Skip to content

deps: bump the cargo-patch-and-minor group across 1 directory with 4 updates#1022

Merged
figsoda merged 1 commit into
mainfrom
dependabot/cargo/cargo-patch-and-minor-eb4a874ca6
Jul 7, 2026
Merged

deps: bump the cargo-patch-and-minor group across 1 directory with 4 updates#1022
figsoda merged 1 commit into
mainfrom
dependabot/cargo/cargo-patch-and-minor-eb4a874ca6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the cargo-patch-and-minor group with 4 updates in the / directory: bstr, sevenz-rust2, time and anyhow.

Updates bstr from 1.12.1 to 1.12.3

Commits
  • cabbfe3 1.12.3
  • 11d6fac msrv: decrease to 1.65
  • c857a1c 1.12.2
  • e4c6498 doc: clarify the case where there is no valid UTF-8 prefix (#204)
  • 8481908 doc: add alias to fields and Fields
  • 6f089f3 lint: add set -u to regex generation scripts
  • 1396d35 docs: fix spelling mistake
  • 94cdd94 lint: add #[must_use] to ByteSlice::replace[n]
  • 155fc93 deps: switch serde to serde_core
  • bf0bf16 perf: implement Iterator::count for Chars
  • Additional commits viewable in compare view

Updates sevenz-rust2 from 0.21.0 to 0.21.1

Changelog

Sourced from sevenz-rust2's changelog.

0.21.1 - 2026-06-23

Fixed

  • Fix security issue were malicious 7z files could write files outside the destination directory. Reported by @​lintowe (#116)
Commits
  • ef760b6 7z files could write files outside the destination directory
  • 3ce5d2a Bump actions/checkout from 6 to 7
  • 92ea436 Fix new clippy linter issues
  • See full diff in compare view

Updates time from 0.3.49 to 0.3.51

Release notes

Sourced from time's releases.

v0.3.51

See the changelog for details.

Changelog

Sourced from time's changelog.

0.3.51 [2026-06-22]

Fixed

  • time compiles with macros enabled. This version is otherwise identical to v0.3.50.

0.3.50 [2026-06-22] [YANKED]

This version was yanked because it would not compile when the macros feature was enabled.

Added

  • Timestamp type

Fixed

  • [year] in a runtime-parsed version 3 format description when the large-dates feature is not enabled now succeeds. This previously failed due to a missing #[cfg].

Performance

  • Further gains when parsing with the non-deprecated parts of the RFC 2822 well-known format
  • Gains when formatting with the ISO 8601 well-known format
  • Date arithmetic is improved in common situations
Commits
  • 4ae4926 v0.3.51 release
  • 88eece3 v0.3.50 release
  • e1aa9ed Remove unused imports
  • 6f64473 Add regression test for issue 773
  • 9f8d7da Improve performance of ISO 8601 formatting
  • 356975c Share parsing components with different versions
  • 2850178 Improve RFC 2822 fast path
  • 1f6fa79 Add #[inline] to trivial method
  • 7e4fd30 Add fast path for Date arithmetic
  • a928f2d Avoid range error when not using large-dates
  • Additional commits viewable in compare view

Updates anyhow from 1.0.102 to 1.0.103

Release notes

Sourced from anyhow's releases.

1.0.103

  • Fix Stacked Borrows violation (UB) in Error::downcast_mut (#451, #452)
Commits
  • 5bdb0e2 Release 1.0.103
  • e621bd3 Merge pull request #452 from dtolnay/downcast
  • 6e8c000 Eliminate pointer->reference->pointer during downcast
  • 67c4abd Add regression test for issue 451
  • 917a169 Update actions/upload-artifact@v6 -> v7
  • d9dc3fa Update actions/checkout@v6 -> v7
  • 841522b Raise minimum tested compiler to rust 1.85
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…updates

Bumps the cargo-patch-and-minor group with 4 updates in the / directory: [bstr](https://github.com/BurntSushi/bstr), [sevenz-rust2](https://github.com/hasenbanck/sevenz-rust), [time](https://github.com/time-rs/time) and [anyhow](https://github.com/dtolnay/anyhow).


Updates `bstr` from 1.12.1 to 1.12.3
- [Commits](BurntSushi/bstr@1.12.1...1.12.3)

Updates `sevenz-rust2` from 0.21.0 to 0.21.1
- [Changelog](https://github.com/hasenbanck/sevenz-rust2/blob/main/CHANGELOG.md)
- [Commits](hasenbanck/sevenz-rust2@v0.21.0...v0.21.1)

Updates `time` from 0.3.49 to 0.3.51
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](time-rs/time@v0.3.49...v0.3.51)

Updates `anyhow` from 1.0.102 to 1.0.103
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.102...1.0.103)

---
updated-dependencies:
- dependency-name: bstr
  dependency-version: 1.12.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-patch-and-minor
- dependency-name: sevenz-rust2
  dependency-version: 0.21.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-patch-and-minor
- dependency-name: time
  dependency-version: 0.3.51
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-patch-and-minor
- dependency-name: anyhow
  dependency-version: 1.0.103
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-patch-and-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 6, 2026
@figsoda figsoda merged commit 85938c3 into main Jul 7, 2026
18 checks passed
@figsoda figsoda deleted the dependabot/cargo/cargo-patch-and-minor-eb4a874ca6 branch July 7, 2026 01:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant