Skip to content

chore(deps): update rust crate cargo to 0.94.0 #163

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
renovate wants to merge 1 commit into
base: main
Choose a base branch
from

chore(deps): update rust crate cargo to 0.94.0

1047408
Select commit
Loading
Failed to load commit list.
Sign in for the full log view
Open

chore(deps): update rust crate cargo to 0.94.0 #163

chore(deps): update rust crate cargo to 0.94.0
1047408
Select commit
Loading
Failed to load commit list.
GitHub Actions / Security audit failed Feb 12, 2026 in 0s

Security advisories found

1 advisory(ies)

Details

Vulnerabilities

RUSTSEC-2025-0140

Non-utf8 String can be created with TimeBuf::as_str

Details
Package gix-date
Version 0.10.7
URL GitoxideLabs/gitoxide#2305
Date 2025-12-29
Patched versions >=0.12.0

The function gix_date::parse::TimeBuf::as_str can create an illegal string containing non-utf8 characters. This violates the safety invariant of TimeBuf and can lead to undefined behavior when consuming the string.

The bug can be prevented by adding str::from_utf8 to the function TimeBuf::write.

View more details on GitHub Actions