build(deps): bump the extractor group across 1 directory with 11 updates by dependabot[bot] · Pull Request #49 · advanced-security/codeql-extractor-action

dependabot · 2026-02-16T04:35:15Z

Bumps the extractor group with 11 updates in the / directory:

Package	From	To
log	`0.4.28`	`0.4.29`
env_logger	`0.11.8`	`0.11.9`
tokio	`1.47.1`	`1.49.0`
anyhow	`1.0.99`	`1.0.101`
thiserror	`2.0.16`	`2.0.18`
ghactions	`0.16.5`	`0.18.4`
ghactions-core	`0.16.5`	`0.18.4`
ghastoolkit	`0.11.5`	`0.12.2`
octocrab	`0.44.1`	`0.48.1`
openssl	`0.10.73`	`0.10.75`
serde_json	`1.0.143`	`1.0.149`

Updates log from 0.4.28 to 0.4.29

Release notes

Sourced from log's releases.

0.4.29

MSRV

This release increases log's MSRV from 1.61.0 to 1.68.0.

What's Changed

docs: Add missing impls from README.md by @AldaronLau in rust-lang/log#703

Point to new URLs for favicon and logo by @AldaronLau in rust-lang/log#704

perf: reduce llvm-lines of FromStr for Level and LevelFilter by @dishmaker in rust-lang/log#709

Replace serde with serde_core by @Thomasdezeeuw in rust-lang/log#712

Fix clippy lints by @Thomasdezeeuw in rust-lang/log#713

Use GitHub Actions to install Rust and cargo-hack by @Thomasdezeeuw in rust-lang/log#715

Exclude old unstable_kv features from testing matrix by @Thomasdezeeuw in rust-lang/log#716

Fix up CI by @KodrAus in rust-lang/log#718

Prepare for 0.4.29 release by @KodrAus in rust-lang/log#719

New Contributors

@AldaronLau made their first contribution in rust-lang/log#703

@dishmaker made their first contribution in rust-lang/log#709

Full Changelog: rust-lang/log@0.4.28...0.4.29

Changelog

Sourced from log's changelog.

[0.4.29] - 2025-12-02

What's Changed

perf: reduce llvm-lines of FromStr for Level and LevelFilter by @dishmaker in rust-lang/log#709

Replace serde with serde_core by @Thomasdezeeuw in rust-lang/log#712

New Contributors

@AldaronLau made their first contribution in rust-lang/log#703

@dishmaker made their first contribution in rust-lang/log#709

Full Changelog: rust-lang/log@0.4.28...0.4.29

Commits

b1e2df7 Merge pull request #719 from rust-lang/cargo/0.4.29
3fe1a54 prepare for 0.4.29 release
7a432d9 Merge pull request #718 from rust-lang/ci/msrv
0689d56 rebump msrv to 1.68.0
46b448e try drop msrv back to 1.61.0
929ab38 fix up doc test feature gate
957cece bump serde-dependent crates
bea40c8 bump msrv to 1.68.0
c540184 Merge pull request #716 from rust-lang/ci-smaller-matrix2
c971e63 Merge branch 'master' into ci-smaller-matrix2
Additional commits viewable in compare view

Updates env_logger from 0.11.8 to 0.11.9

Release notes

Sourced from env_logger's releases.

v0.11.9

[0.11.9] - 2026-02-11

Changelog

Sourced from env_logger's changelog.

[0.11.9] - 2026-02-11

Commits

2f06b4c chore: Release
57e13ac chore: Release
4f9066d Merge pull request #393 from rust-cli/renovate/crate-ci-typos-1.x
3e4709a chore(deps): Update Rust crate snapbox to v0.6.24 (#394)
80ff83a chore(deps): Update pre-commit hook crate-ci/typos to v1.42.3
76891b9 Merge pull request #392 from epage/template
14cda4a chore: Update from _rust template
e4f2b35 chore(ci): Update action
6d0d36b chore(ci): Clean up previous branch in case it was leaked
30b3b14 chore(ci): Fix how rustfmt jobs run
Additional commits viewable in compare view

Updates tokio from 1.47.1 to 1.49.0

Release notes

Sourced from tokio's releases.

Tokio v1.49.0

1.49.0 (January 3rd, 2026)

Added

net: add support for TCLASS option on IPv6 (#7781)

runtime: stabilize runtime::id::Id (#7125)

task: implement Extend for JoinSet (#7195)

task: stabilize the LocalSet::id() (#7776)

Changed

net: deprecate {TcpStream,TcpSocket}::set_linger (#7752)

Fixed

macros: fix the hygiene issue of join! and try_join! (#7766)

runtime: revert "replace manual vtable definitions with Wake" (#7699)

sync: return TryRecvError::Disconnected from Receiver::try_recv after Receiver::close (#7686)

task: remove unnecessary trait bounds on the Debug implementation (#7720)

Unstable

fs: handle EINTR in fs::write for io-uring (#7786)

fs: support io-uring with tokio::fs::read (#7696)

runtime: disable io-uring on EPERM (#7724)

time: add alternative timer for better multicore scalability (#7467)

Documented

docs: fix a typos in bounded.rs and park.rs (#7817)

io: add SyncIoBridge cross-references to copy and copy_buf (#7798)

io: doc that AsyncWrite does not inherit from std::io::Write (#7705)

metrics: clarify that num_alive_tasks is not strongly consistent (#7614)

net: clarify the cancellation safety of the TcpStream::peek (#7305)

net: clarify the drop behavior of unix::OwnedWriteHalf (#7742)

net: clarify the platform-dependent backlog in TcpSocket docs (#7738)

runtime: mention LocalRuntime in new_current_thread docs (#7820)

sync: add missing period to mpsc::Sender::try_send docs (#7721)

sync: clarify the cancellation safety of oneshot::Receiver (#7780)

sync: improve the docs for the errors of mpsc (#7722)

task: add example for spawn_local usage on local runtime (#7689)

#7125: tokio-rs/tokio#7125 #7195: tokio-rs/tokio#7195 #7305: tokio-rs/tokio#7305 #7467: tokio-rs/tokio#7467 #7614: tokio-rs/tokio#7614 #7686: tokio-rs/tokio#7686 #7689: tokio-rs/tokio#7689

... (truncated)

Commits

e3b89bb chore: prepare Tokio v1.49.0 (#7824)
4f577b8 Merge 'tokio-1.47.3' into 'master'
f320197 chore: prepare Tokio v1.47.3 (#7823)
ea6b144 ci: freeze rustc on nightly-2025-01-25 in netlify.toml (#7652)
264e703 Merge tokio-1.43.4 into tokio-1.47.x (#7822)
dfb0f00 chore: prepare Tokio v1.43.4 (#7821)
4a91f19 ci: fix wasm32-wasip1 tests (#7788)
601c383 ci: upgrade FreeBSD from 14.2 to 14.3 (#7758)
484cb52 sync: return TryRecvError::Disconnected from Receiver::try_recv after `Re...
16f20c3 rt: mention LocalRuntime in new_current_thread docs (#7820)
Additional commits viewable in compare view

Updates anyhow from 1.0.99 to 1.0.101

Release notes

Sourced from anyhow's releases.

1.0.101

Add #[inline] to anyhow::Ok helper (#437, thanks @Ibitier)

1.0.100

Teach clippy to lint formatting arguments in bail!, ensure!, anyhow! (#426)

Commits

80bfe29 Release 1.0.101
dff8c43 Merge pull request #437 from Ibitier/inline-ok-helper
85d9ea9 Add #[inline] to anyhow::Ok helper
54036cc Update ui test suite to nightly-2026-01-21
cce0579 Update actions/upload-artifact@v5 -> v6
f2c598c Update actions/upload-artifact@v4 -> v5
2c0bda4 Update to 2021 edition
0d82268 Remove rustc version requirement from readme
67df012 Merge pull request #436 from dtolnay/up
c898488 Raise required compiler to Rust 1.68
Additional commits viewable in compare view

Updates thiserror from 2.0.16 to 2.0.18

Release notes

Sourced from thiserror's releases.

2.0.18

Make compatible with project-level needless_lifetimes = "forbid" (#443, thanks @LucaCappelletti94)

2.0.17

Use differently named __private module per patch release (#434)

Commits

dc0f6a2 Release 2.0.18
0275292 Touch up PR 443
3c33bc6 Merge pull request #443 from LucaCappelletti94/master
995939c Reproduce issue 442
21653d1 Made clippy lifetime allows conditional
45e5388 Update actions/upload-artifact@v5 -> v6
386aac1 Update actions/upload-artifact@v4 -> v5
ec50561 Update actions/checkout@v5 -> v6
247eab5 Update name of empty_enum clippy lint
91b181f Raise required compiler to Rust 1.68
Additional commits viewable in compare view

Updates ghactions from 0.16.5 to 0.18.4

Release notes

Sourced from ghactions's releases.

v0.18.4

What's Changed

build(deps): bump the production-dependencies group across 1 directory with 3 updates by @dependabot[bot] in 42ByteLabs/ghactions#240

build(deps): bump the production-dependencies group with 4 updates by @dependabot[bot] in 42ByteLabs/ghactions#241

build(deps): bump actions/checkout from 5 to 6 in the production-dependencies group by @dependabot[bot] in 42ByteLabs/ghactions#242

feat(version): v0.18.4 by @GeekMasher in 42ByteLabs/ghactions#243

Full Changelog: 42ByteLabs/ghactions@0.18.3...0.18.4

v0.18.3

What's Changed

build(deps): bump the production-dependencies group with 3 updates by @dependabot[bot] in 42ByteLabs/ghactions#235

build(deps): bump the production-dependencies group with 3 updates by @dependabot[bot] in 42ByteLabs/ghactions#236

build(deps): bump the production-dependencies group with 3 updates by @dependabot[bot] in 42ByteLabs/ghactions#237

feat(version): v0.18.3 by @GeekMasher in 42ByteLabs/ghactions#238

Full Changelog: 42ByteLabs/ghactions@0.18.2...0.18.3

v0.18.2

What's Changed

build(deps): bump the production-dependencies group across 1 directory with 7 updates by @dependabot[bot] in 42ByteLabs/ghactions#232

build(deps): bump flate2 from 1.1.2 to 1.1.4 in the production-dependencies group by @dependabot[bot] in 42ByteLabs/ghactions#233

v0.18.2 by @GeekMasher in 42ByteLabs/ghactions#234

Full Changelog: 42ByteLabs/ghactions@0.18.1...0.18.2

v0.18.1

What's Changed

build(deps): bump the production-dependencies group with 3 updates by @dependabot[bot] in 42ByteLabs/ghactions#229

feat(version): v0.18.1 by @GeekMasher in 42ByteLabs/ghactions#230

Full Changelog: 42ByteLabs/ghactions@0.18.0...0.18.1

v0.18.0

What's Changed

feat(toolcache): Add initial toolcache project by @GeekMasher in 42ByteLabs/ghactions#225

feat(toolcache): Move ToolCache to new crate by @GeekMasher in 42ByteLabs/ghactions#226

fix(toolcache): Update and fix tokio process issue + clippy warning by @GeekMasher in 42ByteLabs/ghactions#227

feat(version): v0.18.0 by @GeekMasher in 42ByteLabs/ghactions#228

Full Changelog: 42ByteLabs/ghactions@0.17.0...0.18.0

v0.17.0

What's Changed

Also accept image references within the image attribute by @mbodmer in 42ByteLabs/ghactions#216

... (truncated)

Commits

23bdd42 Merge pull request #243 from 42ByteLabs/v0_18_4
ab76f5f feat(version): v0.18.4
90cc06b Merge pull request #242 from 42ByteLabs/dependabot/github_actions/production-...
58d57a7 Merge branch 'main' into dependabot/github_actions/production-dependencies-76...
f15a9d3 Merge pull request #241 from 42ByteLabs/dependabot/cargo/production-dependenc...
c776b78 build(deps): bump actions/checkout in the production-dependencies group
696a86a build(deps): bump the production-dependencies group with 4 updates
fd317ba Merge pull request #240 from 42ByteLabs/dependabot/cargo/production-dependenc...
e8ee979 build(deps): bump the production-dependencies group across 1 directory with 3...
e944b17 Merge pull request #238 from 42ByteLabs/v0_18_3
Additional commits viewable in compare view

Updates ghactions-core from 0.16.5 to 0.18.4

Release notes

Sourced from ghactions-core's releases.

v0.18.4

What's Changed

build(deps): bump the production-dependencies group across 1 directory with 3 updates by @dependabot[bot] in 42ByteLabs/ghactions#240

build(deps): bump the production-dependencies group with 4 updates by @dependabot[bot] in 42ByteLabs/ghactions#241

build(deps): bump actions/checkout from 5 to 6 in the production-dependencies group by @dependabot[bot] in 42ByteLabs/ghactions#242

feat(version): v0.18.4 by @GeekMasher in 42ByteLabs/ghactions#243

Full Changelog: 42ByteLabs/ghactions@0.18.3...0.18.4

v0.18.3

What's Changed

build(deps): bump the production-dependencies group with 3 updates by @dependabot[bot] in 42ByteLabs/ghactions#235

build(deps): bump the production-dependencies group with 3 updates by @dependabot[bot] in 42ByteLabs/ghactions#236

build(deps): bump the production-dependencies group with 3 updates by @dependabot[bot] in 42ByteLabs/ghactions#237

feat(version): v0.18.3 by @GeekMasher in 42ByteLabs/ghactions#238

Full Changelog: 42ByteLabs/ghactions@0.18.2...0.18.3

v0.18.2

What's Changed

build(deps): bump the production-dependencies group across 1 directory with 7 updates by @dependabot[bot] in 42ByteLabs/ghactions#232

build(deps): bump flate2 from 1.1.2 to 1.1.4 in the production-dependencies group by @dependabot[bot] in 42ByteLabs/ghactions#233

v0.18.2 by @GeekMasher in 42ByteLabs/ghactions#234

Full Changelog: 42ByteLabs/ghactions@0.18.1...0.18.2

v0.18.1

What's Changed

build(deps): bump the production-dependencies group with 3 updates by @dependabot[bot] in 42ByteLabs/ghactions#229

feat(version): v0.18.1 by @GeekMasher in 42ByteLabs/ghactions#230

Full Changelog: 42ByteLabs/ghactions@0.18.0...0.18.1

v0.18.0

What's Changed

feat(toolcache): Add initial toolcache project by @GeekMasher in 42ByteLabs/ghactions#225

feat(toolcache): Move ToolCache to new crate by @GeekMasher in 42ByteLabs/ghactions#226

fix(toolcache): Update and fix tokio process issue + clippy warning by @GeekMasher in 42ByteLabs/ghactions#227

feat(version): v0.18.0 by @GeekMasher in 42ByteLabs/ghactions#228

Full Changelog: 42ByteLabs/ghactions@0.17.0...0.18.0

v0.17.0

What's Changed

Also accept image references within the image attribute by @mbodmer in 42ByteLabs/ghactions#216

... (truncated)

Commits

23bdd42 Merge pull request #243 from 42ByteLabs/v0_18_4
ab76f5f feat(version): v0.18.4
90cc06b Merge pull request #242 from 42ByteLabs/dependabot/github_actions/production-...
58d57a7 Merge branch 'main' into dependabot/github_actions/production-dependencies-76...
f15a9d3 Merge pull request #241 from 42ByteLabs/dependabot/cargo/production-dependenc...
c776b78 build(deps): bump actions/checkout in the production-dependencies group
696a86a build(deps): bump the production-dependencies group with 4 updates
fd317ba Merge pull request #240 from 42ByteLabs/dependabot/cargo/production-dependenc...
e8ee979 build(deps): bump the production-dependencies group across 1 directory with 3...
e944b17 Merge pull request #238 from 42ByteLabs/v0_18_3
Additional commits viewable in compare view

Updates ghastoolkit from 0.11.5 to 0.12.2

Release notes

Sourced from ghastoolkit's releases.

v0.12.2

What's Changed

build(deps): bump the production-dependencies group with 2 updates by @dependabot[bot] in GeekMasher/ghastoolkit-rs#95

feat(version): v0.12.2 by @GeekMasher in GeekMasher/ghastoolkit-rs#96

Full Changelog: GeekMasher/ghastoolkit-rs@0.12.1...0.12.2

v0.12.1

What's Changed

build(deps): update octocrab requirement from ^0.45 to ^0.46 in the production-dependencies group by @dependabot[bot] in GeekMasher/ghastoolkit-rs#93

feat(version): v0.12.1 by @GeekMasher in GeekMasher/ghastoolkit-rs#94

Full Changelog: GeekMasher/ghastoolkit-rs@0.12.0...0.12.1

v0.12.0

What's Changed

build(deps): bump the production-dependencies group with 2 updates by @dependabot[bot] in GeekMasher/ghastoolkit-rs#91

fix(version): v0.12.0 by @GeekMasher in GeekMasher/ghastoolkit-rs#92

Full Changelog: GeekMasher/ghastoolkit-rs@0.11.5...0.12.0

Commits

0348552 Merge pull request #96 from GeekMasher/v0_12_2
b24f08e feat(version): v0.12.2
f132ce5 Merge pull request #95 from GeekMasher/dependabot/cargo/production-dependenci...
211a717 build(deps): bump the production-dependencies group with 2 updates
ec3c1bd Merge pull request #94 from GeekMasher/v0_12_1
5a00a1a feat(version): v0.12.1
9f070ba Merge pull request #93 from GeekMasher/dependabot/cargo/production-dependenci...
d202f54 build(deps): update octocrab requirement
f990266 Merge pull request #92 from GeekMasher/v0_12_0
8939283 fix(cargo): Update CLI dep
Additional commits viewable in compare view

Updates octocrab from 0.44.1 to 0.48.1

Release notes

Sourced from octocrab's releases.

v0.48.1

Fixed

(build) don't fetch dependencies (#828)

v0.48.0

Added

fetch contributor repository permission (#825)

[breaking] Use Option<AuthorAssociation> over String in Issue struct (#822)

Other

add missing issue event types (#821)

Remove fields deleted in October 2025 API changes (#826)

Bump jsonwebtoken to v10 (#814)

Feature/set http headers #808 (#819)

v0.47.1

Added

add missing list workflows filters (#820)

Other

Modify _put method documentation (#818)

Feature/interactions 537 (#817)

Added Feature/classrooms #524 (#815)

v0.47.0

Added

add immutable Release field (#806)

Other

added creating a review (POST "/repos/{owner}/{repo}/pulls/{pull_number}/reviews") (#805)

v0.46.0

Fixed

[breaking] make CommitAuthor email nullable (#799)

Other

Expose digest field in Asset model (#804)

cargo clippy (#803)

fix doc url for ProjectHandler (#802)

v0.45.0

... (truncated)

Changelog

Sourced from octocrab's changelog.

0.48.1 - 2025-12-02

Fixed

(build) don't fetch dependencies (#828)

0.48.0 - 2025-11-18

Added

fetch contributor repository permission (#825)

[breaking] Use Option<AuthorAssociation> over String in Issue struct (#822)

Other

add missing issue event types (#821)

Remove fields deleted in October 2025 API changes (#826)

Bump jsonwebtoken to v10 (#814)

Feature/set http headers #808 (#819)

0.47.1 - 2025-11-03

Added

add missing list workflows filters (#820)

Other

Modify _put method documentation (#818)

Feature/interactions 537 (#817)

Added Feature/classrooms #524 (#815)

0.47.0 - 2025-10-06

Added

add immutable Release field (#806)

Other

added creating a review (POST "/repos/{owner}/{repo}/pulls/{pull_number}/reviews") (#805)

0.46.0 - 2025-09-28

Fixed

[breaking] make CommitAuthor email nullable (#799)

Other

... (truncated)

Commits

d381cc0 chore: release v0.48.1 (#830)
41162f3 fix(build): don't fetch dependencies (#828)
9fc79f7 chore: release v0.48.0 (#823)
819a1f1 models: add missing issue event types (#821)
730b70f Remove fields deleted in October 2025 API changes (#826)
8cecdae Bump jsonwebtoken to v10 (#814)
8be15f4 feat: fetch contributor repository permission (#825)
610775a Feature/set http headers #808 (#819)
edc6cde feat!: Use Option\<AuthorAssociation> over String in Issue struct (#822)
6e4ae26 chore: release v0.47.1 (#816)
Additional commits viewable in compare view

Updates openssl from 0.10.73 to 0.10.75

Release notes

Sourced from openssl's releases.

openssl-v0.10.75

What's Changed

Fix a few typos (most of them found with codespell) by @botovq in rust-openssl/rust-openssl#2502

Use SHA256 test variant instead of SHA1 by @abbra in rust-openssl/rust-openssl#2504

pin home to an older version on MSRV CI by @alex in rust-openssl/rust-openssl#2509

Implement set_rsa_oaep_label for AWS-LC/BoringSSL by @goffrie in rust-openssl/rust-openssl#2508

sys/evp: add EVP_MAC symbols by @huwcbjones in rust-openssl/rust-openssl#2510

CI: bump LibreSSL 4.x branches to latest releases by @botovq in rust-openssl/rust-openssl#2513

Fix unsound OCSP find_status handling of optional next_update field by @alex in rust-openssl/rust-openssl#2517

Release openssl v0.10.75 and openssl-sys v0.9.111 by @alex in rust-openssl/rust-openssl#2518

New Contributors

@abbra made their first contribution in rust-openssl/rust-openssl#2504

@goffrie made their first contribution in rust-openssl/rust-openssl#2508

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.74...openssl-v0.10.75

openssl-v0.10.74

What's Changed

[AIX] use /usr to find_openssl_dir by @daltenty in rust-openssl/rust-openssl#2401

Improve support for OPENSSL_NO_COMP and OPENSSL_NO_SRTP by @justsmth in rust-openssl/rust-openssl#2423

Add aws-lc-fips feature to allow linking the aws-lc-fips-sys crate by @skmcgrail in rust-openssl/rust-openssl#2424

variety of fixes for warnings in new rust by @alex in rust-openssl/rust-openssl#2427

Some API adjustments for LibreSSL 4.2.0 by @botovq in rust-openssl/rust-openssl#2426

Update OpenSSL documentation URLs to new docs.openssl.org domain by @alex in rust-openssl/rust-openssl#2430

pkey_ctx: add ability to generate DSA params & keys by @huwcbjones in rust-openssl/rust-openssl#2432

Run tests on windows-11-arm by @saschanaz in rust-openssl/rust-openssl#2407

pkey_ctx: add ability to generate EC params & keys by @huwcbjones in rust-openssl/rust-openssl#2434

pkey_ctx: add ability to generate DH params & keys by @huwcbjones in rust-openssl/rust-openssl#2433

pkey_ctx: add ability to generate RSA keys by @huwcbjones in rust-openssl/rust-openssl#2431

expose more verifier flags/errors for libressl by @botovq in rust-openssl/rust-openssl#2441

sys/evp: set/get params bindings by @huwcbjones in rust-openssl/rust-openssl#2436

Add support for argon2d and argon2i variants by @greateggsgreg in rust-openssl/rust-openssl#2416

Bump actions/checkout from 4 to 5 by @dependabot[bot] in rust-openssl/rust-openssl#2443

Update bindgen; Update MSRV to 1.70 by @justsmth in rust-openssl/rust-openssl#2438

macros: fully qualify imports by @huwcbjones in rust-openssl/rust-openssl#2445

Disable AES-CFB128 ciphers for BoringSSL by @alebastr in rust-openssl/rust-openssl#2447

Fix missing "__off_t" on NetBSD 10 by @alebastr in rust-openssl/rust-openssl#2448

ML-KEM/ML-DSA part 1: openssl-sys changes by @swenson in rust-openssl/rust-openssl#2450

sys: add symbols to construct an EVP_PKEY from a param builder by @huwcbjones in rust-openssl/rust-openssl#2453

ec-point: add set_affine_coordinates by @huwcbjones in rust-openssl/rust-openssl#2455

openssl-sys: add more functions to replace non-deprecated ones by @huwcbjones in rust-openssl/rust-openssl#2457

ML-KEM/ML-DSA part 2: param builder by @swenson in rust-openssl/rust-openssl#2451

ML-KEM/ML-DSA part 3: param array locate octet string by @swenson in rust-openssl/rust-openssl#2458

sys: add encoder & decoder symbols by @huwcbjones in rust-openssl/rust-openssl#2454

Add bindings for SSL_CIPHER_get_protocol_id by @jedenastka in rust-openssl/rust-openssl#2462

sys/evp: add EVP_PKEY_eq and EVP_PKEY_parameters_eq by @huwcbjones in rust-openssl/rust-openssl#2463

openssl-sys: make it work without deprecated symbols by @huwcbjones in rust-openssl/rust-openssl#2452

drop old libressl versions by @botovq in rust-openssl/rust-openssl#2473

Remove support for LibreSSL < 2.8 by @botovq in rust-openssl/rust-openssl#2475

... (truncated)

Commits

09b90d0 Merge pull request #2518 from alex/bump-for-release
26533f3 Release openssl v0.10.75 and openssl-sys v0.9.111
395ecca Merge pull request #2517 from alex/claude/fix-ocsp-find-status-011CUqcGFNKeKJ...
cc26867 Fix unsound OCSP find_status handling of optional next_update field
95aa8e8 Merge pull request #2513 from botovq/libressl-stable
e735a32 CI: bump LibreSSL 4.x branches to latest releases
21ab91d Merge pu...
Description has been truncated

Bumps the extractor group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [log](https://github.com/rust-lang/log) | `0.4.28` | `0.4.29` | | [env_logger](https://github.com/rust-cli/env_logger) | `0.11.8` | `0.11.9` | | [tokio](https://github.com/tokio-rs/tokio) | `1.47.1` | `1.49.0` | | [anyhow](https://github.com/dtolnay/anyhow) | `1.0.99` | `1.0.101` | | [thiserror](https://github.com/dtolnay/thiserror) | `2.0.16` | `2.0.18` | | [ghactions](https://github.com/42ByteLabs/ghactions) | `0.16.5` | `0.18.4` | | [ghactions-core](https://github.com/42ByteLabs/ghactions) | `0.16.5` | `0.18.4` | | [ghastoolkit](https://github.com/GeekMasher/ghastoolkit-rs) | `0.11.5` | `0.12.2` | | [octocrab](https://github.com/XAMPPRocky/octocrab) | `0.44.1` | `0.48.1` | | [openssl](https://github.com/rust-openssl/rust-openssl) | `0.10.73` | `0.10.75` | | [serde_json](https://github.com/serde-rs/json) | `1.0.143` | `1.0.149` | Updates `log` from 0.4.28 to 0.4.29 - [Release notes](https://github.com/rust-lang/log/releases) - [Changelog](https://github.com/rust-lang/log/blob/master/CHANGELOG.md) - [Commits](rust-lang/log@0.4.28...0.4.29) Updates `env_logger` from 0.11.8 to 0.11.9 - [Release notes](https://github.com/rust-cli/env_logger/releases) - [Changelog](https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md) - [Commits](rust-cli/env_logger@v0.11.8...v0.11.9) Updates `tokio` from 1.47.1 to 1.49.0 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.47.1...tokio-1.49.0) Updates `anyhow` from 1.0.99 to 1.0.101 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](dtolnay/anyhow@1.0.99...1.0.101) Updates `thiserror` from 2.0.16 to 2.0.18 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](dtolnay/thiserror@2.0.16...2.0.18) Updates `ghactions` from 0.16.5 to 0.18.4 - [Release notes](https://github.com/42ByteLabs/ghactions/releases) - [Commits](42ByteLabs/ghactions@0.16.5...0.18.4) Updates `ghactions-core` from 0.16.5 to 0.18.4 - [Release notes](https://github.com/42ByteLabs/ghactions/releases) - [Commits](42ByteLabs/ghactions@0.16.5...0.18.4) Updates `ghastoolkit` from 0.11.5 to 0.12.2 - [Release notes](https://github.com/GeekMasher/ghastoolkit-rs/releases) - [Commits](GeekMasher/ghastoolkit-rs@0.11.5...0.12.2) Updates `octocrab` from 0.44.1 to 0.48.1 - [Release notes](https://github.com/XAMPPRocky/octocrab/releases) - [Changelog](https://github.com/XAMPPRocky/octocrab/blob/main/CHANGELOG.md) - [Commits](XAMPPRocky/octocrab@v0.44.1...v0.48.1) Updates `openssl` from 0.10.73 to 0.10.75 - [Release notes](https://github.com/rust-openssl/rust-openssl/releases) - [Commits](rust-openssl/rust-openssl@openssl-v0.10.73...openssl-v0.10.75) Updates `serde_json` from 1.0.143 to 1.0.149 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](serde-rs/json@v1.0.143...v1.0.149) --- updated-dependencies: - dependency-name: log dependency-version: 0.4.29 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: extractor - dependency-name: env_logger dependency-version: 0.11.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: extractor - dependency-name: tokio dependency-version: 1.49.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: extractor - dependency-name: anyhow dependency-version: 1.0.101 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: extractor - dependency-name: thiserror dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: extractor - dependency-name: ghactions dependency-version: 0.18.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: extractor - dependency-name: ghactions-core dependency-version: 0.18.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: extractor - dependency-name: ghastoolkit dependency-version: 0.12.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: extractor - dependency-name: octocrab dependency-version: 0.48.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: extractor - dependency-name: openssl dependency-version: 0.10.75 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: extractor - dependency-name: serde_json dependency-version: 1.0.149 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: extractor ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-02-16T04:35:35Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Feb 16, 2026

dependabot bot requested a review from a team as a code owner February 16, 2026 04:35

dependabot bot requested review from adrienpessu and felickz February 16, 2026 04:35

dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Feb 16, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Comments

build(deps): bump the extractor group across 1 directory with 11 updates#49

build(deps): bump the extractor group across 1 directory with 11 updates#49
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/extractor-7a286ec192

dependabot bot commented on behalf of github Feb 16, 2026

Uh oh!

github-actions bot commented Feb 16, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Comments

Conversation

dependabot bot commented on behalf of github Feb 16, 2026

0.4.29

MSRV

What's Changed

New Contributors

[0.4.29] - 2025-12-02

What's Changed

New Contributors

v0.11.9

[0.11.9] - 2026-02-11

[0.11.9] - 2026-02-11

Tokio v1.49.0

1.49.0 (January 3rd, 2026)

Added

Changed

Fixed

Unstable

Documented

1.0.101

1.0.100

2.0.18

2.0.17

v0.18.4

What's Changed

v0.18.3

What's Changed

v0.18.2

What's Changed

v0.18.1

What's Changed

v0.18.0

What's Changed

v0.17.0

What's Changed

v0.18.4

What's Changed

v0.18.3

What's Changed

v0.18.2

What's Changed

v0.18.1

What's Changed

v0.18.0

What's Changed

v0.17.0

What's Changed

v0.12.2

What's Changed

v0.12.1

What's Changed

v0.12.0

What's Changed

v0.48.1

Fixed

v0.48.0

Added

Other

v0.47.1

Added

Other

v0.47.0

Added

Other

v0.46.0

Fixed

Other

v0.45.0

0.48.1 - 2025-12-02

Fixed

0.48.0 - 2025-11-18

Added

Other

0.47.1 - 2025-11-03

Added

Other

0.47.0 - 2025-10-06

Added

Other