Skip to content

Bump the all-updates group across 1 directory with 14 updates #144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the all-updates group across 1 directory with 14 updates #144

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 6, 2025
edited
Loading

Bumps the all-updates group with 12 updates in the /core directory:

Package From To
anyhow 1.0.98 1.0.100
tokio 1.47.0 1.47.1
tonic 0.14.0 0.14.2
tonic-prost 0.14.0 0.14.2
tonic-reflection 0.14.0 0.14.2
tonic-build 0.14.0 0.14.2
tracing-subscriber 0.3.19 0.3.20
bytemuck 1.23.2 1.24.0
tonic-prost-build 0.14.0 0.14.2
aya-ebpf 44ec978 de42b80
which 7.0.3 8.0.0
libc 0.2.174 0.2.176

Updates anyhow from 1.0.98 to 1.0.100

Release notes

Sourced from anyhow's releases.

1.0.100

  • Teach clippy to lint formatting arguments in bail!, ensure!, anyhow! (#426)

1.0.99

  • Allow build-script cleanup failure with NFSv3 output directory to be non-fatal (#420)
Commits
  • 18c2598 Release 1.0.100
  • f271988 Merge pull request #426 from dtolnay/clippyfmt
  • 52f2115 Mark macros with clippy::format_args
  • da5fd9d Raise minimum tested compiler to rust 1.76
  • 211e409 Opt in to generate-macro-expansion when building on docs.rs
  • b48fc02 Enforce trybuild >= 1.0.108
  • d5f59fb Update ui test suite to nightly-2025-09-07
  • 238415d Update ui test suite to nightly-2025-08-24
  • 3bab070 Update actions/checkout@v4 -> v5
  • 4249254 Order cap-lints flag in the same order as thiserror build script
  • Additional commits viewable in compare view

Updates tokio from 1.47.0 to 1.47.1

Release notes

Sourced from tokio's releases.

Tokio v1.47.1

1.47.1 (August 1st, 2025)

Fixed

  • process: fix panic from spurious pidfd wakeup (#7494)
  • sync: fix broken link of Python asyncio.Event in SetOnce docs (#7485)

#7485: tokio-rs/tokio#7485 #7494: tokio-rs/tokio#7494

Commits

Updates tonic from 0.14.0 to 0.14.2

Release notes

Sourced from tonic's releases.

v0.14.2

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.1...v0.14.2

v0.14.1

Notable change is to relax the accidental MSRV bump in the last release.

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.0...v0.14.1

Commits

Updates tonic-prost from 0.14.0 to 0.14.2

Release notes

Sourced from tonic-prost's releases.

v0.14.2

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.1...v0.14.2

v0.14.1

Notable change is to relax the accidental MSRV bump in the last release.

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.0...v0.14.1

Commits

Updates tonic-reflection from 0.14.0 to 0.14.2

Release notes

Sourced from tonic-reflection's releases.

v0.14.2

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.1...v0.14.2

v0.14.1

Notable change is to relax the accidental MSRV bump in the last release.

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.0...v0.14.1

Commits

Updates tonic-build from 0.14.0 to 0.14.2

Release notes

Sourced from tonic-build's releases.

v0.14.2

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.1...v0.14.2

v0.14.1

Notable change is to relax the accidental MSRV bump in the last release.

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.0...v0.14.1

Commits

Updates tracing-subscriber from 0.3.19 to 0.3.20

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.20

Security Fix: ANSI Escape Sequence Injection (CVE-TBD)

Impact

Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:

  • Manipulate terminal title bars
  • Clear screens or modify terminal display
  • Potentially mislead users through terminal manipulation

In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.

Solution

Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.

Affected Versions

All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.

Recommendations

Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:

  • Logs user-provided input (form data, HTTP headers, query parameters, etc.)
  • Runs in environments where terminal output is displayed to users

Migration

This is a patch release with no breaking API changes. Simply update your Cargo.toml:

[dependencies]
tracing-subscriber = "0.3.20"

Acknowledgments

We would like to thank zefr0x who responsibly reported the issue at [email protected].

If you believe you have found a security vulnerability in any tokio-rs project, please email us at [email protected].

Commits

Updates bytemuck from 1.23.2 to 1.24.0

Changelog

Sourced from bytemuck's changelog.

bytemuck changelog

1.24

Commits

Updates bytemuck_derive from 1.10.1 to 1.10.2

Commits

Updates tonic-prost-build from 0.14.0 to 0.14.2

Release notes

Sourced from tonic-prost-build's releases.

v0.14.2

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.1...v0.14.2

v0.14.1

Notable change is to relax the accidental MSRV bump in the last release.

What's Changed

New Contributors

Full Changelog: hyperium/tonic@v0.14.0...v0.14.1

Commits

Updates aya-ebpf from 44ec978 to de42b80

Commits
  • de42b80 aya,ebpf: add BPF_MAP_TYPE_SK_STORAGE
  • 6babf17 maps: use shared helpers
  • c9b5f11 feature_probe: clarify composite logic
  • 75edc3d *: downcase log strings
  • 742f700 maps: add newline between doc and imports
  • 0013ff4 ebpf: use null pointers at runtime
  • 275c5b6 ebpf: use ptr::from_ref
  • a2324e6 Add Brewfile
  • b73b909 Add AGENTS.md
  • fe99fa1 ebpf: run clippy with target=bpf
  • Additional commits viewable in compare view

Updates aya-log-ebpf from 44ec978 to de42b80

Commits
  • de42b80 aya,ebpf: add BPF_MAP_TYPE_SK_STORAGE
  • 6babf17 maps: use shared helpers
  • c9b5f11 feature_probe: clarify composite logic
  • 75edc3d *: downcase log strings
  • 742f700 maps: add newline between doc and imports
  • 0013ff4 ebpf: use null pointers at runtime
  • 275c5b6 ebpf: use ptr::from_ref
  • a2324e6 Add Brewfile
  • b73b909 Add AGENTS.md
  • fe99fa1 ebpf: run clippy with target=bpf
  • Additional commits viewable in compare view

Updates which from 7.0.3 to 8.0.0

Release notes

Sourced from which's releases.

8.0.0

What's Changed

  • Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks @​dsherret for this contribution to which!
  • Add more debug level tracing for otherwise silent I/O errors.
  • Call the NonFatalHandler in more places to catch previously ignored I/O errors.
  • Remove use of the either dependency.

New Contributors

Changelog

Sourced from which's changelog.

8.0.0

  • Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks @​dsherret for this contribution to which!
  • Add more debug level tracing for otherwise silent I/O errors.
  • Call the NonFatalHandler in more places to catch previously ignored I/O errors.
  • Remove use of the either dependency.
Commits
  • adac2cd bump version, update changelog
  • 84e152e reduce sys::Sys requirements, add some tracing for otherwise silent errors (#...
  • a0a6daf feat: add Sys trait for swapping out system (#109)
  • eef1998 Add actively maintained badge
  • See full diff in compare view

Updates libc from 0.2.174 to 0.2.176

Release notes

Sourced from libc's releases.

0.2.176

Support

  • The default FreeBSD version has been raised from 11 to 12. This matches rustc since 1.78. (#2406)
  • Debug is now always implemented, rather than being gated behind the extra_traits feature. (#4624)

Added

  • AIX: Restore some non-POSIX functions guarded by the _KERNEL macro. (#4607)
  • FreeBSD 14: Add st_fileref to struct stat (#4642)
  • Haiku: Add the accept4 POSIX call (#4586)
  • Introduce a wrapper for representing padding (#4632)
  • Linux: Add EM_RISCV (#4659)
  • Linux: Add MS_NOSYMFOLLOW (#4389)
  • Linux: Add backtrace_symbols(_fd) (#4668)
  • Linux: Add missing SOL_PACKET optnames (#4669)
  • Musl s390x: Add SYS_mseal (#4549)
  • NuttX: Add __errno (#4687)
  • Redox: Add dirfd, VDISABLE, and resource consts (#4660)
  • Redox: Add more resource.h, fcntl.h constants (#4666)
  • Redox: Enable strftime and mkostemp[s] (#4629)
  • Unix, Windows: Add qsort_r (Unix), and qsort(_s) (Windows) (#4677)
  • Unix: Add dlvsym for Linux-gnu, FreeBSD, and NetBSD (#4671)
  • Unix: Add sigqueue (#4620)

Changed

  • FreeBSD 15: Mark kinfo_proc as non-exhaustive (#4553)
  • FreeBSD: Set the ELF symbol version for readdir_r (#4694)
  • Linux: Correct the config for whether or not epoll_event is packed (#4639)
  • Tests: Replace the old ctest with the much more reliable new implementation (#4655 and many related PRs)

Fixed

  • AIX: Fix the type of the 4th arguement of getgrnam_r ([#4656](rust-lang/libc#4656
  • FreeBSD: Limit P_IDLEPROC to FreeBSD 15 (#4640)
  • FreeBSD: Limit mcontext_t::mc_tlsbase to FreeBSD 15 (#4640)
  • FreeBSD: Update gating of mcontext_t.mc_tlsbase (#4703)
  • Musl s390x: Correct the definition of statfs[64] (#4549)
  • Musl s390x: Make fpreg_t a union (#4549)
  • Redox: Fix the types of gid_t and uid_t (#4689)
  • Redox: Fix the value of MAP_FIXED (#4684)

Deprecated

  • Apple: Correct the deprecated attribute for iconv (a97a0b53)
  • FreeBSD: Deprecate TIOCMGDTRWAIT and TIOCMSDTRWAIT (#4685)

Removed

... (truncated)

Changelog

Sourced from libc's changelog.

0.2.176 - 2025-09-23

Support

  • The default FreeBSD version has been raised from 11 to 12. This matches rustc since 1.78. (#2406)
  • Debug is now always implemented, rather than being gated behind the extra_traits feature. (#4624)

Added

  • AIX: Restore some non-POSIX functions guarded by the _KERNEL macro. (#4607)
  • FreeBSD 14: Add st_fileref to struct stat (#4642)
  • Haiku: Add the accept4 POSIX call (#4586)
  • Introduce a wrapper for representing padding (#4632)
  • Linux: Add EM_RISCV (#4659)
  • Linux: Add MS_NOSYMFOLLOW (#4389)
  • Linux: Add backtrace_symbols(_fd) (#4668)
  • Linux: Add missing SOL_PACKET optnames (#4669)
  • Musl s390x: Add SYS_mseal (#4549)
  • NuttX: Add __errno (#4687)
  • Redox: Add dirfd, VDISABLE, and resource consts (#4660)
  • Redox: Add more resource.h, fcntl.h constants (#4666)
  • Redox: Enable strftime and mkostemp[s] (#4629)
  • Unix, Windows: Add qsort_r (Unix), and qsort(_s) (Windows) (#4677)
  • Unix: Add dlvsym for Linux-gnu, FreeBSD, and NetBSD (#4671)
  • Unix: Add sigqueue (#4620)

Changed

  • FreeBSD 15: Mark kinfo_proc as non-exhaustive (#4553)
  • FreeBSD: Set the ELF symbol version for readdir_r (#4694)
  • Linux: Correct the config for whether or not epoll_event is packed (#4639)
  • Tests: Replace the old ctest with the much more reliable new implementation (#4655 and many related PRs)

Fixed

  • AIX: Fix the type of the 4th arguement of getgrnam_r ([#4656](rust-lang/libc#4656
  • FreeBSD: Limit P_IDLEPROC to FreeBSD 15 (#4640)
  • FreeBSD: Limit mcontext_t::mc_tlsbase to FreeBSD 15 (#4640)
  • FreeBSD: Update gating of mcontext_t.mc_tlsbase (#4703)
  • Musl s390x: Correct the definition of statfs[64] (#4549)
  • Musl s390x: Make fpreg_t a union (#4549)
  • Redox: Fix the types of gid_t and uid_t (#4689)
  • Redox: Fix the value of MAP_FIXED (#4684)

Deprecated

  • Apple: Correct the deprecated attribute for iconv (a97a0b53)
  • FreeBSD: Deprecate TIOCMGDTRWAIT and TIOCMSDTRWAIT (#4685)

Removed

... (truncated)

Commits
  • 15e1389 chore: Release libc 0.2.176
  • 6ca5571 Warn on missing debug implementations
  • e653c54 cleanup: Remove the const_fn! macro
  • e447441 cleanup: Simplify the syntax of f! and similar macros
  • 776a614 cleanup: Use target_vendor = "apple"
  • d32f60d doc: Remove an unneeded link to the old ctest repo
  • 8c8584b Resolve a ctest FIXME regarding use of size_of in array lengths
  • 09c8436 Remove the libc_ctest feature
  • fd3ffe4 Remove libc_const_extern_fn
  • 9b77a49 Add a note about why Padding requires T: Copy
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • `@...

Description has been truncated

@dependabot
Bump the all-updates group across 1 directory with 14 updates
e793635 
Bumps the all-updates group with 12 updates in the /core directory:

| Package | From | To |
| --- | --- | --- |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.98` | `1.0.100` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.47.0` | `1.47.1` |
| [tonic](https://github.com/hyperium/tonic) | `0.14.0` | `0.14.2` |
| [tonic-prost](https://github.com/hyperium/tonic) | `0.14.0` | `0.14.2` |
| [tonic-reflection](https://github.com/hyperium/tonic) | `0.14.0` | `0.14.2` |
| [tonic-build](https://github.com/hyperium/tonic) | `0.14.0` | `0.14.2` |
| [tracing-subscriber](https://github.com/tokio-rs/tracing) | `0.3.19` | `0.3.20` |
| [bytemuck](https://github.com/Lokathor/bytemuck) | `1.23.2` | `1.24.0` |
| [tonic-prost-build](https://github.com/hyperium/tonic) | `0.14.0` | `0.14.2` |
| [aya-ebpf](https://github.com/aya-rs/aya) | ``44ec978`` | ``de42b80`` |
| [which](https://github.com/harryfei/which-rs) | `7.0.3` | `8.0.0` |
| [libc](https://github.com/rust-lang/libc) | `0.2.174` | `0.2.176` |



Updates `anyhow` from 1.0.98 to 1.0.100
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.98...1.0.100)

Updates `tokio` from 1.47.0 to 1.47.1
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.47.0...tokio-1.47.1)

Updates `tonic` from 0.14.0 to 0.14.2
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.0...v0.14.2)

Updates `tonic-prost` from 0.14.0 to 0.14.2
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.0...v0.14.2)

Updates `tonic-reflection` from 0.14.0 to 0.14.2
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.0...v0.14.2)

Updates `tonic-build` from 0.14.0 to 0.14.2
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.0...v0.14.2)

Updates `tracing-subscriber` from 0.3.19 to 0.3.20
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](tokio-rs/tracing@tracing-subscriber-0.3.19...tracing-subscriber-0.3.20)

Updates `bytemuck` from 1.23.2 to 1.24.0
- [Changelog](https://github.com/Lokathor/bytemuck/blob/main/changelog.md)
- [Commits](Lokathor/bytemuck@v1.23.2...v1.24.0)

Updates `bytemuck_derive` from 1.10.1 to 1.10.2
- [Changelog](https://github.com/Lokathor/bytemuck/blob/main/changelog.md)
- [Commits](Lokathor/bytemuck@bytemuck_derive-v1.10.1...bytemuck_derive-v1.10.2)

Updates `tonic-prost-build` from 0.14.0 to 0.14.2
- [Release notes](https://github.com/hyperium/tonic/releases)
- [Changelog](https://github.com/hyperium/tonic/blob/master/CHANGELOG.md)
- [Commits](hyperium/tonic@v0.14.0...v0.14.2)

Updates `aya-ebpf` from `44ec978` to `de42b80`
- [Release notes](https://github.com/aya-rs/aya/releases)
- [Commits](aya-rs/aya@44ec978...de42b80)

Updates `aya-log-ebpf` from `44ec978` to `de42b80`
- [Release notes](https://github.com/aya-rs/aya/releases)
- [Commits](aya-rs/aya@44ec978...de42b80)

Updates `which` from 7.0.3 to 8.0.0
- [Release notes](https://github.com/harryfei/which-rs/releases)
- [Changelog](https://github.com/harryfei/which-rs/blob/master/CHANGELOG.md)
- [Commits](harryfei/which-rs@7.0.3...8.0.0)

Updates `libc` from 0.2.174 to 0.2.176
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/0.2.176/CHANGELOG.md)
- [Commits](rust-lang/libc@0.2.174...0.2.176)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-version: 1.0.100
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tokio
  dependency-version: 1.47.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tonic
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tonic-prost
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tonic-reflection
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tonic-build
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tracing-subscriber
  dependency-version: 0.3.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: bytemuck
  dependency-version: 1.24.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-updates
- dependency-name: bytemuck_derive
  dependency-version: 1.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: tonic-prost-build
  dependency-version: 0.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: aya-ebpf
  dependency-version: de42b80c74883f512542875e7cfa96b8634a8991
  dependency-type: direct:production
  dependency-group: all-updates
- dependency-name: aya-log-ebpf
  dependency-version: de42b80c74883f512542875e7cfa96b8634a8991
  dependency-type: direct:production
  dependency-group: all-updates
- dependency-name: which
  dependency-version: 8.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-updates
- dependency-name: libc
  dependency-version: 0.2.176
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Oct 6, 2025
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Oct 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@LorenzoTettamanti LorenzoTettamanti Awaiting requested review from LorenzoTettamanti LorenzoTettamanti is a code owner

@lorebrada lorebrada Awaiting requested review from lorebrada lorebrada is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@LorenzoTettamanti LorenzoTettamanti

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@LorenzoTettamanti