build(deps): bump the minor-and-patch group across 1 directory with 17 updates by dependabot[bot] · Pull Request #13 · snapflowio/snapflow

dependabot · 2026-05-19T02:49:29Z

Bumps the minor-and-patch group with 17 updates in the / directory:

Package	From	To
axum	`0.8.8`	`0.8.9`
tower-http	`0.6.8`	`0.6.11`
tokio	`1.50.0`	`1.52.3`
dashmap	`6.1.0`	`6.2.1`
uuid	`1.23.0`	`1.23.1`
utoipa	`5.4.0`	`5.5.0`
rand	`0.9.2`	`0.9.4`
redis	`1.1.0`	`1.2.1`
rustls	`0.23.37`	`0.23.40`
lettre	`0.11.20`	`0.11.22`
socketioxide	`0.18.2`	`0.18.3`
clap	`4.6.0`	`4.6.1`
aws-types	`1.3.14`	`1.3.15`
tar	`0.4.45`	`0.4.46`
russh-sftp	`2.1.1`	`2.1.2`
hudsucker	`0.24.0`	`0.24.1`
serde_with	`3.18.0`	`3.20.0`

Updates axum from 0.8.8 to 0.8.9

Release notes

Sourced from axum's releases.

axum-v0.8.9

added: WebSocketUpgrade::{requested_protocols, set_selected_protocol} for more flexible subprotocol selection (#3597)

changed: Update minimum rust version to 1.80 (#3620)

fixed: Set connect endpoint on correct field in MethodRouter (#3656)

fixed: Return specific error message when multipart body limit is exceeded (#3611)

#3597: tokio-rs/axum#3597 #3620: tokio-rs/axum#3620 #3656: tokio-rs/axum#3656 #3611: tokio-rs/axum#3611

Commits

c59208c revert axum-core changelog changes
99068f5 Revert "Fix IntoResponse for tuples overriding error response codes (#3603)"
23d7098 Revert "axum-core 0.5.6"
e8a39ad axum-macros 0.5.1
6e9a249 axum-extra 0.12.6
0ec9041 axum 0.8.9
c3fcebb axum-core 0.5.6
a8790fc update release notes
26ba7bb docs: consolidate state management docs in crate root (#3683)
9fc59ef Update to tokio-tungstenite 0.29 (#3689)
Additional commits viewable in compare view

Updates tower-http from 0.6.8 to 0.6.11

Release notes

Sourced from tower-http's releases.

tower-http-0.6.11

Added
set-header: add SetMultipleResponseHeadersLayer and SetMultipleResponseHeader for setting multiple response headers at once. Supports overriding, appending, and if_not_present modes. Header values can be fixed or computed dynamically via closures (#672)
use http::{Response, header::{self, HeaderValue}};
use http_body::Body as _;
use tower_http::set_header::response::SetMultipleResponseHeadersLayer;
let layer = SetMultipleResponseHeadersLayer::overriding(vec![
(header::X_FRAME_OPTIONS, HeaderValue::from_static("DENY")).into(),
(header::CONTENT_LENGTH, |res: &Response<MyBody>| {
res.body().size_hint().exact()
.map(|size| HeaderValue::from_str(&size.to_string()).unwrap())
}).into(),
]);
set-header: add SetMultipleRequestHeadersLayer and SetMultipleRequestHeaders for setting multiple request headers at once, mirroring the response-side API (#677)

classify: add From<i32> and From<NonZeroI32> impls for GrpcCode. Unrecognized status codes map to GrpcCode::Unknown (#506)
Changed

compression: compress application/grpc-web responses. Previously all application/grpc* content types were excluded from compression; now only application/grpc (non-web) is excluded (#408)

Fixed

fs: fix ServeDir returning 500 instead of 405 for non-GET/HEAD requests when call_fallback_on_method_not_allowed is enabled but no fallback service is configured (#587)

fs: remove duplicate cfg attribute on is_reserved_dos_name (#675)

#408: tower-rs/tower-http#408 #506: tower-rs/tower-http#506 #587: tower-rs/tower-http#587 #672: tower-rs/tower-http#672 #675: tower-rs/tower-http#675 #677: tower-rs/tower-http#677

All PRs

ci: fix flaky encoding test, add nightly stress test job by @jlizen in tower-rs/tower-http#670

... (truncated)

Commits

1d082ef v0.6.11
9c3117d feat: set multiple request header (#677)
667e7c7 Remove duplicate cfg attribute for is_reserved_dos_name (#675)
7551a9b feat(set_header): refactor and improve multiple header middleware (#672)
991e9ee add From<i32> impl for GrpcCode (#506)
3962dba Do compress grpc-web responses (#408)
f0b3bb6 Fix serve_dir method not allowed handling when no fallback is configured (#587)
d1a571b ci: use static timeout in stress-test workflow (#671)
309555a ci: fix flaky encoding test, add nightly stress test job (#670)
4532fc2 v0.6.10
Additional commits viewable in compare view

Updates tokio from 1.50.0 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

sync: fix underflow in mpsc channel len() (#8062)

sync: notify receivers in mpsc OwnedPermit::release() method (#8075)

sync: require that an RwLock has max_readers != 0 (#8076)

sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

io: AioSource::register_borrowed for I/O safety support (#7992)

net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)

taskdump: add trace_with() for customized task dumps (#8025)

taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)

fs: support io_uring in AsyncRead for File (#7907)

... (truncated)

Commits

d875691 chore: prepare Tokio v1.52.3 (#8130)
e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
fd63094 chore: prepare Tokio v1.51.3 (#8127)
8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
11bfc13 chore: prepare Tokio v1.47.5 (#8122)
f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
Additional commits viewable in compare view

Updates dashmap from 6.1.0 to 6.2.1

Release notes

Sourced from dashmap's releases.

v6.2.1

This is an interim maintenance release for the existing v6 branch before v7 can be released. This bumps the MSRV to 1.85 and updates dependencies to their latest versions.

Commits

749ed1f v6.2.1
d02b945 v6.2.0
b983625 update dependencies
94a294a bump msrv to 1.85
See full diff in compare view

Updates uuid from 1.23.0 to 1.23.1

Release notes

Sourced from uuid's releases.

v1.23.1

What's Changed

Remove deprecated msrv feature from wasm-bindgen dependency by @guybedford in uuid-rs/uuid#877

fix: Timestamp::from_gregorian deprecation note by @aznashwan in uuid-rs/uuid#878

Prepare for 1.23.1 release by @KodrAus in uuid-rs/uuid#879

New Contributors

@guybedford made their first contribution in uuid-rs/uuid#877

@aznashwan made their first contribution in uuid-rs/uuid#878

Full Changelog: uuid-rs/uuid@v1.23.0...v1.23.1

Commits

ca0c85f Merge pull request #879 from uuid-rs/cargo/v1.23.1
b4db015 prepare for 1.23.1 release
771069d Merge pull request #878 from aznashwan/fix-from-gregorian-deprecation-note
80994a2 fix: Timestamp::from_gregorian deprecation note
90c5be8 Merge pull request #877 from guybedford/remove-wasm-bindgen-msrv
8b8c4f4 Remove deprecated feature from wasm-bindgen dependency
See full diff in compare view

Updates utoipa from 5.4.0 to 5.5.0

Release notes

Sourced from utoipa's releases.

utoipa-5.5.0

What's New 💎 🆕 🎉

(2492086) Update next release @juhaku

(eb520dc) ignore really ignores! (#1500) @omid

(7d0d0be) Add support for jiff::Timestamp (#1416) @paolobarbolini

(cdff007) Fix typos (#1497) @jayvdb

Full change log

utoipa-gen-5.5.0

What's New 💎 🆕 🎉

(2492086) Update next release @juhaku

(eb520dc) ignore really ignores! (#1500) @omid

(8e6e6ee) Support servers in path macro (#1293) @infiniteregrets

(7d0d0be) Add support for jiff::Timestamp (#1416) @paolobarbolini

(b07397d) Add serde to the helper attributes for ToSchema (#1472) @zackyancey

(8d006bc) Fix: Refactor to avoid clippy::needless_for_each warning in derive(OpenApi) (#1423) @raimannma

(cdff007) Fix typos (#1497) @jayvdb

Full change log

Commits

2492086 Update next release
eb520dc ignore really ignores! (#1500)
9cd3ce9 Chore migrate to justfile (#1542)
8e6e6ee Support servers in path macro (#1293)
7d0d0be Add support for jiff::Timestamp (#1416)
b07397d Add serde to the helper attributes for ToSchema (#1472)
8d006bc Fix: Refactor to avoid clippy::needless_for_each warning in derive(OpenApi) (...
cdff007 Fix typos (#1497)
See full diff in compare view

Updates rand from 0.9.2 to 0.9.4

Changelog

Sourced from rand's changelog.

[0.9.4] — 2026-04-13

Fixes

Fix doc build (#1766)

#1766: rust-random/rand#1766

[0.9.3] — 2026-04-11

This release back-ports a fix from v0.10. See also #1763.

Changes

Deprecate feature log (#1764)

Replace usages of doc_auto_cfg (#1764)

#1763: rust-random/rand#1763

Commits

ba4c4c6 Prepare v0.9.4: fix doc build (#1766)
4b8b686 Document new error-handling behaviour for ReseedingRng
6c25c6d Prepare v0.9.4: fix doc build
1aeee9f Prepare v0.9.3: deprecate feature log (#1764)
98473ee Prepare rand 0.9.2 (#1648)
031a1f5 examples/print-next.rs (#1647)
6cb75ee Make UniformUsize serializable (#1646)
0c955c5 Add some tests for BlockRng, BlockRng64 and Xoshiro RNGs (#1639)
204084a Fix: Remove accidental editor swap file (#1636)
86262ac Deprecate rand::rngs::mock module and StepRng (#1634)
Additional commits viewable in compare view

Updates redis from 1.1.0 to 1.2.1

Release notes

Sourced from redis's releases.

redis-1.2.1

Changes & Bug fixes

commands: Stop double-take-ing for mset (#2043 by @somechris)

json: Stop double-wrapping commands in RedisResult (#2042 by @somechris)

ValueType: Add missing possible types (#2030 by @somechris)

Stream idempotent producers (at-most-once guarantee) (#2032 by @StefanPalashev)

Improve streaming auth error handling (#2021 by @alexcole)

feat: add Slot type and functions to create Slot / Route with key (#2047 by @anatawa12)

Fix async connection handling to avoid TCP deadlocks (#2070 by @PDXKimani)

CI improvements

ci: Bump Redis/Valkey versions (#2035 by @somechris)

ci: Clarify how databases get selected (#2040 by @somechris)

README: Declare "supported" versions (#2034 by @somechris)

Add EntraID integration tests for OSS cluster API (#2050 by @StefanPalashev)

fix new nightly lint & fmt (#2052 by @nihohit)

log sentinel test startup failures. (#2062 by @nihohit)

redis-1.2.0

What's Changed

feat: support custom TcpSettings on sentinel client by @hugobpx in redis-rs/redis-rs#2016

Attempt to Fix CI by @nihohit in redis-rs/redis-rs#2017

Add lazy instantiation to the connection manager. by @nihohit in redis-rs/redis-rs#2022

Bump async-io from 2.4.0 to 2.6.0 by @dependabot[bot] in redis-rs/redis-rs#2029

Bump env_logger from 0.11.8 to 0.11.10 by @dependabot[bot] in redis-rs/redis-rs#2027

Bump itoa from 1.0.17 to 1.0.18 by @dependabot[bot] in redis-rs/redis-rs#2026

Bump async-trait from 0.1.88 to 0.1.89 by @dependabot[bot] in redis-rs/redis-rs#2025

Bump tokio-util from 0.7.17 to 0.7.18 by @dependabot[bot] in redis-rs/redis-rs#2023

Add strategies for routing reads to cluster replicas by @PDXKimani in redis-rs/redis-rs#1985

Bump anyhow from 1.0.100 to 1.0.102 by @dependabot[bot] in redis-rs/redis-rs#2024

README: Add stanza about AI contributions by @somechris in redis-rs/redis-rs#2033

Don't compile tokio runtime when using smol by @cstyles in redis-rs/redis-rs#2036

New Contributors

@cstyles made their first contribution in redis-rs/redis-rs#2036

Full Changelog: redis-rs/redis-rs@redis-1.1.0...redis-1.2.0

Commits

a6608fd Prepare new version (#2074)
7e063ff Fix async connection handling to avoid TCP deadlocks (#2070)
7adf964 Bump hashbrown from 0.16.1 to 0.17.0 (#2068)
78693ac Bump tokio from 1.49.0 to 1.50.0 (#2067)
5ed93d6 Bump quickcheck from 1.0.3 to 1.1.0 (#2066)
1cbb4f6 Bump arc-swap from 1.8.2 to 1.9.1 (#2065)
a141fff Bump rust_decimal from 1.39.0 to 1.41.0 (#2064)
a113ee7 Bump quote from 1.0.44 to 1.0.45 (#2063)
ef68835 log sentinel test startup failures. (#2062)
cddd795 feat: add Slot type and functions to create Slot / Route with key (#2047)
Additional commits viewable in compare view

Updates rustls from 0.23.37 to 0.23.40

Commits

b44c09f Prepare 0.23.40
e7a555f Prefer Ord::max to core::cmp
c0005be ech: base inner name padding on actual extension
4e49529 ech: test inner name padding
3e06ef1 ech: add both name and "gross" padding
c574ffd ech: avoid short-lived allocation for padding
8bf935c ech: pop comment from match arm
9088004 ech: expand maximum_name_length to usize ASAP
a612901 Default require_ems based on CryptoProvider FIPS status
0541605 Cargo: version 0.23.38 -> 0.23.39
Additional commits viewable in compare view

Updates lettre from 0.11.20 to 0.11.22

Release notes

Sourced from lettre's releases.

v0.11.22 - update now if you're using Boring TLS

Security

Fix inverted TLS hostname verification flag in boring-tls backend that silently disabled hostname verification f5efffc

Bug Fixes

Cap read_response buffer to prevent unbounded memory growth #1143

Misc

Upgrade rustls-platform-verifier to v0.7 #1136

v0.11.21

Features

Add rustls-no-provider support (#1134)

Add message_iter to AsyncConnection and Connection (#1116)

Changelog

Sourced from lettre's changelog.

v0.11.22 (2026-05-14)

Security

Fix inverted TLS hostname verification flag in boring-tls backend that silently disabled hostname verification (f5efffc)

Bug Fixes

Cap read_response buffer to prevent unbounded memory growth (#1143)

Misc

Upgrade rustls-platform-verifier to v0.7 (#1136)

#1136: lettre/lettre#1136 #1143: lettre/lettre#1143

v0.11.21 (2026-04-04)

Features

Add rustls-no-provider support (#1134)

Add message_iter to AsyncConnection and Connection (#1116)

#1116: lettre/lettre#1116 #1134: lettre/lettre#1134 #1136: lettre/lettre#1136 #1143: lettre/lettre#1143

Commits

9b88c4f Prepare v0.11.22
f5efffc fix(transport-smtp): negate hostname-verify flag for boring-tls
f62f304 fix(transport-smtp): cap read_response buffer
fa402db build(deps): upgrade rustls-platform-verifier to v0.7
1ab3a65 Prepare v0.11.21
396a242 feat: add rustls-no-provider support
3722083 feat(transport-smtp): add message_iter to AsyncConnection and Connection
See full diff in compare view

Updates socketioxide from 0.18.2 to 0.18.3

Release notes

Sourced from socketioxide's releases.

socketioxide-v0.18.3

Changelog

fix: race condition when emitting with acknowledgement.

feat: expose global configured ack timeout to adapter implementations

What's Changed

chore(deps): bump futures-core from 0.3.31 to 0.3.32 by @dependabot[bot] in Totodore/socketioxide#672

chore(deps): bump futures-util from 0.3.31 to 0.3.32 by @dependabot[bot] in Totodore/socketioxide#673

chore(deps): bump redis from 1.0.3 to 1.0.4 by @dependabot[bot] in Totodore/socketioxide#674

chore(deps): bump tokio from 1.49.0 to 1.50.0 by @dependabot[bot] in Totodore/socketioxide#676

chore(deps): bump redis from 1.0.4 to 1.0.5 by @dependabot[bot] in Totodore/socketioxide#677

chore(deps): bump quinn-proto from 0.11.13 to 0.11.14 in /examples by @dependabot[bot] in Totodore/socketioxide#678

chore(deps): bump salvo from 0.88.1 to 0.89.3 in /examples by @dependabot[bot] in Totodore/socketioxide#682

chore(deps): bump tokio-tungstenite from 0.28.0 to 0.29.0 by @dependabot[bot] in Totodore/socketioxide#680

chore(deps): bump rustls-webpki from 0.103.4 to 0.103.10 by @dependabot[bot] in Totodore/socketioxide#684

chore(deps): bump rustls-webpki from 0.103.8 to 0.103.10 in /examples by @dependabot[bot] in Totodore/socketioxide#685

chore(deps): bump redis from 1.0.5 to 1.1.0 by @dependabot[bot] in Totodore/socketioxide#686

chore(deps): bump unicode-segmentation from 1.12.0 to 1.13.2 by @dependabot[bot] in Totodore/socketioxide#688

chore(deps): bump hyper from 1.8.1 to 1.9.0 by @dependabot[bot] in Totodore/socketioxide#691

chore(clippy): improve clippy lints by @Totodore in Totodore/socketioxide#690

chore(deps): bump example deps by @Totodore in Totodore/socketioxide#692

fix(ci): add socketioxide-mongodb to feature flag tests by @Totodore in Totodore/socketioxide#693

feat(ci): dependabot for gh actions by @Totodore in Totodore/socketioxide#694

chore(deps): bump actions/setup-node from 4 to 6 by @dependabot[bot] in Totodore/socketioxide#695

chore(deps): bump actions/cache from 4 to 5 by @dependabot[bot] in Totodore/socketioxide#699

chore(deps): bump github/codeql-action from 3 to 4 by @dependabot[bot] in Totodore/socketioxide#698

chore(deps): bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in Totodore/socketioxide#697

chore(deps): bump actions/checkout from 4 to 6 by @dependabot[bot] in Totodore/socketioxide#696

chore(deps): bump hoverkraft-tech/compose-action from 2.0.2 to 2.5.0 by @dependabot[bot] in Totodore/socketioxide#705

chore(deps): bump tokio from 1.50.0 to 1.51.1 by @dependabot[bot] in Totodore/socketioxide#704

chore(deps): bump matchit from 0.9.1 to 0.9.2 by @dependabot[bot] in Totodore/socketioxide#703

chore(deps): bump redis from 1.1.0 to 1.2.0 by @dependabot[bot] in Totodore/socketioxide#702

fix(socketio): emit with ack race cond by @Totodore in Totodore/socketioxide#708

fix(clippy): remove global missing docs lint by @Totodore in Totodore/socketioxide#707

fix(ci): breaking change on mode parameter for the codspeed action by @Totodore in Totodore/socketioxide#706

fix(socketio): concurrent acknowledgement timeouts by @Totodore in Totodore/socketioxide#709

Full Changelog: Totodore/socketioxide@socketioxide-v0.18.2...socketioxide-v0.18.3

Commits

e250da1 fix(socketio): concurrent acknowledgement timeouts (#709)
190b0a3 fix(ci): breaking change on mode parameter for the codspeed action (#706)
34db210 fix(clippy): remove global missing docs lint (#707)
dd9d7fb fix(socketio): emit with ack race cond (#708)
9fd9181 chore(deps): bump redis from 1.1.0 to 1.2.0 (#702)
edd0ab8 chore(deps): bump matchit from 0.9.1 to 0.9.2 (#703)
44caced chore(deps): bump tokio from 1.50.0 to 1.51.1 (#704)
eb1a18a chore(deps): bump hoverkraft-tech/compose-action from 2.0.2 to 2.5.0 (#705)
cc21d87 chore(deps): bump actions/checkout from 4 to 6 (#696)
15f4948 chore(deps): bump actions/upload-artifact from 4 to 7 (#697)
Additional commits viewable in compare view

Updates clap from 4.6.0 to 4.6.1

Release notes

Sourced from clap's releases.

v4.6.1

[4.6.1] - 2026-04-15

Fixes

(derive) Ensure rebuilds happen when an read env variable is changed

Changelog

Sourced from clap's changelog.

[4.6.1] - 2026-04-15

Fixes

(derive) Ensure rebuilds happen when an read env variable is changed

Commits

1420275 chore: Release
d2c817d docs: Update changelog
f88c94e Merge pull request #6341 from epage/sep
acbb822 fix(complete): Reduce risk of conflict with actual subcommands
a49fadb refactor(complete): Pull out subcommand separator
ddc008b Merge pull request #6332 from epage/update
497dc50 chore: Update compatible dependencies
dca2326 Merge pull request #6331 from clap-rs/renovate/j178-prek-action-2.x
54bdaa3 chore(deps): Update j178/prek-action action to v2
f0d30d9 chore: Release
Additional commits viewable in compare view

Updates aws-types from 1.3.14 to 1.3.15

Commits

See full diff in compare view

Updates tar from 0.4.45 to 0.4.46

Release notes

Sourced from tar's releases.

0.4.46

Security

archive: Fix another PAX header desync (GHSA-3cv2-h65g-fgmm) by @cgwalters in composefs/tar-rs#454

See also GHSA-3cv2-h65g-fgmm

Other changes

ci: Fix and re-enable reverse dependency testing by @cgwalters in composefs/tar-rs#444

Update astral-tokio-tar requirement from 0.5 to 0.6 by @dependabot[bot] in composefs/tar-rs#446

Update some links by @atouchet in composefs/tar-rs#445

Add support of absolute paths by @zxvfc in composefs/tar-rs#426

docs: Expand notes on concurrent mutations and following symlinks by @cgwalters in composefs/tar-rs#453

Update repo links by @cgwalters in composefs/tar-rs#451

ci: Add crates.io trusted publishing workflow by @cgwalters in composefs/tar-rs#456

Release 0.4.46 by @cgwalters in composefs/tar-rs#455

New Contributors

@dependabot[bot] made their first contribution in composefs/tar-rs#446

@atouchet made their first contribution in composefs/tar-rs#445

@zxvfc made their first contribution in composefs/tar-rs#426

Full Changelog: composefs/tar-rs@0.4.45...0.4.46

Commits

fc459c1 Release 0.4.46
43e05a8 ci: Add crates.io trusted publishing workflow
bba5666 Update repo links
cd94c46 docs: Document TOCTOU / concurrent-mutation threat model
1b4997c builder: Expand docs for follow_symlinks and append_dir_all
bab14dd archive: Fix another PAX header desync (GHSA-3cv2-h65g-fgmm)
2349b49 Add support of absolute paths
39d0311 Update some links
59d803e Update astral-tokio-tar requirement from 0.5 to 0.6
8296b9a ci: Fix and re-enable reverse dependency testing (

…7 updates Bumps the minor-and-patch group with 17 updates in the / directory: | Package | From | To | | --- | --- | --- | | [axum](https://github.com/tokio-rs/axum) | `0.8.8` | `0.8.9` | | [tower-http](https://github.com/tower-rs/tower-http) | `0.6.8` | `0.6.11` | | [tokio](https://github.com/tokio-rs/tokio) | `1.50.0` | `1.52.3` | | [dashmap](https://github.com/xacrimon/dashmap) | `6.1.0` | `6.2.1` | | [uuid](https://github.com/uuid-rs/uuid) | `1.23.0` | `1.23.1` | | [utoipa](https://github.com/juhaku/utoipa) | `5.4.0` | `5.5.0` | | [rand](https://github.com/rust-random/rand) | `0.9.2` | `0.9.4` | | [redis](https://github.com/redis-rs/redis-rs) | `1.1.0` | `1.2.1` | | [rustls](https://github.com/rustls/rustls) | `0.23.37` | `0.23.40` | | [lettre](https://github.com/lettre/lettre) | `0.11.20` | `0.11.22` | | [socketioxide](https://github.com/totodore/socketioxide) | `0.18.2` | `0.18.3` | | [clap](https://github.com/clap-rs/clap) | `4.6.0` | `4.6.1` | | [aws-types](https://github.com/smithy-lang/smithy-rs) | `1.3.14` | `1.3.15` | | [tar](https://github.com/composefs/tar-rs) | `0.4.45` | `0.4.46` | | [russh-sftp](https://github.com/AspectUnk/russh-sftp) | `2.1.1` | `2.1.2` | | [hudsucker](https://github.com/omjadas/hudsucker) | `0.24.0` | `0.24.1` | | [serde_with](https://github.com/jonasbb/serde_with) | `3.18.0` | `3.20.0` | Updates `axum` from 0.8.8 to 0.8.9 - [Release notes](https://github.com/tokio-rs/axum/releases) - [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md) - [Commits](tokio-rs/axum@axum-v0.8.8...axum-v0.8.9) Updates `tower-http` from 0.6.8 to 0.6.11 - [Release notes](https://github.com/tower-rs/tower-http/releases) - [Commits](tower-rs/tower-http@tower-http-0.6.8...tower-http-0.6.11) Updates `tokio` from 1.50.0 to 1.52.3 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.50.0...tokio-1.52.3) Updates `dashmap` from 6.1.0 to 6.2.1 - [Release notes](https://github.com/xacrimon/dashmap/releases) - [Commits](xacrimon/dashmap@v6.1.0...v6.2.1) Updates `uuid` from 1.23.0 to 1.23.1 - [Release notes](https://github.com/uuid-rs/uuid/releases) - [Commits](uuid-rs/uuid@v1.23.0...v1.23.1) Updates `utoipa` from 5.4.0 to 5.5.0 - [Release notes](https://github.com/juhaku/utoipa/releases) - [Changelog](https://github.com/juhaku/utoipa/blob/master/utoipa-rapidoc/CHANGELOG.md) - [Commits](juhaku/utoipa@utoipa-5.4.0...utoipa-5.5.0) Updates `rand` from 0.9.2 to 0.9.4 - [Release notes](https://github.com/rust-random/rand/releases) - [Changelog](https://github.com/rust-random/rand/blob/0.9.4/CHANGELOG.md) - [Commits](rust-random/rand@rand_core-0.9.2...0.9.4) Updates `redis` from 1.1.0 to 1.2.1 - [Release notes](https://github.com/redis-rs/redis-rs/releases) - [Commits](redis-rs/redis-rs@redis-1.1.0...redis-1.2.1) Updates `rustls` from 0.23.37 to 0.23.40 - [Release notes](https://github.com/rustls/rustls/releases) - [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md) - [Commits](rustls/rustls@v/0.23.37...v/0.23.40) Updates `lettre` from 0.11.20 to 0.11.22 - [Release notes](https://github.com/lettre/lettre/releases) - [Changelog](https://github.com/lettre/lettre/blob/master/CHANGELOG.md) - [Commits](lettre/lettre@v0.11.20...v0.11.22) Updates `socketioxide` from 0.18.2 to 0.18.3 - [Release notes](https://github.com/totodore/socketioxide/releases) - [Changelog](https://github.com/Totodore/socketioxide/blob/main/CHANGELOG.md) - [Commits](Totodore/socketioxide@socketioxide-v0.18.2...socketioxide-v0.18.3) Updates `clap` from 4.6.0 to 4.6.1 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](clap-rs/clap@clap_complete-v4.6.0...clap_complete-v4.6.1) Updates `aws-types` from 1.3.14 to 1.3.15 - [Release notes](https://github.com/smithy-lang/smithy-rs/releases) - [Changelog](https://github.com/smithy-lang/smithy-rs/blob/main/CHANGELOG.md) - [Commits](https://github.com/smithy-lang/smithy-rs/commits) Updates `tar` from 0.4.45 to 0.4.46 - [Release notes](https://github.com/composefs/tar-rs/releases) - [Commits](composefs/tar-rs@0.4.45...0.4.46) Updates `russh-sftp` from 2.1.1 to 2.1.2 - [Commits](https://github.com/AspectUnk/russh-sftp/commits) Updates `hudsucker` from 0.24.0 to 0.24.1 - [Release notes](https://github.com/omjadas/hudsucker/releases) - [Commits](omjadas/hudsucker@v0.24.0...v0.24.1) Updates `serde_with` from 3.18.0 to 3.20.0 - [Release notes](https://github.com/jonasbb/serde_with/releases) - [Commits](jonasbb/serde_with@v3.18.0...v3.20.0) --- updated-dependencies: - dependency-name: axum dependency-version: 0.8.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: tower-http dependency-version: 0.6.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: tokio dependency-version: 1.52.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: dashmap dependency-version: 6.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: uuid dependency-version: 1.23.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: utoipa dependency-version: 5.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: rand dependency-version: 0.9.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: redis dependency-version: 1.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: rustls dependency-version: 0.23.40 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: lettre dependency-version: 0.11.22 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: socketioxide dependency-version: 0.18.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: clap dependency-version: 4.6.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: aws-types dependency-version: 1.3.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: tar dependency-version: 0.4.46 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: russh-sftp dependency-version: 2.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: hudsucker dependency-version: 0.24.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: serde_with dependency-version: 3.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>

deepsource-io · 2026-05-19T02:49:52Z

DeepSource Code Review

We reviewed changes in 1b7d9dd...e2e28df on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade	Security Reliability Complexity Hygiene

Code Review Summary

Analyzer	Updated (UTC)	Details
JavaScript	May 19, 2026 2:49a.m.	Review ↗
Docker	May 19, 2026 2:49a.m.	Review ↗
Rust	May 19, 2026 2:49a.m.	Review ↗
Shell	May 19, 2026 2:49a.m.	Review ↗

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels May 19, 2026

github-actions Bot added the clients label May 19, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the minor-and-patch group across 1 directory with 17 updates#13

build(deps): bump the minor-and-patch group across 1 directory with 17 updates#13
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/main/minor-and-patch-67a77649c7

dependabot Bot commented on behalf of github May 19, 2026

Uh oh!

deepsource-io Bot commented May 19, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 19, 2026

axum-v0.8.9

tower-http-0.6.11

Added

Changed

Fixed

All PRs

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

Tokio v1.52.2

1.52.2 (May 4th, 2026)

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

Added (unstable)

v6.2.1

v1.23.1

What's Changed

New Contributors

utoipa-5.5.0

What's New 💎 🆕 🎉

Full change log

utoipa-gen-5.5.0

What's New 💎 🆕 🎉

Full change log

[0.9.4] — 2026-04-13

Fixes

[0.9.3] — 2026-04-11

Changes

redis-1.2.1

Changes & Bug fixes

CI improvements

redis-1.2.0

What's Changed

New Contributors

v0.11.22 - update now if you're using Boring TLS

Security

Bug Fixes

Misc

v0.11.21

Features

v0.11.22 (2026-05-14)

Security

Bug Fixes

Misc

v0.11.21 (2026-04-04)

Features

socketioxide-v0.18.3

Changelog

What's Changed

v4.6.1

[4.6.1] - 2026-04-15

Fixes

[4.6.1] - 2026-04-15

Fixes

0.4.46

Security

Other changes

New Contributors

Uh oh!

deepsource-io Bot commented May 19, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

DeepSource Code Review

PR Report Card

Code Review Summary

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

deepsource-io Bot commented May 19, 2026 •

edited

Loading