • Additional commits viewable in compare view

Updates async-trait from 0.1.83 to 0.1.89

Release notes

Sourced from async-trait's releases.

0.1.89

0.1.88

  • Fix lifetime bounding on generic parameters that have cfg (#289)

0.1.87

  • Documentation improvements

0.1.86

  • Documentation improvements

0.1.85

  • Omit Self: 'async_trait bound in impl when not needed by signature (#284)

0.1.84

  • Support impl Trait in return type (#282)
Commits
  • a7e91e9 Release 0.1.89
  • fbcfcac Merge pull request 293 from Veykril/lw/quote_spanned
  • fd93990 Improve use of spans in quote_spanned
  • a5093fe Add type-mismatch ui test
  • 6d12b44 Revert "Pin nightly toolchain used for miri job"
  • dd9e4ba Hide unused_variables warning in consider-restricting.rs ui test
  • b454fc8 Update ui test suite to nightly-2025-08-03
  • 9c880e8 Update ui test suite to nightly-2025-07-30
  • 7ca751d Ignore unused_parens warning in test
  • 2bccfeb Update ui test suite to nightly-2025-05-28
  • Additional commits viewable in compare view

Updates chrono from 0.4.38 to 0.4.43

Release notes

Sourced from chrono's releases.

0.4.43

What's Changed

0.4.42

What's Changed

v0.4.41

What's Changed

0.4.40

What's Changed

... (truncated)

Commits
  • 45caaa9 Update copyright year to 2026 in LICENSE.txt
  • 1c0b8f0 Bump version to 0.4.43
  • a03e43b Upgrade windows-bindgen to 0.66
  • 4fedaba Ignore bincode advisory
  • f4b7bbd Bump actions/checkout from 5 to 6
  • db12973 Added doctest for the NaiveDate years_since function (#1755)
  • 34b5f49 chore: minor improvement for docs
  • 8c82711 Bump actions/setup-node from 5 to 6
  • ea1f11b Drop deny lints, eager Debug impls are a mixed blessing
  • 35f9f2d Add feature gated defmt support.
  • Additional commits viewable in compare view

Updates clap from 4.5.41 to 4.5.60

Release notes

Sourced from clap's releases.

v4.5.60

[4.5.60] - 2026-02-19

Fixes

  • (help) Quote empty default values, possible values

v4.5.59

[4.5.59] - 2026-02-16

Fixes

  • Command::ignore_errors no longer masks help/version on subcommands

v4.5.58

[4.5.58] - 2026-02-11

v4.5.57

[4.5.57] - 2026-02-03

Fixes

  • Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

v4.5.56

[4.5.56] - 2026-01-29

Fixes

  • On conflict error, don't show conflicting arguments in the usage

v4.5.55

[4.5.55] - 2026-01-27

Fixes

  • Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

v4.5.54

[4.5.54] - 2026-01-02

Fixes

  • (help) Move [default] to its own paragraph when PossibleValue::help is present in --help

v4.5.53

[4.5.53] - 2025-11-19

Features

... (truncated)

Changelog

Sourced from clap's changelog.

[4.5.60] - 2026-02-19

Fixes

  • (help) Quote empty default values, possible values

[4.5.59] - 2026-02-16

Fixes

  • Command::ignore_errors no longer masks help/version on subcommands

[4.5.58] - 2026-02-11

[4.5.57] - 2026-02-03

Fixes

  • Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

[4.5.56] - 2026-01-29

Fixes

  • On conflict error, don't show conflicting arguments in the usage

[4.5.55] - 2026-01-27

Fixes

  • Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

[4.5.54] - 2026-01-02

Fixes

  • (help) Move [default] to its own paragraph when PossibleValue::help is present in --help

[4.5.53] - 2025-11-19

Features

  • Add default_values_if, default_values_ifs

[4.5.52] - 2025-11-17

Fixes

  • Don't panic when args_conflicts_with_subcommands conflicts with an ArgGroup

... (truncated)

Commits
  • 33d24d8 chore: Release
  • 9332409 docs: Update changelog
  • b7adce5 Merge pull request #6166 from fabalchemy/fix-dynamic-powershell-completion
  • 009bba4 fix(clap_complete): Improve powershell registration
  • d89d57d chore: Release
  • f18b67e docs: Update changelog
  • 9d218eb Merge pull request #6165 from epage/shirt
  • 126440c fix(help): Correctly calculate padding for short-only args
  • 9e3c05e test(help): Show panic with short, valueless arg
  • c9898d0 test(help): Verify short with value
  • Additional commits viewable in compare view

Updates colored from 2.1.0 to 3.1.1

Release notes

Sourced from colored's releases.

v3.1.1

No release notes provided.

v3.1.0

No release notes provided.

v3.0.0

  • [BREAKING CHANGE]: Upgrade MSRV to 1.80 and remove the then unnecessary lazy_static dependency.

v2.2.0

No release notes provided.

Changelog

Sourced from colored's changelog.

Unreleased

  • Added methods ansi_color and on_ansi_color to Colorize.

3.0.0

  • [BREAKING CHANGE]: Upgrade MSRV to 1.80 and remove the then unnecessary lazy_static dependency.

2.2.0

  • Updated top-level docs to include a note about ColoredString's role in the Colorize pipeline as well as link to it to suggest learning more about how to manipulate existing ColoredString's.
  • Changes to ColoredString:
    • Expose fields.
    • [DEPRECATION]: Deprecated methods fgcolor, bgcolor, and style due to their obsolescence in the face of the exposing of their represented fields.
    • Add methods for clearing specific elements of fgcolor, bgcolor, and style.
    • Change Default implementation to be via derive as Style now implements Default (see changes to Style below).
    • Add implementation of DerefMut.
    • Updated docs to reflect the above changes as well as generally greatly expand them.
  • Changes to Style:
    • Implemented Default for Style (returns CLEAR). This exposes a method by which users can create plain Style's from scratch.
    • Implemented From<Styles> for Style. This lets users easily create Style's from specific styles.
    • Exposed previously private method add.
    • Created method remove which essentially does the opposite.
    • Added builder-style methods in the vein of Colorize to add stylings (e.g. bold, underline, italic, strikethrough).
    • Implemented bitwise operators BitAnd, BitOr, BitXor, and Not as well as their representative assignment operators. You can also use a Styles as an operand for these.
    • Implemented FromIterator<Styles> for Style.
  • Changes to Styles:
    • Implemented bitwise operators BitAnd, BitOr, BitXor, and Not which all combine Styles's and output Style's. These can also take a Style as an operand.
  • Added additional testing for all of the above changes.
  • Added methods with_style and with_color_and_style to Colorize.
Commits

Updates derive_builder from 0.20.1 to 0.20.2

Release notes

Sourced from derive_builder's releases.

v0.20.2

  • Allow unquoted expressions in builder(default = ...) #331
Commits
  • fc18dd2 Bump version to 0.20.2
  • b809d0e add documentation for private build method
  • 65c87d3 Skip rustfmt for manually-written output
  • d2efc54 Remove DeprecationNotes feature
  • 2418ab4 Allow unquoted expressions in default = ...
  • 1203dfa Fix compiletest error message
  • 5cca75a Remove last pretty_assertions dependency
  • fdc50aa Remove prettyassertions
  • 0a163af Fix nightly clippy violation
  • be3795e Bump darling version to fix clippy issue
  • Additional commits viewable in compare view

Updates directories from 5.0.1 to 6.0.0

Commits

Updates educe from 0.5.11 to 0.6.0

Commits
  • bc05181 bump version
  • b867288 Merge branch 'ijackson-leaking-bounds'
  • 3f98647 Merge branch 'leaking-bounds' of github.com:ijackson/rust-educe into ijackson...
  • 47bd92f update doc
  • f962522 bump version
  • 9e23e34 Merge branch 'ijackson-all-bounds'
  • b7567cb Merge branch 'all-bounds' of github.com:ijackson/rust-educe into ijackson-all...
  • fca9263 fix the bound_4 test case in ord_struct
  • e40c20e add an empty line
  • 63114a8 fix the bound_4 test case in partial_ord_struct
  • Additional commits viewable in compare view

Updates fake from 2.10.0 to 4.4.0

Release notes

Sourced from fake's releases.

v4.4.0

What's Changed

New Contributors

Full Changelog: cksac/fake-rs@v4.3.0...v4.4.0

v4.3.0

No release notes provided.

v3.2.0

No release notes provided.

v3.1.0

No release notes provided.

Commits

Updates gethostname from 0.4.3 to 1.1.0

Updates glob from 0.3.1 to 0.3.3

Release notes

Sourced from glob's releases.

v0.3.3

  • Optimize memory allocations (#147)
  • Bump the MSRV to 1.63 (#172)
  • Fix spelling in pattern documentation (#164)
  • Fix version numbers and some formatting (#157)
  • Style fixes (#137)

v0.3.2

What's Changed

New Contributors

Full Changelog: rust-lang/glob@0.3.1...v0.3.2

Changelog

Sourced from glob's changelog.

0.3.3 - 2025-08-11

  • Optimize memory allocations (#147)
  • Bump the MSRV to 1.63 (#172)
  • Fix spelling in pattern documentation (#164)
  • Fix version numbers and some formatting (#157)
  • Style fixes (#137)

0.3.2 - 2024-12-28

What's Changed

New Contributors

Full Changelog: rust-lang/glob@0.3.1...0.3.2

Commits

Updates human-panic from 2.0.2 to 2.0.6

Changelog

Sourced from human-panic's changelog.

[2.0.6] - 2025-12-29

Features

  • Added Metadata::repository as a fallback for Metadata::homepage

[2.0.5] - 2025-12-26

Performance

  • Improve build times on some platforms by changing from os_info to sysinfo

[2.0.4] - 2025-10-28

[2.0.3] - 2025-07-08

Internal

  • Update toml
Commits

Updates ignore from 0.4.23 to 0.4.25

Commits

Updates indicatif from 0.18.3 to 0.18.4

Release notes

Sourced from indicatif's releases.

0.18.4

What's Changed

Commits
  • 4de2f60 Bump version to 0.18.4
  • 8e0ab0e fix: respect NO_COLOR and TERM=dumb environment variables
  • 781b2d0 Take semver-compatible dependency updates
  • 34aee07 Introduce unicode-width feature
  • 51d284f Introduce wasmbind feature
  • ee057e5 Bump tokio from 1.48.0 to 1.49.0
  • 31bcea3 Bump portable-atomic from 1.11.1 to 1.12.0
  • dbd26eb Bump console from 0.16.1 to 0.16.2
  • 7ac4a0d Expose the current tab width
  • 95088ff iter: clean up variable names, casting
  • Additional commits viewable in compare view

Updates inquire from 0.6.2 to 0.9.3

Release notes

Sourced from inquire's releases.

v0.9.3

Features

  • Added new_line_prefix option to RenderConfig, allowing a styled prefix to be displayed at the beginning of every new line.
  • Added answer_from_new_line option to RenderConfig, allowing the submitted answer to be rendered on a new line below the prompt.
  • Added unhighlighted_option_prefix option to RenderConfig, allowing customization of the prefix for non-highlighted options in Select and MultiSelect prompts.

Thanks @​frol for the contribution!

v0.9.2

  • Bumped MSRV from 1.80 -> 1.82 due to new requirements of dependencies.
  • Expose the sorting function used by Select (thanks @​devjgm!)

v0.9.1

  • Fix panicking when terminal backend reports size with 0 width. Thanks @​sebhoss for reporting!

v0.9.0

Features

Adds Selectable derive macro for enums! You can now easily create enum-based prompts (e.g. menus) by using the Selectable derive macro on your enums.

See the example for more details. Thank you @​TheBearodactyl for the contribution!

Dependencies

  • Updated unicode-width to 0.2.
  • Updated crossterm to 0.29.
  • Updated termion to 4.0.
  • Updated console to 0.16.

v0.9.1

v0.9

v0.9.0

Features

Adds Selectable derive macro for enums! You can now easily create enum-based prompts (e.g. menus) by using the Selectable derive macro on your enums.

See the example for more details. Thank you @​TheBearodactyl for the contribution!

Dependencies

  • Updated unicode-width to 0.2.
  • Updated crossterm to 0.29.
  • Updated termion to 4.0.

... (truncated)

Changelog

Sourced from inquire's changelog.

[0.9.3] - 2026-02-06

Features

  • Added new_line_prefix option to RenderConfig, allowing a styled prefix to be displayed at the beginning of every new line.
  • Added answer_from_new_line option to RenderConfig, allowing the submitted answer to be rendered on a new line below the prompt.
  • Added unhighlighted_option_prefix option to RenderConfig, allowing customization of the prefix for non-highlighted options in Select and MultiSelect prompts.

[0.9.2] - 2026-01-17

  • Bumped MSRV from 1.80 -> 1.82 due to new requirements of dependencies.
  • Expose the sorting function used by Select (thanks @​devjgm!)

[0.9.1] - 2025-09-16

Fixes

  • Fix panicking when terminal backend reports size with 0 width.

[0.9.0] - 2025-09-16

Features

Adds Selectable derive macro for enums! You can now easily create enum-based prompts (e.g. menus) by using the Selectable derive macro on your enums.

See the example for more details. Thank you @​TheBearodactyl for the contribution!

Dependencies

  • Updated unicode-width to 0.2.
  • Updated crossterm to 0.29.
  • Updated termion to 4.0.
  • Updated console to 0.16.

[0.8.0] - 2025-09-14

Features

  • Improve end user experience when prompting for input without a message.
  • Implement raw_prompt_skippable for Select.

Fixes

  • Fix bug where inputs spanning 3+ lines would break text rendering.
  • Fix bug where Select and MultiSelect prompts would render the first option incorrectly when filtering is disabled.
  • Fix autocomplete suggestions not being updated after a suggestion is accepted.
  • Fix incorrect cursor placement when inputting CJK characters.

API Changes

... (truncated)

Commits

… 41 updates

Bumps the prod-dependencies group with 41 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.98` | `1.0.102` |
| [async-trait](https://github.com/dtolnay/async-trait) | `0.1.83` | `0.1.89` |
| [chrono](https://github.com/chronotope/chrono) | `0.4.38` | `0.4.43` |
| [clap](https://github.com/clap-rs/clap) | `4.5.41` | `4.5.60` |
| [colored](https://github.com/mackwic/colored) | `2.1.0` | `3.1.1` |
| [derive_builder](https://github.com/colin-kiegel/rust-derive-builder) | `0.20.1` | `0.20.2` |
| [directories](https://github.com/soc/directories-rs) | `5.0.1` | `6.0.0` |
| [educe](https://github.com/magiclen/educe) | `0.5.11` | `0.6.0` |
| [fake](https://github.com/cksac/fake-rs) | `2.10.0` | `4.4.0` |
| gethostname | `0.4.3` | `1.1.0` |
| [glob](https://github.com/rust-lang/glob) | `0.3.1` | `0.3.3` |
| [human-panic](https://github.com/rust-cli/human-panic) | `2.0.2` | `2.0.6` |
| [ignore](https://github.com/BurntSushi/ripgrep) | `0.4.23` | `0.4.25` |
| [indicatif](https://github.com/console-rs/indicatif) | `0.18.3` | `0.18.4` |
| [inquire](https://github.com/mikaelmello/inquire) | `0.6.2` | `0.9.3` |
| [itertools](https://github.com/rust-itertools/itertools) | `0.13.0` | `0.14.0` |
| [jsonschema](https://github.com/Stranger6667/jsonschema) | `0.30.0` | `0.33.0` |
| [jsonwebtoken](https://github.com/Keats/jsonwebtoken) | `10.2.0` | `10.3.0` |
| [minijinja](https://github.com/mitsuhiko/minijinja) | `2.3.1` | `2.16.0` |
| [mockall](https://github.com/asomers/mockall) | `0.12.1` | `0.14.0` |
| [normpath](https://github.com/dylni/normpath) | `1.3.0` | `1.5.0` |
| [pathdiff](https://github.com/Manishearth/pathdiff) | `0.2.2` | `0.2.3` |
| [petgraph](https://github.com/petgraph/petgraph) | `0.6.5` | `0.8.3` |
| [regex](https://github.com/rust-lang/regex) | `1.11.1` | `1.12.3` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.12.9` | `0.12.28` |
| [schemars](https://github.com/GREsau/schemars) | `1.2.0` | `1.2.1` |
| [secrecy](https://github.com/iqlusioninc/crates) | `0.8.0` | `0.10.3` |
| [sha256](https://github.com/baoyachi/sha256-rs) | `1.5.0` | `1.6.0` |
| [shellexpand](https://gitlab.com/ijackson/rust-shellexpand) | `3.1.0` | `3.1.1` |
| [strip-ansi-escapes](https://github.com/luser/strip-ansi-escapes) | `0.2.0` | `0.2.1` |
| [strum](https://github.com/Peternator7/strum) | `0.26.3` | `0.27.2` |
| [thiserror](https://github.com/dtolnay/thiserror) | `1.0.69` | `2.0.12` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.46.1` | `1.49.0` |
| [tonic](https://github.com/hyperium/tonic) | `0.14.2` | `0.14.5` |
| [tracing-appender](https://github.com/tokio-rs/tracing) | `0.2.3` | `0.2.4` |
| [which](https://github.com/harryfei/which-rs) | `6.0.3` | `8.0.0` |
| [assert_cmd](https://github.com/assert-rs/assert_cmd) | `2.0.16` | `2.1.2` |
| [assert_fs](https://github.com/assert-rs/assert_fs) | `1.1.2` | `1.1.3` |
| [escargot](https://github.com/crate-ci/escargot) | `0.5.12` | `0.5.15` |
| [predicates](https://github.com/assert-rs/predicates-rs) | `3.1.2` | `3.1.4` |
| [tempfile](https://github.com/Stebalien/tempfile) | `3.20.0` | `3.25.0` |



Updates `anyhow` from 1.0.98 to 1.0.102
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.98...1.0.102)

Updates `async-trait` from 0.1.83 to 0.1.89
- [Release notes](https://github.com/dtolnay/async-trait/releases)
- [Commits](dtolnay/async-trait@0.1.83...0.1.89)

Updates `chrono` from 0.4.38 to 0.4.43
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](chronotope/chrono@v0.4.38...v0.4.43)

Updates `clap` from 4.5.41 to 4.5.60
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete-v4.5.41...clap_complete-v4.5.60)

Updates `colored` from 2.1.0 to 3.1.1
- [Release notes](https://github.com/mackwic/colored/releases)
- [Changelog](https://github.com/colored-rs/colored/blob/master/CHANGELOG.md)
- [Commits](colored-rs/colored@v2.1.0...v3.1.1)

Updates `derive_builder` from 0.20.1 to 0.20.2
- [Release notes](https://github.com/colin-kiegel/rust-derive-builder/releases)
- [Commits](colin-kiegel/rust-derive-builder@v0.20.1...v0.20.2)

Updates `directories` from 5.0.1 to 6.0.0
- [Commits](https://github.com/soc/directories-rs/commits)

Updates `educe` from 0.5.11 to 0.6.0
- [Commits](magiclen/educe@v0.5.11...v0.6.0)

Updates `fake` from 2.10.0 to 4.4.0
- [Release notes](https://github.com/cksac/fake-rs/releases)
- [Commits](https://github.com/cksac/fake-rs/commits/v4.4.0)

Updates `gethostname` from 0.4.3 to 1.1.0

Updates `glob` from 0.3.1 to 0.3.3
- [Release notes](https://github.com/rust-lang/glob/releases)
- [Changelog](https://github.com/rust-lang/glob/blob/master/CHANGELOG.md)
- [Commits](rust-lang/glob@0.3.1...v0.3.3)

Updates `human-panic` from 2.0.2 to 2.0.6
- [Changelog](https://github.com/rust-cli/human-panic/blob/master/CHANGELOG.md)
- [Commits](rust-cli/human-panic@v2.0.2...v2.0.6)

Updates `ignore` from 0.4.23 to 0.4.25
- [Release notes](https://github.com/BurntSushi/ripgrep/releases)
- [Changelog](https://github.com/BurntSushi/ripgrep/blob/master/CHANGELOG.md)
- [Commits](BurntSushi/ripgrep@ignore-0.4.23...ignore-0.4.25)

Updates `indicatif` from 0.18.3 to 0.18.4
- [Release notes](https://github.com/console-rs/indicatif/releases)
- [Commits](console-rs/indicatif@0.18.3...0.18.4)

Updates `inquire` from 0.6.2 to 0.9.3
- [Release notes](https://github.com/mikaelmello/inquire/releases)
- [Changelog](https://github.com/mikaelmello/inquire/blob/main/CHANGELOG.md)
- [Commits](mikaelmello/inquire@v0.6.2...v0.9.3)

Updates `itertools` from 0.13.0 to 0.14.0
- [Changelog](https://github.com/rust-itertools/itertools/blob/master/CHANGELOG.md)
- [Commits](rust-itertools/itertools@v0.13.0...v0.14.0)

Updates `jsonschema` from 0.30.0 to 0.33.0
- [Release notes](https://github.com/Stranger6667/jsonschema/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md)
- [Commits](Stranger6667/jsonschema@rust-v0.30.0...rust-v0.33.0)

Updates `jsonwebtoken` from 10.2.0 to 10.3.0
- [Changelog](https://github.com/Keats/jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](Keats/jsonwebtoken@v10.2.0...v10.3.0)

Updates `minijinja` from 2.3.1 to 2.16.0
- [Release notes](https://github.com/mitsuhiko/minijinja/releases)
- [Changelog](https://github.com/mitsuhiko/minijinja/blob/main/CHANGELOG.md)
- [Commits](mitsuhiko/minijinja@2.3.1...minijinja-go/v2.16.0)

Updates `mockall` from 0.12.1 to 0.14.0
- [Changelog](https://github.com/asomers/mockall/blob/master/CHANGELOG.md)
- [Commits](asomers/mockall@v0.12.1...v0.14.0)

Updates `normpath` from 1.3.0 to 1.5.0
- [Release notes](https://github.com/dylni/normpath/releases)
- [Commits](dylni/normpath@1.3.0...1.5.0)

Updates `pathdiff` from 0.2.2 to 0.2.3
- [Commits](https://github.com/Manishearth/pathdiff/commits/v0.2.3)

Updates `petgraph` from 0.6.5 to 0.8.3
- [Release notes](https://github.com/petgraph/petgraph/releases)
- [Changelog](https://github.com/petgraph/petgraph/blob/master/CHANGELOG.md)
- [Commits](https://github.com/petgraph/petgraph/compare/petgraph@v0.6.5...petgraph@v0.8.3)

Updates `regex` from 1.11.1 to 1.12.3
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](rust-lang/regex@1.11.1...1.12.3)

Updates `reqwest` from 0.12.9 to 0.12.28
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.12.9...v0.12.28)

Updates `schemars` from 1.2.0 to 1.2.1
- [Release notes](https://github.com/GREsau/schemars/releases)
- [Changelog](https://github.com/GREsau/schemars/blob/master/CHANGELOG.md)
- [Commits](GREsau/schemars@v1.2.0...v1.2.1)

Updates `secrecy` from 0.8.0 to 0.10.3
- [Commits](https://github.com/iqlusioninc/crates/commits)

Updates `sha256` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/baoyachi/sha256-rs/releases)
- [Commits](baoyachi/sha256-rs@1.5.0...1.6.0)

Updates `shellexpand` from 3.1.0 to 3.1.1
- [Commits](https://gitlab.com/ijackson/rust-shellexpand/compare/shellexpand-3.1.0...shellexpand-3.1.1)

Updates `strip-ansi-escapes` from 0.2.0 to 0.2.1
- [Commits](https://github.com/luser/strip-ansi-escapes/commits)

Updates `strum` from 0.26.3 to 0.27.2
- [Release notes](https://github.com/Peternator7/strum/releases)
- [Changelog](https://github.com/Peternator7/strum/blob/master/CHANGELOG.md)
- [Commits](Peternator7/strum@v0.26.3...v0.27.2)

Updates `thiserror` from 1.0.69 to 2.0.12
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](dtolnay/thiserror@1.0.69...2.0.12)

Updates `tokio` from 1.46.1 to 1.49.0
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.46.1...tokio-1.49.0)

Updates `tonic` from 0.14.2 to 0.14.5
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.2...v0.14.5)

Updates `tracing-appender` from 0.2.3 to 0.2.4
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](tokio-rs/tracing@tracing-appender-0.2.3...tracing-appender-0.2.4)

Updates `which` from 6.0.3 to 8.0.0
- [Release notes](https://github.com/harryfei/which-rs/releases)
- [Changelog](https://github.com/harryfei/which-rs/blob/master/CHANGELOG.md)
- [Commits](harryfei/which-rs@6.0.3...8.0.0)

Updates `assert_cmd` from 2.0.16 to 2.1.2
- [Changelog](https://github.com/assert-rs/assert_cmd/blob/master/CHANGELOG.md)
- [Commits](assert-rs/assert_cmd@v2.0.16...v2.1.2)

Updates `assert_fs` from 1.1.2 to 1.1.3
- [Changelog](https://github.com/assert-rs/assert_fs/blob/master/CHANGELOG.md)
- [Commits](assert-rs/assert_fs@v1.1.2...v1.1.3)

Updates `escargot` from 0.5.12 to 0.5.15
- [Changelog](https://github.com/crate-ci/escargot/blob/master/CHANGELOG.md)
- [Commits](crate-ci/escargot@v0.5.12...v0.5.15)

Updates `predicates` from 3.1.2 to 3.1.4
- [Changelog](https://github.com/assert-rs/predicates-rs/blob/master/CHANGELOG.md)
- [Commits](assert-rs/predicates-rs@v3.1.2...v3.1.4)

Updates `tempfile` from 3.20.0 to 3.25.0
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stebalien/tempfile/commits)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-version: 1.0.102
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: async-trait
  dependency-version: 0.1.89
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: chrono
  dependency-version: 0.4.43
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: clap
  dependency-version: 4.5.60
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: colored
  dependency-version: 3.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-dependencies
- dependency-name: derive_builder
  dependency-version: 0.20.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: directories
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-dependencies
- dependency-name: educe
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: fake
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-dependencies
- dependency-name: gethostname
  dependency-version: 1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-dependencies
- dependency-name: glob
  dependency-version: 0.3.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: human-panic
  dependency-version: 2.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: ignore
  dependency-version: 0.4.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: indicatif
  dependency-version: 0.18.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: inquire
  dependency-version: 0.9.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: itertools
  dependency-version: 0.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: jsonschema
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: jsonwebtoken
  dependency-version: 10.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: minijinja
  dependency-version: 2.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: mockall
  dependency-version: 0.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: normpath
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: pathdiff
  dependency-version: 0.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: petgraph
  dependency-version: 0.8.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: regex
  dependency-version: 1.12.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: reqwest
  dependency-version: 0.12.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: schemars
  dependency-version: 1.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: secrecy
  dependency-version: 0.10.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: sha256
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: shellexpand
  dependency-version: 3.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: strip-ansi-escapes
  dependency-version: 0.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: strum
  dependency-version: 0.27.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: thiserror
  dependency-version: 2.0.12
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-dependencies
- dependency-name: tokio
  dependency-version: 1.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: tonic
  dependency-version: 0.14.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: tracing-appender
  dependency-version: 0.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: which
  dependency-version: 8.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-dependencies
- dependency-name: assert_cmd
  dependency-version: 2.1.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: assert_fs
  dependency-version: 1.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: escargot
  dependency-version: 0.5.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: predicates
  dependency-version: 3.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: tempfile
  dependency-version: 3.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Feb 21, 2026
@socket-security
Copy link

Caution

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. It is recommended to resolve "Warn" alerts too. For more information please check in at #security-help. For License Policy Violations please also tag @Aoife in #security-help.

Action Severity Alert  (click "▶" to expand/collapse)
Block High
License policy violation: cargo colored under MPL-2.0

Location: Package overview

From: Cargo.tomlcargo/colored@3.1.1

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/colored@3.1.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Block High
License policy violation: cargo linux-raw-sys

License: Apache-2.0 WITH LLVM-exception - the applicable license policy does not allow this license exception (linux-raw-sys-0.11.0/LICENSE-Apache-2.0_WITH_LLVM-exception)

From: ?cargo/inquire@0.9.3cargo/tempfile@3.25.0cargo/which@8.0.0cargo/gethostname@1.1.0cargo/linux-raw-sys@0.11.0

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/linux-raw-sys@0.11.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Block High
License policy violation: cargo petgraph under CC-BY-SA-4.0

License: CC-BY-SA-4.0 - the applicable license policy does not allow this license (4) (petgraph-0.8.3/assets/images/LICENSE.md)

From: Cargo.tomlcargo/petgraph@0.8.3

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/petgraph@0.8.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Block High
License policy violation: cargo rustix

License: Apache-2.0 WITH LLVM-exception - the applicable license policy does not allow this license exception (rustix-1.1.3/LICENSE-Apache-2.0_WITH_LLVM-exception)

From: ?cargo/inquire@0.9.3cargo/tempfile@3.25.0cargo/which@8.0.0cargo/gethostname@1.1.0cargo/rustix@1.1.3

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/rustix@1.1.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Block High
License policy violation: cargo wit-bindgen

License: Apache-2.0 WITH LLVM-exception - the applicable license policy does not allow this license exception (wit-bindgen-0.51.0/LICENSE-Apache-2.0_WITH_LLVM-exception)

From: ?cargo/human-panic@2.0.6cargo/tempfile@3.25.0cargo/jsonschema@0.33.0cargo/wit-bindgen@0.51.0

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/wit-bindgen@0.51.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants