Skip to content

Bump the cargo group across 1 directory with 4 updates #157

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the cargo group across 1 directory with 4 updates #157

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 8, 2025

Bumps the cargo group with 4 updates in the / directory: quick-xml, reqwest, tokio and napi-build.

Updates quick-xml from 0.37.5 to 0.38.0

Changelog

Sourced from quick-xml's changelog.

0.38.0 -- 2025-06-28

Significant changes

Now references to entities (as predefined, such as <, as user-defined) reported as a new Event::GeneralRef. Caller can parse the content of the entity and stream events from it as it is required by the XML specification. See the updated custom_entities example!

Implement whitespace behavior in the standard in Deserializer, which says string primitive types should preserve whitespace, while all other primitives have collapse behavior.

New Features

  • #863: Add Attributes::into_map_access(&str) and Attributes::into_deserializer() when serialize feature is enabled. This will allow do deserialize serde types right from attributes. Both methods returns the same type which implements serde's Deserializer and MapAccess traits.
  • #766: Allow to parse resolved entities as XML fragments and stream events from them.
  • #766: Added new event Event::GeneralRef with content of [general entity].
  • #766: Added new configuration option allow_dangling_amp which allows to have a & not followed by ; in the textual data which is required for some applications for compatibility reasons.
  • #285: Add ability to quick_xml::de::Text to access text with trimmed spaces

Bug Fixes

  • #868: Allow to have both $text and $value special fields in one struct. Previously any text will be recognized as $value field even when $text field is also presented.
  • #868: Skip text events when deserialize a sequence of items overlapped with text (including CDATA).
  • #841: Do not strip xml prefix from the attributes when map them to struct fields in Deserializer.

Misc Changes

  • #863: Remove From<QName<'a>> for BytesStart<'a> because now BytesStart stores the encoding in which its data is encoded, but QName is a simple wrapper around byte slice.
  • #766: BytesText::unescape and BytesText::unescape_with replaced by BytesText::decode. Now Text events does not contain escaped parts which are reported as Event::GeneralRef.

#285: tafia/quick-xml#285 #766: tafia/quick-xml#766 #841: tafia/quick-xml#841 #863: tafia/quick-xml#863 #868: tafia/quick-xml#868 [general entity]: https://www.w3.org/TR/xml11/#gen-entity

Commits
  • e8806e0 Release 0.38.0
  • 7c4b702 Fix incorrect references in the documentation
  • 2cbb2b8 Merge pull request #873 from curatorsigma/serde_roundtrip_xml_attrs
  • bc18c57 serde: allow xml: attributes to roundtrip
  • 899d573 Skip unwanted text events in sequences
  • 5942a13 Add regression test for #868
  • f152aec Allow both &text and $value fields in the same struct
  • d6dfeed Merge pull request #872 from Mingun/update-compare
  • 6017acf Merge pull request #865 from ggodlewski/untrim
  • 15a3e86 compare: Put each group into its own file to be able to run them independentl...
  • Additional commits viewable in compare view

Updates reqwest from 0.12.20 to 0.12.22

Release notes

Sourced from reqwest's releases.

v0.12.22

tl;dr

  • Fix socks proxies when resolving IPv6 destinations.

What's Changed

Full Changelog: seanmonstar/reqwest@v0.12.21...v0.12.22

v0.12.21

tl;dr

  • Fix socks proxy to use socks4a:// instead of socks4h://.
  • Fix Error::is_timeout() to check for hyper and IO timeouts too.
  • Fix request Error to again include URLs when possible.
  • Fix socks connect error to include more context.
  • (wasm) implement Default for Body.

What's Changed

New Contributors

Full Changelog: seanmonstar/reqwest@v0.12.20...v0.12.21

Changelog

Sourced from reqwest's changelog.

v0.12.22

  • Fix socks proxies when resolving IPv6 destinations.

v0.12.21

  • Fix socks proxy to use socks4a:// instead of socks4h://.
  • Fix Error::is_timeout() to check for hyper and IO timeouts too.
  • Fix request Error to again include URLs when possible.
  • Fix socks connect error to include more context.
  • (wasm) implement Default for Body.
Commits

Updates tokio from 1.45.1 to 1.46.1

Release notes

Sourced from tokio's releases.

Tokio v1.46.1

1.46.1 (July 4th, 2025)

This release fixes incorrect spawn locations in runtime task hooks for tasks spawned using tokio::spawn rather than Runtime::spawn. This issue only effected the spawn location in TaskMeta::spawned_at, and did not effect task locations in Tracing events.

Unstable

  • runtime: add TaskMeta::spawn_location tracking where a task was spawned (#7440)

#7440: tokio-rs/tokio#7440

Tokio v1.46.0

1.46.0 (July 2nd, 2025)

Fixed

  • net: fixed TcpStream::shutdown incorrectly returning an error on macOS (#7290)

Added

  • sync: mpsc::OwnedPermit::{same_channel, same_channel_as_sender} methods (#7389)
  • macros: biased option for join! and try_join!, similar to select! (#7307)
  • net: support for cygwin (#7393)
  • net: support pope::OpenOptions::read_write on Android (#7426)
  • net: add Clone implementation for net::unix::SocketAddr (#7422)

Changed

  • runtime: eliminate unnecessary lfence while operating on queue::Local<T> (#7340)
  • task: disallow blocking in LocalSet::{poll,drop} (#7372)

Unstable

  • runtime: add TaskMeta::spawn_location tracking where a task was spawned (#7417)
  • runtime: removed borrow from LocalOptions parameter to runtime::Builder::build_local (#7346)

Documented

  • io: clarify behavior of seeking when start_seek is not used (#7366)
  • io: document cancellation safety of AsyncWriteExt::flush (#7364)
  • net: fix docs for recv_buffer_size method (#7336)
  • net: fix broken link of RawFd in TcpSocket docs (#7416)
  • net: update AsRawFd doc link to current Rust stdlib location (#7429)
  • readme: fix double period in reactor description (#7363)
  • runtime: add doc note that on_*_task_poll is unstable (#7311)
  • sync: update broadcast docs on allocation failure (#7352)
  • time: add a missing panic scenario of time::advance (#7394)

#7290: tokio-rs/tokio#7290 #7307: tokio-rs/tokio#7307

... (truncated)

Commits
  • ab3ff69 chore: prepare to release v1.46.1 (#7444)
  • a0d5b8a runtime(unstable): fix task hook spawn locations for tokio::spawn (#7440)
  • a1ee3ef chore: fix some minor typos in the comments (#7442)
  • 171cd14 changelog: fix typo in pipe::OpenOptions for 1.46.0 (#7439)
  • 3f1f268 chore: prepare Tokio v1.46.0 (#7437)
  • 3e890cc rt(unstable): add spawn Location to TaskMeta (#7417)
  • 69290a6 net: derive Clone for net::unix::SocketAddr (#7422)
  • e2b1758 fuzz: cfg fuzz tests under cfg(test) (#7428)
  • b7a75b5 net: update AsRawFd doc link to current Rust stdlib location (#7429)
  • 6b705b3 net: allow pipe::OpenOptions::read_write on Android (#7426)
  • Additional commits viewable in compare view

Updates napi-build from 2.2.1 to 2.2.2

Release notes

Sourced from napi-build's releases.

napi-build@2.2.2

What's Changed

Full Changelog: https://github.com/napi-rs/napi-rs/compare/napi@3.0.0-beta.10...napi-build@2.2.2

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the cargo group across 1 directory with 4 updates
018aa98 
Bumps the cargo group with 4 updates in the / directory: [quick-xml](https://github.com/tafia/quick-xml), [reqwest](https://github.com/seanmonstar/reqwest), [tokio](https://github.com/tokio-rs/tokio) and [napi-build](https://github.com/napi-rs/napi-rs).


Updates `quick-xml` from 0.37.5 to 0.38.0
- [Release notes](https://github.com/tafia/quick-xml/releases)
- [Changelog](https://github.com/tafia/quick-xml/blob/master/Changelog.md)
- [Commits](tafia/quick-xml@v0.37.5...v0.38.0)

Updates `reqwest` from 0.12.20 to 0.12.22
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.12.20...v0.12.22)

Updates `tokio` from 1.45.1 to 1.46.1
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.45.1...tokio-1.46.1)

Updates `napi-build` from 2.2.1 to 2.2.2
- [Release notes](https://github.com/napi-rs/napi-rs/releases)
- [Commits](https://github.com/napi-rs/napi-rs/compare/napi-build@2.2.1...napi-build@2.2.2)

---
updated-dependencies:
- dependency-name: quick-xml
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: reqwest
  dependency-version: 0.12.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: tokio
  dependency-version: 1.46.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: napi-build
  dependency-version: 2.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jul 8, 2025
@codecov Codecov
Copy link

codecov bot commented Jul 8, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.90%. Comparing base (ada1fbc) to head (018aa98).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #157      +/-   ##
==========================================
- Coverage   97.53%   96.90%   -0.64%     
==========================================
  Files          14       14              
  Lines        3406     3132     -274     
==========================================
- Hits         3322     3035     -287     
- Misses         84       97      +13

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@codspeed-hq CodSpeed HQ
Copy link

codspeed-hq bot commented Jul 8, 2025

CodSpeed Performance Report

Merging #157 will not alter performance

Comparing dependabot/cargo/cargo-c7e792c5ee (018aa98) with main (ada1fbc)

Summary

✅ 1 untouched benchmarks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants