Skip to content

deps: bump the rust-dependencies group across 1 directory with 7 updates#514

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/rust-dependencies-9f4f489527
Open

deps: bump the rust-dependencies group across 1 directory with 7 updates#514
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/rust-dependencies-9f4f489527

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 26, 2026

Bumps the rust-dependencies group with 7 updates in the / directory:

Package From To
tracing-subscriber 0.3.22 0.3.23
opentelemetry-otlp 0.31.0 0.31.1
sha2 0.10.9 0.11.0
aws-sdk-s3 1.125.0 1.126.0
moka 0.12.14 0.12.15
deadpool 0.12.3 0.13.0
rmcp 1.2.0 1.3.0

Updates tracing-subscriber from 0.3.22 to 0.3.23

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.23

Fixed

  • Allow ansi sanitization to be disabled (#3484)

#3484: tokio-rs/tracing#3484

Commits

Updates opentelemetry-otlp from 0.31.0 to 0.31.1

Release notes

Sourced from opentelemetry-otlp's releases.

opentelemetry-otlp 0.31.1

What's Changed

Full Changelog: open-telemetry/opentelemetry-rust@v0.31.0...opentelemetry-otlp-0.31.1

Commits
  • febe718 feat(OTLP): add tls-ring, tls-aws-lc, and tls-provider-agnostic feature flags...
  • See full diff in compare view

Updates sha2 from 0.10.9 to 0.11.0

Commits

Updates aws-sdk-s3 from 1.125.0 to 1.126.0

Commits

Updates moka from 0.12.14 to 0.12.15

Release notes

Sourced from moka's releases.

Moka 0.12.15

Version 0.12.15

Fixed

  • Fixed a bug where re-inserting an expired entry could cause it to lose its expiration time and remain in the cache indefinitely when using a custom Expiry policy with per-entry expiration. (#582gh-pull-0582 by @​jiangzhe, #581gh-pull-0581 by @​atrocities, reported in #575gh-issue-0575):
    • This occurred when an entry that had expired but not yet been evicted was re-inserted, and expire_after_update returned None. This primarily affected users who only override expire_after_create, since the default expire_after_update returns duration_until_expiry, which is None for expired entries.
    • This bug was introduced by the changes in v0.12.13 (#549gh-pull-0549 and #564gh-pull-0564).
    • Subtle behavior change:
      • Before this fix, re-inserting an expired entry was treated as an update, so Expiry::expire_after_update was called.
      • After this fix, re-inserting an expired entry is treated as a creation, so Expiry::expire_after_create is called instead.
      • This may change the expiration time of re-inserted entries, depending on your Expiry trait implementation.
  • Fixed flaky tests cht::segment::tests::drop_many_values and drop_many_values_concurrent that were failing on high-core-count machines (#586gh-pull-0586):
    • These tests were using a CPU-dependent segment count, causing inconsistent bucket array shrinking behavior of the internal segmented hash map across different machines.
    • Changed these tests to use a fixed segment count (4) for consistent results.

Changed

  • Disabled flaky GC-dependent tests by default using run_flaky_tests cfg (#584gh-pull-0584):
    • These tests rely on epoch-based garbage collection (crossbeam-epoch) timing that is not guaranteed, causing intermittent failures.
    • Fixed #539gh-issue-0539 and #580gh-issue-0580.
    • To run these tests, set RUSTFLAGS='--cfg run_flaky_tests'.
Changelog

Sourced from moka's changelog.

Version 0.12.15

Fixed

  • Fixed a bug where re-inserting an expired entry could cause it to lose its expiration time and remain in the cache indefinitely when using a custom Expiry policy with per-entry expiration. (#582[gh-pull-0582] by [@​jiangzhe][gh-jiangzhe], #581[gh-pull-0581] by [@​atrocities][gh-atrocities], reported in #575[gh-issue-0575]):
    • This occurred when an entry that had expired but not yet been evicted was re-inserted, and expire_after_update returned None. This primarily affected users who only override expire_after_create, since the default expire_after_update returns duration_until_expiry, which is None for expired entries.
    • This bug was introduced by the changes in v0.12.13 (#549[gh-pull-0549] and #564[gh-pull-0564]).
    • Subtle behavior change:
      • Before this fix, re-inserting an expired entry was treated as an update, so Expiry::expire_after_update was called.
      • After this fix, re-inserting an expired entry is treated as a creation, so Expiry::expire_after_create is called instead.
      • This may change the expiration time of re-inserted entries, depending on your Expiry trait implementation.
  • Fixed flaky tests cht::segment::tests::drop_many_values and drop_many_values_concurrent that were failing on high-core-count machines (#586[gh-pull-0586]):
    • These tests were using a CPU-dependent segment count, causing inconsistent bucket array shrinking behavior of the internal segmented hash map across different machines.
    • Changed these tests to use a fixed segment count (4) for consistent results.

Changed

  • Disabled flaky GC-dependent tests by default using run_flaky_tests cfg (#584[gh-pull-0584]):
    • These tests rely on epoch-based garbage collection (crossbeam-epoch) timing that is not guaranteed, causing intermittent failures.
    • Fixed #539[gh-issue-0539] and #580[gh-issue-0580].
    • To run these tests, set RUSTFLAGS='--cfg run_flaky_tests'.
Commits
  • 616473e Merge pull request #586 from moka-rs/fix-flaky-cht-test-on-many-core-machines
  • caf8c82 Apply cargo fmt
  • 65ff433 Fix flaky test cht::segment::tests::drop_many_values on many-core machines
  • fd103ad Update the change log for PR #586
  • 5baf38c Fix flaky test cht::segment::tests::drop_many_values_concurrent
  • 4b709c8 Merge pull request #585 from moka-rs/chore/prepare-v0.12.15
  • 9e7c73b Remove an unused link from the change log
  • fa14f78 Bump the version to v0.12.15
  • 98968b3 Update the change log for v0.12.15
  • 4c37fd4 Merge pull request #584 from moka-rs/chore/disable-flaky-tests-by-default
  • Additional commits viewable in compare view

Updates deadpool from 0.12.3 to 0.13.0

Commits
  • b134227 Release deadpool 0.13.0 and deadpool-sync 0.2.0
  • 688234b Update lapin to version 4
  • 362391f Release deadpool-runtime 0.3.1
  • 70f1b93 Fix feature specific dependencies in READMEs
  • 860570c Add rustdoc-args = ["--cfg", "docsrs"] to all Cargo.toml files
  • 7a00e9c Fix deadpool CHANGELOG and improve yank explanation
  • f9bd480 Update CHANGELOG why deadpool-sync 0.1.5 was yanked
  • 4f6bd49 Update deadpool-runtime to version 0.3
  • eef23c7 Fix small typo in README
  • ffcf81e Released deadpool-runtime 0.3.0
  • Additional commits viewable in compare view

Updates rmcp from 1.2.0 to 1.3.0

Release notes

Sourced from rmcp's releases.

rmcp-macros-v1.3.0

Added

  • add local feature for !Send tool handler support (#740)

Other

  • fix all clippy warnings across workspace (#746)

rmcp-v1.3.0

Added

  • (transport) add Unix domain socket client for streamable HTTP (#749)
  • (auth) implement SEP-2207 OIDC-flavored refresh token guidance (#676)
  • add configuration for transparent session re-init (#760)
  • add local feature for !Send tool handler support (#740)

Fixed

  • prevent CallToolResult and GetTaskPayloadResult from shadowing CustomResult in untagged enums (#771)
  • drain in-flight responses on stdin EOF (#759)
  • remove default type param from StreamableHttpService (#758)
  • use cfg-gated Send+Sync supertraits to avoid semver break (#757)
  • (rmcp) surface JSON-RPC error bodies on HTTP 4xx responses (#748)
  • default CallToolResult content to empty vec on missing field (#752)
  • (auth) redact secrets in Debug output for StoredCredentials and StoredAuthorizationState (#744)

Other

  • fix all clippy warnings across workspace (#746)
Commits
  • ac749e3 chore: release v1.3.0 (#747)
  • 0b36a84 feat: add "theme" to Icon (#766)
  • 6a3b32d chore: add #[non_exhaustive] to remaining public structs (#768)
  • ee1c63c feat(transport): add Unix domain socket client for streamable HTTP (#749)
  • a32a9c8 feat(auth): implement SEP-2207 OIDC-flavored refresh token guidance (#676)
  • baf22d3 chore: run all tests in ci without "local" feature (#761)
  • f89e412 chore(deps): update tokio-tungstenite requirement from 0.28.0 to 0.29.0 (#773)
  • c8c0c0c fix: prevent CallToolResult and GetTaskPayloadResult from shadowing CustomRes...
  • 30cdc38 chore: remove the rig example (#763)
  • 3ea8c3c feat: add configuration for transparent session re-init (#760)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps: bump the rust-dependencies group across 1 directory with 7 updates
6a1d65a 
Bumps the rust-dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [tracing-subscriber](https://github.com/tokio-rs/tracing) | `0.3.22` | `0.3.23` |
| [opentelemetry-otlp](https://github.com/open-telemetry/opentelemetry-rust) | `0.31.0` | `0.31.1` |
| [sha2](https://github.com/RustCrypto/hashes) | `0.10.9` | `0.11.0` |
| [aws-sdk-s3](https://github.com/awslabs/aws-sdk-rust) | `1.125.0` | `1.126.0` |
| [moka](https://github.com/moka-rs/moka) | `0.12.14` | `0.12.15` |
| [deadpool](https://github.com/deadpool-rs/deadpool) | `0.12.3` | `0.13.0` |
| [rmcp](https://github.com/modelcontextprotocol/rust-sdk) | `1.2.0` | `1.3.0` |



Updates `tracing-subscriber` from 0.3.22 to 0.3.23
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](tokio-rs/tracing@tracing-subscriber-0.3.22...tracing-subscriber-0.3.23)

Updates `opentelemetry-otlp` from 0.31.0 to 0.31.1
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-rust/blob/main/docs/release_0.30.md)
- [Commits](open-telemetry/opentelemetry-rust@v0.31.0...opentelemetry-otlp-0.31.1)

Updates `sha2` from 0.10.9 to 0.11.0
- [Commits](RustCrypto/hashes@sha2-v0.10.9...sha2-v0.11.0)

Updates `aws-sdk-s3` from 1.125.0 to 1.126.0
- [Release notes](https://github.com/awslabs/aws-sdk-rust/releases)
- [Commits](https://github.com/awslabs/aws-sdk-rust/commits)

Updates `moka` from 0.12.14 to 0.12.15
- [Release notes](https://github.com/moka-rs/moka/releases)
- [Changelog](https://github.com/moka-rs/moka/blob/main/CHANGELOG.md)
- [Commits](moka-rs/moka@v0.12.14...v0.12.15)

Updates `deadpool` from 0.12.3 to 0.13.0
- [Changelog](https://github.com/deadpool-rs/deadpool/blob/main/release.toml)
- [Commits](deadpool-rs/deadpool@deadpool-v0.12.3...deadpool-v0.13.0)

Updates `rmcp` from 1.2.0 to 1.3.0
- [Release notes](https://github.com/modelcontextprotocol/rust-sdk/releases)
- [Commits](modelcontextprotocol/rust-sdk@rmcp-v1.2.0...rmcp-v1.3.0)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-version: 0.3.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: opentelemetry-otlp
  dependency-version: 0.31.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: sha2
  dependency-version: 0.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: aws-sdk-s3
  dependency-version: 1.126.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: moka
  dependency-version: 0.12.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-dependencies
- dependency-name: deadpool
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
- dependency-name: rmcp
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Mar 26, 2026
@dependabot dependabot bot had a problem deploying to Cloud API test env March 26, 2026 19:01 Failure
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants