Skip to content

chore(deps): bump rand from 0.10.0 to 0.10.1#7

Open
jafreck wants to merge 1 commit into
mainfrom
chore/bundled-dependency-updates
Open

chore(deps): bump rand from 0.10.0 to 0.10.1#7
jafreck wants to merge 1 commit into
mainfrom
chore/bundled-dependency-updates

Conversation

@jafreck

@jafreck jafreck commented Jun 21, 2026

Copy link
Copy Markdown
Owner

Bundles the open Dependabot dependency/security updates for this repo. There is currently one such update.

Included

Update From → To Replaces
rand 0.10.0 → 0.10.1 #6

rand 0.10.1 ships a soundness fix (rust-random/rand#1763). This is a lockfile-only change — the workspace requirement rand = "0.10" already permits it; the two transitive rand 0.8/0.9 copies are unaffected.

Verification

Run locally on macOS (matching CI):

  • cargo build --workspace
  • cargo test --workspace --lib ✅ (1222 passed, 0 failed; integration tests needing large fixtures were not run)
  • cargo clippy --workspace -- -D warnings

After this merges, Dependabot will auto-close #6.

Applies Dependabot's update. rand 0.10.1 ships a soundness fix
(rust-random/rand#1763). Lockfile-only change; the workspace
requirement "0.10" already permits it.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant