Skip to content

deps(rust): bump the cargo-async group across 1 directory with 3 updates#97

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/apps/desktop/src-tauri/cargo-async-5b498e3874
Closed

deps(rust): bump the cargo-async group across 1 directory with 3 updates#97
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/apps/desktop/src-tauri/cargo-async-5b498e3874

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 4, 2026

Copy link
Copy Markdown
Contributor

Bumps the cargo-async group with 3 updates in the /apps/desktop/src-tauri directory: tokio, axum and reqwest.

Updates tokio from 1.48.0 to 1.50.0

Release notes

Sourced from tokio's releases.

Tokio v1.50.0

1.50.0 (Mar 3rd, 2026)

Added

  • net: add TcpStream::set_zero_linger (#7837)
  • rt: add is_rt_shutdown_err (#7771)

Changed

  • io: add optimizer hint that memchr returns in-bounds pointer (#7792)
  • io: implement vectored writes for write_buf (#7871)
  • runtime: panic when event_interval is set to 0 (#7838)
  • runtime: shorten default thread name to fit in Linux limit (#7880)
  • signal: remember the result of SetConsoleCtrlHandler (#7833)
  • signal: specialize windows Registry (#7885)

Fixed

  • io: always cleanup AsyncFd registration list on deregister (#7773)
  • macros: remove (most) local use declarations in tokio::select! (#7929)
  • net: fix GET_BUF_SIZE constant for target_os = "android" (#7889)
  • runtime: avoid redundant unpark in current_thread scheduler (#7834)
  • runtime: don't park in current_thread if before_park defers waker (#7835)
  • io: fix write readiness on ESP32 on short writes (#7872)
  • runtime: wake deferred tasks before entering block_in_place (#7879)
  • sync: drop rx waker when oneshot receiver is dropped (#7886)
  • runtime: fix double increment of num_idle_threads on shutdown (#7910, #7918, #7922)

Unstable

  • fs: check for io-uring opcode support (#7815)
  • runtime: avoid lock acquisition after uring init (#7850)

Documented

  • docs: update outdated unstable features section (#7839)
  • io: clarify the behavior of AsyncWriteExt::shutdown() (#7908)
  • io: explain how to flush stdout/stderr (#7904)
  • io: fix incorrect and confusing AsyncWrite documentation (#7875)
  • rt: clarify the documentation of Runtime::spawn (#7803)
  • rt: fix missing quotation in docs (#7925)
  • runtime: correct the default thread name in docs (#7896)
  • runtime: fix event_interval doc (#7932)
  • sync: clarify RwLock fairness documentation (#7919)
  • sync: clarify that recv returns None once closed and no more messages (#7920)
  • task: clarify when to use spawn_blocking vs dedicated threads (#7923)
  • task: doc that task drops before JoinHandle completion (#7825)
  • signal: guarantee that listeners never return None (#7869)
  • task: fix task module feature flags in docs (#7891)

... (truncated)

Commits

Updates axum from 0.8.8 to 0.8.9

Release notes

Sourced from axum's releases.

axum-v0.8.9

  • added: WebSocketUpgrade::{requested_protocols, set_selected_protocol} for more flexible subprotocol selection (#3597)
  • changed: Update minimum rust version to 1.80 (#3620)
  • fixed: Set connect endpoint on correct field in MethodRouter (#3656)
  • fixed: Return specific error message when multipart body limit is exceeded (#3611)

#3597: tokio-rs/axum#3597 #3620: tokio-rs/axum#3620 #3656: tokio-rs/axum#3656 #3611: tokio-rs/axum#3611

Commits

Updates reqwest from 0.12.24 to 0.13.4

Release notes

Sourced from reqwest's releases.

v0.13.4

tl;dr

  • Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.
  • Add ClientBuilder::http2_keep_alive_* options for the blocking client.
  • Add TLS 1.3 support when using native-tls backend.
  • Fix redirect handling to strip sensitive headers when the scheme changes.
  • Fix HTTP/3 happy-eyeball connection creation.
  • Upgrade hickory-resolver to 0.26.

What's Changed

New Contributors

Full Changelog: seanmonstar/reqwest@v0.13.3...v0.13.4

v0.13.3

tl;dr

  • Fix CertificateRevocationList parsing of PEM values.
  • Fix logging in resolver to only show host, not full URL.
  • Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
  • Fix HTTP/3 to handle STOP_SENDING as not an error.
  • Fix HTTP/3 pool to remove timed out QUIC connections.
  • Fix HTTP/3 connection establishment picking IPv4 and IPv6.
  • Upgrade rustls-platform-verifier.
  • (wasm) Only use wasm-bindgen on unknown-* targets.

What's Changed

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.13.4

  • Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.
  • Add ClientBuilder::http2_keep_alive_* options for the blocking client.
  • Add TLS 1.3 support when using native-tls backend.
  • Fix redirect handling to strip sensitive headers when the scheme changes.
  • Fix HTTP/3 happy-eyeball connection creation.
  • Upgrade hickory-resolver to 0.26.

v0.13.3

  • Fix CertificateRevocationList parsing of PEM values.
  • Fix logging in resolver to only show host, not full URL.
  • Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
  • Fix HTTP/3 to handle STOP_SENDING as not an error.
  • Fix HTTP/3 pool to remove timed out QUIC connections.
  • Fix HTTP/3 connection establishment picking IPv4 and IPv6.
  • Upgrade rustls-platform-verifier.
  • (wasm) Only use wasm-bindgen on unknown-* targets.

v0.13.2

  • Fix HTTP/2 and native-tls ALPN feature combinations.
  • Fix HTTP/3 to send h3 ALPN.
  • (wasm) fix RequestBuilder::json() from override previously set content-type.

v0.13.1

  • Fixes compiling with rustls on Android targets.

v0.13.0

  • Breaking changes:
    • rustls is now the default TLS backend, instead of native-tls.
    • rustls crypto provider defaults to aws-lc instead of ring. (rustls-no-provider exists if you want a different crypto provider)
    • rustls-tls has been renamed to rustls.
    • rustls roots features removed, rustls-platform-verifier is used by default.
      • To use different roots, call tls_certs_only(your_roots).
    • native-tls now includes ALPN. To disable, use native-tls-no-alpn.
    • query and form are now crate features, disabled by default.
    • Long-deprecated methods and crate features have been removed (such as trust-dns, which was renamed hickory-dns a while ago).
  • Many TLS-related methods renamed to improve autocompletion and discovery, but previous name left in place with a "soft" deprecation. (just documented, no warnings)
    • For example, prefer tls_backend_rustls() over use_rustls_tls().

v0.12.28

  • Fix compiling on Windows if TLS and SOCKS features are not enabled.

v0.12.27

... (truncated)

Commits
  • 11489b3 v0.13.4
  • d31ffbb feat: Expose HTTP2 keep alive configurations in blocking client (#3043)
  • 79ed0d7 feat: support TLS 1.3 as min version under native-tls 🎉 (#2975)
  • fb7bf6a fix: remove unwrap in hickory initialization (#3041)
  • 3da616f fix: update hickory-resolver to 0.26 and adjust code accordingly (#3040)
  • c77e7b2 fix(http3): use happy eyeballs for h3 connect (#3030)
  • 9cbb65b chore: clean up minimal-versions CI job (#3039)
  • 17a7dc5 chore: upgrade MSRV to 1.85 (#3038)
  • 03db63a fix(redirect): strip sensitive headers on scheme change across redirects (#3034)
  • 4b813a8 feat: add tls_sslkeylogfile builder method (#2923)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the cargo-async group with 3 updates in the /apps/desktop/src-tauri directory: [tokio](https://github.com/tokio-rs/tokio), [axum](https://github.com/tokio-rs/axum) and [reqwest](https://github.com/seanmonstar/reqwest).


Updates `tokio` from 1.48.0 to 1.50.0
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.48.0...tokio-1.50.0)

Updates `axum` from 0.8.8 to 0.8.9
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](tokio-rs/axum@axum-v0.8.8...axum-v0.8.9)

Updates `reqwest` from 0.12.24 to 0.13.4
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.12.24...v0.13.4)

---
updated-dependencies:
- dependency-name: tokio
  dependency-version: 1.50.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo-async
- dependency-name: axum
  dependency-version: 0.8.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-async
- dependency-name: reqwest
  dependency-version: 0.13.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo-async
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 4, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot @github

dependabot Bot commented on behalf of github Jul 4, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/cargo/apps/desktop/src-tauri/cargo-async-5b498e3874 branch July 4, 2026 18:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant