Bump the rust-dependencies group across 1 directory with 7 updates #5837

dependabot · 2025-07-11T20:21:21Z

Bumps the rust-dependencies group with 7 updates in the /quickwit directory:

Package	From	To
hostname	`0.3.1`	`0.4.1`
http-serde	`1.1.3`	`2.1.1`
rand	`0.8.5`	`0.9.1`
rustls	`0.21.12`	`0.23.29`
tokio-rustls	`0.24.1`	`0.26.2`
tower-http	`0.4.4`	`0.6.6`
lambda_runtime	`0.13.0`	`0.14.2`

Updates hostname from 0.3.1 to 0.4.1

Changelog

Sourced from hostname's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[0.4.0] - 2024-04-01

Added

CI setup now covers almost all supported Tier 1 and Tier 2 platform targets

Changed

Minimum Supported Rust version set to 1.67.0

Rust edition set to "2021"

Fixed

Handle edge cases for POSIX systems (#14)

docs.rs documentation build

Commits

See full diff in compare view

Updates http-serde from 1.1.3 to 2.1.1

Commits

c2403fb Bump
2d3c46d Better support for binary headers
070ade2 Option<T> support
456702a Bump
5c6cb53 Test rmp
8d1e7a5 DRY headermap
6174494 Reduce StatusVisitor size
16cd601 Don't rely on Debug display
212c87c Re-export http
b196b2f Bump
See full diff in compare view

Updates rand from 0.8.5 to 0.9.1

Changelog

Sourced from rand's changelog.

[0.9.1] - 2025-04-17

Security and unsafe

Revise "not a crypto library" policy again (#1565)

Remove zerocopy dependency from rand (#1579)

Fixes

Fix feature simd_support for recent nightly rust (#1586)

Changes

Allow fn rand::seq::index::sample_weighted and fn IndexedRandom::choose_multiple_weighted to return fewer than amount results (#1623), reverting an undocumented change (#1382) to the previous release.

Additions

Add rand::distr::Alphabetic distribution. (#1587)

Re-export rand_core (#1604)

[0.9.0] - 2025-01-27

Security and unsafe

Policy: "rand is not a crypto library" (#1514)

Remove fork-protection from ReseedingRng and ThreadRng. Instead, it is recommended to call ThreadRng::reseed on fork. (#1379)

Use zerocopy to replace some unsafe code (#1349, #1393, #1446, #1502)

Dependencies

Bump the MSRV to 1.63.0 (#1207, #1246, #1269, #1341, #1416, #1536); note that 1.60.0 may work for dependents when using --ignore-rust-version

Update to rand_core v0.9.0 (#1558)

Features

Support std feature without getrandom or rand_chacha (#1354)

Enable feature small_rng by default (#1455)

Remove implicit feature rand_chacha; use std_rng instead. (#1473)

Rename feature serde1 to serde (#1477)

Rename feature getrandom to os_rng (#1537)

Add feature thread_rng (#1547)

API changes: rand_core traits

Add fn RngCore::read_adapter implementing std::io::Read (#1267)

Add trait CryptoBlockRng: BlockRngCore; make trait CryptoRng: RngCore (#1273)

Add traits TryRngCore, TryCryptoRng (#1424, #1499)

Rename fn SeedableRng::from_rng -> try_from_rng and add infallible variant fn from_rng (#1424)

Rename fn SeedableRng::from_entropy -> from_os_rng and add fallible variant fn try_from_os_rng (#1424)

Add bounds Clone and AsRef to associated type SeedableRng::Seed (#1491)

API changes: Rng trait and top-level fns

Rename fn rand::thread_rng() to rand::rng() and remove from the prelude (#1506)

Remove fn rand::random() from the prelude (#1506)

Add top-level fns random_iter, random_range, random_bool, random_ratio, fill (#1488)

Re-introduce fn Rng::gen_iter as random_iter (#1305, #1500)

Rename fn Rng::gen to random to avoid conflict with the new gen keyword in Rust 2024 (#1438)

Rename fns Rng::gen_range to random_range, gen_bool to random_bool, gen_ratio to random_ratio (#1505)

Annotate panicking methods with #[track_caller] (#1442, #1447)

... (truncated)

Commits

ec6d5c0 Prepare rand_core v0.9.1 (#1591)
6a06056 rand_core: introduce an UnwrapMut wrapper (#1589)
8929123 Add Alphabetic distribution (#1587)
06b1642 Remove unnecessary underscore from `impl<T, const N: usize> Distribution<[T; ...
49d76cd rename extract to extract_lane (#1586)
e0a70fd Change to use array::from_fn in Distribution\<[T; N]> for StandardUniform ...
0bc3f65 Move rand distr (#1577)
2677c49 Revise "not a crypto library" policy and SECURITY.md (#1565)
bfd1826 SeedableRng docs: add note on (lack of) reproducibility (#1572)
c01aee7 Fix some links (#1571)
Additional commits viewable in compare view

Updates rustls from 0.21.12 to 0.23.29

Commits

4e0b5fe Bump version to 0.23.29
b854079 Propagate context for webpki signature algorithm errors
c84675e key_schedule: minimise lifetime of resumption secret
788b0df key_schedule: erase master secret in traffic state
d2c64f0 key_schedule: separate ops not using current secret
e5998cd key_schedule: add state for derivations before finish
9620bec tls13::key_schedule: move KeySchedule struct down
373ad88 tls13::key_schedule: move SecretKind down
efa2066 Improve compactness of Debug impl for extensions
a5433a1 Correct calculation of ServerHello ECH confirmation
Additional commits viewable in compare view

Updates tokio-rustls from 0.24.1 to 0.26.2

Release notes

Sourced from tokio-rustls's releases.

v/0.26.0

Additions

Support for Rustls 0.23 and the new acceptor alert API - by @ctz in #44

Support for aws-lc-rs as the new default crypto backend, allowing passthrough of the fips feature - by @BiagioFesta in #43, @jbr in #49, #50

Support for forwarding vectored writes - by @paolobarbolini in #45

Fixes

Ignoring NotConnected error in poll_shutdown - by @djc in #42

Check for ErrorKind::WouldBlock in MidHandshake::SendAlert poll - by @jbr in #47

Check for ErrorKind::WouldBlock in LayzConfigAcceptor - by @jbr in #48

Fix for SendAlert io::ErrorKind - by @jbr in #52

Fix for alert.write poll - by @jbr in #51

What's Changed

Update example code in README for v0.25.0 by @jwodder in rustls/tokio-rustls#33

use rustls-pki-types by @getong in rustls/tokio-rustls#34

Cargo.toml: add aws-lc-rs feature as crypto backend by @BiagioFesta in rustls/tokio-rustls#43

Take rustls 0.23 by @ctz in rustls/tokio-rustls#44

Ignore NotConnected error in poll_shutdown() by @djc in rustls/tokio-rustls#42

feat: add fips pass-through feature by @jbr in rustls/tokio-rustls#49

fix: check for ErrorKind::WouldBlock in MidHandshake::SendAlert poll by @jbr in rustls/tokio-rustls#47

Fix: SendAlert io::ErrorKind should be InvalidData instead of Other by @jbr in rustls/tokio-rustls#51

fix: correctly poll alert.write until it finishes by @jbr in rustls/tokio-rustls#52

feat: change default crypto provider to match rustls' by @jbr in rustls/tokio-rustls#50

Fix: Check for ErrorKind::WouldBlock in LazyConfigAcceptor by @jbr in rustls/tokio-rustls#48

fix: Rename feature to aws_lc_rs by @fasterthanlime in rustls/tokio-rustls#53

Ensure examples use re-exported rustls types outside of the tokio-rustls context by @mdodkins in rustls/tokio-rustls#56

Forward vectored writes by @paolobarbolini in rustls/tokio-rustls#45

Add an aws-lc-rs feature as an alias for aws_lc_rs by @zh-jq in rustls/tokio-rustls#57

Cargo: 0.25.0 -> 0.26.0 by @cpu in rustls/tokio-rustls#59

Full Changelog: rustls/tokio-rustls@v/0.25.0...v/0.26.0

Commits

10d5790 release 0.26.2 (#104)
2d393fd feat: add access to underlying config (#103)
710cf25 Implement AsyncBufRead (#100)
276625b Cargo: MSRV 1.70 -> 1.71
cd399ab ci: use persist-credentials: false throughout
93dbdf0 release 0.26.1 (#95)
e193e29 fix: return write-zero error when write return 0 (#93)
66fb0ae proj: fix clippy 1.83 findings
409d874 Bump MSRV for newer tokio versions
52e685d Use new rustls-pki-types PEM API
Additional commits viewable in compare view

Updates tower-http from 0.4.4 to 0.6.6

Release notes

Sourced from tower-http's releases.

tower-http-0.6.6

Fixed

compression: fix panic when looking in vary header (#578)

#578: tower-rs/tower-http#578

New Contributors

@sulami made their first contribution in tower-rs/tower-http#578

Full Changelog: tower-rs/tower-http@tower-http-0.6.5...tower-http-0.6.6

tower-http-0.6.5

Added

normalize_path: add append_trailing_slash() mode (#547)

Fixed

redirect: remove payload headers if redirect changes method to GET (#575)

compression: avoid setting vary: accept-encoding if already set (#572)

#547: tower-rs/tower-http#547 #572: tower-rs/tower-http#572 #575: tower-rs/tower-http#575

New Contributors

@daalfox made their first contribution in tower-rs/tower-http#547

@mherrerarendon made their first contribution in tower-rs/tower-http#574

@linyihai made their first contribution in tower-rs/tower-http#575

Full Changelog: tower-rs/tower-http@tower-http-0.6.4...tower-http-0.6.5

tower-http 0.6.4

Added

decompression: Support HTTP responses containing multiple ZSTD frames (#548)

The ServiceExt trait for chaining layers onto an arbitrary http service just like ServiceBuilderExt allows for ServiceBuilder (#563)

Fixed

Remove unnecessary trait bounds on S::Error for Service impls of RequestBodyTimeout<S> and ResponseBodyTimeout<S> (#533)

compression: Respect is_end_stream (#535)

Fix a rare panic in fs::ServeDir (#553)

Fix invalid content-lenght of 1 in response to range requests to empty files (#556)

In AsyncRequireAuthorization, use the original inner service after it is

... (truncated)

Commits

635692d v0.6.6
359d997 Fix an indexing panic in compression (#578)
24c0f0b refactor: slightly reduce use of futures-util (#577)
51723d4 v0.6.5
0187232 feat(compression): avoid setting Vary: Accept-Encoding when already set (#572)
f64fbe6 fix(redirect): Removed headers after empty payload set. (#575)
7388e76 docs: Clarify TimeoutBody is a timeout per frame, not total (#574)
86615aa normalize_path: Add Append mode (#547)
fa8848e Release v0.6.4 (#568)
2608a51 Make type inference work for ServiceExt (#566)
Additional commits viewable in compare view

Updates lambda_runtime from 0.13.0 to 0.14.2

Release notes

Sourced from lambda_runtime's releases.

lambda-runtime-0.14.2

What's Changed

feat: derive Deserialize, Clone, PartialEq, Eq for MetadataPrelude by @DiscreteTom in awslabs/aws-lambda-rust-runtime#956

fix: Add type annotation to LambdaRequest's Deserialize impl to avoid compiler recursive loop by @raulescobar-g in awslabs/aws-lambda-rust-runtime#960

fix(docs): enable all features in docs.rs build by @jlizen in awslabs/aws-lambda-rust-runtime#1000

Bump all packages versions to release doc updates by @bnusunny in awslabs/aws-lambda-rust-runtime#1002

feat(ci): add cargo-semver-checks workflows by @jlizen in awslabs/aws-lambda-rust-runtime#1003

New Contributors

@DiscreteTom made their first contribution in awslabs/aws-lambda-rust-runtime#956

@raulescobar-g made their first contribution in awslabs/aws-lambda-rust-runtime#960

Full Changelog: awslabs/aws-lambda-rust-runtime@lambda-runtime-0.14.1...lambda-runtime-0.14.2

lambda-runtime-0.14.0

Release runtime 0.14.0 with graceful shutdown hook

lambda-runtime-api-client 0.12.0 lambda-runtime 0.14.0 lambda-http 0.15.0 lambda-extesnion 0.12.0

What's Changed

feat: add dependabot by @maxday in awslabs/aws-lambda-rust-runtime#941

Update opentelemetry-semantic-conventions requirement from 0.14 to 0.27 by @dependabot in awslabs/aws-lambda-rust-runtime#942

fix: clippy error + bump MSRV by @maxday in awslabs/aws-lambda-rust-runtime#948

Feature/otel span kind support by @alessandrobologna in awslabs/aws-lambda-rust-runtime#946

Update MSRV in README by @bnusunny in awslabs/aws-lambda-rust-runtime#949

Bump aws-cdk-lib from 2.126.0 to 2.186.0 in /examples/http-axum/cdk by @dependabot in awslabs/aws-lambda-rust-runtime#976

Bump aws-cdk-lib from 2.186.0 to 2.193.0 in /examples/http-axum/cdk by @dependabot in awslabs/aws-lambda-rust-runtime#979

Bump aws-cdk-lib from 2.159.1 to 2.193.0 in /examples/advanced-appconfig-feature-flags/cdk by @dependabot in awslabs/aws-lambda-rust-runtime#978

Fix typos by @FalkWoldmann in awslabs/aws-lambda-rust-runtime#952

docs: replaced the link to the shield by @braveocheretovych in awslabs/aws-lambda-rust-runtime#968

Update opentelemetry-semantic-conventions requirement from 0.27 to 0.29 by @dependabot in awslabs/aws-lambda-rust-runtime#970

feat(tracing, lambda-runtime): add support for custom writer with default tracing subscriber, add turnkey graceful shutdown helper behind 'graceful-shutdown' feature flag by @jlizen in awslabs/aws-lambda-rust-runtime#982

chore: add msrv in Cargo manifests by @jlizen in awslabs/aws-lambda-rust-runtime#987

fix(docs): examples/extension-internal-flush: don't refer to a standalone layer arn for internal extension by @jlizen in awslabs/aws-lambda-rust-runtime#980

fix(integ tests): enable graceful-shutdown feature flag; chore(ci/cd): build integration test crate as part of PR validation by @jlizen in awslabs/aws-lambda-rust-runtime#988

fix(ci/cd): pin cargo-lambda back to 1.8.1 temporarily by @jlizen in awslabs/aws-lambda-rust-runtime#989

fix(lambda-runtime,lambda-integration-tests): make spawn_graceful_shutdown_handler() async, await the extension being registered before spawning background extension handler task by @jlizen in awslabs/aws-lambda-rust-runtime#992

Release runtime 0.14.0 with graceful shutdown hook by @bnusunny in awslabs/aws-lambda-rust-runtime#991

CI/CD fixes by @jlizen in awslabs/aws-lambda-rust-runtime#994

New Contributors

@alessandrobologna made their first contribution in awslabs/aws-lambda-rust-runtime#946

@braveocheretovych made their first contribution in awslabs/aws-lambda-rust-runtime#968

@jlizen made their first contribution in awslabs/aws-lambda-rust-runtime#982

... (truncated)

Commits

62a36b0 feat(ci): add cargo-semver-checks workflows (#1003)
2b3bcb7 Bump all packages versions to release doc updates (#1002)
34b9c04 fix(docs): enable all features in docs.rs build (#1000)
24125e2 Add type hint to LambdaRequest's Deserialize impl to avoid compiler recursive...
1a7c696 feat: derive Deserialize, Clone, PartialEq, Eq for MetadataPrelude (#956)
2862581 Bump version for runtime and runtime-api-client (#999)
5d3e916 feat(ci): build and check rustdocs for warnings; fix(docs): add missing cfg f...
489b235 CI/CD fixes (#994)
00fef2c Release runtime 0.14.0 with graceful shutdown hook (#991)
661cc26 fix(lambda-runtime,lambda-integration-tests): make spawn_graceful_shutdown_ha...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the rust-dependencies group with 7 updates in the /quickwit directory: | Package | From | To | | --- | --- | --- | | [hostname](https://github.com/svartalf/hostname) | `0.3.1` | `0.4.1` | | [http-serde](https://gitlab.com/kornelski/http-serde) | `1.1.3` | `2.1.1` | | [rand](https://github.com/rust-random/rand) | `0.8.5` | `0.9.1` | | [rustls](https://github.com/rustls/rustls) | `0.21.12` | `0.23.29` | | [tokio-rustls](https://github.com/rustls/tokio-rustls) | `0.24.1` | `0.26.2` | | [tower-http](https://github.com/tower-rs/tower-http) | `0.4.4` | `0.6.6` | | [lambda_runtime](https://github.com/awslabs/aws-lambda-rust-runtime) | `0.13.0` | `0.14.2` | Updates `hostname` from 0.3.1 to 0.4.1 - [Release notes](https://github.com/svartalf/hostname/releases) - [Changelog](https://github.com/djc/hostname/blob/main/CHANGELOG.md) - [Commits](https://github.com/svartalf/hostname/commits) Updates `http-serde` from 1.1.3 to 2.1.1 - [Commits](https://gitlab.com/kornelski/http-serde/compare/v1.1.3...v2.1.1) Updates `rand` from 0.8.5 to 0.9.1 - [Release notes](https://github.com/rust-random/rand/releases) - [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md) - [Commits](rust-random/rand@0.8.5...rand_core-0.9.1) Updates `rustls` from 0.21.12 to 0.23.29 - [Release notes](https://github.com/rustls/rustls/releases) - [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md) - [Commits](rustls/rustls@v/0.21.12...v/0.23.29) Updates `tokio-rustls` from 0.24.1 to 0.26.2 - [Release notes](https://github.com/rustls/tokio-rustls/releases) - [Commits](rustls/tokio-rustls@v/0.24.1...v/0.26.2) Updates `tower-http` from 0.4.4 to 0.6.6 - [Release notes](https://github.com/tower-rs/tower-http/releases) - [Commits](tower-rs/tower-http@tower-http-0.4.4...tower-http-0.6.6) Updates `lambda_runtime` from 0.13.0 to 0.14.2 - [Release notes](https://github.com/awslabs/aws-lambda-rust-runtime/releases) - [Commits](awslabs/aws-lambda-rust-runtime@lambda-http-0.13.0...lambda-runtime-0.14.2) --- updated-dependencies: - dependency-name: hostname dependency-version: 0.4.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-dependencies - dependency-name: http-serde dependency-version: 2.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: rust-dependencies - dependency-name: rand dependency-version: 0.9.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-dependencies - dependency-name: rustls dependency-version: 0.23.29 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-dependencies - dependency-name: tokio-rustls dependency-version: 0.26.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-dependencies - dependency-name: tower-http dependency-version: 0.6.6 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-dependencies - dependency-name: lambda_runtime dependency-version: 0.14.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jul 11, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the rust-dependencies group across 1 directory with 7 updates #5837

Bump the rust-dependencies group across 1 directory with 7 updates #5837

Uh oh!

dependabot bot commented on behalf of github Jul 11, 2025

Uh oh!

Uh oh!

Bump the rust-dependencies group across 1 directory with 7 updates #5837

Are you sure you want to change the base?

Bump the rust-dependencies group across 1 directory with 7 updates #5837

Uh oh!

Conversation

dependabot bot commented on behalf of github Jul 11, 2025

Changelog

[0.4.0] - 2024-04-01

Added

Changed

Fixed

[0.9.1] - 2025-04-17

Security and unsafe

Fixes

Changes

Additions

[0.9.0] - 2025-01-27

Security and unsafe

Dependencies

Features

API changes: rand_core traits

API changes: Rng trait and top-level fns

v/0.26.0

Additions

Fixes

What's Changed

tower-http-0.6.6

Fixed

New Contributors

tower-http-0.6.5

Added

Fixed

New Contributors

tower-http 0.6.4

Added

Fixed

lambda-runtime-0.14.2

What's Changed

New Contributors

lambda-runtime-0.14.0

What's Changed

New Contributors

Uh oh!

Uh oh!