Skip to content

chore(deps): bump the engine group across 1 directory with 3 updates#153

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/engine/engine-a07bfb75c2
Closed

chore(deps): bump the engine group across 1 directory with 3 updates#153
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/engine/engine-a07bfb75c2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the engine group with 3 updates in the /engine directory: anyhow, uuid and sevenz-rust2.

Updates anyhow from 1.0.102 to 1.0.103

Release notes

Sourced from anyhow's releases.

1.0.103

  • Fix Stacked Borrows violation (UB) in Error::downcast_mut (#451, #452)
Commits
  • 5bdb0e2 Release 1.0.103
  • e621bd3 Merge pull request #452 from dtolnay/downcast
  • 6e8c000 Eliminate pointer->reference->pointer during downcast
  • 67c4abd Add regression test for issue 451
  • 917a169 Update actions/upload-artifact@v6 -> v7
  • d9dc3fa Update actions/checkout@v6 -> v7
  • 841522b Raise minimum tested compiler to rust 1.85
  • See full diff in compare view

Updates uuid from 1.23.3 to 1.23.4

Release notes

Sourced from uuid's releases.

v1.23.4

What's Changed

New Contributors

Full Changelog: uuid-rs/uuid@v1.23.3...v1.23.4

Commits
  • 3296d64 Merge pull request #890 from uuid-rs/cargo/v1.23.4
  • cba53d0 prepare for 1.23.4 release
  • e347af4 Merge pull request #889 from frostyplanet/main
  • e9bf55c doc: Fix broken link warnings
  • 5351af4 doc: Enable feature flag label for docs.rs
  • 1e6a966 Merge pull request #888 from uuid-rs/KodrAus-patch-1
  • c9619f6 fix up name of fuzz script in readme
  • See full diff in compare view

Updates sevenz-rust2 from 0.21.0 to 0.21.1

Changelog

Sourced from sevenz-rust2's changelog.

0.21.1 - 2026-06-23

Fixed

  • Fix security issue were malicious 7z files could write files outside the destination directory. Reported by @​lintowe (#116)
Commits
  • ef760b6 7z files could write files outside the destination directory
  • 3ce5d2a Bump actions/checkout from 6 to 7
  • 92ea436 Fix new clippy linter issues
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 26, 2026
@dependabot dependabot Bot requested a review from phantomptr as a code owner June 26, 2026 06:44
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 26, 2026
@dependabot dependabot Bot changed the title chore(deps): bump the engine group in /engine with 3 updates chore(deps): bump the engine group across 1 directory with 3 updates Jun 28, 2026
@dependabot
chore(deps): bump the engine group across 1 directory with 3 updates
ab741a2 
Bumps the engine group with 3 updates in the /engine directory: [anyhow](https://github.com/dtolnay/anyhow), [uuid](https://github.com/uuid-rs/uuid) and [sevenz-rust2](https://github.com/hasenbanck/sevenz-rust).


Updates `anyhow` from 1.0.102 to 1.0.103
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](dtolnay/anyhow@1.0.102...1.0.103)

Updates `uuid` from 1.23.3 to 1.23.4
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](uuid-rs/uuid@v1.23.3...v1.23.4)

Updates `sevenz-rust2` from 0.21.0 to 0.21.1
- [Changelog](https://github.com/hasenbanck/sevenz-rust2/blob/main/CHANGELOG.md)
- [Commits](hasenbanck/sevenz-rust2@v0.21.0...v0.21.1)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-version: 1.0.103
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: engine
- dependency-name: sevenz-rust2
  dependency-version: 0.21.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: engine
- dependency-name: uuid
  dependency-version: 1.23.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: engine
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/engine/engine-a07bfb75c2 branch from 66be773 to ab741a2 Compare June 28, 2026 14:30
@phantomptr phantomptr mentioned this pull request Jun 28, 2026
Merged
@phantomptr

phantomptr commented Jun 28, 2026

Copy link
Copy Markdown
Owner

Folded into #161 (reapplied on current main, lockfiles regenerated, full build/test pass). Shipping in 3.3.24. Thanks dependabot!

@phantomptr phantomptr closed this Jun 28, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 28, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/cargo/engine/engine-a07bfb75c2 branch June 28, 2026 14:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@phantomptr phantomptr Awaiting requested review from phantomptr phantomptr is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@phantomptr