chore(deps): bump the dependencies group with 7 updates by dependabot[bot] · Pull Request #58 · ararog/sofie

dependabot · 2026-06-17T17:40:33Z

Bumps the dependencies group with 7 updates:

Package	From	To
cc	`1.2.63`	`1.2.64`
h2	`0.4.14`	`0.4.15`
memchr	`2.8.1`	`2.8.2`
smallvec	`1.15.1`	`1.15.2`
wasip2	`1.0.3+wasi-0.2.9`	`1.0.4+wasi-0.2.12`
webpki-roots	`1.0.7`	`1.0.8`
zeroize	`1.8.2`	`1.9.0`

Updates cc from 1.2.63 to 1.2.64

Release notes

Sourced from cc's releases.

cc-v1.2.64

Other

Add more bare-metal 32-bit Arm support (#1753)

Remove unnecessary clone (#1748)

Add default compiler prefixes for thumbv7a/thumbv7r/thumbv8r bare-metal targets (#1742)

Changelog

Sourced from cc's changelog.

1.2.64 - 2026-06-12

Other

Add more bare-metal 32-bit Arm support (#1753)

Remove unnecessary clone (#1748)

Add default compiler prefixes for thumbv7a/thumbv7r/thumbv8r bare-metal targets (#1742)

Commits

f0c8998 chore(cc): release v1.2.64 (#1757)
1cb49a7 Add more bare-metal 32-bit Arm support (#1753)
44212e0 Bump actions/checkout from 6.0.2 to 6.0.3 (#1751)
9c81f5d Remove unnecessary clone (#1748)
a2bcb6e Update rusqlite requirement from 0.39.0 to 0.40.0 (#1744)
b2e811e Add default compiler prefixes for thumbv7a/thumbv7r/thumbv8r bare-metal targe...
See full diff in compare view

Updates h2 from 0.4.14 to 0.4.15

Release notes

Sourced from h2's releases.

v0.4.15

What's Changed

fix: Discard buffered DATA when a scheduled reset is pending by @ArniDagur in hyperium/h2#896

fix: poll_capacity must not return Ready(Some(Ok(0))) by @ArniDagur in hyperium/h2#898

fix: Reject frames on streams whose HEADERS haven't been sent by @ArniDagur in hyperium/h2#899

chore(ci): update actions/checkout to v6 by @seanmonstar in hyperium/h2#910

fix: Remove unnecessary clones by @FranciscoTGouveia in hyperium/h2#911

fix: use HeaderMap::try_append to prevent panics on absurd amounts of headers by @imlk0 in hyperium/h2#909

fix: ignore library resets at connection poll loop level by @seanmonstar in hyperium/h2#913

fix: remove padded_len() u8 overflow in DATA frame padding release by @seanmonstar in hyperium/h2#914

fix: close connection when header size is way too large by @seanmonstar in hyperium/h2#915

Prepare v0.4.15 by @seanmonstar in hyperium/h2#916

New Contributors

@FranciscoTGouveia made their first contribution in hyperium/h2#911

@imlk0 made their first contribution in hyperium/h2#909

Full Changelog: hyperium/h2@v0.4.14...v0.4.15

Changelog

Sourced from h2's changelog.

0.4.15 (June 15, 2026)

Fix closing a connection when header size is "way too large" (currently x4 configured limit).

Fix overflow calculating padding length if a DATA frame had 255 bytes of padding.

Fix ignoring library-initiated resets in the connection state loop.

Fix decoding panic with an absurd amount of headers and no limit to now use try_append().

Fix rejecting frames on streams whose HEADERS have not been sent.

Fix poll_capacity() to not return Some(Ok(0)).

Fix discarding of buffered DATA frames when a reset is scheduled.

Commits

21211d0 v0.4.15
29e209d fix: close connection when header size is way too large (#915)
9231cb0 fix: remove padded_len() u8 overflow in DATA frame padding release (#914)
d351036 fix: ignore library resets at connection poll loop level (#913)
4f51fff fix: use HeaderMap::try_append to prevent panics on absurd amounts of headers...
c813cc8 refactor: remove unnecessary clones (#911)
810f5ae chore(ci): update actions/checkout to v6 (#910)
d361b75 fix: Reject frames on streams whose HEADERS haven't been sent (#899)
93ccead fix: poll_capacity must not return Ready(Some(Ok(0))) (#898)
733bba7 fix: Discard buffered DATA when a scheduled reset is pending (#896)
See full diff in compare view

Updates memchr from 2.8.1 to 2.8.2

Commits

a61ac1a 2.8.2
a08bf90 arch: fix undefined behavior in lower level (but public) APIs
b41293b rebar: update memchr to latest
87467c9 impl: remove unnecessary clones in into_owned impls
See full diff in compare view

Updates smallvec from 1.15.1 to 1.15.2

Release notes

Sourced from smallvec's releases.

v1.15.2

What's Changed

Exclude development script from cargo packaging by @weiznich in servo/rust-smallvec#397

Fix use-after-free in DrainFilter::keep_rest for SmallVec with capacity 0 by @Shnatsel in servo/rust-smallvec#407

Work around rustc 1.93 perf regression with MaybeUninit by @glandium in servo/rust-smallvec#410

New Contributors

@Shnatsel made their first contribution in servo/rust-smallvec#407

@glandium made their first contribution in servo/rust-smallvec#410

Full Changelog: servo/rust-smallvec@v1.15.1...v1.15.2

Commits

c469051 Bump version.
9fe422b Fix Windows CI.
51b965f Work around rustc 1.93 perf regression with MaybeUninit
9da26a5 Fix use-after-free in DrainFilter::keep_rest for zero-capacity SmallVecs
79184f1 Add Miri test for use-after-free in DrainFilter::keep_rest
f59fb36 Merge pull request #397 from GiGainfosystems/exclude_scripts
28b6ed7 Exclude development script
See full diff in compare view

Updates wasip2 from 1.0.3+wasi-0.2.9 to 1.0.4+wasi-0.2.12

Commits

1edbc7a Update WASI to 0.2.12 and 0.3.0 (#158)
See full diff in compare view

Updates webpki-roots from 1.0.7 to 1.0.8

Release notes

Sourced from webpki-roots's releases.

1.0.8

Remove SecureSign Root CA12 root; see https://bugzilla.mozilla.org/show_bug.cgi?id=2031105

What's Changed

Test MSRV with 1.70 by @ctz in rustls/webpki-roots#122

Take semver-compatible dependency updates by @djc in rustls/webpki-roots#123

1.0.8: remove SecureSign Root CA12 root by @ctz in rustls/webpki-roots#124

Full Changelog: rustls/webpki-roots@v/1.0.7...v/1.0.8

Commits

50729cd 1.0.8: remove SecureSign Root CA12 root (#124)
c965c54 Take semver-compatible dependency updates (#123)
a83a3c9 Move MSRV to 1.70 (#122)
See full diff in compare view

Updates zeroize from 1.8.2 to 1.9.0

Commits

0b71573 zeroize v1.9.0 (#1494)
3e3f18c zeroize: always enable AVX-512 support (#1493)
1ea42bb zeroize_derive v1.5.0 (#1492)
8d785d1 zeroize: rustdoc improvements (#1491)
d844f36 zeroize: incorporate README.md into rustdoc (#1490)
c65c09d ctutils: use reason instead of comment in forbid attribute (#1489)
cbd0963 Release block-buffer v0.12.1 (#1488)
9aa541d block-buffer: fix exception safety (#1487)
5c7e4f9 cmov v0.5.4 (#1485)
87cadbc cmov: fix clippy (#1484)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 7 updates: | Package | From | To | | --- | --- | --- | | [cc](https://github.com/rust-lang/cc-rs) | `1.2.63` | `1.2.64` | | [h2](https://github.com/hyperium/h2) | `0.4.14` | `0.4.15` | | [memchr](https://github.com/BurntSushi/memchr) | `2.8.1` | `2.8.2` | | [smallvec](https://github.com/servo/rust-smallvec) | `1.15.1` | `1.15.2` | | [wasip2](https://github.com/bytecodealliance/wasi-rs) | `1.0.3+wasi-0.2.9` | `1.0.4+wasi-0.2.12` | | [webpki-roots](https://github.com/rustls/webpki-roots) | `1.0.7` | `1.0.8` | | [zeroize](https://github.com/RustCrypto/utils) | `1.8.2` | `1.9.0` | Updates `cc` from 1.2.63 to 1.2.64 - [Release notes](https://github.com/rust-lang/cc-rs/releases) - [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md) - [Commits](rust-lang/cc-rs@cc-v1.2.63...cc-v1.2.64) Updates `h2` from 0.4.14 to 0.4.15 - [Release notes](https://github.com/hyperium/h2/releases) - [Changelog](https://github.com/hyperium/h2/blob/master/CHANGELOG.md) - [Commits](hyperium/h2@v0.4.14...v0.4.15) Updates `memchr` from 2.8.1 to 2.8.2 - [Commits](BurntSushi/memchr@2.8.1...2.8.2) Updates `smallvec` from 1.15.1 to 1.15.2 - [Release notes](https://github.com/servo/rust-smallvec/releases) - [Commits](servo/rust-smallvec@v1.15.1...v1.15.2) Updates `wasip2` from 1.0.3+wasi-0.2.9 to 1.0.4+wasi-0.2.12 - [Commits](bytecodealliance/wasi-rs@wasip2-1.0.3...wasip2-1.0.4) Updates `webpki-roots` from 1.0.7 to 1.0.8 - [Release notes](https://github.com/rustls/webpki-roots/releases) - [Commits](rustls/webpki-roots@v/1.0.7...v/1.0.8) Updates `zeroize` from 1.8.2 to 1.9.0 - [Commits](RustCrypto/utils@zeroize-v1.8.2...zeroize-v1.9.0) --- updated-dependencies: - dependency-name: cc dependency-version: 1.2.64 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: h2 dependency-version: 0.4.15 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: memchr dependency-version: 2.8.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: smallvec dependency-version: 1.15.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: wasip2 dependency-version: 1.0.4+wasi-0.2.12 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: webpki-roots dependency-version: 1.0.8 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: zeroize dependency-version: 1.9.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-06-17T17:40:35Z

Milestone

The specified milestone could not be found on this repository. If you view a milestone, the final part of the page URL, after milestone, is the identifier. For example: https://github.com/<org>/<repo>/milestone/3.

Labels

The following labels could not be found: dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

dependabot Bot assigned ararog Jun 17, 2026

ararog merged commit eb414cf into main Jun 20, 2026
0 of 2 checks passed

ararog deleted the dependabot/cargo/dependencies-4f5375fc3e branch June 20, 2026 22:21

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the dependencies group with 7 updates#58

chore(deps): bump the dependencies group with 7 updates#58
ararog merged 1 commit into
mainfrom
dependabot/cargo/dependencies-4f5375fc3e

dependabot Bot commented on behalf of github Jun 17, 2026

Uh oh!

dependabot Bot commented on behalf of github Jun 17, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 17, 2026

cc-v1.2.64

Other

1.2.64 - 2026-06-12

Other

v0.4.15

What's Changed

New Contributors

0.4.15 (June 15, 2026)

v1.15.2

What's Changed

New Contributors

1.0.8

What's Changed

Uh oh!

dependabot Bot commented on behalf of github Jun 17, 2026

Milestone

Labels

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant