Scheduled dependency-update routine flagged outdated transitive packages in Cargo.lock.
Lockfile updates available (cargo update --dry-run)
cargo update would refresh the following (selected highlights — full list below):
aws-lc-rs 1.16.3 → 1.17.0aws-lc-sys 0.40.0 → 0.41.0bincode-next 3.0.0-rc.13 → 3.0.0-rc.14cc 1.2.60 → 1.2.62digest 0.11.2 → 0.11.3h2 0.4.13 → 0.4.14hashbrown 0.17.0 → 0.17.1hybrid-array 0.4.10 → 0.4.12js-sys 0.3.91 → 0.3.98libc 0.2.185 → 0.2.186openssl 0.10.79 → 0.10.80, openssl-sys 0.9.115 → 0.9.116rustls 0.23.38 → 0.23.40, rustls-pki-types 1.14.0 → 1.14.1tower-http 0.6.8 → 0.6.11wasm-bindgen 0.2.114 → 0.2.121 (and the matching -futures, -macro, -macro-support, -shared)web-sys 0.3.91 → 0.3.98winnow 1.0.2 → 1.0.3
No direct-dep major bumps surfaced by cargo outdated --root-deps-only (dev rand 0.8.6 → 0.10.1 is the only direct candidate, and is dev-only).
No security advisories from cargo audit were captured in this scan — please re-run cargo audit as part of the PR and surface anything found.
Instructions
cargo update to refresh the lockfile (security/transitive bumps).- Run
cargo audit and address anything flagged.
cargo fmt, cargo clippy --all-targets -- -D warnings, cargo test.- Open a draft PR; flip to ready once CI is green. Assign reviewer
@rubenhensen.
Note: see release-plz.toml — release-plz manages versioning; this should be a chore PR, not a release PR.
Scheduled dependency-update routine flagged outdated transitive packages in
Cargo.lock.Lockfile updates available (
cargo update --dry-run)cargo updatewould refresh the following (selected highlights — full list below):aws-lc-rs1.16.3 → 1.17.0aws-lc-sys0.40.0 → 0.41.0bincode-next3.0.0-rc.13 → 3.0.0-rc.14cc1.2.60 → 1.2.62digest0.11.2 → 0.11.3h20.4.13 → 0.4.14hashbrown0.17.0 → 0.17.1hybrid-array0.4.10 → 0.4.12js-sys0.3.91 → 0.3.98libc0.2.185 → 0.2.186openssl0.10.79 → 0.10.80,openssl-sys0.9.115 → 0.9.116rustls0.23.38 → 0.23.40,rustls-pki-types1.14.0 → 1.14.1tower-http0.6.8 → 0.6.11wasm-bindgen0.2.114 → 0.2.121 (and the matching-futures,-macro,-macro-support,-shared)web-sys0.3.91 → 0.3.98winnow1.0.2 → 1.0.3No direct-dep major bumps surfaced by
cargo outdated --root-deps-only(devrand 0.8.6 → 0.10.1is the only direct candidate, and is dev-only).No security advisories from
cargo auditwere captured in this scan — please re-runcargo auditas part of the PR and surface anything found.Instructions
cargo updateto refresh the lockfile (security/transitive bumps).cargo auditand address anything flagged.cargo fmt,cargo clippy --all-targets -- -D warnings,cargo test.@rubenhensen.Note: see
release-plz.toml— release-plz manages versioning; this should be a chore PR, not a release PR.