Bump the cargo-dependencies group with 2 updates

[dependabot]

Bumps the cargo-dependencies group with 2 updates: flate2 and zip.

Updates flate2 from 1.1.8 to 1.1.9

Commits

• 19ddb18 Merge pull request #529 from folkertdev/update-zlib-rs-0.6.0
• c956e12 upgrade zlib-rs to version 0.6.0
• 21d5eeb Merge pull request #528 from wgyt/wgyt/patch
• 54f8484 update LICENSE-MIT
• f4924fe Merge pull request #527 from jongiddy/crc-tests
• 8b9b7a6 Add tests to check data CRC
• fd17c74 Merge pull request #526 from folkertdev/zlib-rs-crc32
• aef26ac check that zlib-rs no longer compiles crc32fast
• 5ec7647 make crc32fast an optional dependency
• c584e97 use zlib-rs for crc32 (when available)
• See full diff in compare view

Updates zip from 7.2.0 to 7.4.0

Release notes

Sourced from zip's releases.

v7.4.0

🚀 Features

• Increase MSRV to 1.88 and update dependencies (#626)

v7.3.0

🚀 Features

• cleanup the benchs and Cargo.toml (#606)
• Add support for per-file comments (#543)

🐛 Bug Fixes

• Document feature unreserved and make the mapping of extra fields public (#616)
• Return an error if abort_file() fails when exceeding non-large-file limit (#598)

⚙️ Miscellaneous Tasks

• Bump version to 7.3.0 (semver checks fail if it's still 7.3.0-pre1)

v7.3.0-pre1

🐛 Bug Fixes

• Reject empty ZipCrypto password when encrypting files (can still be used when decrypting)
• make zip crate safer and more readable (#536)

⚡ Performance

• Optimizations for CP437 conversion (#559)

⚙️ Miscellaneous Tasks

• Trigger release 7.3.0-pre1 to reset cargo-semver-checks baseline

Changelog

Sourced from zip's changelog.

7.4.0 - 2026-02-05

🚀 Features

• Increase MSRV to 1.88 and update dependencies (#626)

7.3.0 - 2026-02-04

🚀 Features

• cleanup the benchmarks and Cargo.toml (#606)
• Add support for per-file comments (#543)

🐛 Bug Fixes

• Document feature unreserved and make the mapping of extra fields public (#616)
• Return an error if abort_file() fails when exceeding non-large-file limit (#598)

⚙️ Miscellaneous Tasks

• Bump version to 7.3.0 (semver checks fail if it's still 7.3.0-pre1)

7.3.0-pre1 - 2026-01-27

🐛 Bug Fixes

• Reject empty ZipCrypto password when encrypting files (can still be used when decrypting)
• make zip crate safer and more readable (#536)

⚡ Performance

• Optimizations for CP437 conversion (#559)

⚙️ Miscellaneous Tasks

• Trigger release 7.3.0-pre1 to reset cargo-semver-checks baseline

Commits

• 016d421 chore: release v7.4.0 (#628)
• 18792c2 feat: Increase MSRV to 1.88 and update dependencies (#626)
• c9bce39 test: Potential fixes for 5 code quality findings (method-description comment...
• 5b61c24 test: Potential fixes for 2 code quality findings in tests/end_to_end.rs (#624)
• 1c59f3c Apply suggested fix to CHANGELOG.md from Copilot Autofix (#623)
• 41aeb9f Revert "ci: Temporarily override baseline for semver checks (revert after 7.3...
• ba77189 chore: release v7.3.0 (#580)
• 57b5ecc fix: Document feature unreserved and make the mapping of extra fields publi...
• 579b67c Apply suggested fix to tests/zip_crypto.rs from Copilot Autofix (#620)
• ca432a0 Apply suggested fix to tests/wasm32.rs from Copilot Autofix (#618)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions