chore(deps): bump the prod-dependencies group across 1 directory with 41 updates by dependabot[bot] · Pull Request #287 · Gusto/scope

dependabot · 2026-02-21T07:13:55Z

Bumps the prod-dependencies group with 41 updates in the / directory:

Package	From	To
anyhow	`1.0.98`	`1.0.102`
async-trait	`0.1.83`	`0.1.89`
chrono	`0.4.38`	`0.4.43`
clap	`4.5.41`	`4.5.60`
colored	`2.1.0`	`3.1.1`
derive_builder	`0.20.1`	`0.20.2`
directories	`5.0.1`	`6.0.0`
educe	`0.5.11`	`0.6.0`
fake	`2.10.0`	`4.4.0`
gethostname	`0.4.3`	`1.1.0`
glob	`0.3.1`	`0.3.3`
human-panic	`2.0.2`	`2.0.6`
ignore	`0.4.23`	`0.4.25`
indicatif	`0.18.3`	`0.18.4`
inquire	`0.6.2`	`0.9.3`
itertools	`0.13.0`	`0.14.0`
jsonschema	`0.30.0`	`0.33.0`
jsonwebtoken	`10.2.0`	`10.3.0`
minijinja	`2.3.1`	`2.16.0`
mockall	`0.12.1`	`0.14.0`
normpath	`1.3.0`	`1.5.0`
pathdiff	`0.2.2`	`0.2.3`
petgraph	`0.6.5`	`0.8.3`
regex	`1.11.1`	`1.12.3`
reqwest	`0.12.9`	`0.12.28`
schemars	`1.2.0`	`1.2.1`
secrecy	`0.8.0`	`0.10.3`
sha256	`1.5.0`	`1.6.0`
shellexpand	`3.1.0`	`3.1.1`
strip-ansi-escapes	`0.2.0`	`0.2.1`
strum	`0.26.3`	`0.27.2`
thiserror	`1.0.69`	`2.0.12`
tokio	`1.46.1`	`1.49.0`
tonic	`0.14.2`	`0.14.5`
tracing-appender	`0.2.3`	`0.2.4`
which	`6.0.3`	`8.0.0`
assert_cmd	`2.0.16`	`2.1.2`
assert_fs	`1.1.2`	`1.1.3`
escargot	`0.5.12`	`0.5.15`
predicates	`3.1.2`	`3.1.4`
tempfile	`3.20.0`	`3.25.0`

Updates anyhow from 1.0.98 to 1.0.102

Release notes

Sourced from anyhow's releases.

1.0.102

Remove backtrace dependency (#438, #439, #440, #441, #442)

1.0.101

Add #[inline] to anyhow::Ok helper (#437, thanks @Ibitier)

1.0.100

Teach clippy to lint formatting arguments in bail!, ensure!, anyhow! (#426)

1.0.99

Allow build-script cleanup failure with NFSv3 output directory to be non-fatal (#420)

Commits

5c657b3 Release 1.0.102
e737fb6 Merge pull request #442 from dtolnay/backtrace
7fe62b5 Further simply backtrace conditional compilation
c8cb5ca Merge pull request #441 from dtolnay/backtrace
de27df7 Delete CI use of --features=backtrace
9b67e5d Merge pull request #440 from dtolnay/backtrace
efdb11a Simplify std_backtrace conditional code
b8a9a70 Merge pull request #439 from dtolnay/backtrace
a42fc2c Remove feature = "backtrace" conditional code
2a2a3ce Re-word backtrace feature comment
Additional commits viewable in compare view

Updates async-trait from 0.1.83 to 0.1.89

Release notes

Sourced from async-trait's releases.

0.1.89

Improve IDE functionality (#293, thanks @Veykril)

0.1.88

Fix lifetime bounding on generic parameters that have cfg (#289)

0.1.87

Documentation improvements

0.1.86

Documentation improvements

0.1.85

Omit Self: 'async_trait bound in impl when not needed by signature (#284)

0.1.84

Support impl Trait in return type (#282)

Commits

a7e91e9 Release 0.1.89
fbcfcac Merge pull request 293 from Veykril/lw/quote_spanned
fd93990 Improve use of spans in quote_spanned
a5093fe Add type-mismatch ui test
6d12b44 Revert "Pin nightly toolchain used for miri job"
dd9e4ba Hide unused_variables warning in consider-restricting.rs ui test
b454fc8 Update ui test suite to nightly-2025-08-03
9c880e8 Update ui test suite to nightly-2025-07-30
7ca751d Ignore unused_parens warning in test
2bccfeb Update ui test suite to nightly-2025-05-28
Additional commits viewable in compare view

Updates chrono from 0.4.38 to 0.4.43

Release notes

Sourced from chrono's releases.

0.4.43

What's Changed

Install extra components for lint workflow by @djc in chronotope/chrono#1741

Upgrade windows-bindgen to 0.64 by @djc in chronotope/chrono#1742

Improve windows-bindgen setup by @djc in chronotope/chrono#1744

Drop stabilized feature doc_auto_cfg by @djc in chronotope/chrono#1745

Faster RFC 3339 parsing by @djc in chronotope/chrono#1748

Update windows-bindgen requirement from 0.64 to 0.65 by @dependabot[bot] in chronotope/chrono#1751

add NaiveDate::abs_diff by @Kinrany in chronotope/chrono#1752

Add feature gated defmt support. by @pebender in chronotope/chrono#1747

Drop deny lints, eager Debug impls are a mixed blessing by @djc in chronotope/chrono#1753

chore: minor improvement for docs by @spuradage in chronotope/chrono#1756

Added doctest for the NaiveDate years_since function by @LucasBou in chronotope/chrono#1755

Prepare 0.4.43 by @djc in chronotope/chrono#1765

Update copyright year to 2026 in LICENSE.txt by @taozui472 in chronotope/chrono#1767

0.4.42

What's Changed

Add fuzzer for DateTime::parse_from_str by @tyler92 in chronotope/chrono#1700

Fix wrong amount of micro/milliseconds by @nmlt in chronotope/chrono#1703

Add warning about MappedLocalTime and wasm by @lutzky in chronotope/chrono#1702

Fix incorrect parsing of fixed-length second fractions by @chris-leach in chronotope/chrono#1705

Fix cfgs for wasm32-linux support by @arjunr2 in chronotope/chrono#1707

Fix OpenHarmony's tzdata parsing by @ldm0 in chronotope/chrono#1679

Convert NaiveDate to/from days since unix epoch by @findepi in chronotope/chrono#1715

Add ?Sized bound to related methods of DelayedFormat::write_to by @Huliiiiii in chronotope/chrono#1721

Add from_timestamp_secs method to DateTime by @jasonaowen in chronotope/chrono#1719

Migrate to core::error::Error by @benbrittain in chronotope/chrono#1704

Upgrade to windows-bindgen 0.63 by @djc in chronotope/chrono#1730

strftime: simplify error handling by @djc in chronotope/chrono#1731

v0.4.41

What's Changed

Add subsec_micros and subsec_millis methods to TimeDelta by @ggoetz in chronotope/chrono#1668

Deprecate NaiveDateTime::UNIX_EPOCH by @robertbastian in chronotope/chrono#1670

Implement as_seconds_f32 and as_seconds_f64 for TimeDelta by @ggoetz in chronotope/chrono#1671

chore: fix some comments by @jimmycathy in chronotope/chrono#1677

Add num_days_in_month method to Datelike trait by @aslilac in chronotope/chrono#1673

add WeekdaySet, a collection of Weekday that is Copy by @Kinrany in chronotope/chrono#1676

WeekdaySet tweaks by @djc in chronotope/chrono#1680

Upgrade to windows-bindgen 0.61 by @djc in chronotope/chrono#1682

Implemented a consistent Eq trait for NaiveWeek by @Splashling1789 in chronotope/chrono#1687

TimeZone::from_posix_tz: Treat empty TZ variable as UTC by @drinkcat in chronotope/chrono#1691

Add support for lossy format strings by @Qelxiros in chronotope/chrono#1693

0.4.40

What's Changed

... (truncated)

Commits

45caaa9 Update copyright year to 2026 in LICENSE.txt
1c0b8f0 Bump version to 0.4.43
a03e43b Upgrade windows-bindgen to 0.66
4fedaba Ignore bincode advisory
f4b7bbd Bump actions/checkout from 5 to 6
db12973 Added doctest for the NaiveDate years_since function (#1755)
34b5f49 chore: minor improvement for docs
8c82711 Bump actions/setup-node from 5 to 6
ea1f11b Drop deny lints, eager Debug impls are a mixed blessing
35f9f2d Add feature gated defmt support.
Additional commits viewable in compare view

Updates clap from 4.5.41 to 4.5.60

Release notes

Sourced from clap's releases.

v4.5.60

[4.5.60] - 2026-02-19

Fixes

(help) Quote empty default values, possible values

v4.5.59

[4.5.59] - 2026-02-16

Fixes

Command::ignore_errors no longer masks help/version on subcommands

v4.5.58

[4.5.58] - 2026-02-11

v4.5.57

[4.5.57] - 2026-02-03

Fixes

Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

v4.5.56

[4.5.56] - 2026-01-29

Fixes

On conflict error, don't show conflicting arguments in the usage

v4.5.55

[4.5.55] - 2026-01-27

Fixes

Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

v4.5.54

[4.5.54] - 2026-01-02

Fixes

(help) Move [default] to its own paragraph when PossibleValue::help is present in --help

v4.5.53

[4.5.53] - 2025-11-19

Features

... (truncated)

Changelog

Sourced from clap's changelog.

[4.5.60] - 2026-02-19

Fixes

(help) Quote empty default values, possible values

[4.5.59] - 2026-02-16

Fixes

Command::ignore_errors no longer masks help/version on subcommands

[4.5.58] - 2026-02-11

[4.5.57] - 2026-02-03

Fixes

Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

[4.5.56] - 2026-01-29

Fixes

On conflict error, don't show conflicting arguments in the usage

[4.5.55] - 2026-01-27

Fixes

Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

[4.5.54] - 2026-01-02

Fixes

(help) Move [default] to its own paragraph when PossibleValue::help is present in --help

[4.5.53] - 2025-11-19

Features

Add default_values_if, default_values_ifs

[4.5.52] - 2025-11-17

Fixes

Don't panic when args_conflicts_with_subcommands conflicts with an ArgGroup

... (truncated)

Commits

33d24d8 chore: Release
9332409 docs: Update changelog
b7adce5 Merge pull request #6166 from fabalchemy/fix-dynamic-powershell-completion
009bba4 fix(clap_complete): Improve powershell registration
d89d57d chore: Release
f18b67e docs: Update changelog
9d218eb Merge pull request #6165 from epage/shirt
126440c fix(help): Correctly calculate padding for short-only args
9e3c05e test(help): Show panic with short, valueless arg
c9898d0 test(help): Verify short with value
Additional commits viewable in compare view

Updates colored from 2.1.0 to 3.1.1

Release notes

Sourced from colored's releases.

v3.1.1

No release notes provided.

v3.1.0

No release notes provided.

v3.0.0

[BREAKING CHANGE]: Upgrade MSRV to 1.80 and remove the then unnecessary lazy_static dependency.

v2.2.0

No release notes provided.

Changelog

Sourced from colored's changelog.

Unreleased

Added methods ansi_color and on_ansi_color to Colorize.

3.0.0

[BREAKING CHANGE]: Upgrade MSRV to 1.80 and remove the then unnecessary lazy_static dependency.

2.2.0

Updated top-level docs to include a note about ColoredString's role in the Colorize pipeline as well as link to it to suggest learning more about how to manipulate existing ColoredString's.

Changes to ColoredString:

Expose fields.

[DEPRECATION]: Deprecated methods fgcolor, bgcolor, and style due to their obsolescence in the face of the exposing of their represented fields.

Add methods for clearing specific elements of fgcolor, bgcolor, and style.

Change Default implementation to be via derive as Style now implements Default (see changes to Style below).

Add implementation of DerefMut.

Updated docs to reflect the above changes as well as generally greatly expand them.

Changes to Style:

Implemented Default for Style (returns CLEAR). This exposes a method by which users can create plain Style's from scratch.

Implemented From<Styles> for Style. This lets users easily create Style's from specific styles.

Exposed previously private method add.

Created method remove which essentially does the opposite.

Added builder-style methods in the vein of Colorize to add stylings (e.g. bold, underline, italic, strikethrough).

Implemented bitwise operators BitAnd, BitOr, BitXor, and Not as well as their representative assignment operators. You can also use a Styles as an operand for these.

Implemented FromIterator<Styles> for Style.

Changes to Styles:

Implemented bitwise operators BitAnd, BitOr, BitXor, and Not which all combine Styles's and output Style's. These can also take a Style as an operand.

Added additional testing for all of the above changes.

Added methods with_style and with_color_and_style to Colorize.

Commits

5204a26 3.1.1
49392a3 Limit to 5 keywords
b791685 3.1.0
9a83121 Allow windows-sys 0.61 to be used (#218)
192598d Clean up Colorize trait
ec013ae chore: minor improvement for docs (#212)
5bc198b Replace 'ansi_term' dev-dependency with 'ansiterm' (#209)
a21367d Allow windows-sys 0.60 to be used (#206)
9450fea Fix clippy warning (#207)
68761c1 README: use the latest v3.0 version for example (#204)
Additional commits viewable in compare view

Updates derive_builder from 0.20.1 to 0.20.2

Release notes

Sourced from derive_builder's releases.

v0.20.2

Allow unquoted expressions in builder(default = ...) #331

Commits

fc18dd2 Bump version to 0.20.2
b809d0e add documentation for private build method
65c87d3 Skip rustfmt for manually-written output
d2efc54 Remove DeprecationNotes feature
2418ab4 Allow unquoted expressions in default = ...
1203dfa Fix compiletest error message
5cca75a Remove last pretty_assertions dependency
fdc50aa Remove prettyassertions
0a163af Fix nightly clippy violation
be3795e Bump darling version to fix clippy issue
Additional commits viewable in compare view

Updates directories from 5.0.1 to 6.0.0

Commits

See full diff in compare view

Updates educe from 0.5.11 to 0.6.0

Commits

bc05181 bump version
b867288 Merge branch 'ijackson-leaking-bounds'
3f98647 Merge branch 'leaking-bounds' of github.com:ijackson/rust-educe into ijackson...
47bd92f update doc
f962522 bump version
9e23e34 Merge branch 'ijackson-all-bounds'
b7567cb Merge branch 'all-bounds' of github.com:ijackson/rust-educe into ijackson-all...
fca9263 fix the bound_4 test case in ord_struct
e40c20e add an empty line
63114a8 fix the bound_4 test case in partial_ord_struct
Additional commits viewable in compare view

Updates fake from 2.10.0 to 4.4.0

Release notes

Sourced from fake's releases.

v4.4.0

What's Changed

Upgrade to latest glam by @thomas-tribus in cksac/fake-rs#235

Adds markdown types to available options by @ChangedNameTo in cksac/fake-rs#236

Update the README.md for markdown by @ChangedNameTo in cksac/fake-rs#237

Add locale cy_gb meaning Cymraeg (Welsh) for Great Britain by @joelparkerhenderson in cksac/fake-rs#240

feat(fr_fr): Add address postcode and timezone by @Theo-Fourniez in cksac/fake-rs#242

Fixed test failures by @ChangedNameTo in cksac/fake-rs#243

Add support for ferroid ID types by @s0l0ist in cksac/fake-rs#247

add more professions by @t-webber in cksac/fake-rs#249

support either crate

fix geo

New Contributors

@ChangedNameTo made their first contribution in cksac/fake-rs#236

@joelparkerhenderson made their first contribution in cksac/fake-rs#240

@Theo-Fourniez made their first contribution in cksac/fake-rs#242

@s0l0ist made their first contribution in cksac/fake-rs#247

@t-webber made their first contribution in cksac/fake-rs#249

Full Changelog: cksac/fake-rs@v4.3.0...v4.4.0

v4.3.0

No release notes provided.

v3.2.0

No release notes provided.

v3.1.0

No release notes provided.

Commits

See full diff in compare view

Updates gethostname from 0.4.3 to 1.1.0

Updates glob from 0.3.1 to 0.3.3

Release notes

Sourced from glob's releases.

v0.3.3

Optimize memory allocations (#147)

Bump the MSRV to 1.63 (#172)

Fix spelling in pattern documentation (#164)

Fix version numbers and some formatting (#157)

Style fixes (#137)

v0.3.2

What's Changed

Add fs::symlink_metadata to detect broken symlinks by @kyoheiu in rust-lang/glob#105

Add support for windows verbatim disk paths by @nico-abram in rust-lang/glob#112

Respect require_literal_leading_dot option in glob_with method for path components by @JohnTitor in rust-lang/glob#128

Harden tests for symlink by @JohnTitor in rust-lang/glob#127

Remove "extern crate" directions from README by @zmitchell in rust-lang/glob#131

Add FIXME for tempdir by @JohnTitor in rust-lang/glob#126

Cache information about file type by @Kobzol in rust-lang/glob#135

Document the behaviour of ** with files by @Wilfred in rust-lang/glob#138

Add dependabot by @oriontvv in rust-lang/glob#139

Bump actions/checkout from 3 to 4 by @dependabot in rust-lang/glob#140

Check only (no longer test) at the MSRV by @tgross35 in rust-lang/glob#151

Add release-plz for automated releases by @tgross35 in rust-lang/glob#150

New Contributors

@kyoheiu made their first contribution in rust-lang/glob#105

@nico-abram made their first contribution in rust-lang/glob#112

@zmitchell made their first contribution in rust-lang/glob#131

@Kobzol made their first contribution in rust-lang/glob#135

@Wilfred made their first contribution in rust-lang/glob#138

@oriontvv made their first contribution in rust-lang/glob#139

@dependabot made their first contribution in rust-lang/glob#140

@tgross35 made their first contribution in rust-lang/glob#151

Full Changelog: rust-lang/glob@0.3.1...v0.3.2

Changelog

Sourced from glob's changelog.

0.3.3 - 2025-08-11

Optimize memory allocations (#147)

Bump the MSRV to 1.63 (#172)

Fix spelling in pattern documentation (#164)

Fix version numbers and some formatting (#157)

Style fixes (#137)

0.3.2 - 2024-12-28

What's Changed

Add fs::symlink_metadata to detect broken symlinks by @kyoheiu in rust-lang/glob#105

Add support for windows verbatim disk paths by @nico-abram in rust-lang/glob#112

Respect require_literal_leading_dot option in glob_with method for path components by @JohnTitor in rust-lang/glob#128

Harden tests for symlink by @JohnTitor in rust-lang/glob#127

Remove "extern crate" directions from README by @zmitchell in rust-lang/glob#131

Add FIXME for tempdir by @JohnTitor in rust-lang/glob#126

Cache information about file type by @Kobzol in rust-lang/glob#135

Document the behaviour of ** with files by @Wilfred in rust-lang/glob#138

Add dependabot by @oriontvv in rust-lang/glob#139

Bump actions/checkout from 3 to 4 by @dependabot in rust-lang/glob#140

Check only (no longer test) at the MSRV by @tgross35 in rust-lang/glob#151

Add release-plz for automated releases by @tgross35 in rust-lang/glob#150

New Contributors

@kyoheiu made their first contribution in rust-lang/glob#105

@nico-abram made their first contribution in rust-lang/glob#112

@zmitchell made their first contribution in rust-lang/glob#131

@Kobzol made their first contribution in rust-lang/glob#135

@Wilfred made their first contribution in rust-lang/glob#138

@oriontvv made their first contribution in rust-lang/glob#139

@dependabot made their first contribution in rust-lang/glob#140

@tgross35 made their first contribution in rust-lang/glob#151

Full Changelog: rust-lang/glob@0.3.1...0.3.2

Commits

952da29 chore: release v0.3.3 (#155)
bfcd9a4 Optimize memory allocations (#147)
e78862d Bump the MSRV to 1.63 (#172)
97e5ee9 Merge pull request #164 from jonboulle/patch-1
4da20e6 Fix spelling in pattern documentation
1cf0f30 Fix version numbers and some formatting
7a17f11 Merge pull request #153 from tgross35/clippy-ci
56619ab Run clippy checks in CI
51363fa Disallow warnings in CI
1649a9a Apply remaining clippy suggestions
Additional commits viewable in compare view

Updates human-panic from 2.0.2 to 2.0.6

Changelog

Sourced from human-panic's changelog.

[2.0.6] - 2025-12-29

Features

Added Metadata::repository as a fallback for Metadata::homepage

[2.0.5] - 2025-12-26

Performance

Improve build times on some platforms by changing from os_info to sysinfo

[2.0.4] - 2025-10-28

[2.0.3] - 2025-07-08

Internal

Update toml

Commits

b6773e9 chore: Release
2d448b0 docs: Update changelog
a55bfba Merge pull request #196 from epage/repo
34e1a3d feat: Report repository as fallback from homepage
e9580d7 Merge pull request #195 from epage/improve
1dc3dbc refactor: Remove deprecated API
0addfff Merge pull request #193 from epage/msrv
b49ee6e chore: Update to 2024 Edition
f0fadbb chore: Update dependencies
5fa455e Merge pull request #192 from epage/template
Additional commits viewable in compare view

Updates ignore from 0.4.23 to 0.4.25

Commits

57c190d ignore-0.4.25
85edf4c ignore: only stat .jj if we actually care
2ea06d6 grep-0.4.1
85006b0 deps: bump to grep-printer 0.3.1
423afb8 grep-printer-0.3.1
4694800 deps: bump to grep-searcher 0.1.16
86e0ab1 grep-searcher-0.1.16
7189950 deps: bump to globset 0.4.18
0b0e013 globset-0.4.18
cac9870 doc: update date in man page template
Additional commits viewable in compare view

Updates indicatif from 0.18.3 to 0.18.4

Release notes

Sourced from indicatif's releases.

0.18.4

What's Changed

initial draft oft hold_max with heuristic by @djugei in console-rs/indicatif#657

Fix duration after finish by @luolong in console-rs/indicatif#748

Add refresh rate warning for ProgressDrawTarget::term_like() by @djc in console-rs/indicatif#750

Seeking heuristic tweaks by @djc in console-rs/indicatif#751

Expose the current tab width by @alexisfontaine in console-rs/indicatif#754

Make WASM support optional via a feature flag by @SvenFinn in console-rs/indicatif#761

fix: respect NO_COLOR and TERM=dumb environment variables by @shaanmajid in console-rs/indicatif#764

Commits

4de2f60 Bump version to 0.18.4
8e0ab0e fix: respect NO_COLOR and TERM=dumb environment variables
781b2d0 Take semver-compatible dependency updates
34aee07 Introduce unicode-width feature
51d284f Introduce wasmbind feature
ee057e5 Bump tokio from 1.48.0 to 1.49.0
31bcea3 Bump portable-atomic from 1.11.1 to 1.12.0
dbd26eb Bump console from 0.16.1 to 0.16.2
7ac4a0d Expose the current tab width
95088ff iter: clean up variable names, casting
Additional commits viewable in compare view

Updates inquire from 0.6.2 to 0.9.3

Release notes

Sourced from inquire's releases.

v0.9.3

Features

Added new_line_prefix option to RenderConfig, allowing a styled prefix to be displayed at the beginning of every new line.

Added answer_from_new_line option to RenderConfig, allowing the submitted answer to be rendered on a new line below the prompt.

Added unhighlighted_option_prefix option to RenderConfig, allowing customization of the prefix for non-highlighted options in Select and MultiSelect prompts.

Thanks @frol for the contribution!

v0.9.2

Bumped MSRV from 1.80 -> 1.82 due to new requirements of dependencies.

Expose the sorting function used by Select (thanks @devjgm!)

v0.9.1

Fix panicking when terminal backend reports size with 0 width. Thanks @sebhoss for reporting!

v0.9.0

Features

Adds Selectable derive macro for enums! You can now easily create enum-based prompts (e.g. menus) by using the Selectable derive macro on your enums.

See the example for more details. Thank you @TheBearodactyl for the contribution!

Dependencies

Updated unicode-width to 0.2.

Updated crossterm to 0.29.

Updated termion to 4.0.

Updated console to 0.16.

v0.9.1

v0.9

v0.9.0

Features

Adds Selectable derive macro for enums! You can now easily create enum-based prompts (e.g. menus) by using the Selectable derive macro on your enums.

See the example for more details. Thank you @TheBearodactyl for the contribution!

Dependencies

Updated unicode-width to 0.2.

Updated crossterm to 0.29.

Updated termion to 4.0.

... (truncated)

Changelog

Sourced from inquire's changelog.

[0.9.3] - 2026-02-06

Features

Added new_line_prefix option to RenderConfig, allowing a styled prefix to be displayed at the beginning of every new line.

Added answer_from_new_line option to RenderConfig, allowing the submitted answer to be rendered on a new line below the prompt.

Added unhighlighted_option_prefix option to RenderConfig, allowing customization of the prefix for non-highlighted options in Select and MultiSelect prompts.

[0.9.2] - 2026-01-17

Bumped MSRV from 1.80 -> 1.82 due to new requirements of dependencies.

Expose the sorting function used by Select (thanks @devjgm!)

[0.9.1] - 2025-09-16

Fixes

Fix panicking when terminal backend reports size with 0 width.

[0.9.0] - 2025-09-16

Features

Adds Selectable derive macro for enums! You can now easily create enum-based prompts (e.g. menus) by using the Selectable derive macro on your enums.

See the example for more details. Thank you @TheBearodactyl for the contribution!

Dependencies

Updated unicode-width to 0.2.

Updated crossterm to 0.29.

Updated termion to 4.0.

Updated console to 0.16.

[0.8.0] - 2025-09-14

Features

Improve end user experience when prompting for input without a message.

Implement raw_prompt_skippable for Select.

Fixes

Fix bug where inputs spanning 3+ lines would break text rendering.

Fix bug where Select and MultiSelect prompts would render the first option incorrectly when filtering is disabled.

Fix autocomplete suggestions not being updated after a suggestion is accepted.

Fix incorrect cursor placement when inputting CJK characters.

API Changes

... (truncated)

Commits

… 41 updates Bumps the prod-dependencies group with 41 updates in the / directory: | Package | From | To | | --- | --- | --- | | [anyhow](https://github.com/dtolnay/anyhow) | `1.0.98` | `1.0.102` | | [async-trait](https://github.com/dtolnay/async-trait) | `0.1.83` | `0.1.89` | | [chrono](https://github.com/chronotope/chrono) | `0.4.38` | `0.4.43` | | [clap](https://github.com/clap-rs/clap) | `4.5.41` | `4.5.60` | | [colored](https://github.com/mackwic/colored) | `2.1.0` | `3.1.1` | | [derive_builder](https://github.com/colin-kiegel/rust-derive-builder) | `0.20.1` | `0.20.2` | | [directories](https://github.com/soc/directories-rs) | `5.0.1` | `6.0.0` | | [educe](https://github.com/magiclen/educe) | `0.5.11` | `0.6.0` | | [fake](https://github.com/cksac/fake-rs) | `2.10.0` | `4.4.0` | | gethostname | `0.4.3` | `1.1.0` | | [glob](https://github.com/rust-lang/glob) | `0.3.1` | `0.3.3` | | [human-panic](https://github.com/rust-cli/human-panic) | `2.0.2` | `2.0.6` | | [ignore](https://github.com/BurntSushi/ripgrep) | `0.4.23` | `0.4.25` | | [indicatif](https://github.com/console-rs/indicatif) | `0.18.3` | `0.18.4` | | [inquire](https://github.com/mikaelmello/inquire) | `0.6.2` | `0.9.3` | | [itertools](https://github.com/rust-itertools/itertools) | `0.13.0` | `0.14.0` | | [jsonschema](https://github.com/Stranger6667/jsonschema) | `0.30.0` | `0.33.0` | | [jsonwebtoken](https://github.com/Keats/jsonwebtoken) | `10.2.0` | `10.3.0` | | [minijinja](https://github.com/mitsuhiko/minijinja) | `2.3.1` | `2.16.0` | | [mockall](https://github.com/asomers/mockall) | `0.12.1` | `0.14.0` | | [normpath](https://github.com/dylni/normpath) | `1.3.0` | `1.5.0` | | [pathdiff](https://github.com/Manishearth/pathdiff) | `0.2.2` | `0.2.3` | | [petgraph](https://github.com/petgraph/petgraph) | `0.6.5` | `0.8.3` | | [regex](https://github.com/rust-lang/regex) | `1.11.1` | `1.12.3` | | [reqwest](https://github.com/seanmonstar/reqwest) | `0.12.9` | `0.12.28` | | [schemars](https://github.com/GREsau/schemars) | `1.2.0` | `1.2.1` | | [secrecy](https://github.com/iqlusioninc/crates) | `0.8.0` | `0.10.3` | | [sha256](https://github.com/baoyachi/sha256-rs) | `1.5.0` | `1.6.0` | | [shellexpand](https://gitlab.com/ijackson/rust-shellexpand) | `3.1.0` | `3.1.1` | | [strip-ansi-escapes](https://github.com/luser/strip-ansi-escapes) | `0.2.0` | `0.2.1` | | [strum](https://github.com/Peternator7/strum) | `0.26.3` | `0.27.2` | | [thiserror](https://github.com/dtolnay/thiserror) | `1.0.69` | `2.0.12` | | [tokio](https://github.com/tokio-rs/tokio) | `1.46.1` | `1.49.0` | | [tonic](https://github.com/hyperium/tonic) | `0.14.2` | `0.14.5` | | [tracing-appender](https://github.com/tokio-rs/tracing) | `0.2.3` | `0.2.4` | | [which](https://github.com/harryfei/which-rs) | `6.0.3` | `8.0.0` | | [assert_cmd](https://github.com/assert-rs/assert_cmd) | `2.0.16` | `2.1.2` | | [assert_fs](https://github.com/assert-rs/assert_fs) | `1.1.2` | `1.1.3` | | [escargot](https://github.com/crate-ci/escargot) | `0.5.12` | `0.5.15` | | [predicates](https://github.com/assert-rs/predicates-rs) | `3.1.2` | `3.1.4` | | [tempfile](https://github.com/Stebalien/tempfile) | `3.20.0` | `3.25.0` | Updates `anyhow` from 1.0.98 to 1.0.102 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](dtolnay/anyhow@1.0.98...1.0.102) Updates `async-trait` from 0.1.83 to 0.1.89 - [Release notes](https://github.com/dtolnay/async-trait/releases) - [Commits](dtolnay/async-trait@0.1.83...0.1.89) Updates `chrono` from 0.4.38 to 0.4.43 - [Release notes](https://github.com/chronotope/chrono/releases) - [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md) - [Commits](chronotope/chrono@v0.4.38...v0.4.43) Updates `clap` from 4.5.41 to 4.5.60 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](clap-rs/clap@clap_complete-v4.5.41...clap_complete-v4.5.60) Updates `colored` from 2.1.0 to 3.1.1 - [Release notes](https://github.com/mackwic/colored/releases) - [Changelog](https://github.com/colored-rs/colored/blob/master/CHANGELOG.md) - [Commits](colored-rs/colored@v2.1.0...v3.1.1) Updates `derive_builder` from 0.20.1 to 0.20.2 - [Release notes](https://github.com/colin-kiegel/rust-derive-builder/releases) - [Commits](colin-kiegel/rust-derive-builder@v0.20.1...v0.20.2) Updates `directories` from 5.0.1 to 6.0.0 - [Commits](https://github.com/soc/directories-rs/commits) Updates `educe` from 0.5.11 to 0.6.0 - [Commits](magiclen/educe@v0.5.11...v0.6.0) Updates `fake` from 2.10.0 to 4.4.0 - [Release notes](https://github.com/cksac/fake-rs/releases) - [Commits](https://github.com/cksac/fake-rs/commits/v4.4.0) Updates `gethostname` from 0.4.3 to 1.1.0 Updates `glob` from 0.3.1 to 0.3.3 - [Release notes](https://github.com/rust-lang/glob/releases) - [Changelog](https://github.com/rust-lang/glob/blob/master/CHANGELOG.md) - [Commits](rust-lang/glob@0.3.1...v0.3.3) Updates `human-panic` from 2.0.2 to 2.0.6 - [Changelog](https://github.com/rust-cli/human-panic/blob/master/CHANGELOG.md) - [Commits](rust-cli/human-panic@v2.0.2...v2.0.6) Updates `ignore` from 0.4.23 to 0.4.25 - [Release notes](https://github.com/BurntSushi/ripgrep/releases) - [Changelog](https://github.com/BurntSushi/ripgrep/blob/master/CHANGELOG.md) - [Commits](BurntSushi/ripgrep@ignore-0.4.23...ignore-0.4.25) Updates `indicatif` from 0.18.3 to 0.18.4 - [Release notes](https://github.com/console-rs/indicatif/releases) - [Commits](console-rs/indicatif@0.18.3...0.18.4) Updates `inquire` from 0.6.2 to 0.9.3 - [Release notes](https://github.com/mikaelmello/inquire/releases) - [Changelog](https://github.com/mikaelmello/inquire/blob/main/CHANGELOG.md) - [Commits](mikaelmello/inquire@v0.6.2...v0.9.3) Updates `itertools` from 0.13.0 to 0.14.0 - [Changelog](https://github.com/rust-itertools/itertools/blob/master/CHANGELOG.md) - [Commits](rust-itertools/itertools@v0.13.0...v0.14.0) Updates `jsonschema` from 0.30.0 to 0.33.0 - [Release notes](https://github.com/Stranger6667/jsonschema/releases) - [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md) - [Commits](Stranger6667/jsonschema@rust-v0.30.0...rust-v0.33.0) Updates `jsonwebtoken` from 10.2.0 to 10.3.0 - [Changelog](https://github.com/Keats/jsonwebtoken/blob/master/CHANGELOG.md) - [Commits](Keats/jsonwebtoken@v10.2.0...v10.3.0) Updates `minijinja` from 2.3.1 to 2.16.0 - [Release notes](https://github.com/mitsuhiko/minijinja/releases) - [Changelog](https://github.com/mitsuhiko/minijinja/blob/main/CHANGELOG.md) - [Commits](mitsuhiko/minijinja@2.3.1...minijinja-go/v2.16.0) Updates `mockall` from 0.12.1 to 0.14.0 - [Changelog](https://github.com/asomers/mockall/blob/master/CHANGELOG.md) - [Commits](asomers/mockall@v0.12.1...v0.14.0) Updates `normpath` from 1.3.0 to 1.5.0 - [Release notes](https://github.com/dylni/normpath/releases) - [Commits](dylni/normpath@1.3.0...1.5.0) Updates `pathdiff` from 0.2.2 to 0.2.3 - [Commits](https://github.com/Manishearth/pathdiff/commits/v0.2.3) Updates `petgraph` from 0.6.5 to 0.8.3 - [Release notes](https://github.com/petgraph/petgraph/releases) - [Changelog](https://github.com/petgraph/petgraph/blob/master/CHANGELOG.md) - [Commits](https://github.com/petgraph/petgraph/compare/petgraph@v0.6.5...petgraph@v0.8.3) Updates `regex` from 1.11.1 to 1.12.3 - [Release notes](https://github.com/rust-lang/regex/releases) - [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md) - [Commits](rust-lang/regex@1.11.1...1.12.3) Updates `reqwest` from 0.12.9 to 0.12.28 - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.12.9...v0.12.28) Updates `schemars` from 1.2.0 to 1.2.1 - [Release notes](https://github.com/GREsau/schemars/releases) - [Changelog](https://github.com/GREsau/schemars/blob/master/CHANGELOG.md) - [Commits](GREsau/schemars@v1.2.0...v1.2.1) Updates `secrecy` from 0.8.0 to 0.10.3 - [Commits](https://github.com/iqlusioninc/crates/commits) Updates `sha256` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/baoyachi/sha256-rs/releases) - [Commits](baoyachi/sha256-rs@1.5.0...1.6.0) Updates `shellexpand` from 3.1.0 to 3.1.1 - [Commits](https://gitlab.com/ijackson/rust-shellexpand/compare/shellexpand-3.1.0...shellexpand-3.1.1) Updates `strip-ansi-escapes` from 0.2.0 to 0.2.1 - [Commits](https://github.com/luser/strip-ansi-escapes/commits) Updates `strum` from 0.26.3 to 0.27.2 - [Release notes](https://github.com/Peternator7/strum/releases) - [Changelog](https://github.com/Peternator7/strum/blob/master/CHANGELOG.md) - [Commits](Peternator7/strum@v0.26.3...v0.27.2) Updates `thiserror` from 1.0.69 to 2.0.12 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](dtolnay/thiserror@1.0.69...2.0.12) Updates `tokio` from 1.46.1 to 1.49.0 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.46.1...tokio-1.49.0) Updates `tonic` from 0.14.2 to 0.14.5 - [Release notes](https://github.com/hyperium/tonic/releases) - [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md) - [Commits](hyperium/tonic@v0.14.2...v0.14.5) Updates `tracing-appender` from 0.2.3 to 0.2.4 - [Release notes](https://github.com/tokio-rs/tracing/releases) - [Commits](tokio-rs/tracing@tracing-appender-0.2.3...tracing-appender-0.2.4) Updates `which` from 6.0.3 to 8.0.0 - [Release notes](https://github.com/harryfei/which-rs/releases) - [Changelog](https://github.com/harryfei/which-rs/blob/master/CHANGELOG.md) - [Commits](harryfei/which-rs@6.0.3...8.0.0) Updates `assert_cmd` from 2.0.16 to 2.1.2 - [Changelog](https://github.com/assert-rs/assert_cmd/blob/master/CHANGELOG.md) - [Commits](assert-rs/assert_cmd@v2.0.16...v2.1.2) Updates `assert_fs` from 1.1.2 to 1.1.3 - [Changelog](https://github.com/assert-rs/assert_fs/blob/master/CHANGELOG.md) - [Commits](assert-rs/assert_fs@v1.1.2...v1.1.3) Updates `escargot` from 0.5.12 to 0.5.15 - [Changelog](https://github.com/crate-ci/escargot/blob/master/CHANGELOG.md) - [Commits](crate-ci/escargot@v0.5.12...v0.5.15) Updates `predicates` from 3.1.2 to 3.1.4 - [Changelog](https://github.com/assert-rs/predicates-rs/blob/master/CHANGELOG.md) - [Commits](assert-rs/predicates-rs@v3.1.2...v3.1.4) Updates `tempfile` from 3.20.0 to 3.25.0 - [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md) - [Commits](https://github.com/Stebalien/tempfile/commits) --- updated-dependencies: - dependency-name: anyhow dependency-version: 1.0.102 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: async-trait dependency-version: 0.1.89 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: chrono dependency-version: 0.4.43 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: clap dependency-version: 4.5.60 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: colored dependency-version: 3.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod-dependencies - dependency-name: derive_builder dependency-version: 0.20.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: directories dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod-dependencies - dependency-name: educe dependency-version: 0.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: fake dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod-dependencies - dependency-name: gethostname dependency-version: 1.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod-dependencies - dependency-name: glob dependency-version: 0.3.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: human-panic dependency-version: 2.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: ignore dependency-version: 0.4.25 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: indicatif dependency-version: 0.18.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: inquire dependency-version: 0.9.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: itertools dependency-version: 0.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: jsonschema dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: jsonwebtoken dependency-version: 10.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: minijinja dependency-version: 2.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: mockall dependency-version: 0.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: normpath dependency-version: 1.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: pathdiff dependency-version: 0.2.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: petgraph dependency-version: 0.8.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: regex dependency-version: 1.12.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: reqwest dependency-version: 0.12.28 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: schemars dependency-version: 1.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: secrecy dependency-version: 0.10.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: sha256 dependency-version: 1.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: shellexpand dependency-version: 3.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: strip-ansi-escapes dependency-version: 0.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: strum dependency-version: 0.27.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: thiserror dependency-version: 2.0.12 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod-dependencies - dependency-name: tokio dependency-version: 1.49.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: tonic dependency-version: 0.14.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: tracing-appender dependency-version: 0.2.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: which dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: prod-dependencies - dependency-name: assert_cmd dependency-version: 2.1.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: assert_fs dependency-version: 1.1.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: escargot dependency-version: 0.5.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: predicates dependency-version: 3.1.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: tempfile dependency-version: 3.25.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

socket-security · 2026-02-21T07:14:20Z

Caution

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. It is recommended to resolve "Warn" alerts too. For more information please check in at #security-help. For License Policy Violations please also tag @Aoife in #security-help.

Action	Severity	Alert (click "▶" to expand/collapse)
Block		License policy violation: cargo `colored` under MPL-2.0 Location: Package overview From: Cargo.toml → `cargo/colored@3.1.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore cargo/colored@3.1.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		License policy violation: cargo `linux-raw-sys` License: Apache-2.0 WITH LLVM-exception - the applicable license policy does not allow this license exception (linux-raw-sys-0.11.0/LICENSE-Apache-2.0_WITH_LLVM-exception) From: `?` → `cargo/inquire@0.9.3` → `cargo/tempfile@3.25.0` → `cargo/which@8.0.0` → `cargo/gethostname@1.1.0` → `cargo/linux-raw-sys@0.11.0` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore cargo/linux-raw-sys@0.11.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		License policy violation: cargo `petgraph` under CC-BY-SA-4.0 License: CC-BY-SA-4.0 - the applicable license policy does not allow this license (4) (petgraph-0.8.3/assets/images/LICENSE.md) From: Cargo.toml → `cargo/petgraph@0.8.3` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore cargo/petgraph@0.8.3`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		License policy violation: cargo `rustix` License: Apache-2.0 WITH LLVM-exception - the applicable license policy does not allow this license exception (rustix-1.1.3/LICENSE-Apache-2.0_WITH_LLVM-exception) From: `?` → `cargo/inquire@0.9.3` → `cargo/tempfile@3.25.0` → `cargo/which@8.0.0` → `cargo/gethostname@1.1.0` → `cargo/rustix@1.1.3` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore cargo/rustix@1.1.3`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		License policy violation: cargo `wit-bindgen` License: Apache-2.0 WITH LLVM-exception - the applicable license policy does not allow this license exception (wit-bindgen-0.51.0/LICENSE-Apache-2.0_WITH_LLVM-exception) From: `?` → `cargo/human-panic@2.0.6` → `cargo/tempfile@3.25.0` → `cargo/jsonschema@0.33.0` → `cargo/wit-bindgen@0.51.0` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore cargo/wit-bindgen@0.51.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Feb 21, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Comments

chore(deps): bump the prod-dependencies group across 1 directory with 41 updates#287

chore(deps): bump the prod-dependencies group across 1 directory with 41 updates#287
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/prod-dependencies-7ac86bdbcf

dependabot bot commented on behalf of github Feb 21, 2026

Uh oh!

socket-security bot commented Feb 21, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Comments

Conversation

dependabot bot commented on behalf of github Feb 21, 2026

1.0.102

1.0.101

1.0.100

1.0.99

0.1.89

0.1.88

0.1.87

0.1.86

0.1.85

0.1.84

0.4.43

What's Changed

0.4.42

What's Changed

v0.4.41

What's Changed

0.4.40

What's Changed

v4.5.60

[4.5.60] - 2026-02-19

Fixes

v4.5.59

[4.5.59] - 2026-02-16

Fixes

v4.5.58

[4.5.58] - 2026-02-11

v4.5.57

[4.5.57] - 2026-02-03

Fixes

v4.5.56

[4.5.56] - 2026-01-29

Fixes

v4.5.55

[4.5.55] - 2026-01-27

Fixes

v4.5.54

[4.5.54] - 2026-01-02

Fixes

v4.5.53

[4.5.53] - 2025-11-19

Features

[4.5.60] - 2026-02-19

Fixes

[4.5.59] - 2026-02-16

Fixes

[4.5.58] - 2026-02-11

[4.5.57] - 2026-02-03

Fixes

[4.5.56] - 2026-01-29

Fixes

[4.5.55] - 2026-01-27

Fixes

[4.5.54] - 2026-01-02

Fixes

[4.5.53] - 2025-11-19

Features

[4.5.52] - 2025-11-17

Fixes

v3.1.1

v3.1.0

v3.0.0

v2.2.0

Unreleased

3.0.0

2.2.0

v0.20.2

v4.4.0

What's Changed

New Contributors

v4.3.0

v3.2.0

v3.1.0

v0.3.3

v0.3.2

What's Changed

New Contributors

0.3.3 - 2025-08-11