Bump the cargo group across 4 directories with 10 updates #5

dependabot · 2025-08-29T20:42:10Z

Bumps the cargo group with 7 updates in the /lessons/128/functions/rust directory:

Package	From	To
tokio	`1.21.1`	`1.26.0`
tracing-subscriber	`0.3.15`	`0.3.20`
aws-sigv4	`0.49.0`	`0.49.1`
bumpalo	`3.11.0`	`3.19.0`
h2	`0.3.14`	`0.3.27`
mio	`0.8.4`	`0.8.11`
time	`0.1.44`	`0.1.45`

Bumps the cargo group with 7 updates in the /lessons/138/rust-app directory:

Package	From	To
tokio	`1.23.0`	`1.25.3`
tracing-subscriber	`0.3.16`	`0.3.18`
h2	`0.3.15`	`0.3.27`
mio	`0.8.5`	`0.8.11`
spin	`0.9.4`	`0.9.8`
time	`0.3.17`	`0.3.26`
aes-gcm	`0.10.1`	`0.10.3`

Bumps the cargo group with 3 updates in the /lessons/146/web directory: tokio, bumpalo and mio.
Bumps the cargo group with 5 updates in the /lessons/147/rust-app directory:

Package	From	To
tokio	`1.24.1`	`1.26.0`
bumpalo	`3.11.1`	`3.19.0`
h2	`0.3.15`	`0.3.27`
mio	`0.8.5`	`0.8.11`
webpki	`0.22.0`	`0.22.4`

Updates tokio from 1.21.1 to 1.26.0

Release notes

Sourced from tokio's releases.

Tokio v1.26.0

Fixed

macros: fix empty join! and try_join! ([https://redirect.github.com/fix empty join! and try_join! tokio-rs/tokio#5504])

sync: don't leak tracing spans in mutex guards ([https://redirect.github.com/sync: don't leak tracing spans in mutex guards tokio-rs/tokio#5469])

sync: drop wakers after unlocking the mutex in Notify ([https://redirect.github.com/Drop wakers after unlocking the mutex in Notify tokio-rs/tokio#5471])

sync: drop wakers outside lock in semaphore ([https://redirect.github.com/Solve deadlock in Semaphore tokio-rs/tokio#5475])

Added

fs: add fs::try_exists ([https://redirect.github.com/Add fs::try_exists tokio-rs/tokio#4299])

net: add types for named unix pipes ([https://redirect.github.com/net: add types for named Unix pipes tokio-rs/tokio#5351])

sync: add MappedOwnedMutexGuard ([https://redirect.github.com/Add MappedOwnedMutexGuard tokio-rs/tokio#5474])

Changed

chore: update windows-sys to 0.45 ([https://redirect.github.com/chore: update windows-sys to 0.45 tokio-rs/tokio#5386])

net: use Message Read Mode for named pipes ([https://redirect.github.com/Named Pipes: Support Message Read Mode tokio-rs/tokio#5350])

sync: mark lock guards with #[clippy::has_significant_drop] ([https://redirect.github.com/Mark MutexGuard with #[clippy::has_significant_drop] tokio-rs/tokio#5422])

sync: reduce contention in watch channel ([https://redirect.github.com/Reduce contention in watch channel tokio-rs/tokio#5464])

time: remove cache padding in timer entries ([https://redirect.github.com/time: remove cache padding in timer entries tokio-rs/tokio#5468])

time: Improve Instant::now() perf with test-util ([https://redirect.github.com/time: Improve Instant::now() perf with test-util tokio-rs/tokio#5513])

Internal Changes

io: use poll_fn in copy_bidirectional ([https://redirect.github.com/Use poll_fn in copy_bidirectional tokio-rs/tokio#5486])

net: refactor named pipe builders to not use bitfields ([https://redirect.github.com/net: refactor named pipe builders to not use bitfields tokio-rs/tokio#5477])

rt: remove Arc from Clock ([https://redirect.github.com/rt: remove Arc from Clock tokio-rs/tokio#5434])

sync: make notify_waiters calls atomic ([https://redirect.github.com/sync: make notify_waiters calls atomic tokio-rs/tokio#5458])

time: don't store deadline twice in sleep entries ([https://redirect.github.com/remove double store of deadline, saving 128 bytes tokio-rs/tokio#5410])

Unstable

metrics: add a new metric for budget exhaustion yields ([https://redirect.github.com/metrics: add a new metric for budget exhaustion yields tokio-rs/tokio#5517])

Documented

io: improve AsyncFd example ([https://redirect.github.com/io: improve AsyncFd example tokio-rs/tokio#5481])

runtime: document the nature of the main future ([https://redirect.github.com/Document the nature of the main future tokio-rs/tokio#5494])

runtime: remove extra period in docs ([https://redirect.github.com/chore: remove unnecessary dot in comment tokio-rs/tokio#5511])

signal: updated Documentation for Signals ([https://redirect.github.com/Updated Documentation for Signals tokio-rs/tokio#5459])

sync: add doc aliases for blocking_* methods ([https://redirect.github.com/sync: add doc aliases for blocking_* methods tokio-rs/tokio#5448])

sync: fix docs for Send/Sync bounds in broadcast ([https://redirect.github.com/sync: fix docs for Send/Sync bounds in broadcast tokio-rs/tokio#5480])

sync: document drop behavior for channels ([https://redirect.github.com/sync: document drop behavior for channels tokio-rs/tokio#5497])

task: clarify what happens to spawned work during runtime shutdown ([https://redirect.github.com/clarify what happens to spawned work during runtime shutdown tokio-rs/tokio#5394])

task: clarify process::Command docs ([https://redirect.github.com/Clarify process::Command docs (fixing #5406) tokio-rs/tokio#5413])

task: fix wording with 'unsend' ([https://redirect.github.com/fix: fix wording with 'unsend' tokio-rs/tokio#5452])

time: document immediate completion guarantee for timeouts ([https://redirect.github.com/time: document immediate completion guarantee for timeouts tokio-rs/tokio#5509])

tokio: document supported platforms ([https://redirect.github.com/Document supported platforms tokio-rs/tokio#5483])

... (truncated)

Commits

a377240 chore: prepare for Tokio v1.26.0 release (#5521)
52da177 metrics: add a new metric for budget exhaustion yields (#5517)
ee1c940 time: Improve Instant::now() perf with test-util (#5513)
815d89a runtime: remove extra period in docs (#5511)
54aaf3d time: document immediate completion guarantee for timeouts (#5509)
5a3abe5 net: add types for named unix pipes (#5351)
d44b1ca io: ignore SplitByUtf8BoundaryIfWindows test on miri (#5507)
e23c6f3 signal: updated Documentation for Signals (#5459)
0a50cb3 net: fix test compilation failure (#5506)
2298679 runtime: document the nature of the main future (#5494)
Additional commits viewable in compare view

Updates tracing-subscriber from 0.3.15 to 0.3.20

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.20

Security Fix: ANSI Escape Sequence Injection (CVE-TBD)

Impact

Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:

Manipulate terminal title bars

Clear screens or modify terminal display

Potentially mislead users through terminal manipulation

In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.

Solution

Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.

Affected Versions

All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.

Recommendations

Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:

Logs user-provided input (form data, HTTP headers, query parameters, etc.)

Runs in environments where terminal output is displayed to users

Migration

This is a patch release with no breaking API changes. Simply update your Cargo.toml:
[dependencies]
tracing-subscriber = "0.3.20"
Acknowledgments

We would like to thank zefr0x who responsibly reported the issue at security@tokio.rs.

If you believe you have found a security vulnerability in any tokio-rs project, please email us at security@tokio.rs.

tracing-subscriber 0.3.19

[ [crates.io][crate-0.3.19] ] | [ [docs.rs][docs-0.3.19] ]

This release updates the tracing dependency to [v0.1.41][tracing-0.1.41] and the tracing-serde dependency to [v0.2.0][tracing-serde-0.2.0].

Added

... (truncated)

Commits

4c52ca5 fmt: fix ANSI escape sequence injection vulnerability (#3368)
f71cebe subscriber: impl Clone for EnvFilter (#3360)
3a1f571 Fix CI (#3361)
e63ef57 chore: prepare tracing-attributes 0.1.30 (#3316)
6e59a13 attributes: fix tracing::instrument regression around shadowing (#3311)
e4df761 tracing: update core to 0.1.34 and attributes to 0.1.29 (#3305)
643f392 chore: prepare tracing-attributes 0.1.29 (#3304)
d08e7a6 chore: prepare tracing-core 0.1.34 (#3302)
6e70c57 tracing-subscriber: count numbers of enters in Timings (#2944)
c01d4fd fix docs and enable CI on main branch (#3295)
Additional commits viewable in compare view

Updates aws-sigv4 from 0.49.0 to 0.49.1

Commits

See full diff in compare view

Updates bumpalo from 3.11.0 to 3.19.0

Changelog

Sourced from bumpalo's changelog.

3.19.0

Released 2025-06-24.

Added

Added bumpalo::collections::Vec::retain_mut, similar to std::vec::Vec::retain_mut.

3.18.1

Released 2025-06-05.

Removed

Removed the allocator-api2 version bump from 3.18.0, as it was not actually semver compatible.

3.18.0 (yanked)

Released 2025-06-05.

Added

Added support for enforcing a minimum alignment on all allocations inside a Bump arena, which can provide speed ups when allocating objects whose alignment is less than or equal to that minimum.

Added serde serialization support for bumpalo::collections::String.

Added some missing fallible slice allocation function variants.

Changed

Replaced extend_from_slice implementation with a formally-verified version that is also faster and more-optimizable for LLVM.

Updated allocator-api2 support to version 0.3.*.

Fixed

Fixed a bug where the allocated_bytes metrics helper was accidentally including the size of bumpalo's footer, rather than just reporting the user-allocated bytes.

3.17.0

... (truncated)

Commits

See full diff in compare view

Updates h2 from 0.3.14 to 0.3.27

Release notes

Sourced from h2's releases.

v0.3.26

What's Changed

Limit number of CONTINUATION frames for misbehaving connections.

See https://seanmonstar.com/blog/hyper-http2-continuation-flood/ for more info.

v0.3.25

What's Changed

perf: optimize header list size calculations by @Noah-Kennedy in hyperium/h2#750

Full Changelog: hyperium/h2@v0.3.24...v0.3.25

v0.3.24

Fixed

Limit error resets for misbehaving connections.

v0.3.23

What's Changed

cherry-pick fix: streams awaiting capacity lockout in hyperium/h2#734

v0.3.22

What's Changed

Add header_table_size(usize) option to client and server builders.

Improve throughput when vectored IO is not available.

Update indexmap to 2.

New Contributors

@tottoto made their first contribution in hyperium/h2#714

@xiaoyawei made their first contribution in hyperium/h2#712

@Protryon made their first contribution in hyperium/h2#719

@4JX made their first contribution in hyperium/h2#638

@vuittont60 made their first contribution in hyperium/h2#724

v0.3.21

What's Changed

Fix opening of new streams over peer's max concurrent limit.

Fix RecvStream to return data even if it has received a CANCEL stream error.

Update MSRV to 1.63.

New Contributors

@DDtKey made their first contribution in hyperium/h2#703

@jwilm made their first contribution in hyperium/h2#707

v0.3.20

Bug Fixes

... (truncated)

Changelog

Sourced from h2's changelog.

0.3.27 (July 11, 2025)

Fix notifying wakers when detecting local stream errors.

0.3.26 (April 3, 2024)

Limit number of CONTINUATION frames for misbehaving connections.

0.3.25 (March 15, 2024)

Improve performance decoding many headers.

0.3.24 (January 17, 2024)

Limit error resets for misbehaving connections.

0.3.23 (January 10, 2024)

Backport fix from 0.4.1 for stream capacity assignment.

0.3.22 (November 15, 2023)

Add header_table_size(usize) option to client and server builders.

Improve throughput when vectored IO is not available.

Update indexmap to 2.

0.3.21 (August 21, 2023)

Fix opening of new streams over peer's max concurrent limit.

Fix RecvStream to return data even if it has received a CANCEL stream error.

Update MSRV to 1.63.

0.3.20 (June 26, 2023)

Fix panic if a server received a request with a :status pseudo header in the 1xx range.

Fix panic if a reset stream had pending push promises that were more than allowed.

Fix potential flow control overflow by subtraction, instead returning a connection error.

0.3.19 (May 12, 2023)

Fix counting reset streams when triggered by a GOAWAY.

Send too_many_resets in opaque debug data of GOAWAY when too many resets received.

0.3.18 (April 17, 2023)

Fix panic because of opposite check in is_remote_local().

0.3.17 (April 13, 2023)

Add Error::is_library() method to check if the originated inside h2.

... (truncated)

Commits

f6237ac v0.3.27
f61332e refactor: change local reset counter to use type system more
3f1a8e3 style: fix anonymous lifetime syntax
778aa7e fix: notify_recv after send_reset() in reset_on_recv_stream_err() to ensure l...
be10b77 ci: pin more deps for MSRV job (#817)
c0d9feb ci: pin deps for MSRV
5ccd9cf lints: fix unexpected cfgs warnings
e6e3e9c fix: return a WriteZero error if frames cannot be written (#783)
357127e v0.3.26
1a357aa fix: limit number of CONTINUATION frames allowed
Additional commits viewable in compare view

Updates mio from 0.8.4 to 0.8.11

Changelog

Sourced from mio's changelog.

0.8.11

Fix receiving IOCP events after deregistering a Windows named pipe (tokio-rs/mio#1760, backport pr: tokio-rs/mio#1761).

0.8.10

Added

Solaris support (tokio-rs/mio#1724).

0.8.9

Added

ESP-IDF framework support (tokio-rs/mio#1692).

AIX operating system support (tokio-rs/mio#1704).

Vita support (tokio-rs/mio#1721).

{UnixListener,UnixStream}:bind_addr (tokio-rs/mio#1630).

mio_unsupported_force_poll_poll and mio_unsupported_force_waker_pipe unsupported configuration flags to force a specific poll or waker implementation (tokio-rs/mio#1684, tokio-rs/mio#1685, tokio-rs/mio#1692).

Fixed

The pipe(2) based waker (swapped file descriptors) (tokio-rs/mio#1722).

The duplicate waker check to work correctly with cloned Registrys. (tokio-rs/mio#1706).

0.8.8

Fixed

Fix compilation on WASI (tokio-rs/mio#1676).

0.8.7

Added

Add/fix support for tvOS and watchOS, Mio should now build for tvOS and

... (truncated)

Commits

0328bde Release v0.8.11
7084498 Fix warnings
90d4fe0 named-pipes: fix receiving IOCP events after deregister
c710a30 Add v0.8.x to the CI
c29e21c Release v0.8.10
f6a20da Add Solaris operating system support (#1724)
e80c3b2 Release v0.8.9
862786b Fix importing of IoSourceState
4034872 Add support for vita target
8eb4010 Fix receiver and sender fd in pipe based waker
Additional commits viewable in compare view

Updates time from 0.1.44 to 0.1.45

Commits

See full diff in compare view

Updates tokio from 1.23.0 to 1.25.3

Release notes

Sourced from tokio's releases.

Tokio v1.26.0

Fixed

macros: fix empty join! and try_join! ([https://redirect.github.com/fix empty join! and try_join! tokio-rs/tokio#5504])

sync: don't leak tracing spans in mutex guards ([https://redirect.github.com/sync: don't leak tracing spans in mutex guards tokio-rs/tokio#5469])

sync: drop wakers after unlocking the mutex in Notify ([https://redirect.github.com/Drop wakers after unlocking the mutex in Notify tokio-rs/tokio#5471])

sync: drop wakers outside lock in semaphore ([https://redirect.github.com/Solve deadlock in Semaphore tokio-rs/tokio#5475])

Added

fs: add fs::try_exists ([https://redirect.github.com/Add fs::try_exists tokio-rs/tokio#4299])

net: add types for named unix pipes ([https://redirect.github.com/net: add types for named Unix pipes tokio-rs/tokio#5351])

sync: add MappedOwnedMutexGuard ([https://redirect.github.com/Add MappedOwnedMutexGuard tokio-rs/tokio#5474])

Changed

chore: update windows-sys to 0.45 ([https://redirect.github.com/chore: update windows-sys to 0.45 tokio-rs/tokio#5386])

net: use Message Read Mode for named pipes ([https://redirect.github.com/Named Pipes: Support Message Read Mode tokio-rs/tokio#5350])

sync: mark lock guards with #[clippy::has_significant_drop] ([https://redirect.github.com/Mark MutexGuard with #[clippy::has_significant_drop] tokio-rs/tokio#5422])

sync: reduce contention in watch channel ([https://redirect.github.com/Reduce contention in watch channel tokio-rs/tokio#5464])

time: remove cache padding in timer entries ([https://redirect.github.com/time: remove cache padding in timer entries tokio-rs/tokio#5468])

time: Improve Instant::now() perf with test-util ([https://redirect.github.com/time: Improve Instant::now() perf with test-util tokio-rs/tokio#5513])

Internal Changes

io: use poll_fn in copy_bidirectional ([https://redirect.github.com/Use poll_fn in copy_bidirectional tokio-rs/tokio#5486])

net: refactor named pipe builders to not use bitfields ([https://redirect.github.com/net: refactor named pipe builders to not use bitfields tokio-rs/tokio#5477])

rt: remove Arc from Clock ([https://redirect.github.com/rt: remove Arc from Clock tokio-rs/tokio#5434])

sync: make notify_waiters calls atomic ([https://redirect.github.com/sync: make notify_waiters calls atomic tokio-rs/tokio#5458])

time: don't store deadline twice in sleep entries ([https://redirect.github.com/remove double store of deadline, saving 128 bytes tokio-rs/tokio#5410])

Unstable

metrics: add a new metric for budget exhaustion yields ([https://redirect.github.com/metrics: add a new metric for budget exhaustion yields tokio-rs/tokio#5517])

Documented

io: improve AsyncFd example ([https://redirect.github.com/io: improve AsyncFd example tokio-rs/tokio#5481])

runtime: document the nature of the main future ([https://redirect.github.com/Document the nature of the main future tokio-rs/tokio#5494])

runtime: remove extra period in docs ([https://redirect.github.com/chore: remove unnecessary dot in comment tokio-rs/tokio#5511])

signal: updated Documentation for Signals ([https://redirect.github.com/Updated Documentation for Signals tokio-rs/tokio#5459])

sync: add doc aliases for blocking_* methods ([https://redirect.github.com/sync: add doc aliases for blocking_* methods tokio-rs/tokio#5448])

sync: fix docs for Send/Sync bounds in broadcast ([https://redirect.github.com/sync: fix docs for Send/Sync bounds in broadcast tokio-rs/tokio#5480])

sync: document drop behavior for channels ([https://redirect.github.com/sync: document drop behavior for channels tokio-rs/tokio#5497])

task: clarify what happens to spawned work during runtime shutdown ([https://redirect.github.com/clarify what happens to spawned work during runtime shutdown tokio-rs/tokio#5394])

task: clarify process::Command docs ([https://redirect.github.com/Clarify process::Command docs (fixing #5406) tokio-rs/tokio#5413])

task: fix wording with 'unsend' ([https://redirect.github.com/fix: fix wording with 'unsend' tokio-rs/tokio#5452])

time: document immediate completion guarantee for timeouts ([https://redirect.github.com/time: document immediate completion guarantee for timeouts tokio-rs/tokio#5509])

tokio: document supported platforms ([https://redirect.github.com/Document supported platforms tokio-rs/tokio#5483])

... (truncated)

Commits

a377240 chore: prepare for Tokio v1.26.0 release (#5521)
52da177 metrics: add a new metric for budget exhaustion yields (#5517)
ee1c940 time: Improve Instant::now() perf with test-util (#5513)
815d89a runtime: remove extra period in docs (#5511)
54aaf3d time: document immediate completion guarantee for timeouts (#5509)
5a3abe5 net: add types for named unix pipes (#5351)
d44b1ca io: ignore SplitByUtf8BoundaryIfWindows test on miri (#5507)
e23c6f3 signal: updated Documentation for Signals (#5459)
0a50cb3 net: fix test compilation failure (#5506)
2298679 runtime: document the nature of the main future (#5494)
Additional commits viewable in compare view

Updates tracing-subscriber from 0.3.16 to 0.3.18

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.20

Security Fix: ANSI Escape Sequence Injection (CVE-TBD)

Impact

Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:

Manipulate terminal title bars

Clear screens or modify terminal display

Potentially mislead users through terminal manipulation

In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.

Solution

Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.

Affected Versions

All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.

Recommendations

Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:

Logs user-provided input (form data, HTTP headers, query parameters, etc.)

Runs in environments where terminal output is displayed to users

Migration

This is a patch release with no breaking API changes. Simply update your Cargo.toml:
[dependencies]
tracing-subscriber = "0.3.20"
Acknowledgments

We would like to thank zefr0x who responsibly reported the issue at security@tokio.rs.

If you believe you have found a security vulnerability in any tokio-rs project, please email us at security@tokio.rs.

tracing-subscriber 0.3.19

[ [crates.io][crate-0.3.19] ] | [ [docs.rs][docs-0.3.19] ]

This release updates the tracing dependency to [v0.1.41][tracing-0.1.41] and the tracing-serde dependency to [v0.2.0][tracing-serde-0.2.0].

Added

... (truncated)

Commits

4c52ca5 fmt: fix ANSI escape sequence injection vulnerability (#3368)
f71cebe subscriber: impl Clone for EnvFilter (#3360)
3a1f571 Fix CI (#3361)
e63ef57 chore: prepare tracing-attributes 0.1.30 (#3316)
6e59a13 attributes: fix tracing::instrument regression around shadowing (#3311)
e4df761 tracing: update core to 0.1.34 and attributes to 0.1.29 (#3305)
643f392 chore: prepare tracing-attributes 0.1.29 (#3304)
d08e7a6 chore: prepare tracing-core 0.1.34 (#3302)
6e70c57 tracing-subscriber: count numbers of enters in Timings (#2944)
c01d4fd fix docs and enable CI on main branch (#3295)
Additional commits viewable in compare view

Updates h2 from 0.3.15 to 0.3.27

Release notes

Sourced from h2's releases.

v0.3.26

What's Changed

Limit number of CONTINUATION frames for misbehaving connections.

See https://seanmonstar.com/blog/hyper-http2-continuation-flood/ for more info.

v0.3.25

What's Changed

perf: optimize header list size calculations by @Noah-Kennedy in hyperium/h2#750

Full Changelog: hyperium/h2@v0.3.24...v0.3.25

v0.3.24

Fixed

Limit error resets for misbehaving connections.

v0.3.23

What's Changed

cherry-pick fix: streams awaiting capacity lockout in hyperium/h2#734

v0.3.22

What's Changed

Add header_table_size(usize) option to client and server builders.

Improve throughput when vectored IO is not available.

Update indexmap to 2.

New Contributors

@tottoto made their first contribution in hyperium/h2#714

@xiaoyawei made their first contribution in hyperium/h2#712

@Protryon made their first contribution in hyperium/h2#719

@4JX made their first contribution in hyperium/h2#638

@vuittont60 made their first contribution in hyperium/h2#724

v0.3.21

What's Changed

Fix opening of new streams over peer's max concurrent limit.

Fix RecvStream to return data even if it has received a CANCEL stream error.

Update MSRV to 1.63.

New Contributors

@DDtKey made their first contribution in hyperium/h2#703

@jwilm made their first contribution in hyperium/h2#707

v0.3.20

Bug Fixes

... (truncated)

Changelog

Sourced from h2's changelog.

0.3.27 (July 11, 2025)

Fix notifying wakers when detecting local stream errors.

0.3.26 (April 3, 2024)

Limit number of CONTINUATION frames for misbehaving connections.

0.3.25 (March 15, 2024)

Improve performance decoding many headers.

0.3.24 (January 17, 2024)

Limit error resets for misbehaving connections.

0.3.23 (January 10, 2024)

Backport fix from 0.4.1 for stream capacity assignment.

0.3.22 (November 15, 2023)

Add header_table_size(usize) option to client and server builders.

Improve throughput when vectored IO is not available.

Update indexmap to 2.

0.3.21 (August 21, 2023)

Fix opening of new streams over peer's max concurrent limit.

Fix RecvStream to return data even if it has received a CANCEL stream error.

Update MSRV to 1.63.

0.3.20 (June 26, 2023)

Fix panic if a server received a request with a :status pseudo header in the 1xx range.

Fix panic if a reset stream had pending push promises that were more than allowed.

Fix potential flow control overflow by subtraction, instead returning a connection error.

0.3.19 (May 12, 2023)

Fix counting reset streams when triggered by a GOAWAY.

Send too_many_resets in opaque debug data of GOAWAY when too many resets received.

0.3.18 (April 17, 2023)

Fix panic because of opposite check in is_remote_local().

0.3.17 (April 13, 2023)

Add Error::is_library() method to check if the originated inside h2.

... (truncated)

Commits

f6237ac v0.3.27
f61332e refactor: change local reset counter to use type system more
3f1a8e3 style: fix anonymous lifetime syntax
778aa7e fix: notify_recv after send_reset() in reset_on_recv_stream_err() to ensure l...
be10b77 ci: pin more deps for MSRV job (#817)
c0d9feb ci: pin deps for MSRV
5ccd9cf lints: fix unexpected cfgs warnings
e6e3e9c fix: return a WriteZero error if frames cannot be written (#783)
357127e v0.3.26
1a357aa fix: limit number of CONTINUATION frames allowed
Additional commits viewable in compare view

Updates mio from 0.8.5 to 0.8.11

Changelog

Sourced from mio's changelog.

0.8.11

Fix receiving IOCP events after deregistering a Windows named pipe (tokio-rs/mio#1760, backport pr: tokio-rs/mio#1761).

0.8.10

Added

Solaris support (tokio-rs/mio#1724).

0.8.9

Added

ESP-IDF framework support (tokio-rs/mio#1692).

AIX operating system support (tokio-rs/mio#1704).

Vita support (tokio-rs/mio#1721).

{UnixListener,UnixStream}:bind_addr (tokio-rs/mio#1630).

mio_unsupported_force_poll_poll and mio_unsupported_force_waker_pipe unsupported configuration flags to force a specific poll or waker implementation (tokio-rs/mio#1684, tokio-rs/mio#1685, tokio-rs/mio#1692).

Fixed

The pipe(2) based waker (swapped file descriptors) (tokio-rs/mio#1722).

The duplicate waker check to work correctly with cloned Registrys. (tokio-rs/mio#1706).

0.8.8

Fixed

Fix compilation on WASI (tokio-rs/mio#1676).

0.8.7

Added

Add/fix support for tvOS and watchOS, Mio should now build for tvOS and

... (truncated)

Commits

0328bde Release v0.8.11
7084498 Fix warnings
90d4fe0 named-pipes: fix receiving IOCP events after deregister
c710a30 Add v0.8.x to the CI
c29e21c Release v0.8.10
f6a20da Add Solaris operating system support (#1724)
e80c3b2 Release v0.8.9
862786b Fix importing of IoSourceState
4034872 Add support for vita target
8eb4010 Fix receiver and sender fd in pipe based waker
Additional commits viewable in compare view

Updates spin from 0.9.4 to 0.9.8

Changelog

Sourced from spin's changelog.

[0.9.8] - 2023-04-03

Fixed

Unsoundness in Once::try_call_once caused by an Err(_) result

[0.9.7] - 2023-03-27

Fixed

Relaxed accidentally restricted Send/Sync bounds for Mutex guards

[0.9.6] - 2023-03-13

Fixed

Relaxed accidentally restricted Send/Sync bounds for RwLock guards

[0.9.5] - 2023-02-07

Added

FairMutex, a new mutex implementation that reduces writer starvation.

A MSRV policy: Rust 1.38 is currently required

Changed

The crate's CI now has full MIRI integration, further improving the confidence you can have in the implementation.

Fixed

Ensured that the crate's abstractions comply with stacked borrows rules.

Unsoundness in the RwLock that could be triggered via a reader overflow

Relaxed various Send/Sync bound requirements to make the crate more flexible

Commits

See full diff in compare view

Updates time from 0.3.17 to 0.3.26

Commits

See full diff in compare view

Updates aes-gcm from 0.10.1 to 0.10.3

Commits

7e82b01 aes-gcm v0.10.3 (#552)
b587b27 aes-gcm: avoid exposing plaintext on tag verification failure (#551)
2209bca build(deps): bump actions/checkout from 3 to 4 (#548)
035ec25 build(deps): bump ascon from 0.3.1 to 0.4.0 (#545)
e94ba5a xsalsa20poly1305: remove source code (#543)
31240c1 Update Cargo.lock
40240c4 Update Cargo.lock
be4ea6f Update Cargo.lock
2aef39e Update Clippy version (#534)
50710da Update Cargo.lock
Additional commits viewable in compare view

Updates tokio from 1.24.1 to 1.26.0

Release notes

Sourced from tokio's releases.

Tokio v1.26.0

Fixed

macros: fix empty join! and try_join! ([https://redirect.github.com/fix empty join! and try_join! tokio-rs/tokio#5504])

sync: don't leak tracing spans in mutex guards ([https://redirect.github.com/sync: don't leak tracing spans in mutex guards tokio-rs/tokio#5469])

sync: drop wakers after unlocking the mutex in Notify ([https://redirect.github.com/Drop wakers after unlocking the mutex in Notify tokio-rs/tokio#5471])

sync: drop wakers outside lock in semaphore ([https://redirect.github.com/Solve deadlock in Semaphore tokio-rs/tokio#5475])

Added

fs: add fs::try_exists ([https://redirect.github.com/Add fs::try_exists tokio-rs/tokio#4299])

net: add types for named unix pipes ([https://redirect.github.com/net: add types for named Unix pipes tokio-rs/tokio#5351])

sync: add MappedOwnedMutexGuard ([https://redirect.github.com/Add MappedOwnedMutexGuard tokio-rs/tokio#5474])

Changed

chore: update windows-sys to 0.45 ([https://redirect.github.com/chore: update windows-sys to 0.45 tokio-rs/tokio#5386])

net: use Message Read Mode for named pipes ([https://redirect.github.com/Named Pipes: Support Message Read Mode tokio-rs/tokio#5350])

sync: mark lock guards with #[clippy::has_significant_drop] ([https://redirect.github.com/Mark MutexGuard with #[clippy::has_significant_drop] tokio-rs/tokio#5422])

sync: reduce contention in watch channel ([https://redirect.github.com/Reduce contention in watch channel tokio-rs/tokio#5464])

time: remove cache padding in timer entries ([https://redirect.github.com/time: remove cache padding in timer entries tokio-rs/tokio#5468])

time: Improve Instant::now() perf with test-util ([https://redirect.github.com/time: Improve Instant::now() perf with test-util tokio-rs/tokio#5513])

Internal Changes

io: use poll_fn in copy_bidirectional ([https://redirect.github.com/Use poll_fn in copy_bidirectional tokio-rs/tokio#5486])

net: refactor named pipe builders to not use bitfields ([https://redirect.github.com/net: refactor named pipe builders to not use bitfields tokio-rs/tokio#5477])

rt: remove Arc from Clock ([https://redirect.github.com/rt: remove Arc from Clock tokio-rs/tokio#5434])

sync: make notify_waiters calls atomic ([https://redirect.github.com/sync: make notify_waiters calls atomic tokio-rs/tokio#5458])

time: don't store deadline twice in sleep entries ([https://redirect.github.com/remove double store of deadline, saving 128 bytes tokio-rs/tokio#5410])

Unstable

metrics: add a new metric for budget exhaustion yields ([https://redirect.github.com/metrics: add a new metric for budget exhaustion yields tokio-rs/tokio#5517])

Documented

io: improve AsyncFd example ([https://redirect.github.com/io: improve AsyncFd example tokio-rs/tokio#5481])

runtime: document the nature of the main future ([https://redirect.github.com/Document the nature of the main future tokio-rs/tokio#5494])

runtime: remove extra period in docs ([https://redirect.github.com/chore: remove unnecessary dot in comment tokio-rs/tokio#5511])

signal: updated Documentation for Signals ([https://redirect.github.com/Updated Documentation for Signals tokio-rs/tokio#5459])

sync: add doc aliases for blocking_* methods ([https://redirect.github.com/sync: add doc aliases for blocking_* methods tokio-rs/tokio#5448])

sync: fix docs for Send/Sync bounds in broadcast ([https://redirect.github.com/sync: fix docs for Send/Sync bounds in broadcast tokio-rs/tokio#5480])

sync: document drop behavior for channels ([https://redirect.github.com/sync: document drop behavior for channels tokio-rs/tokio#5497])

task: clarify what happens to spawned work during runtime shutdown ([https://redirect.github.com/clarify what happens to spawned work during runtime shutdown tokio-rs/tokio#5394])

task: clarify process::Command docs ([https://redirect.github.com/Clarify process::Command docs (fixing #5406) tokio-rs/tokio#5413])

task: fix wording with 'unsend' ([https://redirect.github.com/fix: fix wording with 'unsend' tokio-rs/tokio#5452])

time: document immediate completion guarantee for timeouts ([https://redirect.github.com/time: document immediate completion guarantee for timeouts tokio-rs/tokio#5509])

tokio: document supported platforms ([https://redirect.github.com/Document supported platforms tokio-rs/tokio#5483])

... (truncated)

Commits

a377240 chore: prepare for Tokio v1.26.0 release (#5521)
52da177 metrics: add a new metric for budget exhaustion yields (#5517)
ee1c940 time: Improve Instant::now() perf with test-util (#5513)
815d89a runtime: remove extra period in docs (#5511)
54aaf3d time: document immediate completion guarantee for timeouts (#5509)
5a3abe5 net: add types for named unix pipes (#5351)
d44b1ca io: ignore SplitByUtf8BoundaryIfWindows test on miri (#5507)
e23c6f3 signal: updated Documentation for Signals (#5459)
0a50cb3 net: fix test compilation failure (#5506)
2298679 runtime: document the nature of the main future (#5494)
Additional commits viewable in compare view

Updates bumpalo from 3.11.1 to 3.19.0

Changelog

Sourced from bumpalo's changelog.

3.19.0

Released 2025-06-24.

Added

Added bumpalo::collections::Vec::retain_mut, similar to std::vec::Vec::retain_mut.

3.18.1

Released 2025-06-05.

Removed

Removed the allocator-api2 version bump from 3.18.0, as it was not actually semver compatible.

3.18.0 (yanked)

Released 2025-06-05.

Added

Added support for enforcing a minimum alignment on all allocations inside a Bump arena, which can provide speed ups when allocating objects whose alignment is less than or equal to that minimum.

Added serde serialization support for bumpalo::collections::String.

Added some missing fallible slice allocation function variants.

Changed

Replaced extend_from_slice implementation with a formally-verified version that is also faster and more-optimizable for LLVM.

Updated allocator-api2 support to version 0.3.*.

Fixed

Fixed a bug where the allocated_bytes metrics helper was accidentally including the size of bumpalo's footer, rather than just reporting the user-allocated bytes.

3.17.0

... (truncated)

Commits

See full diff in compare view

Updates mio from 0.8.5 to 0.8.11

Changelog

Sourced from mio's changelog.

0.8.11

Fix receiving IOCP events after deregistering a Windows named pipe (tokio-rs/mio#1760, backport pr: tokio-rs/mio#1761).

0.8.10

Added

Solaris support (tokio-rs/mio#1724).

0.8.9

Added

ESP-IDF framework support (tokio-rs/mio#1692).

AIX operating system support (tokio-rs/mio#1704).

Vita support (tokio-rs/mio#1721).

{UnixListener,UnixStream}:bind_addr (tokio-rs/mio#1630).

mio_unsupported_force_poll_poll and mio_unsupported_force_waker_pipe unsupported configuration flags to force a specific poll or waker implementation (tokio-rs/mio#1684, tokio-rs/mio#1685, tokio-rs/mio#1692).

Fixed

The pipe(2) based waker (swapped file descriptors) (tokio-rs/mio#1722).

The duplicate waker check to work correctly with cloned Registrys. (tokio-rs/mio#1706).

0.8.8

Fixed

Fix compilation on WASI (tokio-rs/mio#1676).

0.8.7

Added

Add/fi...
Description has been truncated

Bumps the cargo group with 7 updates in the /lessons/128/functions/rust directory: | Package | From | To | | --- | --- | --- | | [tokio](https://github.com/tokio-rs/tokio) | `1.21.1` | `1.26.0` | | [tracing-subscriber](https://github.com/tokio-rs/tracing) | `0.3.15` | `0.3.20` | | [aws-sigv4](https://github.com/smithy-lang/smithy-rs) | `0.49.0` | `0.49.1` | | [bumpalo](https://github.com/fitzgen/bumpalo) | `3.11.0` | `3.19.0` | | [h2](https://github.com/hyperium/h2) | `0.3.14` | `0.3.27` | | [mio](https://github.com/tokio-rs/mio) | `0.8.4` | `0.8.11` | | [time](https://github.com/time-rs/time) | `0.1.44` | `0.1.45` | Bumps the cargo group with 7 updates in the /lessons/138/rust-app directory: | Package | From | To | | --- | --- | --- | | [tokio](https://github.com/tokio-rs/tokio) | `1.23.0` | `1.25.3` | | [tracing-subscriber](https://github.com/tokio-rs/tracing) | `0.3.16` | `0.3.18` | | [h2](https://github.com/hyperium/h2) | `0.3.15` | `0.3.27` | | [mio](https://github.com/tokio-rs/mio) | `0.8.5` | `0.8.11` | | [spin](https://github.com/mvdnes/spin-rs) | `0.9.4` | `0.9.8` | | [time](https://github.com/time-rs/time) | `0.3.17` | `0.3.26` | | [aes-gcm](https://github.com/RustCrypto/AEADs) | `0.10.1` | `0.10.3` | Bumps the cargo group with 3 updates in the /lessons/146/web directory: [tokio](https://github.com/tokio-rs/tokio), [bumpalo](https://github.com/fitzgen/bumpalo) and [mio](https://github.com/tokio-rs/mio). Bumps the cargo group with 5 updates in the /lessons/147/rust-app directory: | Package | From | To | | --- | --- | --- | | [tokio](https://github.com/tokio-rs/tokio) | `1.24.1` | `1.26.0` | | [bumpalo](https://github.com/fitzgen/bumpalo) | `3.11.1` | `3.19.0` | | [h2](https://github.com/hyperium/h2) | `0.3.15` | `0.3.27` | | [mio](https://github.com/tokio-rs/mio) | `0.8.5` | `0.8.11` | | [webpki](https://github.com/briansmith/webpki) | `0.22.0` | `0.22.4` | Updates `tokio` from 1.21.1 to 1.26.0 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.21.1...tokio-1.26.0) Updates `tracing-subscriber` from 0.3.15 to 0.3.20 - [Release notes](https://github.com/tokio-rs/tracing/releases) - [Commits](tokio-rs/tracing@tracing-subscriber-0.3.15...tracing-subscriber-0.3.20) Updates `aws-sigv4` from 0.49.0 to 0.49.1 - [Release notes](https://github.com/smithy-lang/smithy-rs/releases) - [Changelog](https://github.com/smithy-lang/smithy-rs/blob/main/CHANGELOG.md) - [Commits](https://github.com/smithy-lang/smithy-rs/commits) Updates `bumpalo` from 3.11.0 to 3.19.0 - [Changelog](https://github.com/fitzgen/bumpalo/blob/main/CHANGELOG.md) - [Commits](https://github.com/fitzgen/bumpalo/commits) Updates `h2` from 0.3.14 to 0.3.27 - [Release notes](https://github.com/hyperium/h2/releases) - [Changelog](https://github.com/hyperium/h2/blob/v0.3.27/CHANGELOG.md) - [Commits](hyperium/h2@v0.3.14...v0.3.27) Updates `mio` from 0.8.4 to 0.8.11 - [Release notes](https://github.com/tokio-rs/mio/releases) - [Changelog](https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md) - [Commits](tokio-rs/mio@v0.8.4...v0.8.11) Updates `time` from 0.1.44 to 0.1.45 - [Release notes](https://github.com/time-rs/time/releases) - [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md) - [Commits](https://github.com/time-rs/time/commits) Updates `tokio` from 1.23.0 to 1.25.3 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.21.1...tokio-1.26.0) Updates `tracing-subscriber` from 0.3.16 to 0.3.18 - [Release notes](https://github.com/tokio-rs/tracing/releases) - [Commits](tokio-rs/tracing@tracing-subscriber-0.3.15...tracing-subscriber-0.3.20) Updates `h2` from 0.3.15 to 0.3.27 - [Release notes](https://github.com/hyperium/h2/releases) - [Changelog](https://github.com/hyperium/h2/blob/v0.3.27/CHANGELOG.md) - [Commits](hyperium/h2@v0.3.14...v0.3.27) Updates `mio` from 0.8.5 to 0.8.11 - [Release notes](https://github.com/tokio-rs/mio/releases) - [Changelog](https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md) - [Commits](tokio-rs/mio@v0.8.4...v0.8.11) Updates `spin` from 0.9.4 to 0.9.8 - [Changelog](https://github.com/zesterer/spin-rs/blob/master/CHANGELOG.md) - [Commits](https://github.com/mvdnes/spin-rs/commits) Updates `time` from 0.3.17 to 0.3.26 - [Release notes](https://github.com/time-rs/time/releases) - [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md) - [Commits](https://github.com/time-rs/time/commits) Updates `aes-gcm` from 0.10.1 to 0.10.3 - [Commits](RustCrypto/AEADs@aes-gcm-v0.10.1...aes-gcm-v0.10.3) Updates `tokio` from 1.24.1 to 1.26.0 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.21.1...tokio-1.26.0) Updates `bumpalo` from 3.11.1 to 3.19.0 - [Changelog](https://github.com/fitzgen/bumpalo/blob/main/CHANGELOG.md) - [Commits](https://github.com/fitzgen/bumpalo/commits) Updates `mio` from 0.8.5 to 0.8.11 - [Release notes](https://github.com/tokio-rs/mio/releases) - [Changelog](https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md) - [Commits](tokio-rs/mio@v0.8.4...v0.8.11) Updates `tokio` from 1.24.1 to 1.26.0 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.21.1...tokio-1.26.0) Updates `bumpalo` from 3.11.1 to 3.19.0 - [Changelog](https://github.com/fitzgen/bumpalo/blob/main/CHANGELOG.md) - [Commits](https://github.com/fitzgen/bumpalo/commits) Updates `h2` from 0.3.15 to 0.3.27 - [Release notes](https://github.com/hyperium/h2/releases) - [Changelog](https://github.com/hyperium/h2/blob/v0.3.27/CHANGELOG.md) - [Commits](hyperium/h2@v0.3.14...v0.3.27) Updates `mio` from 0.8.5 to 0.8.11 - [Release notes](https://github.com/tokio-rs/mio/releases) - [Changelog](https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md) - [Commits](tokio-rs/mio@v0.8.4...v0.8.11) Updates `webpki` from 0.22.0 to 0.22.4 - [Commits](https://github.com/briansmith/webpki/commits) --- updated-dependencies: - dependency-name: tokio dependency-version: 1.26.0 dependency-type: direct:production dependency-group: cargo - dependency-name: tracing-subscriber dependency-version: 0.3.20 dependency-type: direct:production dependency-group: cargo - dependency-name: aws-sigv4 dependency-version: 0.49.1 dependency-type: indirect dependency-group: cargo - dependency-name: bumpalo dependency-version: 3.19.0 dependency-type: indirect dependency-group: cargo - dependency-name: h2 dependency-version: 0.3.27 dependency-type: indirect dependency-group: cargo - dependency-name: mio dependency-version: 0.8.11 dependency-type: indirect dependency-group: cargo - dependency-name: time dependency-version: 0.1.45 dependency-type: indirect dependency-group: cargo - dependency-name: tokio dependency-version: 1.25.3 dependency-type: indirect dependency-group: cargo - dependency-name: tracing-subscriber dependency-version: 0.3.18 dependency-type: indirect dependency-group: cargo - dependency-name: h2 dependency-version: 0.3.27 dependency-type: indirect dependency-group: cargo - dependency-name: mio dependency-version: 0.8.11 dependency-type: indirect dependency-group: cargo - dependency-name: spin dependency-version: 0.9.8 dependency-type: indirect dependency-group: cargo - dependency-name: time dependency-version: 0.3.26 dependency-type: indirect dependency-group: cargo - dependency-name: aes-gcm dependency-version: 0.10.3 dependency-type: indirect dependency-group: cargo - dependency-name: tokio dependency-version: 1.26.0 dependency-type: direct:production dependency-group: cargo - dependency-name: bumpalo dependency-version: 3.19.0 dependency-type: indirect dependency-group: cargo - dependency-name: mio dependency-version: 0.8.11 dependency-type: indirect dependency-group: cargo - dependency-name: tokio dependency-version: 1.26.0 dependency-type: direct:production dependency-group: cargo - dependency-name: bumpalo dependency-version: 3.19.0 dependency-type: indirect dependency-group: cargo - dependency-name: h2 dependency-version: 0.3.27 dependency-type: indirect dependency-group: cargo - dependency-name: mio dependency-version: 0.8.11 dependency-type: indirect dependency-group: cargo - dependency-name: webpki dependency-version: 0.22.4 dependency-type: indirect dependency-group: cargo ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Aug 29, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the cargo group across 4 directories with 10 updates #5

Bump the cargo group across 4 directories with 10 updates #5

Uh oh!

dependabot bot commented on behalf of github Aug 29, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump the cargo group across 4 directories with 10 updates #5

Are you sure you want to change the base?

Bump the cargo group across 4 directories with 10 updates #5

Uh oh!

Conversation

dependabot bot commented on behalf of github Aug 29, 2025

Tokio v1.26.0

Fixed

Added

Changed

Internal Changes

Unstable

Documented

tracing-subscriber 0.3.20

Impact

Solution

Affected Versions

Recommendations

Migration

Acknowledgments

tracing-subscriber 0.3.19

Added

3.19.0

Added

3.18.1

Removed

3.18.0 (yanked)

Added

Changed

Fixed

3.17.0

v0.3.26

What's Changed

v0.3.25

What's Changed

v0.3.24

Fixed

v0.3.23

What's Changed

v0.3.22

What's Changed

New Contributors

v0.3.21

What's Changed

New Contributors

v0.3.20

Bug Fixes

0.3.27 (July 11, 2025)

0.3.26 (April 3, 2024)

0.3.25 (March 15, 2024)

0.3.24 (January 17, 2024)

0.3.23 (January 10, 2024)

0.3.22 (November 15, 2023)

0.3.21 (August 21, 2023)

0.3.20 (June 26, 2023)

0.3.19 (May 12, 2023)

0.3.18 (April 17, 2023)

0.3.17 (April 13, 2023)

0.8.11

0.8.10

Added

0.8.9

Added

Fixed

0.8.8

Fixed

0.8.7

Added

Tokio v1.26.0

Fixed

Added

Changed

Internal Changes

Unstable

Documented

tracing-subscriber 0.3.20

Impact

Solution

Affected Versions

Recommendations