Skip to content

deps: bump the rustls-ecosystem group across 1 directory with 3 updates #110

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

deps: bump the rustls-ecosystem group across 1 directory with 3 updates #110

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 26, 2025
edited
Loading

Bumps the rustls-ecosystem group with 3 updates in the / directory: rustls, rustls-platform-verifier and rustls-webpki.

Updates rustls from 0.23.31 to 0.23.32

Commits
  • 6a188a7 Take semver-compatible updates
  • 5abe33e Prepare 0.23.32
  • d3c502e Improve compatibility of TLS1.2 with ECDSA+SHA512
  • ef7063d take webpki 0.103.5
  • 77a0148 ci-bench: RUSTSEC-2025-0057 fxhash -> rustc-hash
  • 1492c95 Fix clippy::needless_borrows_for_generic_args
  • e029d31 cargo-check-external-types: take updated nightly
  • 2d03fa7 Remove test of async-std example
  • 20f548a Withdraw use of async-std in example code
  • 0cb4244 Track 1.89 lint changes
  • Additional commits viewable in compare view

Updates rustls-platform-verifier from 0.3.4 to 0.6.1

Release notes

Sourced from rustls-platform-verifier's releases.

0.6.1

This version should fix the docs.rs build -- see #181.

What's Changed

Full Changelog: rustls/rustls-platform-verifier@v/0.6.0...v/0.6.1

0.6.0

  • Avoid implicit reliance on the default crypto provider
  • Eagerly create the verifier on miscellaneous Unix platforms (including Linux) to avoid swallowing errors

What's Changed

0.5.3

  • Adapt to changes in rustls error API.

What's Changed

0.5.2

The headline of this release is server compatibility improvements.

It removes an edge case where a failure to load any certificates on Linux/BSD platforms would result in silently turning the lack of certificate roots into "no signature algorithms". During the initialization of a TLS session with a server this caused rustls to send an empty supported signature list in the ClientHello.

What's Changed

Full Changelog: rustls/rustls-platform-verifier@v/0.5.1...v/0.5.2

0.5.1

Change the way we interact with the rustls API to avoid semver hazards: unfortunately changes in rustls 0.23.24 broke older rustls-platform-verifier releases due to downcasting of a no-longer compatible error wrapper. rustls 0.23.25 now exposes the required variant directly, which should avoid similar issues in the future. (For more details, see #163.)

What's Changed

... (truncated)

Commits
  • eb80998 Prepare 0.6.1
  • 4d29dd1 ci: align with docs.rs for documentation
  • 841383e Ensure once_cell is available for docs generation
  • 363817b Add Kotlin Gradle script example to Android README section
  • c72d9dc Drop conditional dependency on webpki-root-certs
  • f664e88 Upgrade to webpki-root-certs 1
  • 694e914 Bump version to 0.6.0
  • 85cf196 Forward errors from parsing extra roots
  • 1589a63 Eagerly build root store on miscellaneous Unix platforms
  • ff3c6c6 Drop deprecated API entry points
  • Additional commits viewable in compare view

Updates rustls-webpki from 0.102.8 to 0.103.5

Release notes

Sourced from rustls-webpki's releases.

0.103.5

  • New feature: support verification of P256+SHA512 and P384-SHA512 ECDSA signatures with aws-lc-rs. This is not a recommended combination, but such signatures exist in the wild.

What's Changed

Full Changelog: rustls/webpki@v/0.103.4...v/0.103.5

0.103.4

  • Add unstable support for the post-quantum ML-DSA signature algorithms when using aws-lc-rs. Enable the aws-lc-rs-unstable feature to expose these algorithms (only works when aws-lc-rs-fips is not enabled).
  • Use new UnsupportedSignatureAlgorithmContext, UnsupportedCrlSignatureAlgorithmContext, UnsupportedSignatureAlgorithmForPublicKeyContext and UnsupportedCrlSignatureAlgorithmForPublicKeyContext error variants which contain additional context about the error condition. The related contextless variants have been deprecated.

What's Changed

0.103.3

Add support for RSA signature algorithms that don't include parameters. Per RFC 4055 section 5, implementations of the SHA-1/SHA-2 one-way hash functions "MUST accept the parameters being absent as well as present".

What's Changed

0.103.2

  • Maintain context for key usage mismatch errors in order to make them easier to interpret.
  • Accept certificates with an empty extension sequence.

What's Changed

... (truncated)

Commits
  • 064a68b Prepare 0.103.5
  • f6fbb2a Support P256+SHA512 and P384+SHA512
  • 41cc1fc Take aws-lc-rs 1.14.0
  • ac0500d build(deps): bump actions/setup-python from 5 to 6
  • 57fa975 Extract trait for ExtendedKeyUsage validation
  • 6700208 Move ExtendedKeyUsage::check() to KeyUsage
  • 260cb69 Extract KeyPurposeId iteration from ExtendedKeyUsage::check()
  • 3ed145a Simplify KeyPurposeId comparison
  • b20354a Clarify docs on Cert methods
  • 0616ac9 build(deps): bump serde_json in the crates-io group
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps: bump the rustls-ecosystem group across 1 directory with 3 updates
d90e5ce 
Bumps the rustls-ecosystem group with 3 updates in the / directory: [rustls](https://github.com/rustls/rustls), [rustls-platform-verifier](https://github.com/rustls/rustls-platform-verifier) and [rustls-webpki](https://github.com/rustls/webpki).


Updates `rustls` from 0.23.31 to 0.23.32
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](rustls/rustls@v/0.23.31...v/0.23.32)

Updates `rustls-platform-verifier` from 0.3.4 to 0.6.1
- [Release notes](https://github.com/rustls/rustls-platform-verifier/releases)
- [Changelog](https://github.com/rustls/rustls-platform-verifier/blob/main/CHANGELOG)
- [Commits](rustls/rustls-platform-verifier@v/0.3.4...v/0.6.1)

Updates `rustls-webpki` from 0.102.8 to 0.103.5
- [Release notes](https://github.com/rustls/webpki/releases)
- [Commits](rustls/webpki@v/0.102.8...v/0.103.5)

---
updated-dependencies:
- dependency-name: rustls
  dependency-version: 0.23.32
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rustls-ecosystem
- dependency-name: rustls-platform-verifier
  dependency-version: 0.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rustls-ecosystem
- dependency-name: rustls-webpki
  dependency-version: 0.103.5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rustls-ecosystem
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Sep 26, 2025
@kmesh-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign hzxuzhonghu for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dawid-nowak dawid-nowak Awaiting requested review from dawid-nowak

@hzxuzhonghu hzxuzhonghu Awaiting requested review from hzxuzhonghu

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file rust Pull requests that update rust code size/L
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kmesh-bot