Skip to content

chore(deps): bump zip from 8.3.0 to 8.5.1 in /app/src-tauri#421

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/app/src-tauri/zip-8.5.1
Closed

chore(deps): bump zip from 8.3.0 to 8.5.1 in /app/src-tauri#421
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/app/src-tauri/zip-8.5.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 9, 2026

Copy link
Copy Markdown
Contributor

Bumps zip from 8.3.0 to 8.5.1.

Release notes

Sourced from zip's releases.

v8.5.1

🚜 Refactor

  • change magic finder to stack buffer (#763)
  • simplify extra field parsing (#764)

v8.5.0

🐛 Bug Fixes

  • remove zip64 comment and add zip64 extensible data sector (#747)

🚜 Refactor

  • remove useless magic in struct (#730)
  • change extra_field from Arc<Vec> to Arc<[u8]> (#741)

⚙️ Miscellaneous Tasks

  • cleanup README (#758)

v8.4.0

🚀 Features

  • add a check for building benches (#748)

🚜 Refactor

  • split part of read.rs for code readability (#744)
  • remove unused allow (#745)

⚡ Performance

  • skip BufReader for Stored files in make_reader (#739)

⚙️ Miscellaneous Tasks

  • move pull request template to correct folder (#749)

v8.3.1

🚜 Refactor

  • use AexEncryption::new (#736)
  • update tests to add big endian miri check (#735)

⚙️ Miscellaneous Tasks

  • cleanup repository files (#743)
Changelog

Sourced from zip's changelog.

8.5.1 - 2026-04-06

🚜 Refactor

  • change magic finder to stack buffer (#763)
  • simplify extra field parsing (#764)

8.5.0 - 2026-04-01

🐛 Bug Fixes

  • remove zip64 comment and add zip64 extensible data sector (#747)

🚜 Refactor

  • remove useless magic in struct (#730)
  • change extra_field from Arc<Vec> to Arc<[u8]> (#741)

⚙️ Miscellaneous Tasks

  • cleanup README (#758)

8.4.0 - 2026-03-23

🚀 Features

  • add a check for building benches (#748)

🚜 Refactor

  • split part of read.rs for code readability (#744)
  • remove unused allow (#745)

⚡ Performance

  • skip BufReader for Stored files in make_reader (#739)

⚙️ Miscellaneous Tasks

  • move pull request template to correct folder (#749)

8.3.1 - 2026-03-21

🚜 Refactor

  • use AexEncryption::new (#736)
  • update tests to add big endian miri check (#735)

⚙️ Miscellaneous Tasks

... (truncated)

Commits
  • 5c0a0a2 chore: release v8.5.1 (#766)
  • e1fc904 ci(deps): bump github/codeql-action from 4.32.6 to 4.35.1 (#769)
  • ef6392d refactor: change magic finder to stack buffer (#763)
  • f6c64ff refactor: simplify extra field parsing (#764)
  • 93ea679 chore: release v8.5.0 (#762)
  • fbd0d41 refactor: remove useless magic in struct (#730)
  • 1043e92 refactor: change extra_field from Arc<Vec> to Arc<[u8]> (#741)
  • 2eb28b6 fix: remove zip64 comment and add zip64 extensible data sector (#747)
  • 5f4a644 ci(deps): bump rust-lang/crates-io-auth-action from 1.0.3 to 1.0.4 (#761)
  • 6469720 ci: Add static.crates.io to allowed hosts in CodeQL workflow (#759)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Apr 9, 2026
@github-actions github-actions Bot enabled auto-merge (squash) April 9, 2026 19:49
Bumps [zip](https://github.com/zip-rs/zip2) from 8.3.0 to 8.5.1.
- [Release notes](https://github.com/zip-rs/zip2/releases)
- [Changelog](https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md)
- [Commits](zip-rs/zip2@v8.3.0...v8.5.1)

---
updated-dependencies:
- dependency-name: zip
  dependency-version: 8.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/app/src-tauri/zip-8.5.1 branch from 2cc7f0f to 2e32c51 Compare April 10, 2026 12:22
@hbanerjee74

Copy link
Copy Markdown
Contributor

Superseded by #461 — consolidated dependency bump. Closing.

auto-merge was automatically disabled April 28, 2026 12:19

Pull request was closed

@dependabot @github

dependabot Bot commented on behalf of github Apr 28, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@hbanerjee74 hbanerjee74 deleted the dependabot/cargo/app/src-tauri/zip-8.5.1 branch April 28, 2026 12:19
hbanerjee74 added a commit that referenced this pull request Apr 28, 2026
Replaces individual dependabot PRs #416, #418, #420, #421, #422, #446, #447,
#448, #450, #452, #453, #454, #457 with a single combined update.

npm (app):
- @tanstack/react-router 1.168.22 -> 1.168.23
- @tiptap/starter-kit 3.22.3 -> 3.22.4
- @tiptap/extension-placeholder 3.22.3 -> 3.22.4
- typescript 6.0.2 -> 6.0.3 (dev)
- protobufjs 8.0.0 -> 8.0.3 (transitive, dev)

cargo (app/src-tauri):
- rand 0.8 -> 0.9 (manifest); transitive shuffle/SeedableRng API unchanged
- tokio 1.50.0 -> 1.51.1
- tauri-plugin-dialog 2.6.0 -> 2.7.0
- semver 1.0.27 -> 1.0.28
- zip 8.3.0 -> 8.6.0

GitHub Actions:
- actions/upload-pages-artifact 4 -> 5
- softprops/action-gh-release 2 -> 3

PR #459 (@anthropic-ai/claude-agent-sdk 0.2.119) is intentionally excluded:
the SDK changed its package layout (no cli.js / vendor/) and requires a
sidecar build.js rewrite — handled separately.

Verified: cargo check, npx tsc --noEmit (frontend), sidecar build.

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant