Skip to content

Bump the cargo group across 1 directory with 68 updates #2070

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 2, 2025
Merged

Bump the cargo group across 1 directory with 68 updates #2070

merged 1 commit into from
Jul 2, 2025
+270 −340

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 2, 2025

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the cargo group across 1 directory with 68 updates
a9a8ea1 
---
updated-dependencies:
- dependency-name: clap
  dependency-version: 4.5.40
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: clap_complete
  dependency-version: 4.5.54
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: prodash
  dependency-version: 30.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: smallvec
  dependency-version: 1.15.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: libc
  dependency-version: 0.2.174
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: tracing-core
  dependency-version: 0.1.34
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: jiff
  dependency-version: 0.2.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: portable-atomic
  dependency-version: 1.11.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: syn
  dependency-version: 2.0.104
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: curl
  dependency-version: 0.4.48
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: reqwest
  dependency-version: 0.12.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: windows
  dependency-version: 0.61.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: fs-err
  dependency-version: 3.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: sysinfo
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: zip
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: anstream
  dependency-version: 0.6.19
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: anstyle
  dependency-version: 1.0.11
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: anstyle-parse
  dependency-version: 0.2.7
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: anstyle-query
  dependency-version: 1.1.3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: anstyle-wincon
  dependency-version: 3.0.9
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: autocfg
  dependency-version: 1.5.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: bumpalo
  dependency-version: 3.19.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: cc
  dependency-version: 1.2.27
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: clap_builder
  dependency-version: 4.5.40
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: clap_derive
  dependency-version: 4.5.40
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: clap_lex
  dependency-version: 0.7.5
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: colorchoice
  dependency-version: 1.0.4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: crunchy
  dependency-version: 0.2.4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: curl-sys
  dependency-version: 0.4.82+curl-8.14.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: errno
  dependency-version: 0.3.13
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: h2
  dependency-version: 0.4.11
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: hermit-abi
  dependency-version: 0.5.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: hyper-rustls
  dependency-version: 0.27.7
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: hyper-util
  dependency-version: 0.1.14
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: indexmap
  dependency-version: 2.10.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: jiff-static
  dependency-version: 0.2.15
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: jni
  dependency-version: 0.21.1
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: libredox
  dependency-version: 0.1.4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: prettyplease
  dependency-version: 0.2.35
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: quinn-udp
  dependency-version: 0.5.13
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: r-efi
  dependency-version: 5.3.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: redox_syscall
  dependency-version: 0.5.13
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: rustc-demangle
  dependency-version: 0.1.25
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: rustls
  dependency-version: 0.23.28
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: rustls-ffi
  dependency-version: 0.15.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: rustls-native-certs
  dependency-version: 0.8.1
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: rustls-platform-verifier
  dependency-version: 0.5.3
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: rustls-webpki
  dependency-version: 0.103.3
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: serde_spanned
  dependency-version: 0.6.9
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: slab
  dependency-version: 0.4.10
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: thread_local
  dependency-version: 1.1.9
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: toml
  dependency-version: 0.8.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: toml_datetime
  dependency-version: 0.6.11
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: toml_edit
  dependency-version: 0.22.27
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: toml_write
  dependency-version: 0.1.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: tower-http
  dependency-version: 0.6.6
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: tracing-attributes
  dependency-version: 0.1.30
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: wasi
  dependency-version: 0.11.1+wasi-snapshot-preview1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: webpki-roots
  dependency-version: 1.0.0
  dependency-type: indirect
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: windows-core
  dependency-version: 0.61.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: windows-future
  dependency-version: 0.2.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: windows-link
  dependency-version: 0.1.3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: windows-registry
  dependency-version: 0.5.3
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: windows-result
  dependency-version: 0.3.4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: windows-strings
  dependency-version: 0.4.2
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: xattr
  dependency-version: 1.5.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: zerocopy
  dependency-version: 0.8.26
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: zerocopy-derive
  dependency-version: 0.8.26
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jul 2, 2025
EliahKagan
EliahKagan approved these changes Jul 2, 2025
View reviewed changes
Copy link
Member

@EliahKagan EliahKagan left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. This supersedes #2068 due to #2069. All tests are passing.

The updated version of prodash includes a fix for GitoxideLabs/prodash#39. This was considered a breaking change in prodash because users could potentially be relying on the old logging behavior. prodash is a direct dependency here, and it is exposed with a pub use:

gitoxide/gix-features/src/progress.rs

Lines 6 to 14 in 9accfba

pub use prodash::{
self,
messages::MessageLevel,
progress::{
AtomicStep, Discard, DoOrDiscard, Either, Id, Step, StepShared, Task, ThroughputOnDrop, Value, UNKNOWN,
},
unit, BoxedDynNestedProgress, Count, DynNestedProgress, DynNestedProgressToNestedProgress, NestedProgress,
Progress, Unit,
};

But I'm not sure that necessarily means bumping it is a breaking change here, nor even necessarily that it is a change that users are especially interested in. All uses that compiled before still do. Maybe it should go into the changelog here but not as a breaking change? In any case, it seems to me that it is okay to merge this and then figure out if anything special has to be done to improve any changelogs.

@EliahKagan EliahKagan merged commit dab97f7 into main Jul 2, 2025
24 checks passed
@EliahKagan EliahKagan deleted the dependabot/cargo/cargo-827bceb7eb branch July 2, 2025 08:02
This was referenced Jul 2, 2025
Closed
Merged
@Byron
Copy link
Member

Byron commented Jul 3, 2025
edited
Loading

The updated version of prodash includes a fix for GitoxideLabs/prodash#39. This was considered a breaking change in prodash because users could potentially be relying on the old logging behavior. prodash is a direct dependency here, and it is exposed with a pub use:

That's a great catch! We didn't expose anything related to it, but in theory there was a log-renderer that now wouldn't be available unless that feature is explicitly enabled.

I also checked and noticed that gix-features wouldn't naturally (or already) be indicating a breaking change, so it would be possible to cause some sort of breakage in the next release.
However, as prodash doesn't seem to be exposed directly, people wouldn't be able to do gix_features::prodash::log_renderer, so probably it's still not a breaking change.

So, all good. And even if it isn't, I think the number of affected users here would be very small.

@EliahKagan
Copy link
Member

However, as prodash doesn't seem to be exposed directly, people wouldn't be able to do gix_features::prodash::log_renderer, so probably it's still not a breaking change.

I think prodash itself is exposed directly if the progress feature is enabled. But I don't see a difference between what is made available to access in gix_features::progress::prodash before and after the change.

I did not think to check that before, and I am not certain I am checking it correctly now. One way I have checked it is by seeing what tab-completes in evcxr:

ek in 🌐 catenary in ~
❯ evcxr
Welcome to evcxr. For help, type :help
>> :dep gix-features = { version = "0.42.1", features = ["progress"] }
   Compiling libc v0.2.174
   Compiling autocfg v1.5.0
   Compiling parking_lot_core v0.9.11
   Compiling scopeguard v1.2.0
   Compiling smallvec v1.15.1
   Compiling log v0.4.27
   Compiling lock_api v0.4.13
   Compiling parking_lot v0.12.4
   Compiling prodash v29.0.2
>> gix_features::progress::prodash::
BoxedDynNestedProgress             Root                               render
BoxedProgress                      Throughput                         throughput
Count                              Unit                               traits
DynNestedProgress                  WeakRoot                           tree
DynNestedProgressToNestedProgress  info!()                            unit
NestedProgress                     messages                           warn!()
Progress                           progress

❯ evcxr
Welcome to evcxr. For help, type :help
>> :dep gix-features = { git = "https://github.com/GitoxideLabs/gitoxide.git", features = ["progress"] }
   Compiling autocfg v1.5.0
   Compiling libc v0.2.174
   Compiling parking_lot_core v0.9.11
   Compiling smallvec v1.15.1
   Compiling scopeguard v1.2.0
   Compiling lock_api v0.4.13
   Compiling parking_lot v0.12.4
   Compiling prodash v30.0.1
>> gix_features::progress::prodash::
BoxedDynNestedProgress             Root                               progress
BoxedProgress                      Throughput                         render
Count                              Unit                               throughput
DynNestedProgress                  WeakRoot                           traits
DynNestedProgressToNestedProgress  info!()                            tree
NestedProgress                     log                                unit
Progress                           messages                           warn!()

I think the result of tab-completion in evcxr shows everything public as well as sometimes some things that are not public. In this case, with the upgraded prodash, an new module, log, is shown. (It is not public, but it is shown.) Everything else appears the same.

@Byron
Copy link
Member

Byron commented Jul 3, 2025

I checked again and there is only the Log type gated behind that default feature, which isn't anything we re-export.
All should be OK in this case.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@EliahKagan EliahKagan EliahKagan approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Byron @EliahKagan