chore(deps): bump the minor-and-patch group across 1 directory with 4 updates by dependabot[bot] · Pull Request #321 · mentimeter/linkup

dependabot · 2026-05-26T04:10:46Z

Bumps the minor-and-patch group with 4 updates in the / directory: serde_json, sysinfo, tar and tower-http.

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

Reject non-string enum object keys (#1324, thanks @puneetdixit200)

Commits

a1ae73a Release 1.0.150
1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
2037b63 Reject non-string enum object keys
5d30df6 Resolve manual_assert_eq pedantic clippy lint
dc8003a Raise required compiler for preserve_order feature to 1.85
a42fa98 Unpin CI miri toolchain
684a60e Pin CI miri to nightly-2026-02-11
7c7da33 Raise required compiler to Rust 1.71
acf4850 Simplify Number::is_f64
6b8ceab Resolve unnecessary_map_or clippy lint
Additional commits viewable in compare view

Updates sysinfo from 0.39.1 to 0.39.2

Changelog

Sourced from sysinfo's changelog.

0.39.2

Windows: Greatly improve performance of System::refresh_cpu_specifics when CPU usage is not requested.

iOS: Fix compilation error when user feature is enabled.

Linux: Correctly set thread information for processes.

Commits

c43234a Update crate version to 0.39.2
b71467e Update CHANGELOG for 0.39.2 version
345915a Improve code readability
35f3c18 Fix fmt and clippy
4bf1fe4 Windows: skip PDH setup when cpu_usage isn't requested (#1664)
2be72d7 Stub get_users on iOS via app_store::users
c725c09 linux: fix detect thread entries in ProcessesToUpdate::All mode
See full diff in compare view

Updates tar from 0.4.45 to 0.4.46

Release notes

Sourced from tar's releases.

0.4.46

Security

archive: Fix another PAX header desync (GHSA-3cv2-h65g-fgmm) by @cgwalters in composefs/tar-rs#454

See also GHSA-3cv2-h65g-fgmm

Other changes

ci: Fix and re-enable reverse dependency testing by @cgwalters in composefs/tar-rs#444

Update astral-tokio-tar requirement from 0.5 to 0.6 by @dependabot[bot] in composefs/tar-rs#446

Update some links by @atouchet in composefs/tar-rs#445

Add support of absolute paths by @zxvfc in composefs/tar-rs#426

docs: Expand notes on concurrent mutations and following symlinks by @cgwalters in composefs/tar-rs#453

Update repo links by @cgwalters in composefs/tar-rs#451

ci: Add crates.io trusted publishing workflow by @cgwalters in composefs/tar-rs#456

Release 0.4.46 by @cgwalters in composefs/tar-rs#455

New Contributors

@dependabot[bot] made their first contribution in composefs/tar-rs#446

@atouchet made their first contribution in composefs/tar-rs#445

@zxvfc made their first contribution in composefs/tar-rs#426

Full Changelog: composefs/tar-rs@0.4.45...0.4.46

Commits

fc459c1 Release 0.4.46
43e05a8 ci: Add crates.io trusted publishing workflow
bba5666 Update repo links
cd94c46 docs: Document TOCTOU / concurrent-mutation threat model
1b4997c builder: Expand docs for follow_symlinks and append_dir_all
bab14dd archive: Fix another PAX header desync (GHSA-3cv2-h65g-fgmm)
2349b49 Add support of absolute paths
39d0311 Update some links
59d803e Update astral-tokio-tar requirement from 0.5 to 0.6
8296b9a ci: Fix and re-enable reverse dependency testing (#444)
See full diff in compare view

Updates tower-http from 0.6.10 to 0.6.11

Release notes

Sourced from tower-http's releases.

tower-http-0.6.11

Added
set-header: add SetMultipleResponseHeadersLayer and SetMultipleResponseHeader for setting multiple response headers at once. Supports overriding, appending, and if_not_present modes. Header values can be fixed or computed dynamically via closures (#672)
use http::{Response, header::{self, HeaderValue}};
use http_body::Body as _;
use tower_http::set_header::response::SetMultipleResponseHeadersLayer;
let layer = SetMultipleResponseHeadersLayer::overriding(vec![
(header::X_FRAME_OPTIONS, HeaderValue::from_static("DENY")).into(),
(header::CONTENT_LENGTH, |res: &Response<MyBody>| {
res.body().size_hint().exact()
.map(|size| HeaderValue::from_str(&size.to_string()).unwrap())
}).into(),
]);
set-header: add SetMultipleRequestHeadersLayer and SetMultipleRequestHeaders for setting multiple request headers at once, mirroring the response-side API (#677)

classify: add From<i32> and From<NonZeroI32> impls for GrpcCode. Unrecognized status codes map to GrpcCode::Unknown (#506)
Changed

compression: compress application/grpc-web responses. Previously all application/grpc* content types were excluded from compression; now only application/grpc (non-web) is excluded (#408)

Fixed

fs: fix ServeDir returning 500 instead of 405 for non-GET/HEAD requests when call_fallback_on_method_not_allowed is enabled but no fallback service is configured (#587)

fs: remove duplicate cfg attribute on is_reserved_dos_name (#675)

#408: tower-rs/tower-http#408 #506: tower-rs/tower-http#506 #587: tower-rs/tower-http#587 #672: tower-rs/tower-http#672 #675: tower-rs/tower-http#675 #677: tower-rs/tower-http#677

All PRs

ci: fix flaky encoding test, add nightly stress test job by @jlizen in tower-rs/tower-http#670

... (truncated)

Commits

1d082ef v0.6.11
9c3117d feat: set multiple request header (#677)
667e7c7 Remove duplicate cfg attribute for is_reserved_dos_name (#675)
7551a9b feat(set_header): refactor and improve multiple header middleware (#672)
991e9ee add From<i32> impl for GrpcCode (#506)
3962dba Do compress grpc-web responses (#408)
f0b3bb6 Fix serve_dir method not allowed handling when no fallback is configured (#587)
d1a571b ci: use static timeout in stress-test workflow (#671)
309555a ci: fix flaky encoding test, add nightly stress test job (#670)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… updates Bumps the minor-and-patch group with 4 updates in the / directory: [serde_json](https://github.com/serde-rs/json), [sysinfo](https://github.com/GuillaumeGomez/sysinfo), [tar](https://github.com/composefs/tar-rs) and [tower-http](https://github.com/tower-rs/tower-http). Updates `serde_json` from 1.0.149 to 1.0.150 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](serde-rs/json@v1.0.149...v1.0.150) Updates `sysinfo` from 0.39.1 to 0.39.2 - [Changelog](https://github.com/GuillaumeGomez/sysinfo/blob/main/CHANGELOG.md) - [Commits](GuillaumeGomez/sysinfo@v0.39.1...v0.39.2) Updates `tar` from 0.4.45 to 0.4.46 - [Release notes](https://github.com/composefs/tar-rs/releases) - [Commits](composefs/tar-rs@0.4.45...0.4.46) Updates `tower-http` from 0.6.10 to 0.6.11 - [Release notes](https://github.com/tower-rs/tower-http/releases) - [Commits](tower-rs/tower-http@tower-http-0.6.10...tower-http-0.6.11) --- updated-dependencies: - dependency-name: serde_json dependency-version: 1.0.150 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: sysinfo dependency-version: 0.39.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: tar dependency-version: 0.4.46 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: tower-http dependency-version: 0.6.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels May 26, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the minor-and-patch group across 1 directory with 4 updates#321

chore(deps): bump the minor-and-patch group across 1 directory with 4 updates#321
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/minor-and-patch-8fb441b2aa

dependabot Bot commented on behalf of github May 26, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v1.0.150

0.39.2

0.4.46

Security

Other changes

New Contributors

tower-http-0.6.11

Added

Changed

Fixed

All PRs

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github May 26, 2026 •

edited

Loading