Skip to content

build(deps): bump the prod-cargo-minor-dependencies group across 1 directory with 10 updates #130

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the prod-cargo-minor-dependencies group across 1 directory with 10 updates #130

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 20, 2025
edited
Loading

Bumps the prod-cargo-minor-dependencies group with 10 updates in the / directory:

Package From To
tokio 1.45.0 1.45.1
bcrypt 0.16.0 0.17.0
lancedb 0.17.0 0.19.1
libduckdb-sys 1.1.1 1.3.0
pyo3-arrow 0.6.0 0.7.0
rand 0.8.5 0.9.1
tabled 0.18.0 0.20.0
snowflake-api 0.10.0 0.11.0
sqlparser 0.37.0 0.54.0
pyo3-build-config 0.23.3 0.25.1

Updates tokio from 1.45.0 to 1.45.1

Release notes

Sourced from tokio's releases.

Tokio v1.45.1

1.45.1 (May 24th, 2025)

This fixes a regression on the wasm32-unknown-unknown target, where code that previously did not panic due to calls to Instant::now() started failing. This is due to the stabilization of the first time-based metric.

Fixed

  • Disable time-based metrics on wasm32-unknown-unknown (#7322)

#7322: tokio-rs/tokio#7322

Commits

Updates bcrypt from 0.16.0 to 0.17.0

Commits

Updates lancedb from 0.17.0 to 0.19.1

Release notes

Sourced from lancedb's releases.

Node/Rust LanceDB v0.19.1

🎉 New Features

🐛 Bug Fixes

📚 Documentation

Node/Rust LanceDB v0.19.1-beta.5

📚 Documentation

Node/Rust LanceDB v0.19.1-beta.4

🎉 New Features

🐛 Bug Fixes

Python LanceDB v0.19.1-beta.3

🎉 New Features

🐛 Bug Fixes

... (truncated)

Commits
  • 51561e3 Bump version: 0.19.1-beta.6 → 0.19.1
  • 7b19120 Bump version: 0.19.1-beta.5 → 0.19.1-beta.6
  • 745c34a Bump version: 0.22.1-beta.6 → 0.22.1
  • db8fa24 Bump version: 0.22.1-beta.5 → 0.22.1-beta.6
  • a67a7b4 chore: use stable lance (#2398)
  • 496846e chore: bump lance version (#2397)
  • dadcfeb docs: add logos in genkit docs page (#2391)
  • 67033db Updating package-lock.json
  • 05a85cf Updating package-lock.json
  • 40c5d3d Updating package-lock.json
  • Additional commits viewable in compare view

Updates libduckdb-sys from 1.1.1 to 1.3.0

Release notes

Sourced from libduckdb-sys's releases.

v1.3.0

Note

Unfortunately this release contains a regression when reading DECIMAL types through arrow. DuckDB v1.3.0 contains new physical types for decimals and will try to use the smallest possible representation for decimals depending on their logical scale and width - but arrow-rs currently only supports 128 and 256-bit decimals (not e.g. 32-bit used with smaller widths), and will thus throw an error when these smaller decimals are read from DuckDB. Regardless of when/if arrow-rs adds support for smaller decimal types, the plan is to make this behavior configurable in DuckDB v1.3.1.

What's Changed

New Contributors

Full Changelog: duckdb/duckdb-rs@v1.2.2...v1.3.0

1.2.2

What's Changed

Full Changelog: duckdb/duckdb-rs@v1.2.1...v1.2.2

1.2.1

Sorry for tagging all contributors again, I had to delete the release and retry due to the CD CI failing when pushing to crates.io!

What's Changed

New Contributors

... (truncated)

Commits
  • f631fc6 fmt
  • d121ffd adjust tests
  • 0275b72 upgrade sources
  • 14e284b Mark no_mangle attribute as unsafe
  • af7a0b3 fix clippy warning
  • bfe98e6 add C compiler option "/utf-8"
  • 001cb04 make duckdb_entrypoint macro more hygenic
  • a4d64a1 upgrade arrow-rs to 55
  • bb47f26 Make DuckString's constructor public
  • ffa3f4e Update references to github.com/wangfenjin/duckdb-rs to github.com/duckdb/duc...
  • Additional commits viewable in compare view

Updates pyo3-arrow from 0.6.0 to 0.7.0

Commits

Updates rand from 0.8.5 to 0.9.1

Changelog

Sourced from rand's changelog.

[0.9.1] - 2025-04-17

Security and unsafe

  • Revise "not a crypto library" policy again (#1565)
  • Remove zerocopy dependency from rand (#1579)

Fixes

  • Fix feature simd_support for recent nightly rust (#1586)

Changes

  • Allow fn rand::seq::index::sample_weighted and fn IndexedRandom::choose_multiple_weighted to return fewer than amount results (#1623), reverting an undocumented change (#1382) to the previous release.

Additions

  • Add rand::distr::Alphabetic distribution. (#1587)
  • Re-export rand_core (#1604)

[0.9.0] - 2025-01-27

Security and unsafe

  • Policy: "rand is not a crypto library" (#1514)
  • Remove fork-protection from ReseedingRng and ThreadRng. Instead, it is recommended to call ThreadRng::reseed on fork. (#1379)
  • Use zerocopy to replace some unsafe code (#1349, #1393, #1446, #1502)

Dependencies

  • Bump the MSRV to 1.63.0 (#1207, #1246, #1269, #1341, #1416, #1536); note that 1.60.0 may work for dependents when using --ignore-rust-version
  • Update to rand_core v0.9.0 (#1558)

Features

  • Support std feature without getrandom or rand_chacha (#1354)
  • Enable feature small_rng by default (#1455)
  • Remove implicit feature rand_chacha; use std_rng instead. (#1473)
  • Rename feature serde1 to serde (#1477)
  • Rename feature getrandom to os_rng (#1537)
  • Add feature thread_rng (#1547)

API changes: rand_core traits

  • Add fn RngCore::read_adapter implementing std::io::Read (#1267)
  • Add trait CryptoBlockRng: BlockRngCore; make trait CryptoRng: RngCore (#1273)
  • Add traits TryRngCore, TryCryptoRng (#1424, #1499)
  • Rename fn SeedableRng::from_rng -> try_from_rng and add infallible variant fn from_rng (#1424)
  • Rename fn SeedableRng::from_entropy -> from_os_rng and add fallible variant fn try_from_os_rng (#1424)
  • Add bounds Clone and AsRef to associated type SeedableRng::Seed (#1491)

API changes: Rng trait and top-level fns

  • Rename fn rand::thread_rng() to rand::rng() and remove from the prelude (#1506)
  • Remove fn rand::random() from the prelude (#1506)
  • Add top-level fns random_iter, random_range, random_bool, random_ratio, fill (#1488)
  • Re-introduce fn Rng::gen_iter as random_iter (#1305, #1500)
  • Rename fn Rng::gen to random to avoid conflict with the new gen keyword in Rust 2024 (#1438)
  • Rename fns Rng::gen_range to random_range, gen_bool to random_bool, gen_ratio to random_ratio (#1505)
  • Annotate panicking methods with #[track_caller] (#1442, #1447)

... (truncated)

Commits
  • ec6d5c0 Prepare rand_core v0.9.1 (#1591)
  • 6a06056 rand_core: introduce an UnwrapMut wrapper (#1589)
  • 8929123 Add Alphabetic distribution (#1587)
  • 06b1642 Remove unnecessary underscore from `impl<T, const N: usize> Distribution<[T; ...
  • 49d76cd rename extract to extract_lane (#1586)
  • e0a70fd Change to use array::from_fn in Distribution\<[T; N]> for StandardUniform ...
  • 0bc3f65 Move rand distr (#1577)
  • 2677c49 Revise "not a crypto library" policy and SECURITY.md (#1565)
  • bfd1826 SeedableRng docs: add note on (lack of) reproducibility (#1572)
  • c01aee7 Fix some links (#1571)
  • Additional commits viewable in compare view

Updates tabled from 0.18.0 to 0.20.0

Changelog

Sourced from tabled's changelog.

[0.20.0] - 2025-05-06

Added

  • Added Table::nohead function just like Table::new but with no header.
  • Added Table::with_capacity function just like Table::new but with an exact number of rows.

Changed

  • Changed with(Border) logic to set only outer border instead of border of all cells.
  • Made a number of refactorings of tabled::grid::dimension::* modules.
  • Made small optimization of Wrap::text and Truncate::text.
  • Made small optimization of Text::new.
  • Brought up to date benchmarks.
  • Renamed Columns::single into Columns::one.
  • Renamed Rows::single into Rows::one.
  • Moved back to fnv from ahash cause of WASM build.
  • Moved back to old Wrap::keep_words logic where we preserving all content.

Fixed

  • Fixed dependency testing_table inclusion (by @​klensy).
  • Fixed WASM build (by @​cptpiepmatz).
  • Fixed not properly working caching logic of TableOption::hint.

[0.19.0] - 2025-24-04

Added

  • Added tabled::assert module.
  • Added #[tabled(map)] macro.
  • Added derive::display::bool function.
  • Added derive::display::wrap and derive::display::truncate function.
  • Added Locator::value.
  • Added Table::get_dimension function.
  • Added ANSI link handling in Width::truncate.
  • Added Upper Title Case and lower title case options for rename_all.
  • Added no_std in testing_table.

Changed

  • Changed Reverse interface.
  • Changed Position interface.
  • Changed tabled::grid::dimension structures.
  • Changed IterTable interface.
  • Migrated ron to 0.10.
  • Renamed ColumnNames::default() into ColumnsNames::head().
  • Renamed BorderSpanCorrection into BorderCorrection::span().
  • Renamed Offset::Begin into Offset::Start.

... (truncated)

Commits

Updates snowflake-api from 0.10.0 to 0.11.0

Release notes

Sourced from snowflake-api's releases.

v0.11.0

What's Changed

New Contributors

Full Changelog: andrusha/snowflake-rs@v0.9.0...v0.11.0

Commits

Updates sqlparser from 0.37.0 to 0.54.0

Changelog

Sourced from sqlparser's changelog.

Changelog

All notable changes to this project will be documented in one of the linked files.

This project adheres to Semantic Versioning.

Given that the parser produces a typed AST, any changes to the AST will technically be breaking and thus will result in a 0.(N+1) version.

Commits

Updates pyo3-build-config from 0.23.3 to 0.25.1

Release notes

Sourced from pyo3-build-config's releases.

PyO3 0.25.1

This release adds testing for arm64 Windows, and fixes a bug with Python 3.14 support on 32-bit systems.

This release also adds a chrono-local feature to enable support for chrono::Local timezone (this was previously available in PyO3 0.24 but would convert the local timezone to a fixed offset, which did not round-trip well).

There are a few other fixes, mostly correcting FFI definitions and improving compiler errors when writing async code without the experimental-async feature enabled.

Thank you to the following contributors for the improvements:

@​bschoenmaeckers @​Cheukting @​davidhewitt @​decathorpe @​dependabot[bot] @​Icxolu @​jessekrubin @​musicinmybrain @​ngoldbaum @​timfel @​tonybaloney @​Tpt @​yogevm15

PyO3 0.25.0

This version extends Python version support to include the new Python 3.14, currently in beta. Please note it is possible that there may yet be changes to 3.14 before stable release which may impact final compatibility.

New optional dependencies on bigdecimal, ordered_float, and time have been added to permit converting types from those crates to Python types (and vice versa).

The experimental-inspect feature now has the capability to autogenerate type stubs. These stubs are still extremely basic and lack much information. Tooling such as setuptools-rust and maturin will also need to be updated to make adoption of these easier. Please follow PyO3/pyo3#5137 to keep abreast of developments of this feature.

The #[pyclass] macro has gained new options #[pyclass(generic)] and #[pyclass(immutable_type)] to offer additional control over the runtime behaviour of the generated Python type object.

The AsPyPointer trait has been removed as PyO3's smart pointer types such as Py<T>, Bound<T> and Borrowed<T> covered this use case with a better API.

As part of the upgrade to support 3.14, there have also been many cleanups to pyo3-ffi. Many definitions which are private implementation details of CPython have been removed; projects downstream of CPython cannot rely on stability of these even across CPython patch releases.

There are also many other incremental improvements, bug fixes and smaller features.

Please consult the migration guide for help upgrading.

Thank you to everyone who contributed code, documentation, design ideas, bug reports, and feedback. The following contributors' commits are included in this release:

@​0x676e67 @​bschoenmaeckers @​clin1234 @​davidbrochart @​davidhewitt @​ddelange @​decathorpe @​dependabot[bot]

... (truncated)

Changelog

Sourced from pyo3-build-config's changelog.

[0.25.1] - 2025-06-12

Packaging

  • Add support for Windows on ARM64. #5145
  • Add chrono-local feature for optional conversions for chrono's Local timezone & DateTime<Local> instances. #5174

Added

  • Add FFI definition PyBytes_AS_STRING. #5121
  • Add support for module associated consts introspection. #5150

Changed

  • Enable "vectorcall" FFI definitions on GraalPy. #5121
  • Use Py_Is function on GraalPy #5121

Fixed

  • Report a better compile error for async declarations when not using experimental-async feature. #5156
  • Fix implementation of FromPyObject for uuid::Uuid on big-endian architectures. #5161
  • Fix segmentation faults on 32-bit x86 with Python 3.14. #5180

[0.25.0] - 2025-05-14

Packaging

  • Support Python 3.14.0b1. #4811
  • Bump supported GraalPy version to 24.2. #5116
  • Add optional bigdecimal dependency to add conversions for bigdecimal::BigDecimal. #5011
  • Add optional time dependency to add conversions for time types. #5057
  • Remove cfg-if dependency. #5110
  • Add optional ordered_float dependency to add conversions for ordered_float::NotNan and ordered_float::OrderedFloat. #5114

Added

  • Add initial type stub generation to the experimental-inspect feature. #3977
  • Add #[pyclass(generic)] option to support runtime generic typing. #4926
  • Implement OnceExt & MutexExt for parking_lot & lock_api. Use the new extension traits by enabling the arc_lock, lock_api, or parking_lot cargo features. #5044
  • Implement From/Into for Borrowed<T> -> Py<T>. #5054
  • Add PyTzInfo constructors. #5055
  • Add FFI definition PY_INVALID_STACK_EFFECT. #5064
  • Implement AsRef<Py<PyAny>> for Py<T>, Bound<T> and Borrowed<T>. #5071
  • Add FFI definition PyModule_Add and compat::PyModule_Add. #5085
  • Add FFI definitions Py_HashBuffer, Py_HashPointer, and PyObject_GenericHash. #5086
  • Support #[pymodule_export] on const items in declarative modules. #5096
  • Add #[pyclass(immutable_type)] option (on Python 3.14+ with abi3, or 3.10+ otherwise) for immutable type objects. #5101
  • Support #[pyo3(rename_all)] support on #[derive(IntoPyObject)]. #5112
  • Add PyRange wrapper. #5117

Changed

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jun 20, 2025
@deepsource-io deepsource.io
Copy link
Contributor

deepsource-io bot commented Jun 20, 2025
edited
Loading

Here's the code health analysis summary for commits 34dd4cf..f7c43c5. View details on DeepSource ↗.

Analysis Summary

AnalyzerStatusSummaryLink
DeepSource Rust LogoRust✅ SuccessView Check ↗
DeepSource Python LogoPython✅ SuccessView Check ↗
DeepSource Shell LogoShell✅ SuccessView Check ↗
DeepSource JavaScript LogoJavaScript✅ SuccessView Check ↗
💡 If you’re a repository administrator, you can configure the quality gates from the settings.

@dependabot
build(deps): bump the prod-cargo-minor-dependencies group across 1 di…
f7c43c5 
…rectory with 10 updates

Bumps the prod-cargo-minor-dependencies group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [tokio](https://github.com/tokio-rs/tokio) | `1.45.0` | `1.45.1` |
| [bcrypt](https://github.com/Keats/rust-bcrypt) | `0.16.0` | `0.17.0` |
| [lancedb](https://github.com/lancedb/lancedb) | `0.17.0` | `0.19.1` |
| [libduckdb-sys](https://github.com/duckdb/duckdb-rs) | `1.1.1` | `1.3.0` |
| [pyo3-arrow](https://github.com/kylebarron/arro3) | `0.6.0` | `0.7.0` |
| [rand](https://github.com/rust-random/rand) | `0.8.5` | `0.9.1` |
| [tabled](https://github.com/zhiburt/tabled) | `0.18.0` | `0.20.0` |
| [snowflake-api](https://github.com/mycelial/snowflake-rs) | `0.10.0` | `0.11.0` |
| [sqlparser](https://github.com/apache/datafusion-sqlparser-rs) | `0.37.0` | `0.54.0` |
| [pyo3-build-config](https://github.com/pyo3/pyo3) | `0.23.3` | `0.25.1` |



Updates `tokio` from 1.45.0 to 1.45.1
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.45.0...tokio-1.45.1)

Updates `bcrypt` from 0.16.0 to 0.17.0
- [Commits](Keats/rust-bcrypt@v0.16.0...v0.17.0)

Updates `lancedb` from 0.17.0 to 0.19.1
- [Release notes](https://github.com/lancedb/lancedb/releases)
- [Changelog](https://github.com/lancedb/lancedb/blob/main/release_process.md)
- [Commits](lancedb/lancedb@v0.17.0...v0.19.1)

Updates `libduckdb-sys` from 1.1.1 to 1.3.0
- [Release notes](https://github.com/duckdb/duckdb-rs/releases)
- [Commits](duckdb/duckdb-rs@v1.1.1...v1.3.0)

Updates `pyo3-arrow` from 0.6.0 to 0.7.0
- [Release notes](https://github.com/kylebarron/arro3/releases)
- [Changelog](https://github.com/kylebarron/arro3/blob/main/CHANGELOG.md)
- [Commits](kylebarron/arro3@pyo3-arrow-v0.6.0...pyo3-arrow-v0.7.0)

Updates `rand` from 0.8.5 to 0.9.1
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand@0.8.5...rand_core-0.9.1)

Updates `tabled` from 0.18.0 to 0.20.0
- [Changelog](https://github.com/zhiburt/tabled/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zhiburt/tabled/commits)

Updates `snowflake-api` from 0.10.0 to 0.11.0
- [Release notes](https://github.com/mycelial/snowflake-rs/releases)
- [Commits](https://github.com/mycelial/snowflake-rs/commits/v0.11.0)

Updates `sqlparser` from 0.37.0 to 0.54.0
- [Changelog](https://github.com/apache/datafusion-sqlparser-rs/blob/main/CHANGELOG.md)
- [Commits](apache/datafusion-sqlparser-rs@v0.37.0...v0.54.0)

Updates `pyo3-build-config` from 0.23.3 to 0.25.1
- [Release notes](https://github.com/pyo3/pyo3/releases)
- [Changelog](https://github.com/PyO3/pyo3/blob/v0.25.1/CHANGELOG.md)
- [Commits](PyO3/pyo3@v0.23.3...v0.25.1)

---
updated-dependencies:
- dependency-name: tokio
  dependency-version: 1.45.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-cargo-minor-dependencies
- dependency-name: bcrypt
  dependency-version: 0.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-cargo-minor-dependencies
- dependency-name: lancedb
  dependency-version: 0.19.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-cargo-minor-dependencies
- dependency-name: libduckdb-sys
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-cargo-minor-dependencies
- dependency-name: pyo3-arrow
  dependency-version: 0.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-cargo-minor-dependencies
- dependency-name: rand
  dependency-version: 0.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-cargo-minor-dependencies
- dependency-name: tabled
  dependency-version: 0.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-cargo-minor-dependencies
- dependency-name: snowflake-api
  dependency-version: 0.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-cargo-minor-dependencies
- dependency-name: sqlparser
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-cargo-minor-dependencies
- dependency-name: pyo3-build-config
  dependency-version: 0.25.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-cargo-minor-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/cargo/prod-cargo-minor-dependencies-bcc2d7c497 branch from 148b568 to f7c43c5 Compare June 23, 2025 11:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file rust Pull requests that update Rust code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants