Skip to content

build(deps): bump qlog from 0.17.0 to 0.18.0#2649

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/qlog-0.18.0
Open

build(deps): bump qlog from 0.17.0 to 0.18.0#2649
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/qlog-0.18.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 18, 2026

Bumps qlog from 0.17.0 to 0.18.0.

Release notes

Sourced from qlog's releases.

🔀 0.18.0

Breaking Changes:

  • Removed pre-RFC QUIC and HTTP/3 support (specifically for drafts 27, 28 and 29). Now only the final QUIC and HTTP/3 versions are supported.
  • Removed the HTTP/3 DATAGRAM API (specifically the h3::Event::Datagram enum variant and h3::Connection::dgram_send() / h3::Connection::dgram_recv() / h3::Connection::dgram_max_writable_len() methods). Applications should use the transport-level APIs Connection::dgram_send() and Connection::dgram_recv() (see this change for example).
  • Replaced Config::with_boring_ssl_ctx() with Config::with_boring_ssl_ctx_builder() which takes a SslContextBuilder rather than SslContext directly, for safety reasons.

Highlights:

  • Massively improved the stream prioritization implementation, which is now much more accurate and reliable (this is largely transparent to applications, as the API hasn't changed).
  • Added support for the final specification of DATAGRAMs (RFC 9297). Currently both draft and final versions are supported, but the draft support will be removed in a future release.
  • Added some APIs to make working with migration and multiple CIDs easier. Specifically Connection::source_ids() which returns all active source IDs, and Connection::retired_scids() which returns the number of retired source IDs that haven't been returned to the application yet.
  • Added Config::set_initial_congestion_window_packets() to configure the initial congestion window size.
  • Many more bug fixes and performance improvements.

Full changelog at cloudflare/quiche@0.17.2...0.18.0

🏃‍♀️ 0.17.2

Highlights:

Full changelog at cloudflare/quiche@0.17.1...0.17.2

🗝️ 0.17.1

Breaking Changes:

  • The minimum required rust version was bumped to 1.66.

Highlights:

Full changelog at cloudflare/quiche@0.16.0...0.17.1

Commits
  • 7858998 qlog: release 0.18.0 (#2472)
  • 766f005 ffi: expose set_use_initial_max_data_as_flow_control_win (#2478)
  • 736d0de tokio-quiche: box quiche::Connection to shrink async state
  • 10b4fd0 recovery: clear loss timer when no PTO timeout is calculated (#2464)
  • ca9f01c Move MAX_PTO_EXPONENT into recovery module
  • c5d69d4 Introduce MAX_PTO_EXPONENT
  • 6e492c6 Fix panic in exponential backoff logic
  • 2cccba0 h3: harden request stream frame processing in clients
  • 2f00a0d mark Stats and PathStats as non_exhaustive
  • bc8fbb1 tokio-quiche: fix leaked StreamCtx for bodyless H3 requests
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump qlog from 0.17.0 to 0.18.0
84b3e2d 
Bumps [qlog](https://github.com/cloudflare/quiche) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/cloudflare/quiche/releases)
- [Commits](cloudflare/quiche@qlog-0.17.0...qlog-0.18.0)

---
updated-dependencies:
- dependency-name: qlog
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies rust Pull requests that update Rust code labels May 18, 2026
@dependabot dependabot Bot requested review from Ralith, djc and gretchenfrage as code owners May 18, 2026 22:43
@dependabot dependabot Bot added dependencies rust Pull requests that update Rust code labels May 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@djc djc Awaiting requested review from djc djc is a code owner

@Ralith Ralith Awaiting requested review from Ralith Ralith is a code owner

@gretchenfrage gretchenfrage Awaiting requested review from gretchenfrage gretchenfrage is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants