Skip to content

deps: bump the rust-dependencies group across 1 directory with 4 updates#7

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/rust-dependencies-b5d713aca5
Open

deps: bump the rust-dependencies group across 1 directory with 4 updates#7
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/rust-dependencies-b5d713aca5

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 5, 2026
edited
Loading

Updates the requirements on toml, quick-xml, hcl-rs and reqwest to permit the latest version.
Updates toml to 0.9.11+spec-1.1.0

Commits

Updates quick-xml to 0.39.0

Release notes

Sourced from quick-xml's releases.

v0.39.0 - Config for Writer

What's Changed

Added a way to configure Writer. Now all configuration is contained in the writer::Config struct and can be applied at once. When serde-types feature is enabled, configuration is serializable.

New Features

  • #846: Add methods config() and config_mut() to inspect and change the writer configuration.
  • #846: Add ability to write space before /> in self-closed tags for maximum compatibility with XHTML.
  • #846: Add method empty_element_handling() as a more powerful alternative to expand_empty_elements() in Serializer.
  • #929: Allow to pass list of field names to impl_deserialize_for_internally_tagged_enum! macro which is required if you enum variants contains $value fields.

Bug Fixes

  • #923: Implement correct skipping of well-formed DTD.

Misc Changes

  • #908: Increase minimal supported serde version from 1.0.139 to 1.0.180.
  • #913: Deprecate .prefixes(), .resolve(), .resolve_attribute(), and .resolve_element() of NsReader. Use .resolver().bindings() and .resolver().resolve() methods instead.
  • #913: Attributes::has_nil now accepts NamespaceResolver instead of Reader<R>.
  • #924: (breaking change) Split SyntaxError::UnclosedPIOrXmlDecl into UnclosedPI and UnclosedXmlDecl for more precise error reporting.
  • #924: (breaking change) Parser::eof_error now takes &self and content &[u8] parameters.
  • #926: (breaking change) Split SyntaxError::UnclosedTag into UnclosedTag, UnclosedSingleQuotedAttributeValue and UnclosedDoubleQuotedAttributeValue for more precise error reporting.

#846: tafia/quick-xml#846 #908: tafia/quick-xml#908 #913: tafia/quick-xml#913 #923: tafia/quick-xml#923 #924: tafia/quick-xml#924 #926: tafia/quick-xml#926 #929: tafia/quick-xml#929

New Contributors

Full Changelog: tafia/quick-xml@v0.38.4...v0.39.0

Changelog

Sourced from quick-xml's changelog.

0.39.0 -- 2026-01-11

Added a way to configure Writer. Now all configuration is contained in the writer::Config struct and can be applied at once. When serde-types feature is enabled, configuration is serializable.

New Features

  • #846: Add methods config() and config_mut() to inspect and change the writer configuration.
  • #846: Add ability to write space before /> in self-closed tags for maximum compatibility with XHTML.
  • #846: Add method empty_element_handling() as a more powerful alternative to expand_empty_elements() in Serializer.
  • #929: Allow to pass list of field names to impl_deserialize_for_internally_tagged_enum! macro which is required if you enum variants contains $value fields.

Bug Fixes

  • #923: Implement correct skipping of well-formed DTD.

Misc Changes

  • #908: Increase minimal supported serde version from 1.0.139 to 1.0.180.
  • #913: Deprecate .prefixes(), .resolve(), .resolve_attribute(), and .resolve_element() of NsReader. Use .resolver().bindings() and .resolver().resolve() methods instead.
  • #913: Attributes::has_nil now accepts NamespaceResolver instead of Reader<R>.
  • #924: (breaking change) Split SyntaxError::UnclosedPIOrXmlDecl into UnclosedPI and UnclosedXmlDecl for more precise error reporting.
  • #924: (breaking change) Parser::eof_error now takes &self and content &[u8] parameters.
  • #926: (breaking change) Split SyntaxError::UnclosedTag into UnclosedTag, UnclosedSingleQuotedAttributeValue and UnclosedDoubleQuotedAttributeValue for more precise error reporting.

#846: tafia/quick-xml#846 #908: tafia/quick-xml#908 #913: tafia/quick-xml#913 #923: tafia/quick-xml#923 #924: tafia/quick-xml#924 #926: tafia/quick-xml#926 #929: tafia/quick-xml#929

0.38.4 -- 2025-11-11

New Features

  • #353: Add ability to serialize textual content as CDATA sections in Serializer. Everywhere where the text node may be created, a CDATA section(s) could be produced instead. See the new [Serializer::text_format()] method.

Bug Fixes

... (truncated)

Commits
  • 6242da0 Release 0.39.0
  • 549bb09 Disable tests for documents that are not supported by rxml
  • 2c19dfd Run cargo fmt in compare project
  • 5fc5a16 Fix misprint in benchmark name
  • ba6b9c5 Update xml5ever & markup5even: 0.36 -> 0.37
  • 70208da Fix not updated internal documentation link after #922
  • 0bfface Fix misprint in error message
  • 9f6babb Merge pull request #932 from Mingun/unclosed-attr-error
  • 229d84c Split SyntaxError::UnclosedTag into UnclosedTag, `UnclosedSingleQuotedAtt...
  • f869d0e Merge pull request #931 from Mingun/benches
  • Additional commits viewable in compare view

Updates hcl-rs to 0.19.4

Release notes

Sourced from hcl-rs's releases.

hcl-rs-v0.19.4

Fixed

  • (docs) fix docs.rs build failure
Commits
  • a8d41a3 chore: release (#469)
  • 67f7cf9 fix(docs): fix docs.rs build failure
  • ea7ab9e chore: release (#468)
  • f03f30b fix: failed to parse a line containing binary operators and comments (#467)
  • 0f97a04 chore: address new clippy lints
  • 62c1c12 chore(deps): update rust crate criterion to 0.7 (#463)
  • a779e4b chore(deps): update actions/checkout action to v5 (#464)
  • 41898fe chore(deps): update marcoieni/release-plz-action digest to acb9246 (#465)
  • d163373 chore(deps): update actions/checkout action to v4.3.0
  • f6bb94a chore(deps): update actions/cache action to v4.3.0
  • Additional commits viewable in compare view

Updates reqwest to 0.12.28

Release notes

Sourced from reqwest's releases.

v0.12.28

What's Changed

Full Changelog: seanmonstar/reqwest@v0.12.27...v0.12.28

Changelog

Sourced from reqwest's changelog.

v0.12.28

  • Fix compiling on Windows if TLS and SOCKS features are not enabled.

v0.12.27

  • Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Piper.

v0.12.26

  • Fix sending Accept-Encoding header only with values configured with reqwest, regardless of underlying tower-http config.

v0.12.25

  • Add Error::is_upgrade() to determine if the error was from an HTTP upgrade.
  • Fix sending Proxy-Authorization if only username is configured.
  • Fix sending Proxy-Authorization to HTTPS proxies when the target is HTTP.
  • Refactor internal decompression handling to use tower-http.

v0.12.24

  • Refactor cookie handling to an internal middleware.
  • Refactor internal random generator.
  • Refactor base64 encoding to reduce a copy.
  • Documentation updates.

v0.12.23

  • Add ClientBuilder::unix_socket(path) option that will force all requests over that Unix Domain Socket.
  • Add ClientBuilder::retry(policy) and reqwest::retry::Builder to configure automatic retries.
  • Add ClientBuilder::dns_resolver2() with more ergonomic argument bounds, allowing more resolver implementations.
  • Add http3_* options to blocking::ClientBuilder.
  • Fix default TCP timeout values to enabled and faster.
  • Fix SOCKS proxies to default to port 1080
  • (wasm) Add cache methods to RequestBuilder.

v0.12.22

  • Fix socks proxies when resolving IPv6 destinations.

v0.12.21

  • Fix socks proxy to use socks4a:// instead of socks4h://.
  • Fix Error::is_timeout() to check for hyper and IO timeouts too.
  • Fix request Error to again include URLs when possible.
  • Fix socks connect error to include more context.
  • (wasm) implement Default for Body.

v0.12.20

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Feb 5, 2026
@dependabot dependabot bot force-pushed the dependabot/cargo/rust-dependencies-b5d713aca5 branch 2 times, most recently from 3195e06 to 93c3ae0 Compare February 6, 2026 12:43
@dependabot
deps: bump the rust-dependencies group across 1 directory with 4 updates
344b037 
Updates the requirements on [toml](https://github.com/toml-rs/toml), [quick-xml](https://github.com/tafia/quick-xml), [hcl-rs](https://github.com/martinohmann/hcl-rs) and [reqwest](https://github.com/seanmonstar/reqwest) to permit the latest version.

Updates `toml` to 0.9.11+spec-1.1.0
- [Commits](toml-rs/toml@toml-v0.8.0...toml-v0.9.11)

Updates `quick-xml` to 0.39.0
- [Release notes](https://github.com/tafia/quick-xml/releases)
- [Changelog](https://github.com/tafia/quick-xml/blob/master/Changelog.md)
- [Commits](tafia/quick-xml@v0.37.0...v0.39.0)

Updates `hcl-rs` to 0.19.4
- [Release notes](https://github.com/martinohmann/hcl-rs/releases)
- [Commits](martinohmann/hcl-rs@hcl-rs-v0.18.0...hcl-rs-v0.19.4)

Updates `reqwest` to 0.12.28
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.12.0...v0.12.28)

---
updated-dependencies:
- dependency-name: toml
  dependency-version: 0.9.11+spec-1.1.0
  dependency-type: direct:production
  dependency-group: rust-dependencies
- dependency-name: quick-xml
  dependency-version: 0.39.0
  dependency-type: direct:production
  dependency-group: rust-dependencies
- dependency-name: hcl-rs
  dependency-version: 0.19.4
  dependency-type: direct:production
  dependency-group: rust-dependencies
- dependency-name: reqwest
  dependency-version: 0.12.28
  dependency-type: direct:production
  dependency-group: rust-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/rust-dependencies-b5d713aca5 branch from 93c3ae0 to 344b037 Compare February 12, 2026 01:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants