Skip to content

build(deps): Bump the rust-dependencies group across 1 directory with 4 updates#7

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/rust-dependencies-4a230453e6
Open

build(deps): Bump the rust-dependencies group across 1 directory with 4 updates#7
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/rust-dependencies-4a230453e6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 28, 2026

Copy link
Copy Markdown

Bumps the rust-dependencies group with 4 updates in the / directory: thiserror, rand, anyhow and which.

Updates thiserror from 1.0.69 to 2.0.18

Release notes

Sourced from thiserror's releases.

2.0.18

2.0.17

  • Use differently named __private module per patch release (#434)

2.0.16

  • Add to "no-std" crates.io category (#429)

2.0.15

  • Prevent Error::provide API becoming unavailable from a future new compiler lint (#427)

2.0.14

  • Allow build-script cleanup failure with NFSv3 output directory to be non-fatal (#426)

2.0.13

  • Documentation improvements

2.0.12

  • Prevent elidable_lifetime_names pedantic clippy lint in generated impl (#413)

2.0.11

2.0.10

  • Support errors containing a generic type parameter's associated type in a field (#408)

2.0.9

  • Work around missing_inline_in_public_items clippy restriction being triggered in macro-generated code (#404)

2.0.8

  • Improve support for macro-generated derive(Error) call sites (#399)

2.0.7

  • Work around conflict with #[deny(clippy::allow_attributes)] (#397, thanks @​zertosh)

2.0.6

  • Suppress deprecation warning on generated From impls (#396)

2.0.5

  • Prevent deprecation warning on generated impl for deprecated type (#394)

2.0.4

  • Eliminate needless_lifetimes clippy lint in generated From impls (#391, thanks @​matt-phylum)

2.0.3

  • Support the same Path field being repeated in both Debug and Display representation in error message (#383)
  • Improve error message when a format trait used in error message is not implemented by some field (#384)

2.0.2

... (truncated)

Commits
  • dc0f6a2 Release 2.0.18
  • 0275292 Touch up PR 443
  • 3c33bc6 Merge pull request #443 from LucaCappelletti94/master
  • 995939c Reproduce issue 442
  • 21653d1 Made clippy lifetime allows conditional
  • 45e5388 Update actions/upload-artifact@v5 -> v6
  • 386aac1 Update actions/upload-artifact@v4 -> v5
  • ec50561 Update actions/checkout@v5 -> v6
  • 247eab5 Update name of empty_enum clippy lint
  • 91b181f Raise required compiler to Rust 1.68
  • Additional commits viewable in compare view

Updates rand from 0.8.6 to 0.9.4

Changelog

Sourced from rand's changelog.

[0.9.4] — 2026-04-13

Fixes

#1766: rust-random/rand#1766

[0.9.3] — 2026-04-11

This release back-ports a fix from v0.10. See also #1763.

Changes

  • Deprecate feature log (#1764)
  • Replace usages of doc_auto_cfg (#1764)

#1763: rust-random/rand#1763

[0.9.2] — 2025-07-20

Deprecated

  • Deprecate rand::rngs::mock module and StepRng generator (#1634)

Additions

  • Enable WeightedIndex<usize> (de)serialization (#1646)

[0.9.1] - 2025-04-17

Security and unsafe

  • Revise "not a crypto library" policy again (#1565)
  • Remove zerocopy dependency from rand (#1579)

Fixes

  • Fix feature simd_support for recent nightly rust (#1586)

Changes

  • Allow fn rand::seq::index::sample_weighted and fn IndexedRandom::choose_multiple_weighted to return fewer than amount results (#1623), reverting an undocumented change (#1382) to the previous release.

Additions

  • Add rand::distr::Alphabetic distribution. (#1587)
  • Re-export rand_core (#1604)

[0.9.0] - 2025-01-27

Security and unsafe

  • Policy: "rand is not a crypto library" (#1514)
  • Remove fork-protection from ReseedingRng and ThreadRng. Instead, it is recommended to call ThreadRng::reseed on fork. (#1379)
  • Use zerocopy to replace some unsafe code (#1349, #1393, #1446, #1502)

Dependencies

  • Bump the MSRV to 1.63.0 (#1207, #1246, #1269, #1341, #1416, #1536); note that 1.60.0 may work for dependents when using --ignore-rust-version
  • Update to rand_core v0.9.0 (#1558)

Features

  • Support std feature without getrandom or rand_chacha (#1354)
  • Enable feature small_rng by default (#1455)

... (truncated)

Commits

Updates anyhow from 1.0.102 to 1.0.103

Release notes

Sourced from anyhow's releases.

1.0.103

  • Fix Stacked Borrows violation (UB) in Error::downcast_mut (#451, #452)
Commits
  • 5bdb0e2 Release 1.0.103
  • e621bd3 Merge pull request #452 from dtolnay/downcast
  • 6e8c000 Eliminate pointer->reference->pointer during downcast
  • 67c4abd Add regression test for issue 451
  • 917a169 Update actions/upload-artifact@v6 -> v7
  • d9dc3fa Update actions/checkout@v6 -> v7
  • 841522b Raise minimum tested compiler to rust 1.85
  • See full diff in compare view

Updates which from 6.0.3 to 8.0.4

Release notes

Sourced from which's releases.

8.0.4

What's Changed

Full Changelog: harryfei/which-rs@8.0.3...8.0.4

8.0.3

What's Changed

New Contributors

Full Changelog: harryfei/which-rs@8.0.2...8.0.3

8.0.2

What's Changed

New Contributors

Full Changelog: harryfei/which-rs@8.0.1...8.0.2

8.0.1

What's Changed

New Contributors

Full Changelog: harryfei/which-rs@8.0.0...8.0.1

8.0.0

What's Changed

  • Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks @​dsherret for this contribution to which!
  • Add more debug level tracing for otherwise silent I/O errors.
  • Call the NonFatalHandler in more places to catch previously ignored I/O errors.
  • Remove use of the either dependency.

New Contributors

7.0.3

  • Update rustix to version 1.0. Congrats to rustix on this milestone, and thanks @​mhils for this contribution to which!

... (truncated)

Changelog

Sourced from which's changelog.

8.0.4

  • On Windows we now emit a NonFatalError if the PATHEXT environment variable is not populated, and the query did not specify a file extension.

8.0.3

  • Add fallback implementation of is_valid_executable allowing which-rs to compile on targets which are not Unix, Windows, WASI, or Redox. Thanks @​pmikolajczyk41 for your contribution to which!

8.0.2

  • Dependency on home_env removed, the implementation found in rust 1.85.0 for a home directory has been fixed. Thanks, [@​madsmtm],(https://github.com/madsmtm) for this contribution to which!
  • Dependency on winsafe removed, code for Windows API is now handwritten.
  • Dependency on rustix removed, we now depend on libc directly to reduce compile times.

8.0.1

8.0.0

  • Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks @​dsherret for this contribution to which!
  • Add more debug level tracing for otherwise silent I/O errors.
  • Call the NonFatalHandler in more places to catch previously ignored I/O errors.
  • Remove use of the either dependency.

7.0.3

  • Update rustix to version 1.0. Congrats to rustix on this milestone, and thanks @​mhils for this contribution to which!

7.0.2

  • Don't return paths containing the single dot . reference to the current directory, even if the original request was given in terms of the current directory. Thanks @​jakobhellermann for this contribution!

7.0.1

  • Get user home directory from env_home instead of home. Thanks @​micolous for this contribution!
  • If home directory is unavailable, do not expand the tilde to an empty string. Leave it as is.

7.0.0

  • Add support to WhichConfig for a user provided closure that will be called whenever a nonfatal error occurs. This technically breaks a few APIs due to the need to add more generics and lifetimes. Most code will compile without changes.
Commits
  • c9df5ef feat: emit NonFatalError on Windows if PATHEXT not populated (#125)
  • 9b1ec59 bump version number, update changelog
  • 6ddf6cf Implement is_valid_executable for other configurations (#124)
  • 5bb3e82 update README MSRV
  • aacc10e add changelog entry
  • 7b0c544 Swap dependency on rustix for dependency on libc (#122)
  • 189e99a New windows impl (#121)
  • c48f04e clippy fixes
  • 1fa32b7 bump msrv, bump version, add to changelog
  • b0d6e74 Remove env_home dependency
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… 4 updates

Bumps the rust-dependencies group with 4 updates in the / directory: [thiserror](https://github.com/dtolnay/thiserror), [rand](https://github.com/rust-random/rand), [anyhow](https://github.com/dtolnay/anyhow) and [which](https://github.com/harryfei/which-rs).


Updates `thiserror` from 1.0.69 to 2.0.18
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](dtolnay/thiserror@1.0.69...2.0.18)

Updates `rand` from 0.8.6 to 0.9.4
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/0.9.4/CHANGELOG.md)
- [Commits](rust-random/rand@0.8.6...0.9.4)

Updates `anyhow` from 1.0.102 to 1.0.103
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.102...1.0.103)

Updates `which` from 6.0.3 to 8.0.4
- [Release notes](https://github.com/harryfei/which-rs/releases)
- [Changelog](https://github.com/harryfei/which-rs/blob/master/CHANGELOG.md)
- [Commits](harryfei/which-rs@6.0.3...8.0.4)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-version: 2.0.18
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: rust-dependencies
- dependency-name: rand
  dependency-version: 0.9.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: anyhow
  dependency-version: 1.0.103
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: which
  dependency-version: 8.0.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: rust-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants