Skip to content

Bump suppaftp from 6.3.0 to 8.0.2 in /core#33

Merged
alinsgit merged 1 commit intomainfrom
dependabot/cargo/core/suppaftp-8.0.2
Apr 2, 2026
Merged

Bump suppaftp from 6.3.0 to 8.0.2 in /core#33
alinsgit merged 1 commit intomainfrom
dependabot/cargo/core/suppaftp-8.0.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 18, 2026
edited
Loading

Bumps suppaftp from 6.3.0 to 8.0.2.

Release notes

Sourced from suppaftp's releases.

suppaftp 8.0.2

8.0.2

Released on 12/02/2026

  • PR 135: Fixed unsafe undefined behavior in tokio AsyncNativeTlsStream::tcp_stream() which could cause use-after-free / double-free.
  • PR 136: Fixed data_connection_open flag being set before the data stream was actually created, which could incorrectly report DataConnectionAlreadyOpen on failure.
  • PR 137: Fixed infinite loop in async feat() when the server disconnects mid-response.
  • PR 138: Fixed infinite loop in read_response_in() on multiline responses when the server disconnects.
  • PR 139: Fixed MLSX parser to accept cdir and pdir entry types as directories (per RFC 3659).
  • PR 140: Fixed MLSX unix.mode parser to accept 4-digit octal modes (e.g. 0755).
  • PR 141: Fixed abort() hanging when server sends 226 directly instead of 426+226.
  • PR 142: Fixed DOS LIST parser to handle comma-separated file sizes (e.g. 1,234,567).
  • PR 143: Fixed parse_lstime to adjust year for future dates (matches GNU ls behavior).
  • PR 144: Fixed DOS time parser to handle space before AM/PM (e.g. 01:30 PM).
  • PR 145: Fixed active mode to use EPRT command for IPv6 connections.
  • PR 146: Replaced unwrap() panics on server-controlled data (EPSV, SIZE, MDTM) with proper error handling.
  • PR 147: Removed redundant feature = "async-std" in cfg gate.
  • PR 148: Fixed doc(cfg) attribute on SecureError variant to show both secure and async-secure features.
  • PR 133: Moved crates to crates/ folder.
  • PR 134: Changed test container image to delfer/alpine-ftp-server.

suppaftp 8.0.1

8.0.1

Released on 18/01/2026

  • Fixed docs.rs build

suppaftp 8.0.0

8.0.0

Released on 18/01/2026

  • Issue 131: Added new features to choose the backend for rustls:
    • rustls-ring: use ring as crypto backend (default)
    • rustls-aws-lc-rs: use aws-lc-rs as crypto backend
    • Removed rustls feature. Use either rustls-ring or rustls-aws-lc-rs instead.
    • Removed async-rustls feature. Use either async-std-rustls-ring or async-std-rustls-aws-lc-rs instead.
    • Removed tokio-rustls feature. Use either tokio-rustls-ring or tokio-rustls-aws-lc-rs instead.

[!CAUTION] In case you're using rustls, tokio-rustls, or async-rustls features, you need to update your Cargo.toml accordingly.

suppaftp 7.1.0

7.1.0

Released on 07/01/2026

... (truncated)

Changelog

Sourced from suppaftp's changelog.

8.0.2

Released on 12/02/2026

  • PR 135: Fixed unsafe undefined behavior in tokio AsyncNativeTlsStream::tcp_stream() which could cause use-after-free / double-free.
  • PR 136: Fixed data_connection_open flag being set before the data stream was actually created, which could incorrectly report DataConnectionAlreadyOpen on failure.
  • PR 137: Fixed infinite loop in async feat() when the server disconnects mid-response.
  • PR 138: Fixed infinite loop in read_response_in() on multiline responses when the server disconnects.
  • PR 139: Fixed MLSX parser to accept cdir and pdir entry types as directories (per RFC 3659).
  • PR 140: Fixed MLSX unix.mode parser to accept 4-digit octal modes (e.g. 0755).
  • PR 141: Fixed abort() hanging when server sends 226 directly instead of 426+226.
  • PR 142: Fixed DOS LIST parser to handle comma-separated file sizes (e.g. 1,234,567).
  • PR 143: Fixed parse_lstime to adjust year for future dates (matches GNU ls behavior).
  • PR 144: Fixed DOS time parser to handle space before AM/PM (e.g. 01:30 PM).
  • PR 145: Fixed active mode to use EPRT command for IPv6 connections.
  • PR 146: Replaced unwrap() panics on server-controlled data (EPSV, SIZE, MDTM) with proper error handling.
  • PR 147: Removed redundant feature = "async-std" in cfg gate.
  • PR 148: Fixed doc(cfg) attribute on SecureError variant to show both secure and async-secure features.
  • PR 133: Moved crates to crates/ folder.
  • PR 134: Changed test container image to delfer/alpine-ftp-server.

8.0.1

Released on 18/01/2026

  • Fixed docs.rs build

8.0.0

Released on 18/01/2026

  • Issue 131: Added new features to choose the backend for rustls:
    • rustls-ring: use ring as crypto backend (default)
    • rustls-aws-lc-rs: use aws-lc-rs as crypto backend
    • Removed rustls feature. Use either rustls-ring or rustls-aws-lc-rs instead.
    • Removed async-rustls feature. Use either async-std-rustls-ring or async-std-rustls-aws-lc-rs instead.
    • Removed tokio-rustls feature. Use either tokio-rustls-ring or tokio-rustls-aws-lc-rs instead.

[!CAUTION] In case you're using rustls, tokio-rustls, or async-rustls features, you need to update your Cargo.toml accordingly.

7.1.0

Released on 07/01/2026

  • Issue 128
    • Made FileType enum public
    • Added File::file_type() method to retrieve the file type
    • Deprecated File::from_dos_line, File::from_mlsx_line, and File::from_posix_line methods in favor of

... (truncated)

Commits
  • cd12e3c chore: manifest paths (#151)
  • 1b25fb9 test: increase unit test coverage and release 8.0.2 (#150)
  • f4010bf fix: active mode uses EPRT for IPv6 connections (#145)
  • 1e9ebfa fix: replace unwrap() panics on server-controlled data (#146)
  • 0c6e826 fix: DOS time parser handles space before AM/PM (#144)
  • 5b24128 fix: parse_lstime adjusts year for future dates (#143)
  • 8b00176 fix: correct doc(cfg) attribute on SecureError (#148)
  • 8f8b6d1 chore: Claude file (#149)
  • e7cd090 fix: remove redundant feature = "async-std" in cfg gate (#147)
  • 64a96ae fix: DOS LIST parser handles comma-separated file sizes (#142)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Mar 18, 2026
@dependabot
Bump suppaftp from 6.3.0 to 8.0.2 in /core
ba3fa3e 
Bumps [suppaftp](https://github.com/veeso/suppaftp) from 6.3.0 to 8.0.2.
- [Release notes](https://github.com/veeso/suppaftp/releases)
- [Changelog](https://github.com/veeso/suppaftp/blob/main/CHANGELOG.md)
- [Commits](veeso/suppaftp@v6.3.0...v8.0.2)

---
updated-dependencies:
- dependency-name: suppaftp
  dependency-version: 8.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/core/suppaftp-8.0.2 branch from b52e049 to ba3fa3e Compare March 25, 2026 22:44
@alinsgit alinsgit merged commit 5128ab0 into main Apr 2, 2026
@dependabot dependabot Bot deleted the dependabot/cargo/core/suppaftp-8.0.2 branch April 2, 2026 18:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alinsgit