Skip to content

Combined Dependabot PRs 2026-04-02#313

Merged
tclem merged 10 commits into
mainfrom
combined-dependabot-20260402-072720
Apr 10, 2026
Merged

Combined Dependabot PRs 2026-04-02#313
tclem merged 10 commits into
mainfrom
combined-dependabot-20260402-072720

Conversation

@code-search-bot

@code-search-bot code-search-bot commented Apr 2, 2026

Copy link
Copy Markdown
Collaborator

This PR combines 5 Dependabot PRs.

ℹ️ Details from merged PRs:

Details from Bump prost from 0.14.1 to 0.14.3

Changelog

Sourced from prost's changelog.

Prost version 0.14.2

PROST! is a Protocol Buffers implementation for the Rust Language. prost generates simple, idiomatic Rust code from proto2 and proto3 files.

⚠️ Heads-up

  • Increase MSRV to 1.82 (#1356)

  • Update maintenance status to Passively Maintained (#1359)

    This excerpt is from the readme:

    The current maintainer is not contributing new features and doesn't have the time to review new features. Bug fixes and small improvements are welcome. Feel free to contribute small and easily reviewable PRs.

    Bug fixes are still important, and security fixes will be released as soon as possible. Contact the #prost channel in Tokio discord if you feel a bug or security fix is not getting enough attention.

    The maintainer expects the official protobuf project to release their rust library soon and expects it to be as fully featured as the C++ library. See their source code and crate for more information.

🚀 Features

  • Configure prost path via prost_build::Config or #[(prost(prost_path = "::prost")] (#1274)
  • Support for deprecated enum and oneof fields (#1316)

🐛 Bug Fixes

  • (prost-build) Resolve OneOf type name conflict with embedded message (#1294)
  • (prost-build) Avoid OneOf type collision with enums and keyword names (#1341)

💼 Dependencies

  • Use trait Error from core (#1179)
  • (deps) Update protobuf to v25.8 (#1323)
  • (deps) Update criterion requirement from 0.6 to 0.7 (#1308)
  • (deps) Update petgraph to 0.8 (#1327)
  • (deps) Bump actions/upload-artifact from 4 to 5 (#1351)
  • (deps) Bump actions/checkout from 5 to 6 (#1370)
  • Bump actions/checkout to v5 (#1312)
  • Update clippy to version 1.87 (#1292)
  • Replace once_cell dependency by std lib (#1119)

📚 Documentation

  • Update outdated link is test documentation (#1289)
  • Describe use of encoding module (#1322)
  • Update the readme MSRV to the actual number (#1331)
  • Update URLs after manual review (#1336)
  • Answer why fields are wrapped in option (#1358)

🎨 Styling

  • Add spaces to derive arguments in generated code (#1290)
  • Use variables directly in the format! string (#1293)

... (truncated)

Commits

Details from Bump fs-err from 3.2.1 to 3.3.0

Changelog

Sourced from fs-err's changelog.

fs-err Changelog

3.3.2

  • Cleanup rustdoc links to make them clickable in rust-analyzer (#88)
  • Add wrappers for several os::unix::fs functions (#87):
    • std::os::unix::fs::FileExt::read_exact_at
    • std::os::unix::fs::FileExt::write_all_at
    • std::os::unix::fs::chroot
    • std::os::unix::fs::chown
    • std::os::unix::fs::lchown
  • Replace '/' operator in SPDX license expression with 'OR' for readability (#86)

3.2.2

  • Add wrappers for File::set_modified and File::set_times (#84)
Commits

Details from Bump reqwest from 0.13.1 to 0.13.2

Release notes

Sourced from reqwest's releases.

v0.13.2

tl;dr

  • Fix HTTP/2 and native-tls ALPN feature combinations.
  • Fix HTTP/3 to send h3 ALPN.
  • (wasm) fix RequestBuilder::json() from override previously set content-type.

What's Changed

New Contributors

Full Changelog: seanmonstar/reqwest@v0.13.1...v0.13.2

Changelog

Sourced from reqwest's changelog.

v0.13.2

  • Fix HTTP/2 and native-tls ALPN feature combinations.
  • Fix HTTP/3 to send h3 ALPN.
  • (wasm) fix RequestBuilder::json() from override previously set content-type.
Commits

Details from Bump quote from 1.0.43 to 1.0.45

Release notes

Sourced from quote's releases.

1.0.45

  • Add ToTokens impl for Arc<T> (#326)

1.0.44

  • Support raw lifetime syntax 'r#async (#323)
Commits
  • 842ffde Release 1.0.45
  • 93d691c Merge pull request #326 from dtolnay/arc
  • d27d589 ToTokens for Arc
  • 24d1082 Update ui test suite to nightly-2026-02-18
  • 26b1276 Unpin CI miri toolchain
  • c5e1c9e Pin CI miri to nightly-2026-02-11
  • 58e2155 Remove compiler version support from readme
  • 1fc6b50 Raise required compiler to Rust 1.71
  • 515480a Update ui test suite to nightly-2026-02-01
  • 2c5e770 Update ui test suite to nightly-2026-01-30
  • Additional commits viewable in compare view

Details from Bump futures from 0.3.31 to 0.3.32

Release notes

Sourced from futures's releases.

0.3.32

  • Bump MSRV of utility crates to 1.71. (#2989)
  • Soft-deprecate ready! macro in favor of std::task::ready! added in Rust 1.64 (#2925)
  • Soft-deprecate pin_mut! macro in favor of std::pin::pin! added in Rust 1.68 (#2929)
  • Add FuturesOrdered::clear (#2927)
  • Add mpsc::*Receiver::recv (#2947)
  • Add mpsc::*Receiver::try_recv and deprecate mpsc::*Receiver::::try_next (#2944)
  • Implement FusedStream for sink::With (#2948)
  • Add no_std support for shared (#2868)
  • Make Mutex::new() const (#2956)
  • Add #[clippy::has_significant_drop] to guards (#2967)
  • Remove dependency to pin-utils (#2929)
  • Remove dependency on num_cpus (#2946)
  • Performance improvements (#2983)
  • Documentation improvements (#2925, #2926, #2940, #2971)
Changelog

Sourced from futures's changelog.

0.3.32 - 2026-02-15

  • Bump MSRV of utility crates to 1.71. (#2989)
  • Soft-deprecate ready! macro in favor of std::task::ready! added in Rust 1.64 (#2925)
  • Soft-deprecate pin_mut! macro in favor of std::pin::pin! added in Rust 1.68 (#2929)
  • Add FuturesOrdered::clear (#2927)
  • Add mpsc::*Receiver::recv (#2947)
  • Add mpsc::*Receiver::try_recv and deprecate mpsc::*Receiver::::try_next (#2944)
  • Implement FusedStream for sink::With (#2948)
  • Add no_std support for shared (#2868)
  • Make Mutex::new() const (#2956)
  • Add #[clippy::has_significant_drop] to guards (#2967)
  • Remove dependency to pin-utils (#2929)
  • Remove dependency on num_cpus (#2946)
  • Performance improvements (#2983)
  • Documentation improvements (#2925, #2926, #2940, #2971)
Commits
  • d9bba94 Release 0.3.32
  • 151e0b9 Add comments on rust-version field in Cargo.toml
  • 4aaf00c Bump MSRV of utility crates to 1.71
  • a4cce12 perf: improve AtomicWaker::wake performance (#2983)
  • ba9d102 Add #[clippy::has_significant_drop] to guards (#2967)
  • 20396a8 Fix rustdoc::broken_intra_doc_links warning
  • 815f6eb Fix documentation of BiLock::lock (#2971)
  • 0f0db04 futures-util: make Mutex::new() const (#2956)
  • 5d6fc5e ci: Test big-endian target (s390x Linux)
  • 9f739fe Ignore dead_code lint on Fn1 trait
  • Additional commits viewable in compare view

dependabot Bot and others added 10 commits April 2, 2026 06:49
@dependabot
Bump prost from 0.14.1 to 0.14.3
55efcdc 
Bumps [prost](https://github.com/tokio-rs/prost) from 0.14.1 to 0.14.3.
- [Release notes](https://github.com/tokio-rs/prost/releases)
- [Changelog](https://github.com/tokio-rs/prost/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/prost@v0.14.1...v0.14.3)

---
updated-dependencies:
- dependency-name: prost
  dependency-version: 0.14.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump fs-err from 3.2.1 to 3.3.0
2582f8f 
Bumps [fs-err](https://github.com/andrewhickman/fs-err) from 3.2.1 to 3.3.0.
- [Changelog](https://github.com/andrewhickman/fs-err/blob/main/CHANGELOG.md)
- [Commits](https://github.com/andrewhickman/fs-err/commits/3.3.0)

---
updated-dependencies:
- dependency-name: fs-err
  dependency-version: 3.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump reqwest from 0.13.1 to 0.13.2
40d6cc9 
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.13.1 to 0.13.2.
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.13.1...v0.13.2)

---
updated-dependencies:
- dependency-name: reqwest
  dependency-version: 0.13.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump quote from 1.0.43 to 1.0.45
b01d5a8 
Bumps [quote](https://github.com/dtolnay/quote) from 1.0.43 to 1.0.45.
- [Release notes](https://github.com/dtolnay/quote/releases)
- [Commits](dtolnay/quote@1.0.43...1.0.45)

---
updated-dependencies:
- dependency-name: quote
  dependency-version: 1.0.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump futures from 0.3.31 to 0.3.32
064c9d9 
Bumps [futures](https://github.com/rust-lang/futures-rs) from 0.3.31 to 0.3.32.
- [Release notes](https://github.com/rust-lang/futures-rs/releases)
- [Changelog](https://github.com/rust-lang/futures-rs/blob/master/CHANGELOG.md)
- [Commits](rust-lang/futures-rs@0.3.31...0.3.32)

---
updated-dependencies:
- dependency-name: futures
  dependency-version: 0.3.32
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@code-search-bot
Merge dependabot/cargo/prost-0.14.3 into combined-dependabot-20260402…
40e2eff 
…-072720
@code-search-bot
Merge dependabot/cargo/fs-err-3.3.0 into combined-dependabot-20260402…
80a1e00 
…-072720
@code-search-bot
Merge dependabot/cargo/reqwest-0.13.2 into combined-dependabot-202604…
d0840b6 
…02-072720
@code-search-bot
Merge dependabot/cargo/quote-1.0.45 into combined-dependabot-20260402…
a8080a8 
…-072720
@code-search-bot
Merge dependabot/cargo/futures-0.3.32 into combined-dependabot-202604…
d97400b 
…02-072720
Copilot AI review requested due to automatic review settings April 2, 2026 07:27
@code-search-bot code-search-bot requested a review from a team as a code owner April 2, 2026 07:27
Copilot AI approved these changes Apr 2, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR consolidates multiple Dependabot dependency bumps across the Rust workspace by updating the example crate’s build dependency and refreshing the workspace lockfile to newer versions of several transitive/direct crates.

Changes:

  • Bump fs-err build-dependency in example from 3.2 to 3.3.
  • Update Cargo.lock to reflect newer resolved versions for fs-err, futures, prost, quote, and reqwest (including removal of pin-utils from the futures-util dependency list).

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
example/Cargo.toml Updates fs-err build-dependency version requirement to 3.3.
Cargo.lock Refreshes lockfile to newer resolved crate versions corresponding to the combined Dependabot updates.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@tclem tclem added this pull request to the merge queue Apr 10, 2026
Merged via the queue into main with commit 9f3c6d6 Apr 10, 2026
9 checks passed
@tclem tclem deleted the combined-dependabot-20260402-072720 branch April 10, 2026 22:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tclem tclem tclem approved these changes

Copilot code review Copilot Copilot approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@code-search-bot @tclem