Skip to content

chore(deps): bump the cargo group across 10 directories with 7 updates#18

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/Rust_v1/rust-dioxus-v0/cargo-512259017d
Open

chore(deps): bump the cargo group across 10 directories with 7 updates#18
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/Rust_v1/rust-dioxus-v0/cargo-512259017d

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Apr 22, 2026

Bumps the cargo group with 3 updates in the /Rust_v1/rust-dioxus-v0 directory: bytes, slab and tracing-subscriber.
Bumps the cargo group with 3 updates in the /Rust_v1/rust-dioxus-v1 directory: bytes, slab and tracing-subscriber.
Bumps the cargo group with 2 updates in the /Rust_v1/rust-leptos-v0 directory: bytes and slab.
Bumps the cargo group with 2 updates in the /Rust_v1/rust-leptos-v3 directory: bytes and slab.
Bumps the cargo group with 2 updates in the /Rust_v1/rust-yew-v0 directory: bytes and tokio.
Bumps the cargo group with 1 update in the /axum_todo directory: bytes.
Bumps the cargo group with 1 update in the /get-start-rust directory: rand.
Bumps the cargo group with 1 update in the /leptos-tutorial directory: bytes.
Bumps the cargo group with 5 updates in the /rust-http-v0 directory:

Package From To
bytes 1.10.1 1.11.1
rand 0.8.5 0.8.6
slab 0.4.10 0.4.12
actix-http 3.11.0 3.12.1
time 0.3.41 0.3.44

Bumps the cargo group with 1 update in the /rust_api directory: bytes.

Updates bytes from 1.10.1 to 1.11.1

Release notes

Sourced from bytes's releases.

Bytes v1.11.1

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

Bytes v1.11.0

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Changelog

Sourced from bytes's changelog.

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Commits

Updates slab from 0.4.10 to 0.4.12

Release notes

Sourced from slab's releases.

v0.4.12

  • Help the compiler elide copies in try_remove() (#160)
  • Add security policy (#154)

v0.4.11

  • Fix Slab::get_disjoint_mut out of bounds (#152)
Changelog

Sourced from slab's changelog.

0.4.12 (January 31, 2026)

  • Help the compiler elide copies in try_remove() (#160)
  • Add security policy (#154)

0.4.11 (August 8, 2025)

  • Fix Slab::get_disjoint_mut out of bounds (#152)
Commits

Updates tracing-subscriber from 0.3.19 to 0.3.20

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.20

Security Fix: ANSI Escape Sequence Injection (CVE-TBD)

Impact

Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:

  • Manipulate terminal title bars
  • Clear screens or modify terminal display
  • Potentially mislead users through terminal manipulation

In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.

Solution

Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.

Affected Versions

All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.

Recommendations

Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:

  • Logs user-provided input (form data, HTTP headers, query parameters, etc.)
  • Runs in environments where terminal output is displayed to users

Migration

This is a patch release with no breaking API changes. Simply update your Cargo.toml:

[dependencies]
tracing-subscriber = "0.3.20"

Acknowledgments

We would like to thank zefr0x who responsibly reported the issue at security@tokio.rs.

If you believe you have found a security vulnerability in any tokio-rs project, please email us at security@tokio.rs.

Commits

Updates bytes from 1.10.1 to 1.11.1

Release notes

Sourced from bytes's releases.

Bytes v1.11.1

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

Bytes v1.11.0

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Changelog

Sourced from bytes's changelog.

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Commits

Updates slab from 0.4.10 to 0.4.12

Release notes

Sourced from slab's releases.

v0.4.12

  • Help the compiler elide copies in try_remove() (#160)
  • Add security policy (#154)

v0.4.11

  • Fix Slab::get_disjoint_mut out of bounds (#152)
Changelog

Sourced from slab's changelog.

0.4.12 (January 31, 2026)

  • Help the compiler elide copies in try_remove() (#160)
  • Add security policy (#154)

0.4.11 (August 8, 2025)

  • Fix Slab::get_disjoint_mut out of bounds (#152)
Commits

Updates tracing-subscriber from 0.3.19 to 0.3.20

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.20

Security Fix: ANSI Escape Sequence Injection (CVE-TBD)

Impact

Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:

  • Manipulate terminal title bars
  • Clear screens or modify terminal display
  • Potentially mislead users through terminal manipulation

In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.

Solution

Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.

Affected Versions

All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.

Recommendations

Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:

  • Logs user-provided input (form data, HTTP headers, query parameters, etc.)
  • Runs in environments where terminal output is displayed to users

Migration

This is a patch release with no breaking API changes. Simply update your Cargo.toml:

[dependencies]
tracing-subscriber = "0.3.20"

Acknowledgments

We would like to thank zefr0x who responsibly reported the issue at security@tokio.rs.

If you believe you have found a security vulnerability in any tokio-rs project, please email us at security@tokio.rs.

Commits

Updates bytes from 1.10.1 to 1.11.1

Release notes

Sourced from bytes's releases.

Bytes v1.11.1

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

Bytes v1.11.0

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Changelog

Sourced from bytes's changelog.

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Commits

Updates slab from 0.4.10 to 0.4.12

Release notes

Sourced from slab's releases.

v0.4.12

  • Help the compiler elide copies in try_remove() (#160)
  • Add security policy (#154)

v0.4.11

  • Fix Slab::get_disjoint_mut out of bounds (#152)
Changelog

Sourced from slab's changelog.

0.4.12 (January 31, 2026)

  • Help the compiler elide copies in try_remove() (#160)
  • Add security policy (#154)

0.4.11 (August 8, 2025)

  • Fix Slab::get_disjoint_mut out of bounds (#152)
Commits

Updates bytes from 1.10.1 to 1.11.1

Release notes

Sourced from bytes's releases.

Bytes v1.11.1

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

Bytes v1.11.0

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Changelog

Sourced from bytes's changelog.

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Commits

Updates slab from 0.4.10 to 0.4.12

Release notes

Sourced from slab's releases.

v0.4.12

  • Help the compiler elide copies in try_remove() (#160)
  • Add security policy (#154)

v0.4.11

  • Fix Slab::get_disjoint_mut out of bounds (#152)
Changelog

Sourced from slab's changelog.

0.4.12 (January 31, 2026)

  • Help the compiler elide copies in try_remove() (#160)
  • Add security policy (#154)

0.4.11 (August 8, 2025)

  • Fix Slab::get_disjoint_mut out of bounds (#152)
Commits

Updates bytes from 1.10.1 to 1.11.1

Release notes

Sourced from bytes's releases.

Bytes v1.11.1

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

Bytes v1.11.0

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Changelog

Sourced from bytes's changelog.

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Commits

Updates tokio from 1.44.1 to 1.52.1

Release notes

Sourced from tokio's releases.

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

  • runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

  • io: AioSource::register_borrowed for I/O safety support (#7992)
  • net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

  • runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)
  • taskdump: add trace_with() for customized task dumps (#8025)
  • taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)
  • fs: support io_uring in AsyncRead for File (#7907)

Changed

  • runtime: improve spawn_blocking scalability with sharded queue (#7757)
  • runtime: use compare_exchange_weak() in worker queue (#8028)

Fixed

  • runtime: overflow second half of tasks when local queue is filled instead of first half (#8029)

Documented

  • docs: fix typo in oneshot::Sender::send docs (#8026)
  • docs: hide #[tokio::main] attribute in the docs of sync::watch (#8035)
  • net: add docs on ConnectionRefused errors with UDP sockets (#7870)

#7757: tokio-rs/tokio#7757 #7870: tokio-rs/tokio#7870 #7907: tokio-rs/tokio#7907 #7992: tokio-rs/tokio#7992 #8010: tokio-rs/tokio#8010 #8025: tokio-rs/tokio#8025 #8026: tokio-rs/tokio#8026 #8028: tokio-rs/tokio#8028 #8029: tokio-rs/tokio#8029

... (truncated)

Commits
  • 905c146 chore: prepare to release v1.52.1 (#8059)
  • 56aaa43 rt: revert #7757 to fix regression in spawn_blocking (#8057)
  • 57ff47a ci: update trybuild to expect output from rustc 1.95.0 (#8058)
  • 812de3e ci: bump taiki-e/cache-cargo-install-action from 1 to 3 (#8053)
  • ba82e73 ci: use Dependabot to keep github actions up to date (#8052)
  • 2e85f9d ci: replace cirrus-ci with freebsd-vm (#8041)
  • a7e1cd8 ci: update GitHub Actions workflows to use latest tool versions (#8047)
  • 5f7be0a chore: perpare 1.52.0 (#8045)
  • 36d12d2 taskdump: allow impl FnMut() in taskdumps instead of just fn() (#8040)
  • f943312 fs: support io-uring in AsyncRead for File (#7907)
  • Additional commits viewable in compare view

Updates bytes from 1.10.1 to 1.11.1

Release notes

Sourced from bytes's releases.

Bytes v1.11.1

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

Bytes v1.11.0

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Changelog

Sourced from bytes's changelog.

1.11.1 (February 3rd, 2026)

  • Fix integer overflow in BytesMut::reserve

1.11.0 (November 14th, 2025)

  • Bump MSRV to 1.57 (#788)

Fixed

  • fix: BytesMut only reuse if src has remaining (#803)
  • Specialize BytesMut::put::<Bytes> (#793)
  • Reserve capacity in BytesMut::put (#794)
  • Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

  • Guarantee address in slice() for empty slices. (#780)
  • Rename Vtable::to_* -> Vtable::into_* (#776)
  • Fix latest clippy warnings (#787)
  • Ignore BytesMut::freeze doctest on wasm (#790)
  • Move drop_fn of from_owner into vtable (#801)
Comm...

Description has been truncated

@dependabot
chore(deps): bump the cargo group across 10 directories with 7 updates
83c85c9 
Bumps the cargo group with 3 updates in the /Rust_v1/rust-dioxus-v0 directory: [bytes](https://github.com/tokio-rs/bytes), [slab](https://github.com/tokio-rs/slab) and [tracing-subscriber](https://github.com/tokio-rs/tracing).
Bumps the cargo group with 3 updates in the /Rust_v1/rust-dioxus-v1 directory: [bytes](https://github.com/tokio-rs/bytes), [slab](https://github.com/tokio-rs/slab) and [tracing-subscriber](https://github.com/tokio-rs/tracing).
Bumps the cargo group with 2 updates in the /Rust_v1/rust-leptos-v0 directory: [bytes](https://github.com/tokio-rs/bytes) and [slab](https://github.com/tokio-rs/slab).
Bumps the cargo group with 2 updates in the /Rust_v1/rust-leptos-v3 directory: [bytes](https://github.com/tokio-rs/bytes) and [slab](https://github.com/tokio-rs/slab).
Bumps the cargo group with 2 updates in the /Rust_v1/rust-yew-v0 directory: [bytes](https://github.com/tokio-rs/bytes) and [tokio](https://github.com/tokio-rs/tokio).
Bumps the cargo group with 1 update in the /axum_todo directory: [bytes](https://github.com/tokio-rs/bytes).
Bumps the cargo group with 1 update in the /get-start-rust directory: [rand](https://github.com/rust-random/rand).
Bumps the cargo group with 1 update in the /leptos-tutorial directory: [bytes](https://github.com/tokio-rs/bytes).
Bumps the cargo group with 5 updates in the /rust-http-v0 directory:

| Package | From | To |
| --- | --- | --- |
| [bytes](https://github.com/tokio-rs/bytes) | `1.10.1` | `1.11.1` |
| [rand](https://github.com/rust-random/rand) | `0.8.5` | `0.8.6` |
| [slab](https://github.com/tokio-rs/slab) | `0.4.10` | `0.4.12` |
| [actix-http](https://github.com/actix/actix-web) | `3.11.0` | `3.12.1` |
| [time](https://github.com/time-rs/time) | `0.3.41` | `0.3.44` |

Bumps the cargo group with 1 update in the /rust_api directory: [bytes](https://github.com/tokio-rs/bytes).


Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `slab` from 0.4.10 to 0.4.12
- [Release notes](https://github.com/tokio-rs/slab/releases)
- [Changelog](https://github.com/tokio-rs/slab/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/slab@v0.4.10...v0.4.12)

Updates `tracing-subscriber` from 0.3.19 to 0.3.20
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](tokio-rs/tracing@tracing-subscriber-0.3.19...tracing-subscriber-0.3.20)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `slab` from 0.4.10 to 0.4.12
- [Release notes](https://github.com/tokio-rs/slab/releases)
- [Changelog](https://github.com/tokio-rs/slab/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/slab@v0.4.10...v0.4.12)

Updates `tracing-subscriber` from 0.3.19 to 0.3.20
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](tokio-rs/tracing@tracing-subscriber-0.3.19...tracing-subscriber-0.3.20)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `slab` from 0.4.10 to 0.4.12
- [Release notes](https://github.com/tokio-rs/slab/releases)
- [Changelog](https://github.com/tokio-rs/slab/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/slab@v0.4.10...v0.4.12)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `slab` from 0.4.10 to 0.4.12
- [Release notes](https://github.com/tokio-rs/slab/releases)
- [Changelog](https://github.com/tokio-rs/slab/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/slab@v0.4.10...v0.4.12)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `tokio` from 1.44.1 to 1.52.1
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.44.1...tokio-1.52.1)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `rand` from 0.9.0 to 0.9.3
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/0.9.3/CHANGELOG.md)
- [Commits](rust-random/rand@0.9.0...0.9.3)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

Updates `rand` from 0.8.5 to 0.8.6
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/0.9.3/CHANGELOG.md)
- [Commits](rust-random/rand@0.9.0...0.9.3)

Updates `slab` from 0.4.10 to 0.4.12
- [Release notes](https://github.com/tokio-rs/slab/releases)
- [Changelog](https://github.com/tokio-rs/slab/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/slab@v0.4.10...v0.4.12)

Updates `actix-http` from 3.11.0 to 3.12.1
- [Release notes](https://github.com/actix/actix-web/releases)
- [Changelog](https://github.com/actix/actix-web/blob/main/CHANGES.md)
- [Commits](actix/actix-web@http-v3.11.0...http-v3.12.1)

Updates `time` from 0.3.41 to 0.3.44
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](time-rs/time@v0.3.41...v0.3.44)

Updates `bytes` from 1.10.1 to 1.11.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.10.1...v1.11.1)

---
updated-dependencies:
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: slab
  dependency-version: 0.4.12
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: tracing-subscriber
  dependency-version: 0.3.20
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: slab
  dependency-version: 0.4.12
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: tracing-subscriber
  dependency-version: 0.3.20
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: slab
  dependency-version: 0.4.12
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: slab
  dependency-version: 0.4.12
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: tokio
  dependency-version: 1.52.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: rand
  dependency-version: 0.9.3
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: rand
  dependency-version: 0.8.6
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: slab
  dependency-version: 0.4.12
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: actix-http
  dependency-version: 3.12.1
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: time
  dependency-version: 0.3.44
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.11.1
  dependency-type: indirect
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Apr 22, 2026
@deepsource-io
Copy link
Copy Markdown
Contributor

deepsource-io Bot commented Apr 22, 2026
edited
Loading

DeepSource Code Review

We reviewed changes in d09c5dd...83c85c9 on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade   Security  

Reliability  

Complexity  

Hygiene  

Code Review Summary

Analyzer Status Updated (UTC) Details
Rust Apr 22, 2026 9:41p.m. Review ↗

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants