chore(deps): bump the dependencies group across 1 directory with 18 updates by dependabot[bot] · Pull Request #222 · shieldblaze/ExpressGateway

dependabot · 2026-05-28T07:01:59Z

Bumps the dependencies group with 18 updates in the / directory:

Package	From	To
h2	`0.4.13`	`0.4.14`
rcgen	`0.13.2`	`0.14.8`
tokio	`1.51.1`	`1.52.3`
serde_json	`1.0.149`	`1.0.150`
toml	`0.8.23`	`1.1.2+spec-1.1.0`
socket2	`0.5.10`	`0.6.3`
libc	`0.2.184`	`0.2.186`
dashmap	`6.1.0`	`6.2.1`
http	`1.4.0`	`1.4.1`
hyper	`1.9.0`	`1.10.1`
quiche	`0.28.0`	`0.29.1`
tokio-quiche	`0.18.0`	`0.19.0`
rustls	`0.23.38`	`0.23.40`
rustls-pki-types	`1.14.0`	`1.14.1`
tokio-tungstenite	`0.24.0`	`0.29.0`
rand	`0.8.5`	`0.10.1`
prometheus	`0.13.4`	`0.14.0`
object	`0.36.7`	`0.37.3`

Updates h2 from 0.4.13 to 0.4.14

Release notes

Sourced from h2's releases.

v0.4.14

What's Changed

fix(stream): avoid RST before initial HEADERS on idle streams by @DDtKey in hyperium/h2#875

fix: filter stream initiator in recv_go_away (#885) by @ofek-sha in hyperium/h2#886

perf(header): optimize HeaderValue creation via zero-copy sharing by @0x676e67 in hyperium/h2#884

Add header_table_size to server builder by @ArniDagur in hyperium/h2#888

check final response in poll_informational by @zh-jq in hyperium/h2#889

fix: Avoid capacity leak or panic when a stream is cancelled after reserve_capacity by @ArniDagur in hyperium/h2#893

fix: Flow control capacity leak with padded frames by @ArniDagur in hyperium/h2#894

fix: Account for connection flow control on DATA after GOAWAY by @ArniDagur in hyperium/h2#895

fix: set_reset must notify send task (missed wakeup) by @ArniDagur in hyperium/h2#897

Prepare v0.4.14 by @seanmonstar in hyperium/h2#901

New Contributors

@ofek-sha made their first contribution in hyperium/h2#886

@0x676e67 made their first contribution in hyperium/h2#884

@ArniDagur made their first contribution in hyperium/h2#888

@zh-jq made their first contribution in hyperium/h2#889

Full Changelog: hyperium/h2@v0.4.13...v0.4.14

Changelog

Sourced from h2's changelog.

0.4.14 (May 5, 2026)

Add header_table_size() option to server builder.

Fix leaking connection flow control of padded DATA frames when stream is reset.

Fix leaking connection flow control when canceling a stream after reserving capacity.

Fix leaking connection flow control when receiving a DATA frame after GOAWAY.

Fix waking the poll_capacity when locally reseting a stream from library.

Fix sending HEADERS on a reset stream before the RST_STREAM frame.

Fix receiving GOAWAY to not close peer-initiated streams.

Optimize header value decoding to copy less bytes.

Commits

e2826c5 v0.4.14
30998f2 fix: set_reset must notify send task (missed wakeup) (#897)
d9689ea fix: Account for connection flow control on DATA after GOAWAY (#895)
08129b2 fix: Flow control capacity leak with padded frames (#894)
1e68f99 fix: Avoid panic or capacity leak when a stream is cancelled after reserve_ca...
dbc204e fix: check final response in poll_informational (#889)
ac5cdd0 feat: add 'header_table_size()' to server builder (#888)
55a0d9d perf(header): optimize HeaderValue decoding via zero-copy sharing (#884)
f5f1594 fix: filter stream initiator in recv_go_away (#886)
5634ddd fix: avoid RST before initial HEADERS on idle streams (#875)
See full diff in compare view

Updates rcgen from 0.13.2 to 0.14.8

Release notes

Sourced from rcgen's releases.

0.14.8

What's Changed

Fix incorrect identifier for ML-DSA signature algorithms by @DarkmatterVale in rustls/rcgen#412

Upgrade yasna to 0.6 by @djc in rustls/rcgen#419

Add support for is_ca in CSR Params by @5Dev24 in rustls/rcgen#420

Add support for serializing BasicConstraints in CSR's by @5Dev24 in rustls/rcgen#422

update key_pair to signing_key in README.md by @fakelozic in rustls/rcgen#427

Fix encoding of directoryName constraints by @sfackler in rustls/rcgen#429

0.14.7

What's Changed

Implement From<KeyPair> for PrivateKeyDer<'static> by @LebedevRI in rustls/rcgen#403

update copyright year in LICENSE by @jasmyhigh in rustls/rcgen#407

Add P521-SHA256 and P521-SHA384 signing algorithms by @djc in rustls/rcgen#408

0.14.6

What's Changed

Use private cfg for docs.rs-like builds by @ctz in rustls/rcgen#384

Expand rustdoc for CertificateSigningRequestParams::from_der by @dwhjames in rustls/rcgen#386

Group imports by @iamjpotts in rustls/rcgen#381

examples: add signing new cert using existing ca pem files by @iamjpotts in rustls/rcgen#379

Tweak CSR parsing errors/documentation by @djc in rustls/rcgen#390

Rename invalid CSR signature error variant by @djc in rustls/rcgen#393

chore: fix some typos in comments by @black5box in rustls/rcgen#395

ci: sync cargo-check-external-types nightly by @cpu in rustls/rcgen#399

Forward selected crypto backend to x509-parser by @djc in rustls/rcgen#398

0.14.5

Implement SigningKey for &impl SigningKey to make Issuer more broadly useful.

What's Changed

Forward signing and public key data through references by @djc in rustls/rcgen#380

0.14.4

What's Changed

Upgrade botan to 0.12 by @djc in rustls/rcgen#377

Upgrade x509-parser to 0.18 by @djc in rustls/rcgen#376

Add unstable support for ML-DSA algorithms by @djc in rustls/rcgen#374

0.14.3

What's Changed

docs: fix typo in PKCS_RSA_SHA384 doc comment by @Bravo555 in rustls/rcgen#367

Fix regression in key usage purpose encoding by @djc in rustls/rcgen#369

... (truncated)

Commits

a70f083 Bump version to 0.14.8
a32fdb1 Fix encoding of directoryName constraints
7111a79 update key_pair to signing_key
10664c9 Take semver-compatible dependency updates
0ec4d09 Add testing of CSR serializing basic constraints
5f94ef9 Add support for serializing BasicConstraints in CSR's
fb835c1 Add writing basic constraints logic
0cf161d Bump codecov/codecov-action from 5 to 6
4909041 Add testing of CSR Params parsing Basic Constraints variants
6675a94 Add support for is_ca in CSR Params
Additional commits viewable in compare view

Updates tokio from 1.51.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

sync: fix underflow in mpsc channel len() (#8062)

sync: notify receivers in mpsc OwnedPermit::release() method (#8075)

sync: require that an RwLock has max_readers != 0 (#8076)

sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

io: AioSource::register_borrowed for I/O safety support (#7992)

net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)

taskdump: add trace_with() for customized task dumps (#8025)

taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)

fs: support io_uring in AsyncRead for File (#7907)

... (truncated)

Commits

d875691 chore: prepare Tokio v1.52.3 (#8130)
e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
fd63094 chore: prepare Tokio v1.51.3 (#8127)
8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
11bfc13 chore: prepare Tokio v1.47.5 (#8122)
f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

Reject non-string enum object keys (#1324, thanks @puneetdixit200)

Commits

a1ae73a Release 1.0.150
1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
2037b63 Reject non-string enum object keys
5d30df6 Resolve manual_assert_eq pedantic clippy lint
dc8003a Raise required compiler for preserve_order feature to 1.85
a42fa98 Unpin CI miri toolchain
684a60e Pin CI miri to nightly-2026-02-11
7c7da33 Raise required compiler to Rust 1.71
acf4850 Simplify Number::is_f64
6b8ceab Resolve unnecessary_map_or clippy lint
Additional commits viewable in compare view

Updates toml from 0.8.23 to 1.1.2+spec-1.1.0

Commits

a3d0047 chore: Release
cc37615 docs: Update changelog
7f5e9e1 fix(parser): Consolidate invalid unquoted key into one error (#1138)
52feb90 fix(parser): Consolidate invalid unquoted key into one error
aad85d4 chore(deps): Update j178/prek-action action to v2 (#1136)
8b1ac44 chore(deps): Update compatible (dev) (#1135)
9effd79 chore(deps): Update j178/prek-action action to v2
9db8aad chore: Release
e55a663 docs: Update changelog
c11d7d7 Optimisations (#1133)
Additional commits viewable in compare view

Updates socket2 from 0.5.10 to 0.6.3

Changelog

Sourced from socket2's changelog.

0.6.3

Added support for wasm32-wasip2.

Added Socket::(set_)ip_transparent_v6.

Added Socket::set_tcp_ack_frequency.

Support windows-sys v0.61 in addition to v0.60.

POTENTIALLY BREAKING The MSRV of windows-sys v0.61 is 1.71. To use socket2 with its MSRV of 1.70, please downgrade windows-sys to v0.60.x. This can be done using: cargo update windows-sys --precise 0.60.2

0.6.2

MsgHdr and MsgHdrMut are marked as transparent meaning both have the same layout as msghdr on Unix and WSAMSG on Windows (rust-lang/socket2#635).

Don't set SO_NOSIGPIPE when accepting sockets, this is inherited from the parent socket (rust-lang/socket2#632).

Fixes Socket::tcp_notsent_lowat by using the correct argument type (rust-lang/socket2#622).

0.6.1

Added

Added support for Windows Registered I/O (RIO) (rust-lang/socket2#604).

Added support for TCP_NOTSENT_LOWAT on Linux via Socket::(set_)tcp_notsent_lowat (rust-lang/socket2#611).

Added support for SO_BUSY_POLL on Linux via Socket::set_busy_poll (rust-lang/socket2#607).

SockFilter::new is now a const function (rust-lang/socket2#609).

Changed

Updated the windows-sys dependency to version 0.60 (rust-lang/socket2#605).

0.6.0

Breaking changes

All IPv4 methods now have a _v4 suffix, IPv6 uses _v6. TCP methods have a tcp_ prefix (looked better than a suffix).

Furthermore we removed all types from external libraries (i.e. libc or windows-sys) from the public API, allowing us to update those without breaking the API.

... (truncated)

Commits

See full diff in compare view

Updates libc from 0.2.184 to 0.2.186

Release notes

Sourced from libc's releases.

0.2.186

Added

Apple: Add KEVENT_FLAG_* constants (#5070)

Linux: Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE (#5060)

Changed

CI: Migrate FreeBSD CI from Cirrus CI to GitHub Actions (#5058)

0.2.185

Added

EspIDF: Add espidf_picolibc cfg for picolibc O_* flag values (#5035)

Hexagon: add missing constants and fix types for linux-musl (#5042)

Redox: Add semaphore functions (#5051)

Windows: Add sprintf, snprintf, and the scanf family (#5024)

Fixed

Hexagon: Decouple time64 types from musl symbol redirects (#5040)

Horizon: Change POLL constants from c_short to c_int (#5045)

Changelog

Sourced from libc's changelog.

0.2.186 - 2026-04-24

Added

Apple: Add KEVENT_FLAG_* constants (#5070)

Linux: Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE (#5060)

Changed

CI: Migrate FreeBSD CI from Cirrus CI to GitHub Actions (#5058)

0.2.185 - 2026-04-13

Added

EspIDF: Add espidf_picolibc cfg for picolibc O_* flag values (#5035)

Hexagon: add missing constants and fix types for linux-musl (#5042)

Redox: Add semaphore functions (#5051)

Windows: Add sprintf, snprintf, and the scanf family (#5024)

Fixed

Hexagon: Decouple time64 types from musl symbol redirects (#5040)

Horizon: Change POLL constants from c_short to c_int (#5045)

Commits

42620ff [0.2] libc: Release 0.2.186
9db2eaa apple: add KEVENT_FLAG_* constants
3840939 Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE for linux
f697deb chore: migrate from Cirrus CI to GHA
71d5bfc libc: Release 0.2.185
1027d1c Revert "ci: Pin nightly to 2026-04-01"
0e9c6e5 redox: Add semaphore functions
24ef457 feat: add back support for gnu windows x86 in ci
aa75caf horizon: Change POLL constants from c_short to c_int
b7eda5a hexagon: add missing constants and fix types for linux-musl
Additional commits viewable in compare view

Updates dashmap from 6.1.0 to 6.2.1

Release notes

Sourced from dashmap's releases.

v6.2.1

This is an interim maintenance release for the existing v6 branch before v7 can be released. This bumps the MSRV to 1.85 and updates dependencies to their latest versions.

Commits

749ed1f v6.2.1
d02b945 v6.2.0
b983625 update dependencies
94a294a bump msrv to 1.85
See full diff in compare view

Updates http from 1.4.0 to 1.4.1

Release notes

Sourced from http's releases.

v1.4.1

tl;dr

Fix PathAndQuery::from_static() and from_shared() to reject inputs that do not start with /.

Fix Extend for HeaderMap to clamp max size hint and not overflow.

Fix header::IntoIter that could use-after-free if the generic value type could panic on drop.

Fix header::{IterMut, ValuesIterMut} to not violate stacked borrows.

What's Changed

chore(header): fix clippy::assign_op_pattern by @rxc-amzn in hyperium/http#806

ci: pin itoa in msrv job by @seanmonstar in hyperium/http#813

Remove unnecessary explicit lifetimes by @jplatte in hyperium/http#815

chore(ci): update to actions/checkout@v6 by @tottoto in hyperium/http#819

tests: update to rand 0.10 by @tottoto in hyperium/http#818

refactor: Remove usage of float instruction by @AurelienFT in hyperium/http#823

refactor(uri): consolidate PathAndQuery::from_shared and from_static by @seanmonstar in hyperium/http#825

fix(uri): reject Path::from_shared/from_static if doesn't start with slash by @seanmonstar in hyperium/http#826

Rephrase comment by @daalfox in hyperium/http#827

Fix typo in request builder docs by @vleksis in hyperium/http#831

fix: clamp Extend size hint so HeaderMap reserve cannot overflow by @SAY-5 in hyperium/http#833

fix(headers): fix stacked borrows for IterMut/ValuesIterMut by @seanmonstar in hyperium/http#837

fix(header): use a set_len guard in IntoIter drop by @seanmonstar in hyperium/http#838

New Contributors

@rxc-amzn made their first contribution in hyperium/http#806

@AurelienFT made their first contribution in hyperium/http#823

@daalfox made their first contribution in hyperium/http#827

@vleksis made their first contribution in hyperium/http#831

@SAY-5 made their first contribution in hyperium/http#833

Full Changelog: hyperium/http@v1.4.0...v1.4.1

Changelog

Sourced from http's changelog.

1.4.1 (May 25, 2026)

Fix PathAndQuery::from_static() and from_shared() to reject inputs that do not start with /.

Fix Extend for HeaderMap to clamp max size hint and not overflow.

Fix header::IntoIter that could use-after-free if the generic value type could panic on drop.

Fix header::{IterMut, ValuesIterMut} to not violate stacked borrows.

Commits

a24c968 v1.4.1
bc3b044 fix(header): use a set_len guard in IntoIter drop (#838)
1b968dc fix(header): fix stacked borrows for IterMut/ValuesIterMut (#837)
6e2dd42 fix: clamp Extend size hint so HeaderMap reserve cannot overflow (#833)
68e0abb docs: fix typo in request builder docs (#831)
29dd307 docs(extensions): rephrase internal comment (#827)
ae48fb5 fix(uri): reject Path::from_shared/from_static if doesn't start with slash (#...
1ad200e refactor(uri): consolidate PathAndQuery::from_shared and from_static (#825)
d59d939 refactor: Remove usage of float instruction (#823)
ed680c4 tests: update to rand 0.10 (#818)
Additional commits viewable in compare view

Updates hyper from 1.9.0 to 1.10.1

Release notes

Sourced from hyper's releases.

v1.10.1

What's Changed

fix(http1): fix busy loop when peer half-closes and open body by @seanmonstar in hyperium/hyper#4086

Full Changelog: hyperium/hyper@v1.10.0...v1.10.1

v1.10.0

Features

http2:

add reset_stream_duration() client option (#4068) (156a6f6a, closes #2599)

Add 'header_table_size()' method to server builder (#4062) (6c9182c4)

Bug Fixes

http1:

send error when dispatcher is dropped mid-body (#4069) (b7a679ba, closes #3995, #4016)

fix reading large bodies on 32-bit systems (#4056) (b12f6525, closes #4055)

fix rare missed write wakeup on connections v2 (743a3ba0)

http2:

do not reserve capacity before body data is available (#4061) (99f24345, closes #4003)

reading trailers shouldn't propagate NO_ERROR from early response (#3998) (e5ad96b1)

Refactors, chores, et al

fix(http1): fix rare missed write wakeup on connections v2 by @lthiery in hyperium/hyper#3988

fix(client): reading trailers shouldn't propagate NO_ERROR from early response by @ulyssa in hyperium/hyper#3998

fix(http1): fix reading large bodies on 32-bit systems by @seanmonstar in hyperium/hyper#4056

fix(http2): do not reserve capacity before body data is available by @seanmonstar in hyperium/hyper#4061

Fix two clippy lints by @jplatte in hyperium/hyper#4063

docs(client): document Drop behavior for Connection types by @lihan3238 in hyperium/hyper#4064

Add header_table_size method to server builder by @ArniDagur in hyperium/hyper#4062

feat(http2/client): expose reset_stream_duration option by @kimjune01 in hyperium/hyper#4068

fix(http1): send error when dispatcher is dropped mid-body by @seanmonstar in hyperium/hyper#4069

docs: document cancel safety for client send_request futures by @lihan3238 in hyperium/hyper#4070

docs(error): add detailed doc comments to Error query methods by @kimjune01 in hyperium/hyper#4065

refactor(lib): use a panic_if_poisoned() helper for mutexes by @seanmonstar in hyperium/hyper#4072

refactor(lib): replace unwraps with expects by @seanmonstar in hyperium/hyper#4073

docs(lib): fixup markdown and grammar in doc comments by @seanmonstar in hyperium/hyper#4074

chore(ci): fix security-audit job by @seanmonstar in hyperium/hyper#4076

chore(lib): start a strict clippy config by @seanmonstar in hyperium/hyper#4075

tests(client): fix misuse of path_and_query in CONNECT test by @seanmonstar in hyperium/hyper#4078

Removing wildcard_imports lint allowance by @Lori-Shu in hyperium/hyper#4080

Fix manual_assert lint by @xd009642 in hyperium/hyper#4079

New Contributors

@ulyssa made their first contribution in hyperium/hyper#3998

@lihan3238 made their first contribution in hyperium/hyper#4064

@ArniDagur made their first contribution in hyperium/hyper#4062

@kimjune01 made their first contribution in hyperium/hyper#4068

... (truncated)

Changelog

Sourced from hyper's changelog.

v1.10.1 (2026-05-29)

Bug Fixes

http1: fix busy loop when peer half-closes and open body (#4086) (c6cb906f, closes #4085)

v1.10.0 (2026-05-27)

Bug Fixes

http1:

send error when dispatcher is dropped mid-body (#4069) (b7a679ba, closes #3995, #4016)

fix reading large bodies on 32-bit systems (#4056) (b12f6525, closes #4055)

fix rare missed write wakeup on connections v2 (743a3ba0)

http2:

do not reserve capacity before body data is available (#4061) (99f24345, closes #4003)

reading trailers shouldn't propagate NO_ERROR from early response (#3998) (e5ad96b1)

Features

http2:

add reset_stream_duration() client option (#4068) (156a6f6a, closes #2599)

Add 'header_table_size()' method to server builder (#4062) (6c9182c4)

Commits

e3bcd37 v1.10.1
c6cb906 fix(http1): fix busy loop when peer half-closes and open body (#4086)
54e8511 v1.10.0
79dbab6 style(ext): fix manual_assert lint (#4079)
cca6bf1 style(client): removing wildcard_imports lint allowance (#4080)
3cc1158 test(client): fix misuse of path_and_query in CONNECT test (#4078)
cad38b7 chore(lib): start a strict clippy config (#4075)
7bb1d03 chore(ci): fix security-audit job (#4076)
5dbcae7 docs(lib): fixup markdown and grammar in doc comments (#4074)
08ef365 refactor(lib): replace unwraps with expects (#4073)
Additional commits viewable in compare view

Updates quiche from 0.28.0 to 0.29.1

Release notes

Sourced from quiche's releases.

🗓️ 0.23.0 / 0.23.1

⚠️ The 0.23.0 release has been yanked due to a broken dependency on the qlog crate and should not be used.

Breaking Changes:

The has_body field of the Headers event variant has been renamed to more_frames. It is also no longer possible to call send_response() (and related methods) multiple times, the new send_additional_headers() method should be used instead (see below).

Highlights:

Added proper support for sending additional headers after the initial request/response headers, via the new send_additional_headers(). Various HTTP/3 state transitions have also been tightened to ensure correct behaviour.

Added support for configuring the idle timeout per connection (rather than "globally" at the Config level) via the new Connection::set_max_idle_timeout() method.

Added dgram_recv and dgram_sent fields to the Stats structure tracking the number of received and sent DATAGRAM frames.

Added support for tracking and exposing "unknown" transport parameters received. This can optionally be enabled using the Config::enable_track_unknown_transport_parameters() option.

Many more bug fixes and performance improvements.

Full changelog at cloudflare/quiche@0.22.0...0.23.1

Commits

f0c7193 quiche: release 0.29.1
2315431 Increase MAX_PTO_EXPONENT to 20 (#2498)
7dd390a Only add to lost_frames on PTO if there is indication that previous added fra...
1acc5ba h3: ignore priority updates for closed streams
cbc8173 h3: clear streams when send finishes before recv
6cd1254 tokio-quiche: only close connection when H3Event receiver drops if no active ...
89df47c fix nightly clippy warnings (#2488)
46bfa4a Fix Bandwidth calculation overflow in Bandwidth::to_bytes_per_period and Band...
2ff003f tls: avoid mem::forget for borrowed handshakes (#2489)
9c563d8 Cargo: define additional lints at workspace level
Additional commits viewable in compare view

Updates tokio-quiche from 0.18.0 to 0.19.0

Release notes

Sourced from tokio-quiche's releases.

🛩️ 0.19.0

Breaking Changes:

Removed several fields from Stats (specifically fields representing transport parameters that were moved to Connection::peer_transport_params()).

Highlights:

Added experimental support for the BBRv2 congestion control algorithm. ⚠️ Note that more work is needed on this (particularly implementing changes to update to the newer BBRv3), so it's not quite production-ready yet, and will later be merged with the existing BBRv1 implementation.

Added Connection::peer_transport_params() which returns TransportParams representing the connection's peer's transport parameters.

Many more bug fixes and performance improvements.

Full changelog at cloudflare/quiche@0.18.0...0.19.0

Commits

caea234 tokio-quiche: release 0.19.0
e85fc8e quiche: release 0.29.0
7858998 qlog: release 0.18.0 (#2472)

…pdates Bumps the dependencies group with 18 updates in the / directory: | Package | From | To | | --- | --- | --- | | [h2](https://github.com/hyperium/h2) | `0.4.13` | `0.4.14` | | [rcgen](https://github.com/rustls/rcgen) | `0.13.2` | `0.14.8` | | [tokio](https://github.com/tokio-rs/tokio) | `1.51.1` | `1.52.3` | | [serde_json](https://github.com/serde-rs/json) | `1.0.149` | `1.0.150` | | [toml](https://github.com/toml-rs/toml) | `0.8.23` | `1.1.2+spec-1.1.0` | | [socket2](https://github.com/rust-lang/socket2) | `0.5.10` | `0.6.3` | | [libc](https://github.com/rust-lang/libc) | `0.2.184` | `0.2.186` | | [dashmap](https://github.com/xacrimon/dashmap) | `6.1.0` | `6.2.1` | | [http](https://github.com/hyperium/http) | `1.4.0` | `1.4.1` | | [hyper](https://github.com/hyperium/hyper) | `1.9.0` | `1.10.1` | | [quiche](https://github.com/cloudflare/quiche) | `0.28.0` | `0.29.1` | | [tokio-quiche](https://github.com/cloudflare/quiche) | `0.18.0` | `0.19.0` | | [rustls](https://github.com/rustls/rustls) | `0.23.38` | `0.23.40` | | [rustls-pki-types](https://github.com/rustls/pki-types) | `1.14.0` | `1.14.1` | | [tokio-tungstenite](https://github.com/snapview/tokio-tungstenite) | `0.24.0` | `0.29.0` | | [rand](https://github.com/rust-random/rand) | `0.8.5` | `0.10.1` | | [prometheus](https://github.com/tikv/rust-prometheus) | `0.13.4` | `0.14.0` | | [object](https://github.com/gimli-rs/object) | `0.36.7` | `0.37.3` | Updates `h2` from 0.4.13 to 0.4.14 - [Release notes](https://github.com/hyperium/h2/releases) - [Changelog](https://github.com/hyperium/h2/blob/master/CHANGELOG.md) - [Commits](hyperium/h2@v0.4.13...v0.4.14) Updates `rcgen` from 0.13.2 to 0.14.8 - [Release notes](https://github.com/rustls/rcgen/releases) - [Commits](rustls/rcgen@v0.13.2...v0.14.8) Updates `tokio` from 1.51.1 to 1.52.3 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.51.1...tokio-1.52.3) Updates `serde_json` from 1.0.149 to 1.0.150 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](serde-rs/json@v1.0.149...v1.0.150) Updates `toml` from 0.8.23 to 1.1.2+spec-1.1.0 - [Commits](toml-rs/toml@toml-v0.8.23...toml-v1.1.2) Updates `socket2` from 0.5.10 to 0.6.3 - [Release notes](https://github.com/rust-lang/socket2/releases) - [Changelog](https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md) - [Commits](https://github.com/rust-lang/socket2/commits/v0.6.3) Updates `libc` from 0.2.184 to 0.2.186 - [Release notes](https://github.com/rust-lang/libc/releases) - [Changelog](https://github.com/rust-lang/libc/blob/0.2.186/CHANGELOG.md) - [Commits](rust-lang/libc@0.2.184...0.2.186) Updates `dashmap` from 6.1.0 to 6.2.1 - [Release notes](https://github.com/xacrimon/dashmap/releases) - [Commits](xacrimon/dashmap@v6.1.0...v6.2.1) Updates `http` from 1.4.0 to 1.4.1 - [Release notes](https://github.com/hyperium/http/releases) - [Changelog](https://github.com/hyperium/http/blob/master/CHANGELOG.md) - [Commits](hyperium/http@v1.4.0...v1.4.1) Updates `hyper` from 1.9.0 to 1.10.1 - [Release notes](https://github.com/hyperium/hyper/releases) - [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md) - [Commits](hyperium/hyper@v1.9.0...v1.10.1) Updates `quiche` from 0.28.0 to 0.29.1 - [Release notes](https://github.com/cloudflare/quiche/releases) - [Commits](cloudflare/quiche@0.28.0...0.29.1) Updates `tokio-quiche` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/cloudflare/quiche/releases) - [Commits](cloudflare/quiche@tokio-quiche-0.18.0...tokio-quiche-0.19.0) Updates `rustls` from 0.23.38 to 0.23.40 - [Release notes](https://github.com/rustls/rustls/releases) - [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md) - [Commits](rustls/rustls@v/0.23.38...v/0.23.40) Updates `rustls-pki-types` from 1.14.0 to 1.14.1 - [Release notes](https://github.com/rustls/pki-types/releases) - [Commits](rustls/pki-types@v/1.14.0...v/1.14.1) Updates `tokio-tungstenite` from 0.24.0 to 0.29.0 - [Changelog](https://github.com/snapview/tokio-tungstenite/blob/master/CHANGELOG.md) - [Commits](snapview/tokio-tungstenite@v0.24.0...v0.29.0) Updates `rand` from 0.8.5 to 0.10.1 - [Release notes](https://github.com/rust-random/rand/releases) - [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md) - [Commits](rust-random/rand@0.8.5...0.10.1) Updates `prometheus` from 0.13.4 to 0.14.0 - [Changelog](https://github.com/tikv/rust-prometheus/blob/master/CHANGELOG.md) - [Commits](tikv/rust-prometheus@v0.13.4...v0.14.0) Updates `object` from 0.36.7 to 0.37.3 - [Changelog](https://github.com/gimli-rs/object/blob/main/CHANGELOG.md) - [Commits](gimli-rs/object@0.36.7...0.37.3) --- updated-dependencies: - dependency-name: dashmap dependency-version: 6.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: h2 dependency-version: 0.4.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: http dependency-version: 1.4.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: hyper dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: libc dependency-version: 0.2.186 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: object dependency-version: 0.37.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: prometheus dependency-version: 0.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: quiche dependency-version: 0.29.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: rand dependency-version: 0.10.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: rcgen dependency-version: 0.14.8 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: rustls dependency-version: 0.23.40 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: rustls-pki-types dependency-version: 1.14.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: serde_json dependency-version: 1.0.150 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: socket2 dependency-version: 0.6.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: tokio dependency-version: 1.52.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: tokio-quiche dependency-version: 0.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: tokio-tungstenite dependency-version: 0.29.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: toml dependency-version: 1.1.2+spec-1.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies rust Pull requests that update rust code labels May 28, 2026

dependabot Bot changed the title ~~build(deps): Bump the dependencies group across 1 directory with 18 updates~~ build(deps): bump the dependencies group across 1 directory with 18 updates May 28, 2026

dependabot Bot force-pushed the dependabot/cargo/dependencies-2f55b6bbc3 branch from 7cb6ffd to dad0afc Compare May 28, 2026 15:27

dependabot Bot changed the title ~~build(deps): bump the dependencies group across 1 directory with 18 updates~~ chore(deps): bump the dependencies group across 1 directory with 18 updates May 29, 2026

dependabot Bot force-pushed the dependabot/cargo/dependencies-2f55b6bbc3 branch 3 times, most recently from ae520f8 to 33a7fb3 Compare June 1, 2026 15:15

dependabot Bot force-pushed the dependabot/cargo/dependencies-2f55b6bbc3 branch from 33a7fb3 to 930c78f Compare June 1, 2026 22:41

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the dependencies group across 1 directory with 18 updates#222

chore(deps): bump the dependencies group across 1 directory with 18 updates#222
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/dependencies-2f55b6bbc3

dependabot Bot commented on behalf of github May 28, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 28, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v0.4.14

What's Changed

New Contributors

0.4.14 (May 5, 2026)

0.14.8

What's Changed

0.14.7

What's Changed

0.14.6

What's Changed

0.14.5

What's Changed

0.14.4

What's Changed

0.14.3

What's Changed

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

Tokio v1.52.2

1.52.2 (May 4th, 2026)

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

Added (unstable)

v1.0.150

0.6.3

0.6.2

0.6.1

Added

Changed

0.6.0

Breaking changes

0.2.186

Added

Changed

0.2.185

Added

Fixed

0.2.186 - 2026-04-24

Added

Changed

0.2.185 - 2026-04-13

Added

Fixed

v6.2.1

v1.4.1

tl;dr

What's Changed

New Contributors

1.4.1 (May 25, 2026)

v1.10.1

What's Changed

v1.10.0

Features

Bug Fixes

Refactors, chores, et al

New Contributors

v1.10.1 (2026-05-29)

Bug Fixes

v1.10.0 (2026-05-27)

Bug Fixes

Features

🗓️ 0.23.0 / 0.23.1

🛩️ 0.19.0

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github May 28, 2026 •

edited

Loading