Skip to content

chore(deps): bump the all-deps group across 1 directory with 12 updates #2049

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the all-deps group across 1 directory with 12 updates #2049

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 29, 2025
edited
Loading

Bumps the all-deps group with 8 updates in the / directory:

Package From To
digest 0.11.0-rc.2 0.11.0-rc.3
elliptic-curve 0.14.0-rc.14 0.14.0-rc.15
zeroize 1.8.1 1.8.2
backtrace 0.3.75 0.3.76
hashbrown 0.15.5 0.16.0
libc 0.2.175 0.2.176
memchr 2.7.5 2.7.6
regex-automata 0.4.10 0.4.11

Updates digest from 0.11.0-rc.2 to 0.11.0-rc.3

Commits

Updates elliptic-curve from 0.14.0-rc.14 to 0.14.0-rc.15

Commits

Updates zeroize from 1.8.1 to 1.8.2

Commits

Updates hybrid-array from 0.4.2 to 0.4.5

Changelog

Sourced from hybrid-array's changelog.

0.4.5 (2025-09-29)

Added

  • Impl arbitrary::Arbitrary for Array (#153)

Changed

  • Switch from doc_auto_cfg to doc_cfg (#154)

#153: RustCrypto/hybrid-array#153 #154: RustCrypto/hybrid-array#154

0.4.4 (2025-09-24)

Added

  • Enable the subtle/const-generics feature (#149)

#149: RustCrypto/hybrid-array#149

0.4.3 (2025-09-23)

Added

  • Array::as_(mut_)ptr (#147)

Changed

  • Remove bounds on Array::slice_as_flattened(_mut); make const fn (#144)
  • Make Array::as_(mut_)slice a const fn (#147)
  • Make Array::<Array<T, U>::as_flattened(_mut) a const fn (#147)

#144: RustCrypto/hybrid-array#144 #147: RustCrypto/hybrid-array#147

Commits

Updates backtrace from 0.3.75 to 0.3.76

Release notes

Sourced from backtrace's releases.

backtrace-v0.3.76

Behavior

  • Fix inverted polarity of "full printing" logic in rust-lang/backtrace-rs#726: Previously we used to do the opposite of what you would expect.

Platform Support

Dependencies

Changelog

Sourced from backtrace's changelog.

0.3.76 - 2025-09-26

Behavior

  • Fix inverted polarity of "full printing" logic in rust-lang/backtrace-rs#726: Previously we used to do the opposite of what you would expect.

Platform Support

Dependencies

Commits
  • 775f6a1 modify CHANGELOG.md to not be a git log dump
  • bb0cdc3 chore: release v0.3.76
  • a8b55f0 Merge of rust-lang/backtrace-rs#725: Fix missing alignment check for ELF note...
  • 0b83800 Expand take_nhdr doc-comment
  • a405950 Merge pull request #737 from workingjubilee/address-dbghelp-soundness-risks
  • 06dca9a Expand doc-comment on do_resolve
  • 05ad047 Remove padding bytes risk in dbghelp with MaybeUninit
  • dccdb4d Upgrade cpp_demanglerust-lang/backtrace-rs#732
  • 50fe434rust-lang/backtrace-rs#734
  • 79d3514 Switch from windows-targets to windows-linkrust-lang/backtrace-rs#727
  • Additional commits viewable in compare view

Updates crypto-bigint from 0.7.0-rc.6 to 0.7.0-rc.8

Commits

Updates gimli from 0.31.1 to 0.32.3

Changelog

Sourced from gimli's changelog.

0.32.3

Released 2025/09/13.

Changed

  • Changed parsing to accept -2 for tombstone values in .debug_line, .debug_aranges, .debug_loclists, and .debug_rnglists. #791

Added

  • Added more x86-64 register definitions. #794

0.32.2

Released 2025/08/26.

Changed

  • Removed PartialEq<Debug*Offset> implementations for UnitSectionOffset. These were an unintended breaking change. #789

0.32.1

Released 2025/08/22.

Changed

  • Improved handling of invalid DIE references during writing. #777 #779

  • Changed abbreviation parsing to allow a missing null terminator. #781

  • Changed write::LineProgram to support any form for file source code. #784 #786

Added

  • Added DWARF version 1.1 constant definitions. #775

... (truncated)

Commits

Updates hashbrown from 0.15.5 to 0.16.0

Release notes

Sourced from hashbrown's releases.

v0.16.0

Changed

  • Bump foldhash, the default hasher, to 0.2.0.
  • Replaced DefaultHashBuilder with a newtype wrapper around foldhash instead of re-exporting it directly.
Changelog

Sourced from hashbrown's changelog.

0.16.0 - 2025-08-28

Changed

  • Bump foldhash, the default hasher, to 0.2.0.
  • Replaced DefaultHashBuilder with a newtype wrapper around foldhash instead of re-exporting it directly.
Commits
  • 8d4def0 Merge pull request #643 from cuviper/newtype-hasher
  • e0f404c use feature(hasher_prefixfree_extras)
  • 95ffed3 Change DefaultHashBuilder to an opaque newtype
  • bf35a11 Merge pull request #641 from hoxxep/foldhash-0.2
  • e2a634b Merge pull request #642 from heiher/loong-simd-types
  • 88794e7 loongarch64: Use unified data types for SIMD intrinsics
  • b22dd85 perf: Bump foldhash to 0.2.0
  • fe72a08 Merge pull request #639 from gaujay/unbloat-get_inner-perf
  • 71f8f37 Merge pull request #637 from gaujay/add-benchmarks
  • f1c039c Un-bloat get_inner functions to restore lookup performance
  • Additional commits viewable in compare view

Updates libc from 0.2.175 to 0.2.176

Release notes

Sourced from libc's releases.

0.2.176

Support

  • The default FreeBSD version has been raised from 11 to 12. This matches rustc since 1.78. (#2406)
  • Debug is now always implemented, rather than being gated behind the extra_traits feature. (#4624)

Added

  • AIX: Restore some non-POSIX functions guarded by the _KERNEL macro. (#4607)
  • FreeBSD 14: Add st_fileref to struct stat (#4642)
  • Haiku: Add the accept4 POSIX call (#4586)
  • Introduce a wrapper for representing padding (#4632)
  • Linux: Add EM_RISCV (#4659)
  • Linux: Add MS_NOSYMFOLLOW (#4389)
  • Linux: Add backtrace_symbols(_fd) (#4668)
  • Linux: Add missing SOL_PACKET optnames (#4669)
  • Musl s390x: Add SYS_mseal (#4549)
  • NuttX: Add __errno (#4687)
  • Redox: Add dirfd, VDISABLE, and resource consts (#4660)
  • Redox: Add more resource.h, fcntl.h constants (#4666)
  • Redox: Enable strftime and mkostemp[s] (#4629)
  • Unix, Windows: Add qsort_r (Unix), and qsort(_s) (Windows) (#4677)
  • Unix: Add dlvsym for Linux-gnu, FreeBSD, and NetBSD (#4671)
  • Unix: Add sigqueue (#4620)

Changed

  • FreeBSD 15: Mark kinfo_proc as non-exhaustive (#4553)
  • FreeBSD: Set the ELF symbol version for readdir_r (#4694)
  • Linux: Correct the config for whether or not epoll_event is packed (#4639)
  • Tests: Replace the old ctest with the much more reliable new implementation (#4655 and many related PRs)

Fixed

  • AIX: Fix the type of the 4th arguement of getgrnam_r ([#4656](rust-lang/libc#4656
  • FreeBSD: Limit P_IDLEPROC to FreeBSD 15 (#4640)
  • FreeBSD: Limit mcontext_t::mc_tlsbase to FreeBSD 15 (#4640)
  • FreeBSD: Update gating of mcontext_t.mc_tlsbase (#4703)
  • Musl s390x: Correct the definition of statfs[64] (#4549)
  • Musl s390x: Make fpreg_t a union (#4549)
  • Redox: Fix the types of gid_t and uid_t (#4689)
  • Redox: Fix the value of MAP_FIXED (#4684)

Deprecated

  • Apple: Correct the deprecated attribute for iconv (a97a0b53)
  • FreeBSD: Deprecate TIOCMGDTRWAIT and TIOCMSDTRWAIT (#4685)

Removed

... (truncated)

Changelog

Sourced from libc's changelog.

0.2.176 - 2025-09-23

Support

  • The default FreeBSD version has been raised from 11 to 12. This matches rustc since 1.78. (#2406)
  • Debug is now always implemented, rather than being gated behind the extra_traits feature. (#4624)

Added

  • AIX: Restore some non-POSIX functions guarded by the _KERNEL macro. (#4607)
  • FreeBSD 14: Add st_fileref to struct stat (#4642)
  • Haiku: Add the accept4 POSIX call (#4586)
  • Introduce a wrapper for representing padding (#4632)
  • Linux: Add EM_RISCV (#4659)
  • Linux: Add MS_NOSYMFOLLOW (#4389)
  • Linux: Add backtrace_symbols(_fd) (#4668)
  • Linux: Add missing SOL_PACKET optnames (#4669)
  • Musl s390x: Add SYS_mseal (#4549)
  • NuttX: Add __errno (#4687)
  • Redox: Add dirfd, VDISABLE, and resource consts (#4660)
  • Redox: Add more resource.h, fcntl.h constants (#4666)
  • Redox: Enable strftime and mkostemp[s] (#4629)
  • Unix, Windows: Add qsort_r (Unix), and qsort(_s) (Windows) (#4677)
  • Unix: Add dlvsym for Linux-gnu, FreeBSD, and NetBSD (#4671)
  • Unix: Add sigqueue (#4620)

Changed

  • FreeBSD 15: Mark kinfo_proc as non-exhaustive (#4553)
  • FreeBSD: Set the ELF symbol version for readdir_r (#4694)
  • Linux: Correct the config for whether or not epoll_event is packed (#4639)
  • Tests: Replace the old ctest with the much more reliable new implementation (#4655 and many related PRs)

Fixed

  • AIX: Fix the type of the 4th arguement of getgrnam_r ([#4656](rust-lang/libc#4656
  • FreeBSD: Limit P_IDLEPROC to FreeBSD 15 (#4640)
  • FreeBSD: Limit mcontext_t::mc_tlsbase to FreeBSD 15 (#4640)
  • FreeBSD: Update gating of mcontext_t.mc_tlsbase (#4703)
  • Musl s390x: Correct the definition of statfs[64] (#4549)
  • Musl s390x: Make fpreg_t a union (#4549)
  • Redox: Fix the types of gid_t and uid_t (#4689)
  • Redox: Fix the value of MAP_FIXED (#4684)

Deprecated

  • Apple: Correct the deprecated attribute for iconv (a97a0b53)
  • FreeBSD: Deprecate TIOCMGDTRWAIT and TIOCMSDTRWAIT (#4685)

Removed

... (truncated)

Commits
  • 15e1389 chore: Release libc 0.2.176
  • 6ca5571 Warn on missing debug implementations
  • e653c54 cleanup: Remove the const_fn! macro
  • e447441 cleanup: Simplify the syntax of f! and similar macros
  • 776a614 cleanup: Use target_vendor = "apple"
  • d32f60d doc: Remove an unneeded link to the old ctest repo
  • 8c8584b Resolve a ctest FIXME regarding use of size_of in array lengths
  • 09c8436 Remove the libc_ctest feature
  • fd3ffe4 Remove libc_const_extern_fn
  • 9b77a49 Add a note about why Padding requires T: Copy
  • Additional commits viewable in compare view

Updates memchr from 2.7.5 to 2.7.6

Commits

Updates object from 0.36.7 to 0.37.3

Changelog

Sourced from object's changelog.

0.37.3

Released 2025/08/13.

Changed

  • Fixed MSVC weak extern symbol support in write::Object by using IMAGE_WEAK_EXTERN_SEARCH_ALIAS. #803

Added

  • Added elf::SHT_GNU_SFRAME and elf::PT_GNU_SFRAME. #799

  • Added section_flags_mut and symbol_flags_mut to write::Object. #801

0.37.2

Released 2025/08/01.

Added

  • Added elf::EF_RISCV_RV64ILP32. #779

  • Added pe::IMAGE_FILE_MACHINE_POWERPCBE and associated read support. #783

  • Added PowerPC support to write::coff. #795

  • Added support for COFF auxiliary weak external symbols to write::Object and write::coff::Writer. #791

  • Added methods to write::Object to obtain default section and symbol flags. #789

  • Added compact relocation support to read::elf. #782 #784 #785 #788

  • Added Architecture::Alpha. #790

... (truncated)

Commits

Updates regex-automata from 0.4.10 to 0.4.11

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the all-deps group across 1 directory with 12 updates
aa38fd5 
Bumps the all-deps group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [digest](https://github.com/RustCrypto/traits) | `0.11.0-rc.2` | `0.11.0-rc.3` |
| [elliptic-curve](https://github.com/RustCrypto/traits) | `0.14.0-rc.14` | `0.14.0-rc.15` |
| [zeroize](https://github.com/RustCrypto/utils) | `1.8.1` | `1.8.2` |
| [backtrace](https://github.com/rust-lang/backtrace-rs) | `0.3.75` | `0.3.76` |
| [hashbrown](https://github.com/rust-lang/hashbrown) | `0.15.5` | `0.16.0` |
| [libc](https://github.com/rust-lang/libc) | `0.2.175` | `0.2.176` |
| [memchr](https://github.com/BurntSushi/memchr) | `2.7.5` | `2.7.6` |
| [regex-automata](https://github.com/rust-lang/regex) | `0.4.10` | `0.4.11` |



Updates `digest` from 0.11.0-rc.2 to 0.11.0-rc.3
- [Commits](RustCrypto/traits@digest-v0.11.0-rc.2...digest-v0.11.0-rc.3)

Updates `elliptic-curve` from 0.14.0-rc.14 to 0.14.0-rc.15
- [Commits](RustCrypto/traits@elliptic-curve-v0.14.0-rc.14...elliptic-curve-v0.14.0-rc.15)

Updates `zeroize` from 1.8.1 to 1.8.2
- [Commits](RustCrypto/utils@zeroize-v1.8.1...zeroize-v1.8.2)

Updates `hybrid-array` from 0.4.2 to 0.4.5
- [Changelog](https://github.com/RustCrypto/hybrid-array/blob/master/CHANGELOG.md)
- [Commits](RustCrypto/hybrid-array@v0.4.2...v0.4.5)

Updates `backtrace` from 0.3.75 to 0.3.76
- [Release notes](https://github.com/rust-lang/backtrace-rs/releases)
- [Changelog](https://github.com/rust-lang/backtrace-rs/blob/master/CHANGELOG.md)
- [Commits](rust-lang/backtrace-rs@0.3.75...backtrace-v0.3.76)

Updates `crypto-bigint` from 0.7.0-rc.6 to 0.7.0-rc.8
- [Changelog](https://github.com/RustCrypto/crypto-bigint/blob/master/CHANGELOG.md)
- [Commits](RustCrypto/crypto-bigint@v0.7.0-rc.6...v0.7.0-rc.8)

Updates `gimli` from 0.31.1 to 0.32.3
- [Changelog](https://github.com/gimli-rs/gimli/blob/master/CHANGELOG.md)
- [Commits](gimli-rs/gimli@0.31.1...0.32.3)

Updates `hashbrown` from 0.15.5 to 0.16.0
- [Release notes](https://github.com/rust-lang/hashbrown/releases)
- [Changelog](https://github.com/rust-lang/hashbrown/blob/master/CHANGELOG.md)
- [Commits](rust-lang/hashbrown@v0.15.5...v0.16.0)

Updates `libc` from 0.2.175 to 0.2.176
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/0.2.176/CHANGELOG.md)
- [Commits](rust-lang/libc@0.2.175...0.2.176)

Updates `memchr` from 2.7.5 to 2.7.6
- [Commits](BurntSushi/memchr@2.7.5...2.7.6)

Updates `object` from 0.36.7 to 0.37.3
- [Changelog](https://github.com/gimli-rs/object/blob/master/CHANGELOG.md)
- [Commits](gimli-rs/object@0.36.7...0.37.3)

Updates `regex-automata` from 0.4.10 to 0.4.11
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/commits)

---
updated-dependencies:
- dependency-name: digest
  dependency-version: 0.11.0-rc.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: elliptic-curve
  dependency-version: 0.14.0-rc.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: zeroize
  dependency-version: 1.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: hybrid-array
  dependency-version: 0.4.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: backtrace
  dependency-version: 0.3.76
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: crypto-bigint
  dependency-version: 0.7.0-rc.8
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: gimli
  dependency-version: 0.32.3
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: hashbrown
  dependency-version: 0.16.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: libc
  dependency-version: 0.2.176
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: memchr
  dependency-version: 2.7.6
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: object
  dependency-version: 0.37.3
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: regex-automata
  dependency-version: 0.4.11
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: all-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Sep 29, 2025
@baloo
Copy link
Member

baloo commented Sep 30, 2025
edited
Loading

I'm not sure I understand where the build error comes from. I have trouble reproducing it in an isolated fashion.

Edit: this occurs when crypto-bigint gets the hybrid-array feature enabled, and that breaks RSA.

@tarcieri
Copy link
Member

@baloo it's the subtle feature of hybrid-array: RustCrypto/hybrid-array#126

Previously this code compiled due to deref coercion, which turns &Array<T... into &[T]. But with an explicit trait impl available, it's used instead, which leads to this type error.

The solution is to replace the implicit slice coercion with an explicit one. See: RustCrypto/traits#2025

@baloo baloo mentioned this pull request Sep 30, 2025
Merged
tarcieri pushed a commit to RustCrypto/RSA that referenced this pull request Sep 30, 2025
@baloo
fixup support for subtle feature in hybrid-array (#586)
6e3e33e 
When a downstream crate enables the `subtle` feature in `hybrid-array`,
the crate would fail to compile:
```
src/algorithms/pss.rs:375:31
    |
375 |     if (salt_valid & h0.ct_eq(h)).into() {
    |                         ----- ^ expected `&Array<u8, ...>`, found `&mut [u8]`
    |                         |
    |                         arguments to this method are incorrect
    |
    = note:      expected reference `&Array<u8, <D as OutputSizeUser>::OutputSize>`
            found mutable reference `&mut [u8]`
```

This is because the `hybrid_array::Array` was automatically deref'ed to
a slice. Now `Array` implements `subtle::ConstantTimeEq` that automatic
deref no longer happens.

This commit fixes that by converting one of the arguments of the
conversion that brings back the auto-deref.

Thanks to @tarcieri for the help debugging:
RustCrypto/formats#2049 (comment)
@baloo
Copy link
Member

baloo commented Sep 30, 2025

@dependabot recreate

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 30, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Sep 30, 2025
@dependabot dependabot bot deleted the dependabot/cargo/all-deps-4a6836eb0f branch September 30, 2025 07:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@baloo @tarcieri