Skip to content

chore(deps): bump the cargo group across 5 directories with 4 updates#22

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/cargo-55ed2520a6
Closed

chore(deps): bump the cargo group across 5 directories with 4 updates#22
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/cargo-55ed2520a6

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 6, 2026

Bumps the cargo group with 2 updates in the / directory: gix and openssl.
Bumps the cargo group with 1 update in the /fuzz directory: openssl.
Bumps the cargo group with 1 update in the /git-morph directory: gix.
Bumps the cargo group with 2 updates in the /tools/rsr-certified directory: gix and openssl.
Bumps the cargo group with 1 update in the /tui directory: openssl.

Updates gix from 0.78.0 to 0.83.0

Release notes

Sourced from gix's releases.

gix v0.83.0

Bug Fixes

  • Correctly use $COMMON_DIR/info/exclude to make excludes work in worktrees. It turns out there is no per-worktree excludes file either.

Chore (BREAKING)

  • Upgrade prodash and crosstermion to the latest version. This will fix the cargo deny issue as it brings in a newer lru crate.

Bug Fixes (BREAKING)

  • remove winnow and replace it with hand-implemented parsers everywhere. This will allow for simplified maintenance and editing (both human and machine) down the road, and enable additional performance optimisations.

    Parser compbinators to me ultimately were a failed experiment as I couldn't maintain them anyway, with it being too difficult for me to grasp and express everything in its very own kind of language, with a lot of different things to consider.

    Note that this also removes detailed errors from all parsers that previously used winnow, with the option to re-add those if there is demand.

Commit Statistics

  • 5 commits contributed to the release over the course of 2 calendar days.
  • 3 days passed between releases.
  • 1 commit was understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Adapt to changes in gix-object (91bfab0)
    • Remove winnow and replace it with hand-implemented parsers everywhere. (91c854e)
    • Merge pull request #2540 from GitoxideLabs/reporting (4d5ba23)
    • Merge pull request #2529 from GitoxideLabs/reflog-newline-handling (2c3a08e)
    • Adapt to changes in gix-error (2e2a126)

gix v0.82.0 - hardened

Advisories with fixes

... (truncated)

Commits
  • 53f880c Release gix-error v0.2.3, gix-date v0.15.3, gix-actor v0.41.0, gix-path v0.12...
  • 09687eb fix CI - and probably prevent can't connect to localhost in journey tests
  • d5f9bf5 feat: add Category::is_remote_tracking_branch().
  • 87b2da8 address auto-review
  • 731248f feat!: add sha-256 support to gix-ref.
  • 91bfab0 Adapt to changes in gix-object
  • d4439cd fix!: Limit Commit and Tag parsing to a given gix_hash::Kind
  • 5127973 fix: Allow more pathological cases during parsing just like Git
  • 91c854e fix!: remove winnow and replace it with hand-implemented parsers everywhere.
  • b060eb2 fix!: remove winnow from the public gix-actor API for parsing (#2545)
  • Additional commits viewable in compare view

Updates gix-pack from 0.65.0 to 0.70.0

Release notes

Sourced from gix-pack's releases.

gix-pack v0.70.0

Commit Statistics

  • 2 commits contributed to the release over the course of 2 calendar days.
  • 3 days passed between releases.
  • 0 commits were understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Adapt to changes in gix-object (91bfab0)
    • Merge pull request #2540 from GitoxideLabs/reporting (4d5ba23)

gix-pack v0.69.0

Chore

  • Add fuzz-testing That's the only way to be reasonably sure it will not panic when parsing malformed files.
  • add package.include directives to control which files are packaged.

Bug Fixes

  • secure reading of corruped or malformed pack files, pack index or multi-indices

New Features (BREAKING)

  • enforce the specification of alloc_init_bytes to handle untrusted input This breaking change is intended to force a decision about how much memory allocation an untrusted party can command by tempering with binary file formats.
  • parameterize data Previously we'd hardcode a memory map, but now this is parameterised with a trait to allow accessing data in a more abstract form. This is primarily meant to speedup fuzz testing, but may also be useful later for portability.

Bug Fixes (BREAKING)

  • remove insecure leb64 and secure leb64_from_read from overflows

Commit Statistics

  • 20 commits contributed to the release over the course of 32 calendar days.

... (truncated)

Commits
  • 53f880c Release gix-error v0.2.3, gix-date v0.15.3, gix-actor v0.41.0, gix-path v0.12...
  • 09687eb fix CI - and probably prevent can't connect to localhost in journey tests
  • d5f9bf5 feat: add Category::is_remote_tracking_branch().
  • 87b2da8 address auto-review
  • 731248f feat!: add sha-256 support to gix-ref.
  • 91bfab0 Adapt to changes in gix-object
  • d4439cd fix!: Limit Commit and Tag parsing to a given gix_hash::Kind
  • 5127973 fix: Allow more pathological cases during parsing just like Git
  • 91c854e fix!: remove winnow and replace it with hand-implemented parsers everywhere.
  • b060eb2 fix!: remove winnow from the public gix-actor API for parsing (#2545)
  • Additional commits viewable in compare view

Updates gix-transport from 0.53.0 to 0.57.0

Release notes

Sourced from gix-transport's releases.

gix-transport v0.57.0

Commit Statistics

  • 1 commit contributed to the release over the course of 2 calendar days.
  • 3 days passed between releases.
  • 0 commits were understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Merge pull request #2540 from GitoxideLabs/reporting (4d5ba23)

gix-transport v0.56.0

Bug Fixes

  • reject cross-authority redirects before reusing auth Tighten smart-HTTP redirect handling so credentials are not carried across redirects that change authority.

    • treat redirects as valid only when scheme, host, and effective port stay the same
    • reject redirects to a different host or port when deriving the redirected base URL
    • apply the same authority check in the reqwest redirect policy
    • keep the advisory reproducer backend-neutral so the redirected POST assertion holds for both curl and reqwest

    This fixes the credential-leak vector covered by GHSA-9857-6mw7-fq2m, where Basic auth from the original remote could be forwarded to a redirected endpoint.

Commit Statistics

  • 10 commits contributed to the release over the course of 32 calendar days.
  • 32 days passed between releases.
  • 1 commit was understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Update changelogs prior to release (f9fbcba)
    • Merge pull request #2530 from GitoxideLabs/advisories (63b8419)
    • Address auto-review (7429b15)
    • Add corpus-builder scripts when corpus files are available; auto-run artifacts in test suite (e64e3b8)
    • Add fuzz tests for 10 more crates, and related fixes (0396152)

... (truncated)

Changelog

Sourced from gix-transport's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Commits
  • 53f880c Release gix-error v0.2.3, gix-date v0.15.3, gix-actor v0.41.0, gix-path v0.12...
  • 09687eb fix CI - and probably prevent can't connect to localhost in journey tests
  • d5f9bf5 feat: add Category::is_remote_tracking_branch().
  • 87b2da8 address auto-review
  • 731248f feat!: add sha-256 support to gix-ref.
  • 91bfab0 Adapt to changes in gix-object
  • d4439cd fix!: Limit Commit and Tag parsing to a given gix_hash::Kind
  • 5127973 fix: Allow more pathological cases during parsing just like Git
  • 91c854e fix!: remove winnow and replace it with hand-implemented parsers everywhere.
  • b060eb2 fix!: remove winnow from the public gix-actor API for parsing (#2545)
  • Additional commits viewable in compare view

Updates openssl from 0.10.78 to 0.10.79

Release notes

Sourced from openssl's releases.

openssl-v0.10.79

What's Changed

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79

Commits
  • 649f2d9 Release openssl 0.10.79 and openssl-sys 0.9.115 (#2632)
  • 257f9b2 Fix output buffer overflow for AES key-wrap-with-padding ciphers (#2630)
  • d43e917 Reject non-UTF-8 OCSP responder URLs in X509Ref::ocsp_responders (#2631)
  • f46519c Add PkeyCtxRef::set_context_string for ML-DSA (#2629)
  • ad9ae31 Bind OSSL_PARAM_modified and use it for seed_into (#2628)
  • 4e25c9b Fix process abort when verify/PSK callbacks fire after SSL_CTX swap (#2624)
  • 3dd8f42 Add PKeyRef::seed_into for ML-DSA/ML-KEM seed extraction (#2626)
  • 2c5e5a8 parallelize more builds in CI for cold caches (#2625)
  • 6685591 Add PKey::private_key_from_seed for ML-DSA/ML-KEM key import (#2621)
  • 8f8fdce Drop once_cell in favor of std::sync::{LazyLock, OnceLock} (#2623)
  • Additional commits viewable in compare view

Updates openssl from 0.10.78 to 0.10.79

Release notes

Sourced from openssl's releases.

openssl-v0.10.79

What's Changed

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79

Commits
  • 649f2d9 Release openssl 0.10.79 and openssl-sys 0.9.115 (#2632)
  • 257f9b2 Fix output buffer overflow for AES key-wrap-with-padding ciphers (#2630)
  • d43e917 Reject non-UTF-8 OCSP responder URLs in X509Ref::ocsp_responders (#2631)
  • f46519c Add PkeyCtxRef::set_context_string for ML-DSA (#2629)
  • ad9ae31 Bind OSSL_PARAM_modified and use it for seed_into (#2628)
  • 4e25c9b Fix process abort when verify/PSK callbacks fire after SSL_CTX swap (#2624)
  • 3dd8f42 Add PKeyRef::seed_into for ML-DSA/ML-KEM seed extraction (#2626)
  • 2c5e5a8 parallelize more builds in CI for cold caches (#2625)
  • 6685591 Add PKey::private_key_from_seed for ML-DSA/ML-KEM key import (#2621)
  • 8f8fdce Drop once_cell in favor of std::sync::{LazyLock, OnceLock} (#2623)
  • Additional commits viewable in compare view

Updates gix from 0.78.0 to 0.83.0

Release notes

Sourced from gix's releases.

gix v0.83.0

Bug Fixes

  • Correctly use $COMMON_DIR/info/exclude to make excludes work in worktrees. It turns out there is no per-worktree excludes file either.

Chore (BREAKING)

  • Upgrade prodash and crosstermion to the latest version. This will fix the cargo deny issue as it brings in a newer lru crate.

Bug Fixes (BREAKING)

  • remove winnow and replace it with hand-implemented parsers everywhere. This will allow for simplified maintenance and editing (both human and machine) down the road, and enable additional performance optimisations.

    Parser compbinators to me ultimately were a failed experiment as I couldn't maintain them anyway, with it being too difficult for me to grasp and express everything in its very own kind of language, with a lot of different things to consider.

    Note that this also removes detailed errors from all parsers that previously used winnow, with the option to re-add those if there is demand.

Commit Statistics

  • 5 commits contributed to the release over the course of 2 calendar days.
  • 3 days passed between releases.
  • 1 commit was understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Adapt to changes in gix-object (91bfab0)
    • Remove winnow and replace it with hand-implemented parsers everywhere. (91c854e)
    • Merge pull request #2540 from GitoxideLabs/reporting (4d5ba23)
    • Merge pull request #2529 from GitoxideLabs/reflog-newline-handling (2c3a08e)
    • Adapt to changes in gix-error (2e2a126)

gix v0.82.0 - hardened

Advisories with fixes

... (truncated)

Commits
  • 53f880c Release gix-error v0.2.3, gix-date v0.15.3, gix-actor v0.41.0, gix-path v0.12...
  • 09687eb fix CI - and probably prevent can't connect to localhost in journey tests
  • d5f9bf5 feat: add Category::is_remote_tracking_branch().
  • 87b2da8 address auto-review
  • 731248f feat!: add sha-256 support to gix-ref.
  • 91bfab0 Adapt to changes in gix-object
  • d4439cd fix!: Limit Commit and Tag parsing to a given gix_hash::Kind
  • 5127973 fix: Allow more pathological cases during parsing just like Git
  • 91c854e fix!: remove winnow and replace it with hand-implemented parsers everywhere.
  • b060eb2 fix!: remove winnow from the public gix-actor API for parsing (#2545)
  • Additional commits viewable in compare view

Updates gix-pack from 0.65.0 to 0.70.0

Release notes

Sourced from gix-pack's releases.

gix-pack v0.70.0

Commit Statistics

  • 2 commits contributed to the release over the course of 2 calendar days.
  • 3 days passed between releases.
  • 0 commits were understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Adapt to changes in gix-object (91bfab0)
    • Merge pull request #2540 from GitoxideLabs/reporting (4d5ba23)

gix-pack v0.69.0

Chore

  • Add fuzz-testing That's the only way to be reasonably sure it will not panic when parsing malformed files.
  • add package.include directives to control which files are packaged.

Bug Fixes

  • secure reading of corruped or malformed pack files, pack index or multi-indices

New Features (BREAKING)

  • enforce the specification of alloc_init_bytes to handle untrusted input This breaking change is intended to force a decision about how much memory allocation an untrusted party can command by tempering with binary file formats.
  • parameterize data Previously we'd hardcode a memory map, but now this is parameterised with a trait to allow accessing data in a more abstract form. This is primarily meant to speedup fuzz testing, but may also be useful later for portability.

Bug Fixes (BREAKING)

  • remove insecure leb64 and secure leb64_from_read from overflows

Commit Statistics

  • 20 commits contributed to the release over the course of 32 calendar days.

... (truncated)

Commits
  • 53f880c Release gix-error v0.2.3, gix-date v0.15.3, gix-actor v0.41.0, gix-path v0.12...
  • 09687eb fix CI - and probably prevent can't connect to localhost in journey tests
  • d5f9bf5 feat: add Category::is_remote_tracking_branch().
  • 87b2da8 address auto-review
  • 731248f feat!: add sha-256 support to gix-ref.
  • 91bfab0 Adapt to changes in gix-object
  • d4439cd fix!: Limit Commit and Tag parsing to a given gix_hash::Kind
  • 5127973 fix: Allow more pathological cases during parsing just like Git
  • 91c854e fix!: remove winnow and replace it with hand-implemented parsers everywhere.
  • b060eb2 fix!: remove winnow from the public gix-actor API for parsing (#2545)
  • Additional commits viewable in compare view

Updates gix-transport from 0.53.0 to 0.57.0

Release notes

Sourced from gix-transport's releases.

gix-transport v0.57.0

Commit Statistics

  • 1 commit contributed to the release over the course of 2 calendar days.
  • 3 days passed between releases.
  • 0 commits were understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Merge pull request #2540 from GitoxideLabs/reporting (4d5ba23)

gix-transport v0.56.0

Bug Fixes

  • reject cross-authority redirects before reusing auth Tighten smart-HTTP redirect handling so credentials are not carried across redirects that change authority.

    • treat redirects as valid only when scheme, host, and effective port stay the same
    • reject redirects to a different host or port when deriving the redirected base URL
    • apply the same authority check in the reqwest redirect policy
    • keep the advisory reproducer backend-neutral so the redirected POST assertion holds for both curl and reqwest

    This fixes the credential-leak vector covered by GHSA-9857-6mw7-fq2m, where Basic auth from the original remote could be forwarded to a redirected endpoint.

Commit Statistics

  • 10 commits contributed to the release over the course of 32 calendar days.
  • 32 days passed between releases.
  • 1 commit was understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Update changelogs prior to release (f9fbcba)
    • Merge pull request #2530 from GitoxideLabs/advisories (63b8419)
    • Address auto-review (7429b15)
    • Add corpus-builder scripts when corpus files are available; auto-run artifacts in test suite (e64e3b8)
    • Add fuzz tests for 10 more crates, and related fixes (0396152)

... (truncated)

Changelog

Sourced from gix-transport's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Commits
  • 53f880c Release gix-error v0.2.3, gix-date v0.15.3, gix-actor v0.41.0, gix-path v0.12...
  • 09687eb fix CI - and probably prevent can't connect to localhost in journey tests
  • d5f9bf5 feat: add Category::is_remote_tracking_branch().
  • 87b2da8 address auto-review
  • 731248f feat!: add sha-256 support to gix-ref.
  • 91bfab0 Adapt to changes in gix-object
  • d4439cd fix!: Limit Commit and Tag parsing to a given gix_hash::Kind
  • 5127973 fix: Allow more pathological cases during parsing just like Git
  • 91c854e fix!: remove winnow and replace it with hand-implemented parsers everywhere.
  • b060eb2 fix!: remove winnow from the public gix-actor API for parsing (#2545)
  • Additional commits viewable in compare view

Updates gix from 0.80.0 to 0.83.0

Release notes

Sourced from gix's releases.

gix v0.83.0

Bug Fixes

  • Correctly use $COMMON_DIR/info/exclude to make excludes work in worktrees. It turns out there is no per-worktree excludes file either.

Chore (BREAKING)

  • Upgrade prodash and crosstermion to the latest version. This will fix the cargo deny issue as it brings in a newer lru crate.

Bug Fixes (BREAKING)

  • remove winnow and replace it with hand-implemented parsers everywhere. This will allow for simplified maintenance and editing (both human and machine) down the road, and enable additional performance optimisations.

    Parser compbinators to me ultimately were a failed experiment as I couldn't maintain them anyway, with it being too difficult for me to grasp and express everything in its very own kind of language, with a lot of different things to consider.

    Note that this also removes detailed errors from all parsers that previously used winnow, with the option to re-add those if there is demand.

Commit Statistics

  • 5 commits contributed to the release over the course of 2 calendar days.
  • 3 days passed between releases.
  • 1 commit was understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Adapt to changes in gix-object (91bfab0)
    • Remove winnow and replace it with hand-implemented parsers everywhere. (91c854e)
    • Merge pull request #2540 from GitoxideLabs/reporting (4d5ba23)
    • Merge pull request #2529 from GitoxideLabs/reflog-newline-handling (2c3a08e)
    • Adapt to changes in gix-error (2e2a126)

gix v0.82.0 - hardened

Advisories with fixes

... (truncated)

Commits
  • 53f880c Release gix-error v0.2.3, gix-date v0.15.3, gix-actor v0.41.0, gix-path v0.12...
  • 09687eb fix CI - and probably prevent can't connect to localhost in journey tests
  • d5f9bf5 feat: add Category::is_remote_tracking_branch().
  • 87b2da8 address auto-review
  • 731248f feat!: add sha-256 support to gix-ref.
  • 91bfab0 Adapt to changes in gix-object
  • d4439cd fix!: Limit Commit and Tag parsing to a given gix_hash::Kind
  • 5127973 fix: Allow more pathological cases during parsing just like Git
  • 91c854e fix!: remove winnow and replace it with hand-implemented parsers everywhere.
  • b060eb2 fix!: remove winnow from the public gix-actor API for parsing (#2545)
  • Additional commits viewable in compare view

Updates gix-pack from 0.67.0 to 0.70.0

Release notes

Sourced from gix-pack's releases.

gix-pack v0.70.0

Commit Statistics

  • 2 commits contributed to the release over the course of 2 calendar days.
  • 3 days passed between releases.
  • 0 commits were understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Adapt to changes in gix-object (91bfab0)
    • Merge pull request #2540 from GitoxideLabs/reporting (4d5ba23)

gix-pack v0.69.0

Chore

  • Add fuzz-testing That's the only way to be reasonably sure it will not panic when parsing malformed files.
  • add package.include directives to control which files are packaged.

Bug Fixes

  • secure reading of corruped or malformed pack files, pack index or multi-indices

New Features (BREAKING)

  • enforce the specification of alloc_init_bytes to handle untrusted input This breaking change is intended to force a decision about how much memory allocation an untrusted party can command by tempering with binary file formats.
  • parameterize data Previously we'd hardcode a memory map, but now this is parameterised with a trait to allow accessing data in a more abstract form. This is primarily meant to speedup fuzz testing, but may also be useful later for portability.

Bug Fixes (BREAKING)

  • remove insecure leb64 and secure leb64_from_read from overflows

Commit Statistics

  • 20 commits contributed to the release over the course of 32 calendar days.

... (truncated)

Commits
  • 53f880c Release gix-error v0.2.3, gix-date v0.15.3, gix-actor v0.41.0, gix-path v0.12...
  • 09687eb fix CI - and probably prevent can't connect to localhost in journey tests
  • d5f9bf5 feat: add Category::is_remote_tracking_branch().
  • 87b2da8 address auto-review
  • 731248f feat!: add sha-256 support to gix-ref.
  • 91bfab0 Adapt to changes in gix-object
  • d4439cd fix!: Limit Commit and Tag parsing to a given gix_hash::Kind
  • 5127973 fix: Allow more pathological cases during parsing just like Git
  • 91c854e fix!: remove winnow and replace it with hand-implemented parsers everywhere.
  • b060eb2 fix!: remove winnow from the public gix-actor API for parsing (#2545)
  • Additional commits viewable in compare view

Updates gix-transport from 0.55.0 to 0.57.0

Release notes

Sourced from gix-transport's releases.

gix-transport v0.57.0

Commit Statistics

  • 1 commit contributed to the release over the course of 2 calendar days.
  • 3 days passed between releases.
  • 0 commits were understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Merge pull request #2540 from GitoxideLabs/reporting (4d5ba23)

gix-transport v0.56.0

Bug Fixes

  • reject cross-authority redirects before reusing auth Tighten smart-HTTP redirect handling so credentials are not carried across redirects that change authority.

    • treat redirects as valid only when scheme, host, and effective port stay the same
    • reject redirects to a different host or port when deriving the redirected base URL
    • apply the same authority check in the reqwest redirect policy
    • keep the advisory reproducer backend-neutral so the redirected POST assertion holds for both curl and reqwest

    This fixes the credential-leak vector covered by GHSA-9857-6mw7-fq2m, where Basic auth from the original remote could be forwarded to a redirected endpoint.

Commit Statistics

  • 10 commits contributed to the release over the course of 32 calendar days.
  • 32 days passed between releases.
  • 1 commit was understood as conventional.
  • 0 issues like '(#ID)' were seen in commit messages

Commit Details

  • Uncategorized
    • Update changelogs prior to release (f9fbcba)
    • Merge pull request #2530 from GitoxideLabs/advisories (63b8419)
    • Address auto-review (7429b15)
    • Add corpus-builder scripts when corpus files are available; auto-run artifacts in test suite (e64e3b8)
    • Add fuzz tests for 10 more crates, and related fixes (0396152)

... (truncated)

Changelog

Sourced from gix-transport's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Commits
  • 53f880c Release gix-error v0.2.3, gix-date v0.15.3, gix-actor v0.41.0, gix-path v0.12...
  • 09687eb fix CI - and probably prevent can't connect to localhost in journey tests
  • d5f9bf5 feat: add Category::is_remote_tracking_branch().
  • 87b2da8 address auto-review
  • 731248f feat!: add sha-256 support to gix-ref.
  • 91bfab0 Adapt to changes in gix-object
  • d4439cd fix!: Limit Commit and Tag parsing to a given gix_hash::Kind
  • 5127973 fix: Allow more pathological cases during parsing just like Git
  • 91c854e fix!: remove winnow and replace it with hand-implemented parsers everywhere.
  • b060eb2 fix!: remove winnow from the public gix-actor API for parsing (#2545)
  • Additional commits viewable in compare view

Updates openssl from 0.10.78 to 0.10.79

Release notes

Sourced from openssl's releases.

openssl-v0.10.79

What's Changed

@dependabot
chore(deps): bump the cargo group across 5 directories with 4 updates
88d5077 
Bumps the cargo group with 2 updates in the / directory: [gix](https://github.com/GitoxideLabs/gitoxide) and [openssl](https://github.com/rust-openssl/rust-openssl).
Bumps the cargo group with 1 update in the /fuzz directory: [openssl](https://github.com/rust-openssl/rust-openssl).
Bumps the cargo group with 1 update in the /git-morph directory: [gix](https://github.com/GitoxideLabs/gitoxide).
Bumps the cargo group with 2 updates in the /tools/rsr-certified directory: [gix](https://github.com/GitoxideLabs/gitoxide) and [openssl](https://github.com/rust-openssl/rust-openssl).
Bumps the cargo group with 1 update in the /tui directory: [openssl](https://github.com/rust-openssl/rust-openssl).


Updates `gix` from 0.78.0 to 0.83.0
- [Release notes](https://github.com/GitoxideLabs/gitoxide/releases)
- [Changelog](https://github.com/GitoxideLabs/gitoxide/blob/main/CHANGELOG.md)
- [Commits](GitoxideLabs/gitoxide@gix-v0.78.0...gix-v0.83.0)

Updates `gix-pack` from 0.65.0 to 0.70.0
- [Release notes](https://github.com/GitoxideLabs/gitoxide/releases)
- [Changelog](https://github.com/GitoxideLabs/gitoxide/blob/main/CHANGELOG.md)
- [Commits](GitoxideLabs/gitoxide@gix-pack-v0.65.0...gix-pack-v0.70.0)

Updates `gix-transport` from 0.53.0 to 0.57.0
- [Release notes](https://github.com/GitoxideLabs/gitoxide/releases)
- [Changelog](https://github.com/GitoxideLabs/gitoxide/blob/main/CHANGELOG.md)
- [Commits](GitoxideLabs/gitoxide@gix-transport-v0.53.0...gix-transport-v0.57.0)

Updates `openssl` from 0.10.78 to 0.10.79
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79)

Updates `openssl` from 0.10.78 to 0.10.79
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79)

Updates `gix` from 0.78.0 to 0.83.0
- [Release notes](https://github.com/GitoxideLabs/gitoxide/releases)
- [Changelog](https://github.com/GitoxideLabs/gitoxide/blob/main/CHANGELOG.md)
- [Commits](GitoxideLabs/gitoxide@gix-v0.78.0...gix-v0.83.0)

Updates `gix-pack` from 0.65.0 to 0.70.0
- [Release notes](https://github.com/GitoxideLabs/gitoxide/releases)
- [Changelog](https://github.com/GitoxideLabs/gitoxide/blob/main/CHANGELOG.md)
- [Commits](GitoxideLabs/gitoxide@gix-pack-v0.65.0...gix-pack-v0.70.0)

Updates `gix-transport` from 0.53.0 to 0.57.0
- [Release notes](https://github.com/GitoxideLabs/gitoxide/releases)
- [Changelog](https://github.com/GitoxideLabs/gitoxide/blob/main/CHANGELOG.md)
- [Commits](GitoxideLabs/gitoxide@gix-transport-v0.53.0...gix-transport-v0.57.0)

Updates `gix` from 0.80.0 to 0.83.0
- [Release notes](https://github.com/GitoxideLabs/gitoxide/releases)
- [Changelog](https://github.com/GitoxideLabs/gitoxide/blob/main/CHANGELOG.md)
- [Commits](GitoxideLabs/gitoxide@gix-v0.78.0...gix-v0.83.0)

Updates `gix-pack` from 0.67.0 to 0.70.0
- [Release notes](https://github.com/GitoxideLabs/gitoxide/releases)
- [Changelog](https://github.com/GitoxideLabs/gitoxide/blob/main/CHANGELOG.md)
- [Commits](GitoxideLabs/gitoxide@gix-pack-v0.65.0...gix-pack-v0.70.0)

Updates `gix-transport` from 0.55.0 to 0.57.0
- [Release notes](https://github.com/GitoxideLabs/gitoxide/releases)
- [Changelog](https://github.com/GitoxideLabs/gitoxide/blob/main/CHANGELOG.md)
- [Commits](GitoxideLabs/gitoxide@gix-transport-v0.53.0...gix-transport-v0.57.0)

Updates `openssl` from 0.10.78 to 0.10.79
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79)

Updates `openssl` from 0.10.78 to 0.10.79
- [Release notes](https://github.com/rust-openssl/rust-openssl/releases)
- [Commits](rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79)

---
updated-dependencies:
- dependency-name: gix
  dependency-version: 0.83.0
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: gix-pack
  dependency-version: 0.70.0
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: gix-transport
  dependency-version: 0.57.0
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: openssl
  dependency-version: 0.10.79
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: openssl
  dependency-version: 0.10.79
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: gix
  dependency-version: 0.83.0
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: gix-pack
  dependency-version: 0.70.0
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: gix-transport
  dependency-version: 0.57.0
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: gix
  dependency-version: 0.83.0
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: gix-pack
  dependency-version: 0.70.0
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: gix-transport
  dependency-version: 0.57.0
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: openssl
  dependency-version: 0.10.79
  dependency-type: indirect
  dependency-group: cargo
- dependency-name: openssl
  dependency-version: 0.10.79
  dependency-type: indirect
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels May 6, 2026
@dependabot dependabot Bot mentioned this pull request May 6, 2026
Closed
@chatgpt-codex-connector
Copy link
Copy Markdown

chatgpt-codex-connector Bot commented May 6, 2026

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 8, 2026

Superseded by #23.

@dependabot dependabot Bot closed this May 8, 2026
@dependabot dependabot Bot deleted the dependabot/cargo/cargo-55ed2520a6 branch May 8, 2026 11:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants