Skip to content

build(deps): bump the cargo group across 3 directories with 9 updates#76

Open
dependabot[bot] wants to merge 1 commit into
pre-1.35.6from
dependabot/cargo/tools/unitctl/cargo-dbfb03f332
Open

build(deps): bump the cargo group across 3 directories with 9 updates#76
dependabot[bot] wants to merge 1 commit into
pre-1.35.6from
dependabot/cargo/tools/unitctl/cargo-dbfb03f332

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 14, 2026

Copy link
Copy Markdown

Bumps the cargo group with 5 updates in the /tools/unitctl directory:

Package From To
rand 0.8.5 0.8.6
tar 0.4.44 0.4.46
bytes 1.10.1 1.11.1
openssl 0.10.73 0.10.81
time 0.3.41 0.3.49

Bumps the cargo group with 4 updates in the /src/wasm-wasi-component directory: rand, bytes, wasmtime and wasmtime-wasi.
Bumps the cargo group with 5 updates in the /src/otel directory:

Package From To
rand 0.8.5 0.8.6
bytes 1.10.1 1.11.1
openssl 0.10.73 0.10.81
rustls-webpki 0.103.4 0.103.13
quinn-proto 0.11.12 0.11.14

Updates rand from 0.8.5 to 0.8.6

Changelog

Sourced from rand's changelog.

[0.8.6] - 2026-04-14

This release back-ports a fix from v0.10. See also #1763.

Changes

  • Deprecate feature log (#1772)

#1763: rust-random/rand#1763 #1772: rust-random/rand#1772

  • Drop the experimental simd_support feature.
Commits
  • 5309f25 0.8.6 (#1772): update for recent nightly rustc and backport #1764
  • 1126d03 When testing rustc 1.36, use compatible dependencies.
  • 143b602 Add Cargo.lock.msrv.
  • 9be86f2 Fix cross build test.
  • 5e0d50d Drop simd_support.
  • 8ff02f0 Upgrade cache action.
  • 4ad0cc3 Don't test for unsupported target architecture.
  • 258e6d0 Address warning.
  • 9f0e676 Mark some internal traits as potentially unused.
  • 6f123c1 Workaround never constructed and never used warning.
  • Additional commits viewable in compare view

Updates tar from 0.4.44 to 0.4.46

Release notes

Sourced from tar's releases.

0.4.46

Security

See also GHSA-3cv2-h65g-fgmm

Other changes

New Contributors

Full Changelog: composefs/tar-rs@0.4.45...0.4.46

Commits
  • fc459c1 Release 0.4.46
  • 43e05a8 ci: Add crates.io trusted publishing workflow
  • bba5666 Update repo links
  • cd94c46 docs: Document TOCTOU / concurrent-mutation threat model
  • 1b4997c builder: Expand docs for follow_symlinks and append_dir_all
  • bab14dd archive: Fix another PAX header desync (GHSA-3cv2-h65g-fgmm)
  • 2349b49 Add support of absolute paths
  • 39d0311 Update some links
  • 59d803e Update astral-tokio-tar requirement from 0.5 to 0.6
  • 8296b9a ci: Fix and re-enable reverse dependency testing (#444)
  • Additional commits viewable in compare view

Updates bytes from 1.10.1 to 1.11.1

Release notes

Sourced from bytes's releases.

Bytes v1.11.1

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

Bytes v1.11.0

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Changelog

Sourced from bytes's changelog.

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Commits

Updates openssl from 0.10.73 to 0.10.81

Release notes

Sourced from openssl's releases.

openssl-v0.10.81

What's Changed

New Contributors

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.80...openssl-v0.10.81

openssl-v0.10.80

What's Changed

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.79...openssl-v0.10.80

openssl-v0.10.79

What's Changed

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79

... (truncated)

Commits
  • db9c9e2 Release openssl 0.10.81 and openssl-sys 0.9.117 (#2655)
  • 3a7fb56 Bump actions/checkout from 6.0.2 to 6.0.3 (#2653)
  • d059c43 Fix verify_mode() panic on unmodeled verify mode bits (#2651)
  • 8b1519e Deprecate Asn1StringRef::as_utf8 in favor of a NUL-safe to_string (#2652)
  • d5713d6 add mldsa.h to the boringssl bindgen (#2650)
  • 9fac317 Merge pull request #2538 from ocdlroux/feat/crl-full
  • 4dae20b x509: adding minimal support for X509CrlBuilder
  • 47f7777 Add brainpoolP224r1 and brainpoolP224t1 NID constants (#2642)
  • 659da17 Bump aws-ls-sys to 0.41 (#2640)
  • 35be7ae Release openssl 0.10.80 and openssl-sys 0.9.116 (#2639)
  • Additional commits viewable in compare view

Updates time from 0.3.41 to 0.3.49

Release notes

Sourced from time's releases.

v0.3.49

See the changelog for details.

v0.3.48

See the changelog for details.

v0.3.47

See the changelog for details.

v0.3.46

See the changelog for details.

v0.3.45

See the changelog for details.

v0.3.44

See the changelog for details.

v0.3.43

See the changelog for details.

v0.3.42

See the changelog for details.

Changelog

Sourced from time's changelog.

0.3.49 [2026-06-13]

Fixed

  • Due to a long-standing bug in the Rust compiler, v0.3.48 caused a number of crates to stop compiling. A patch has been added that avoids triggering the bug.

0.3.48 [2026-06-12] [YANKED]

Security

  • The number of digits parsed by [subsecond digits:1+] is capped at 32 to avoid parsing unbounded user input. Digits after the 9th have no semantic meaning.
  • Explicitly specify #[repr] for Weekday. The value of the variants is relied upon in multiple locations for soundness. The practical effect of this change is nothing, as Rust has always mapped C-like enums to 0..N in memory.

Compatibility

  • Non-UTF-8 formatting and parsing is deprecated without replacement. It is recommended to only format and parse valid UTF-8.
  • format_description::parse is deprecated. It is recommended to use format_description::parse_borrowed::<3> or format_description::parse_owned::<3>.

Added

  • All types in the unit module have a generic parameter, though this is currently not used for much. Usage will be expanded in the future.
  • Comparisons between types in the unit module and the generic Unit type are permitted.
  • Support for rand 0.10
  • Version 3 format descriptions
    • Only UTF-8 is supported. As a side effect of this, [ignore] requires that the remaining input not begin mid-codepoint.
    • Representation is deliberately opaque to allow for arbitrary changes going forward.
    • format:false is supported on [optional] components. This is not possible in version 1 and version 2 format descriptions due to API compatibility.
    • The time::serde::format_description! macro uses a new, clearer syntax for version 3.
      • time::serde::format_description!(mod foo [Date] = "[year]-[month]-[day]");
      • Unlike version 1 and version 2 format descriptions, the type is not automatically brought into scope. You must import it yourself.
    • Nonsensical combinations of modifiers are rejected. For example, you cannot specify case-sensitivity when parsing a numerical month.
    • [year] defaults to range:standard
    • Components and modifiers are case sensitive (and always lowercase).

Changed

  • The convert module has been renamed to unit.

Fixed

... (truncated)

Commits
  • ff8683c v0.3.49 release
  • f189886 fix: resolve E0119 trait coherence error in rustc >= 1.95.0
  • 5d8737c v0.3.48 release
  • 1bfca87 Use widen instead of extend in sys code
  • c57284f fix: return error instead of panicking on truncated strftime padding modifier
  • a74f35f Use v3 format descriptions for serde defaults
  • 96ff36c Allow eliding serde format description version
  • edc58b1 Permit duplicates in v1/v2 in permit_modifiers!
  • a838f69 Bump codecov action
  • f2f99f8 Fix unused warning
  • Additional commits viewable in compare view

Updates rand from 0.8.5 to 0.8.6

Changelog

Sourced from rand's changelog.

[0.8.6] - 2026-04-14

This release back-ports a fix from v0.10. See also #1763.

Changes

  • Deprecate feature log (#1772)

#1763: rust-random/rand#1763 #1772: rust-random/rand#1772

  • Drop the experimental simd_support feature.
Commits
  • 5309f25 0.8.6 (#1772): update for recent nightly rustc and backport #1764
  • 1126d03 When testing rustc 1.36, use compatible dependencies.
  • 143b602 Add Cargo.lock.msrv.
  • 9be86f2 Fix cross build test.
  • 5e0d50d Drop simd_support.
  • 8ff02f0 Upgrade cache action.
  • 4ad0cc3 Don't test for unsupported target architecture.
  • 258e6d0 Address warning.
  • 9f0e676 Mark some internal traits as potentially unused.
  • 6f123c1 Workaround never constructed and never used warning.
  • Additional commits viewable in compare view

Updates bytes from 1.10.1 to 1.11.1

Release notes

Sourced from bytes's releases.

Bytes v1.11.1

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

Bytes v1.11.0

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Changelog

Sourced from bytes's changelog.

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Commits

Updates wasmtime from 35.0.0 to 36.0.8

Release notes

Sourced from wasmtime's releases.

v36.0.8

36.0.8

Released 2026-04-30.

Fixed

  • Panic when allocating a table exceeding the size of the host's address space. GHSA-p8xm-42r7-89xg

v36.0.7

36.0.7

Released 2026-04-09.

Fixed

... (truncated)

Changelog

Sourced from wasmtime's changelog.

36.0.8

Released 2026-04-30.

Fixed

  • Panic when allocating a table exceeding the size of the host's address space. GHSA-p8xm-42r7-89xg

36.0.7

Released 2026-04-09.

Fixed

... (truncated)

Commits

Updates wasmtime-wasi from 35.0.0 to 38.0.4

Release notes

Sourced from wasmtime-wasi's releases.

v38.0.4

38.0.4

Released 2025-11-11.

Fixed

v38.0.3

38.0.3

Released 2025-10-24.

Fixed

  • Fix possible host crash with host-to-wasm component intrinsics CVE-2025-62711

v38.0.1

38.0.1

Released 2025-10-20.

Fixed

  • Fixed some automation that went wrong with the 38.0.0 release.

v37.0.3

37.0.3

Released 2025-11-11.

Fixed

v37.0.2

37.0.2

Released 2025-10-07.

Fixed

  • Fix a memory leak in the C API when using anyref or externref. CVE-2025-61670.

v37.0.1

... (truncated)

Changelog

Sourced from wasmtime-wasi's changelog.

38.0.4

Released 2025-11-11.

Fixed


38.0.3

Released 2025-10-24.

Fixed

  • Fix possible host crash with host-to-wasm component intrinsics CVE-2025-62711

38.0.2

Released 2025-10-21.

Changed

  • This repository is attempting to start out using GitHub's "Immutable Releases" feature with this release, and this'll be the first release, assuming all goes well, that has this enabled. #11901

Fixed

  • Fix compatibility with the Go runtime on Windows for exceptions. #11892

38.0.1

Released 2025-10-20.

Fixed

  • Fixed some automation that went wrong with the 38.0.0 release.

... (truncated)

Commits

Updates rand from 0.8.5 to 0.8.6

Changelog

Sourced from rand's changelog.

[0.8.6] - 2026-04-14

This release back-ports a fix from v0.10. See also #1763.

Changes

  • Deprecate feature log (#1772)

#1763: rust-random/rand#1763 #1772: rust-random/rand#1772

  • Drop the experimental simd_support feature.
Commits
  • 5309f25 0.8.6 (#1772): update for recent nightly rustc and backport #1764
  • 1126d03 When testing rustc 1.36, use compatible dependencies.
  • 143b602 Add Cargo.lock.msrv.
  • 9be86f2 Fix cross build test.
  • 5e0d50d Drop simd_support.
  • 8ff02f0 Upgrade cache action.
  • 4ad0cc3 Don't test for unsupported target architecture.
  • 258e6d0 Address warning.
  • 9f0e676 Mark some internal traits as potentially unused.
  • 6f123c1 Workaround never constructed and never used warning.
  • Additional commits viewable in compare view

Updates bytes from 1.10.1 to 1.11.1

Release notes

Sourced from bytes's releases.

Bytes v1.11.1

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

Bytes v1.11.0

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Changelog

Sourced from bytes's changelog.

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Commits

Bumps the cargo group with 5 updates in the /tools/unitctl directory:

| Package | From | To |
| --- | --- | --- |
| [rand](https://github.com/rust-random/rand) | `0.8.5` | `0.8.6` |
| [tar](https://github.com/composefs/tar-rs) | `0.4.44` | `0.4.46` |
| [bytes](https://github.com/tokio-rs/bytes) | `1.10.1` | `1.11.1` |
| [openssl](https://github.com/rust-openssl/rust-openssl) | `0.10.73` | `0.10.81` |
| [time](https://github.com/time-rs/time) | `0.3.41` | `0.3.49` |

Bumps the cargo group with 4 updates in the /src/wasm-wasi-component directory: [rand](https://github.com/rust-random/rand), [bytes](https://github.com/tokio-rs/bytes), [wasmtime](https://github.com/bytecodealliance/wasmtime) and [wasmtime-wasi](https://github.com/bytecodealliance/wasmtime).
Bumps the cargo group with 5 updates in the /src/otel directory:

| Package | From | To |
| --- | --- | --- |
| [rand](https://github.com/rust-random/rand) | `0.8.5` | `0.8.6` |
| [bytes](https://github.com/tokio-rs/bytes) | `1.10.1` | `1.11.1` |
| [openssl](https://github.com/rust-openssl/rust-openssl) | `0.10.73` | `0.10.81` |
| [rustls-webpki](https://github.com/rustls/webpki) | `0.103.4` | `0.103.13` |
| [quinn-proto](https://github.com/quinn-rs/quinn) | `0.11.12` | `0.11.14` |



Updates `rand` from 0.8.5 to 0.8.6
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/0.8.6/CHANGELOG.md)
- [Commits](rust-random/rand@0.8.5...0.8.6)

Updates `tar` from 0.4.44 to 0.4.46
- [Release notes](https://github.com/composefs/tar-rs/releases)
- [Commits](composefs/tar-rs@0.4.44...0.4.46)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `openssl` from 0.10.73 to 0.10.81
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-v0.10.73...openssl-v0.10.81)

Updates `time` from 0.3.41 to 0.3.49
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](time-rs/time@v0.3.41...v0.3.49)

Updates `rand` from 0.8.5 to 0.8.6
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/0.8.6/CHANGELOG.md)
- [Commits](rust-random/rand@0.8.5...0.8.6)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `wasmtime` from 35.0.0 to 36.0.8
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/v36.0.8/RELEASES.md)
- [Commits](bytecodealliance/wasmtime@v35.0.0...v36.0.8)

Updates `wasmtime-wasi` from 35.0.0 to 38.0.4
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/v38.0.4/RELEASES.md)
- [Commits](bytecodealliance/wasmtime@v35.0.0...v38.0.4)

Updates `rand` from 0.8.5 to 0.8.6
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/0.8.6/CHANGELOG.md)
- [Commits](rust-random/rand@0.8.5...0.8.6)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `openssl` from 0.10.73 to 0.10.81
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-v0.10.73...openssl-v0.10.81)

Updates `rustls-webpki` from 0.103.4 to 0.103.13
- [Release notes](https://github.com/rustls/webpki/releases)
- [Commits](rustls/webpki@v/0.103.4...v/0.103.13)

Updates `quinn-proto` from 0.11.12 to 0.11.14
- [Release notes](https://github.com/quinn-rs/quinn/releases)
- [Commits](quinn-rs/quinn@quinn-proto-0.11.12...quinn-proto-0.11.14)

---
updated-dependencies:
- dependency-name: rand
  dependency-version: 0.8.6
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: tar
  dependency-version: 0.4.46
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: openssl
  dependency-version: 0.10.81
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: time
  dependency-version: 0.3.49
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: rand
  dependency-version: 0.8.6
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: wasmtime
  dependency-version: 36.0.8
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: wasmtime-wasi
  dependency-version: 38.0.4
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: rand
  dependency-version: 0.8.6
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: openssl
  dependency-version: 0.10.81
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: rustls-webpki
  dependency-version: 0.103.13
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: quinn-proto
  dependency-version: 0.11.14
  dependency-type: indirect
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 14, 2026
@phpclub phpclub changed the base branch from master to pre-1.35.6 June 15, 2026 04:13
@phpclub

phpclub commented Jun 15, 2026

Copy link
Copy Markdown

/gemini review

@phpclub phpclub requested review from TuzelKO, adiantum and andypost June 15, 2026 04:15

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates several dependencies across multiple workspaces, including otel, unitctl, and wasm-wasi-component. In the wasm-wasi-component crate, wasmtime was updated to 36.0.8 while wasmtime-wasi was updated to 38.0.4. Feedback was provided pointing out this version mismatch, which leads to compiling duplicate versions of Wasmtime engine crates and potential type incompatibilities. It is recommended to align both dependencies to version 38.0.4.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment on lines +21 to +22
wasmtime = { version = "36.0.8", default-features = false, features = ['component-model', 'cranelift'] }
wasmtime-wasi = "38.0.4"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

The versions of wasmtime and wasmtime-wasi are mismatched (36.0.8 vs 38.0.4). In the Wasmtime ecosystem, these crates are released together and must have matching major and minor versions to ensure type compatibility and avoid compiling multiple duplicate versions of the Wasmtime engine, which significantly increases build times and binary size. Both should be aligned to 38.0.4. Consider also updating wasi-common and wasmtime-wasi-http to 38.0.4 to keep the entire Wasmtime suite in sync.

Suggested change
wasmtime = { version = "36.0.8", default-features = false, features = ['component-model', 'cranelift'] }
wasmtime-wasi = "38.0.4"
wasmtime = { version = "38.0.4", default-features = false, features = ['component-model', 'cranelift'] }
wasmtime-wasi = "38.0.4"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant