Skip to content

build(deps): bump the desktop-cargo group across 1 directory with 3 updates#23

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/src-tauri/desktop-cargo-d1ee9e7306
Open

build(deps): bump the desktop-cargo group across 1 directory with 3 updates#23
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/src-tauri/desktop-cargo-d1ee9e7306

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown

Bumps the desktop-cargo group with 3 updates in the /src-tauri directory: serde_json, sqlx and tauri-build.

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

Commits
  • a1ae73a Release 1.0.150
  • 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
  • 2037b63 Reject non-string enum object keys
  • 5d30df6 Resolve manual_assert_eq pedantic clippy lint
  • dc8003a Raise required compiler for preserve_order feature to 1.85
  • a42fa98 Unpin CI miri toolchain
  • 684a60e Pin CI miri to nightly-2026-02-11
  • 7c7da33 Raise required compiler to Rust 1.71
  • acf4850 Simplify Number::is_f64
  • 6b8ceab Resolve unnecessary_map_or clippy lint
  • Additional commits viewable in compare view

Updates sqlx from 0.8.6 to 0.9.0

Changelog

Sourced from sqlx's changelog.

0.9.0 - 2026-05-06

Important Announcements

New Github Organization

Shortly after this release is published, the SQLx repository will be transferred to a new GitHub organization: https://github.com/transact-rs/

This is because SQLx has not been owned or maintained by LaunchBadge, LLC. for a few years now, and has since been informally transferred to the collective ownership of its principal authors. Moving the repository to a new organization makes this change more clear, and also allows for potentially inviting outside collaborators.

Cargo.lock Removed from Tracking

The Cargo.lock has been removed from tracking in Git. CI should now always test with the latest versions of all dependencies by default, alongside our pass that checks with cargo generate-lockfile -Z minimal-versions.

This should eliminate the need for any PRs that update dependencies to also update Cargo.lock or contend with an endless stream of merge conflicts against it.

N.B. cargo install --locked sqlx-cli will no longer work. However, cargo install sqlx-cli has always used the latest dependencies by default, ignoring the lockfile, so most users should not be affected. For users requiring reproducible builds, consider maintaining your own lockfile instead; historically, we only ran cargo update sporadically, so relying on SQLx's lockfile offered few guarantees anyway.

See [the manual page for cargo install][man-cargo-install] for details.

Breaking

As per our MSRV policy, the supported Rust version for this release cycle is 1.94.0.

  • [#3383]: feat: create sqlx.toml format [[@​abonander]]
    • SQLx and sqlx-cli now support per-crate configuration files (sqlx.toml)
    • New functionality includes, but is not limited to:
      • Rename DATABASE_URL for a crate (for multi-database workspaces)
      • Set global type overrides for the macros (supporting custom types)
      • Rename or relocate the _sqlx_migrations table (for multiple crates using the same database)
      • Set characters to ignore when hashing migrations (e.g. ignore whitespace)
    • More to be implemented in future releases.
    • Enable feature sqlx-toml to use.
      • sqlx-cli has it enabled by default, but sqlx does not.
      • Default features of library crates can be hard to completely turn off because of [feature unification], so it's better to keep the default feature set as limited as possible. [This is something we learned the hard way.][preferred-crates]
    • Guide: see sqlx::_config module in documentation.
    • Reference: [Link]
    • Examples (written for Postgres but can be adapted to other databases; PRs welcome!):
      • Multiple databases using DATABASE_URL renaming and global type overrides: [Link]
      • Multi-tenant database using _sqlx_migrations renaming and multiple schemas: [Link]
      • Force use of chrono when time is enabled (e.g. when using tower-sessions-sqlx-store): [[Link][preferred-crates]]
        • Forcing bigdecimal when rust_decimal is enabled is also shown, but problems with chrono/time are more common.

... (truncated)

Commits
  • 75bc048 Release 0.9.0 (#4256)
  • 6956cef Prefer to give real data to .bind() in README.md (#4257)
  • 45ba990 Add the possibility to skip migrations (#3846)
  • 66533fa Ensure Deterministic Migration Order (#4136)
  • db47fe3 ci: check direct minimal versions (#4173)
  • 9ecb76d Unescape PostgreSQL passfile password (#3993)
  • c0a3218 breaking(any+mysql): correctly convert text and blob types to AnyTypeInfo (...
  • d82b781 test(sqlite): add regression test for ORDER BY + LIMIT nullability (#4223)
  • b77ba16 chore: update to axum 0.8 (#4253)
  • c0ec9c0 fix(tls): potential deadlock in StdSocket::poll_ready() (#4251)
  • Additional commits viewable in compare view

Updates tauri-build from 2.6.1 to 2.6.3

Release notes

Sourced from tauri-build's releases.

tauri-build v2.6.3

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 1133 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1085 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413

Crate: atk-sys
Version: 0.18.2
Warning: unmaintained
Title: gtk-rs GTK3 bindings - no longer maintained
Date: 2024-03-04
ID: RUSTSEC-2024-0416
URL: https://rustsec.org/advisories/RUSTSEC-2024-0416

Crate: fxhash
Version: 0.2.1
Warning: unmaintained
Title: fxhash - no longer maintained
Date: 2025-09-05
ID: RUSTSEC-2025-0057
URL: https://rustsec.org/advisories/RUSTSEC-2025-0057

Crate: gdk
Version: 0.18.2
Warning: unmaintained
Title: gtk-rs GTK3 bindings - no longer maintained
Date: 2024-03-04
ID: RUSTSEC-2024-0412
URL: https://rustsec.org/advisories/RUSTSEC-2024-0412

Crate: gdk-sys
Version: 0.18.2
Warning: unmaintained
Title: gtk-rs GTK3 bindings - no longer maintained
Date: 2024-03-04
ID: RUSTSEC-2024-0418
URL: https://rustsec.org/advisories/RUSTSEC-2024-0418

Crate: gdkwayland-sys
</tr></table>

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…pdates

Bumps the desktop-cargo group with 3 updates in the /src-tauri directory: [serde_json](https://github.com/serde-rs/json), [sqlx](https://github.com/launchbadge/sqlx) and [tauri-build](https://github.com/tauri-apps/tauri).


Updates `serde_json` from 1.0.149 to 1.0.150
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.149...v1.0.150)

Updates `sqlx` from 0.8.6 to 0.9.0
- [Changelog](https://github.com/transact-rs/sqlx/blob/main/CHANGELOG.md)
- [Commits](transact-rs/sqlx@v0.8.6...v0.9.0)

Updates `tauri-build` from 2.6.1 to 2.6.3
- [Release notes](https://github.com/tauri-apps/tauri/releases)
- [Commits](tauri-apps/tauri@tauri-build-v2.6.1...tauri-build-v2.6.3)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-version: 1.0.150
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: desktop-cargo
- dependency-name: sqlx
  dependency-version: 0.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: desktop-cargo
- dependency-name: tauri-build
  dependency-version: 2.6.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: desktop-cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Dependency updates and maintenance needs triage Needs maintainer review and routing labels Jul 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependency updates and maintenance needs triage Needs maintainer review and routing

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants