Skip to content

chore(deps): bump the cargo-workspace group with 4 updates#394

Open
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/cargo/dev/cargo-workspace-b36f1adec7
Open

chore(deps): bump the cargo-workspace group with 4 updates#394
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/cargo/dev/cargo-workspace-b36f1adec7

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 11, 2026

Bumps the cargo-workspace group with 4 updates: tauri, tauri-build, tokio and git2.

Updates tauri from 2.11.0 to 2.11.1

Release notes

Sourced from tauri's releases.

tauri-cli v2.11.1

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 1067 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1088 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.55.0
    │   └── tauri-runtime-wry 2.11.1
    │       └── tauri 2.11.1
    │           ├── tauri-utils 2.9.1
    │           │   ├── tauri-schema-generator 0.0.0
    │           │   ├── tauri-runtime-wry 2.11.1
    │           │   ├── tauri-runtime 2.11.1
    │           │   │   ├── tauri-runtime-wry 2.11.1
    │           │   │   └── tauri 2.11.1
    │           │   ├── tauri-plugin 2.6.1
    │           │   │   ├── tauri-plugin-sample 0.1.0
    │           │   │   │   └── api 0.1.0
    │           │   │   └── tauri-plugin-log 2.6.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-macros 2.6.1
    │           │   │   └── tauri 2.11.1
    │           │   ├── tauri-codegen 2.6.1
    │           │   │   ├── tauri-macros 2.6.1
    │           │   │   └── tauri-build 2.6.1
    │           │   │       ├── tauri-file-associations-demo 0.1.0
    │           │   │       ├── tauri 2.11.1
    │           │   │       ├── resources 0.1.0
    │           │   │       ├── bench_helloworld 0.1.0
    │           │   │       ├── bench_files_transfer 0.1.0
    │           │   │       ├── bench_cpu_intensive 0.1.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-cli 2.11.1
    │           │   │   └── tauri-cli-node 0.0.0
    │           │   ├── tauri-bundler 2.9.1
    │           │   │   └── tauri-cli 2.11.1
    │           │   ├── tauri-build 2.6.1
</tr></table>

... (truncated)

Commits

Updates tauri-build from 2.6.0 to 2.6.1

Release notes

Sourced from tauri-build's releases.

tauri-build v2.6.1

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 1067 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1088 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.55.0
    │   └── tauri-runtime-wry 2.11.1
    │       └── tauri 2.11.1
    │           ├── tauri-utils 2.9.1
    │           │   ├── tauri-schema-generator 0.0.0
    │           │   ├── tauri-runtime-wry 2.11.1
    │           │   ├── tauri-runtime 2.11.1
    │           │   │   ├── tauri-runtime-wry 2.11.1
    │           │   │   └── tauri 2.11.1
    │           │   ├── tauri-plugin 2.6.1
    │           │   │   ├── tauri-plugin-sample 0.1.0
    │           │   │   │   └── api 0.1.0
    │           │   │   └── tauri-plugin-log 2.6.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-macros 2.6.1
    │           │   │   └── tauri 2.11.1
    │           │   ├── tauri-codegen 2.6.1
    │           │   │   ├── tauri-macros 2.6.1
    │           │   │   └── tauri-build 2.6.1
    │           │   │       ├── tauri-file-associations-demo 0.1.0
    │           │   │       ├── tauri 2.11.1
    │           │   │       ├── resources 0.1.0
    │           │   │       ├── bench_helloworld 0.1.0
    │           │   │       ├── bench_files_transfer 0.1.0
    │           │   │       ├── bench_cpu_intensive 0.1.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-cli 2.11.1
    │           │   │   └── tauri-cli-node 0.0.0
    │           │   ├── tauri-bundler 2.9.1
    │           │   │   └── tauri-cli 2.11.1
    │           │   ├── tauri-build 2.6.1
</tr></table>

... (truncated)

Commits

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

  • sync: fix underflow in mpsc channel len() (#8062)
  • sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
  • sync: require that an RwLock has max_readers != 0 (#8076)
  • sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

Updates git2 from 0.19.0 to 0.20.4

Changelog

Sourced from git2's changelog.

0.20.4 - 2026-02-02

0.20.3...0.20.4

Fixed

  • Fix undefined behavior when dereferencing empty Buf. #1213

0.20.3 - 2025-12-06

0.20.2...0.20.3

Changed

  • Bumped requirement to libgit2-sys 0.18.3, which updates libgit2 from 1.9.0 to 1.9.2. #1197

0.20.2 - 2025-05-05

0.20.1...0.20.2

Added

  • Added Status::WT_UNREADABLE. #1151

Fixed

  • Added missing codes for GIT_EDIRECTORY, GIT_EMERGECONFLICT, GIT_EUNCHANGED, GIT_ENOTSUPPORTED, and GIT_EREADONLY to Error::raw_code. #1153
  • Fixed missing initialization in Indexer::new. #1160

0.20.1 - 2025-03-17

0.20.0...0.20.1

Added

  • Added Repository::branch_upstream_merge() #1131
  • Added Index::conflict_get() #1134
  • Added Index::conflict_remove() #1133
  • Added opts::set_cache_object_limit() #1118
  • Added Repo::merge_file_from_index() and associated MergeFileOptions and MergeFileResult. #1062

Changed

  • The url dependency minimum raised to 2.5.4

... (truncated)

Commits
  • 8852d7d Merge pull request #1214 from weihanglo/backport-from-raw-parts
  • 0b274f7 Bump to 0.20.4
  • 73a5d5d Add test for dereference of an empty Buf
  • ce56683 fix: check ptr nullity before calling from_raw_parts
  • 7cf345c Merge pull request #1197 from ehuss/git2-0.20-br
  • dd41077 Bump git2 to 0.20.3
  • a6a58e2 Merge pull request #1195 from ehuss/update-libgit2
  • 1fb5f64 Merge pull request #1161 from ehuss/bump-version
  • 26bfd30 Update version of git2 to 0.20.2
  • eef4592 Merge pull request #1160 from ehuss/indexer-init
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the cargo-workspace group with 4 updates
799a15d 
Bumps the cargo-workspace group with 4 updates: [tauri](https://github.com/tauri-apps/tauri), [tauri-build](https://github.com/tauri-apps/tauri), [tokio](https://github.com/tokio-rs/tokio) and [git2](https://github.com/rust-lang/git2-rs).


Updates `tauri` from 2.11.0 to 2.11.1
- [Release notes](https://github.com/tauri-apps/tauri/releases)
- [Commits](tauri-apps/tauri@tauri-v2.11.0...tauri-v2.11.1)

Updates `tauri-build` from 2.6.0 to 2.6.1
- [Release notes](https://github.com/tauri-apps/tauri/releases)
- [Commits](tauri-apps/tauri@tauri-build-v2.6.0...tauri-build-v2.6.1)

Updates `tokio` from 1.52.1 to 1.52.3
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.52.1...tokio-1.52.3)

Updates `git2` from 0.19.0 to 0.20.4
- [Changelog](https://github.com/rust-lang/git2-rs/blob/git2-0.20.4/CHANGELOG.md)
- [Commits](rust-lang/git2-rs@git2-0.19.0...git2-0.20.4)

---
updated-dependencies:
- dependency-name: tauri
  dependency-version: 2.11.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-workspace
- dependency-name: tauri-build
  dependency-version: 2.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-workspace
- dependency-name: tokio
  dependency-version: 1.52.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-workspace
- dependency-name: git2
  dependency-version: 0.20.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo-workspace
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 11, 2026

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the rust Rust SDK/CLI/MCP code label May 11, 2026
@dependabot dependabot Bot requested a review from TrueNine as a code owner May 11, 2026 01:18
@dependabot dependabot Bot added the rust Rust SDK/CLI/MCP code label May 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TrueNine TrueNine Awaiting requested review from TrueNine TrueNine is a code owner

Assignees

No one assigned

Labels

rust Rust SDK/CLI/MCP code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants