Bump the cargo group across 1 directory with 21 updates

[dependabot]

Bumps the cargo group with 21 updates in the / directory:

Package	From	To
clap	4.5.32	4.5.35
clap_complete	4.5.46	4.5.47
env_logger	0.10.2	0.11.8
terminal_size	0.3.0	0.4.2
once_cell	1.21.1	1.21.3
bstr	1.11.3	1.12.0
winnow	0.7.4	0.7.6
faster-hex	0.9.0	0.10.0
smallvec	1.14.0	1.15.0
tempfile	3.19.0	3.19.1
bytesize	1.3.2	2.0.1
flate2	1.1.0	1.1.1
jiff	0.2.4	0.2.6
rustix	0.38.44	1.0.3
windows-sys	0.52.0	0.59.0
windows	0.58.0	0.61.1
winreg	0.52.0	0.55.0
fs-err	2.11.0	3.1.0
rusqlite	0.32.1	0.34.0
sysinfo	0.31.4	0.34.2
zip	2.4.2	2.6.1

Updates clap from 4.5.32 to 4.5.35

Release notes

Sourced from clap's releases.

v4.5.35

[4.5.35] - 2025-04-01

Fixes

• (help) Align positionals and flags when put in the same help_heading
• (help) Don't leave space for shorts if there are none

v4.5.34

[4.5.34] - 2025-03-27

Fixes

• (help) Don't add extra blank lines with flatten_help(true) and subcommands without arguments

v4.5.33

[4.5.33] - 2025-03-26

Fixes

• (error) When showing the usage of a suggestion for an unknown argument, don't show the group

Changelog

Sourced from clap's changelog.

[4.5.35] - 2025-04-01

Fixes

• (help) Align positionals and flags when put in the same help_heading
• (help) Don't leave space for shorts if there are none

[4.5.34] - 2025-03-27

Fixes

• (help) Don't add extra blank lines with flatten_help(true) and subcommands without arguments

[4.5.33] - 2025-03-26

Fixes

• (error) When showing the usage of a suggestion for an unknown argument, don't show the group

Commits

• 55a18f5 chore: Release
• 3b05635 fix(complete): Ensure new enough clap is used
• 5d2cdac chore: Release
• f1c10eb docs: Update changelog
• a4d1a7f chore(ci): Take a break from template updates
• e95ed39 Merge pull request #5775 from vivienm/master
• 18f8d4c chore(deps): Update Rust Stable to v1.82 (#5788)
• f35d8e0 Merge pull request #5787 from epage/template
• 1389d7d chore: Update from '_rust/main' template
• dbc9faa chore(ci): Initialize git for template update
• Additional commits viewable in compare view

Updates clap_complete from 4.5.46 to 4.5.47

Commits

• f046ca6 chore: Release
• 436949d docs: Update changelog
• 1ddab84 Merge pull request #5954 from epage/tests
• 8a66dbf test(complete): Add more native cases
• 76465cf test(complete): Make things more consistent
• 232cedb test(complete): Remove redundant index
• 02244a6 Merge pull request #5949 from krobelus/option-name-completions-after-positionals
• 2e13847 fix(complete): Missing options in multi-val arg
• 74388d7 test(complete): Multi-valued, unbounded positional
• 5b3d45f refactor(complete): Extract function for options
• Additional commits viewable in compare view

Updates env_logger from 0.10.2 to 0.11.8

Release notes

Sourced from env_logger's releases.

v0.11.8

[0.11.8] - 2025-04-01

Compatibility

• (kv) Deprecate the unstable-kv feature which may be removed in a future patch release

Features

• (kv) Stabilize key-value support behind the kv feature
• Expose ConfigurableFormat to build custom [Builder::format]s that leverage this

v0.11.7

[0.11.7] - 2025-03-10

Internal

• Replaced humantime with jiff

v0.11.6

[0.11.6] - 2024-12-20

Features

• Opt-in file and line rendering

v0.11.5

[0.11.5] - 2024-07-25

v0.11.4

[0.11.4] - 2024-07-23

v0.11.3

[0.11.3] - 2024-03-05

Features

• Experimental support for key-value logging behind unstable-kv

v0.11.2

[0.11.2] - 2024-02-13

v0.11.1

What's Changed

• fix(fmt): Fix passing of WriteStyle when using Target::Pipe by @​Bobo1239 in rust-cli/env_logger#302

New Contributors

• @​Bobo1239 made their first contribution in rust-cli/env_logger#302

Full Changelog: rust-cli/env_logger@v0.11.0...v0.11.1

... (truncated)

Changelog

Sourced from env_logger's changelog.

[0.11.8] - 2025-04-01

Compatibility

• (kv) Deprecate the unstable-kv feature which may be removed in a future patch release

Features

• (kv) Stabilize key-value support behind the kv feature
• Expose ConfigurableFormat to build custom [Builder::format]s that leverage this

[0.11.7] - 2025-03-10

Internal

• Replaced humantime with jiff

[0.11.6] - 2024-12-20

Features

• Opt-in file and line rendering

[0.11.5] - 2024-07-25

[0.11.4] - 2024-07-23

[0.11.3] - 2024-03-05

Features

• Experimental support for key-value logging behind unstable-kv

[0.11.2] - 2024-02-13

[0.11.1] - 2024-01-27

Fixes

• Allow styling with Target::Pipe

[0.11.0] - 2024-01-19

Migration Guide

env_logger::fmt::Style: The bespoke styling API, behind color, was removed, in favor of accepting any ANSI styled string and adapting it to the target stream's capabilities.

Possible styling libraries include:

... (truncated)

Commits

• f0443b2 chore: Release
• d8b5e1e docs: Update changelog
• 3ca671f Merge pull request #360 from epage/format
• bc02d61 feat(fmt): Expose ConfigurableFormat
• c567fde refactor(fmt): Pull out format logic
• ce25c73 refactor(fmt): Make DefaultFormats name more specific
• 739ebb1 refactor(fmt): Pull out logger's builder methods
• 3acb571 refactor(fmt): Delegate formatting to DefaultFormat
• e351bcb refactor(fmt): Reduce duplication in DefaultFormatWriter
• 3c9e6ff Merge pull request #359 from epage/kv
• Additional commits viewable in compare view

Updates terminal_size from 0.3.0 to 0.4.2

Release notes

Sourced from terminal_size's releases.

v0.4.2

What's Changed

• Update rustix to 1.0 by @​morr0ne in eminence/terminal-size#69

v0.4.1

What's Changed

• Build Rustix Only for Unix by @​cptpiepmatz in eminence/terminal-size#68

New Contributors

• @​cptpiepmatz made their first contribution in eminence/terminal-size#68

Full Changelog: eminence/terminal-size@v0.4.0...v0.4.1

v0.4.0

Breaking changes

The big change in this release is the API change in #66:

• If you were using the terminal_size_using_fd or terminal_size_using_handle functions, these are now deprecated and unsafe. Instead you should use the terminal_size_of function, which does the same thing but is safer.

What's Changed

• Add rust-version in Cargo.toml by @​cgwalters in eminence/terminal-size#60
• Update windows-sys to 0.52 by @​barrbrain in eminence/terminal-size#62
• Update windows-sys to 0.59 by @​eminence in eminence/terminal-size#67
• Update the API for I/O safety by @​sunfishcode in eminence/terminal-size#66
• Fix typo, link to docs, update docs by @​waywardmonkeys in eminence/terminal-size#63
• Update CI: Use current actions, remove unused build step by @​waywardmonkeys in eminence/terminal-size#64

New Contributors

• @​cgwalters made their first contribution in eminence/terminal-size#60
• @​barrbrain made their first contribution in eminence/terminal-size#62
• @​waywardmonkeys made their first contribution in eminence/terminal-size#63

Full Changelog: eminence/terminal-size@v0.3.0...v0.4.0

Commits

• 050f97b Version 0.4.2
• 6032d77 Merge pull request #69 from morr0ne/rustix-1.0
• 1bcd63d Update rustix to 1.0
• 6cb0bf9 Merge pull request #68 from cptpiepmatz/master
• b79643a pull rustix only for unix
• f6b81b5 Bump to version 0.4.0
• 5cbc616 Merge pull request #64 from waywardmonkeys/update-ci
• 68ceb8d Merge pull request #63 from waywardmonkeys/fix-typo
• 5307747 Merge pull request #66 from sunfishcode/main
• a29b904 Mark terminal_size_using_handle as unsafe too.
• Additional commits viewable in compare view

Updates once_cell from 1.21.1 to 1.21.3

Changelog

Sourced from once_cell's changelog.

1.21.3

• Outline more initialization in race: #284, #285.

1.21.2

• Relax success ordering from AcqRel to Release in race: #278.

Commits

• 29e3d93 Merge pull request #286 from briansmith/b/once-ref-dry
• a206950 Prepare for 1.21.3 release.
• 17d4a9b DRY race::OnceRef::{get_or_try_init, set}.
• 01b1d56 Merge pull request #285 from briansmith/b/once-ref-cold
• a851cc4 Mark initialization of OnceRef::get_or_try_init cold.
• 2447a93 Merge pull request #281 from briansmith/b/init-inner
• c294d64 Merge pull request #280 from briansmith/b/self
• 5f0fdd4 Merge pull request #283 from briansmith/b/cast_mut
• 899e319 Merge pull request #284 from briansmith/b/dry-get
• 90da60b Mark initialization of OnceBox::get_or_try_init cold.
• Additional commits viewable in compare view

Updates bstr from 1.11.3 to 1.12.0

Commits

• 8904072 1.12.0
• efb8ec4 api: impl Default for Box\<BStr>
• See full diff in compare view

Updates winnow from 0.7.4 to 0.7.6

Changelog

Sourced from winnow's changelog.

[0.7.6] - 2025-04-07

Features

• Add TokenSlice::previous_tokens

[0.7.5] - 2025-04-07

Features

• Add Stream::next_slice_unchecked and Stream::peek_slice_unchecked

Commits

• 1c31fde chore: Release
• 9b42e02 docs: Update changelog
• 35f6c04 Merge pull request #765 from epage/prev
• 0055561 feat(stream): Add access to previous tokens
• 85cef7e chore: Release
• 5886515 docs: Update changelog
• 582d253 Merge pull request #764 from epage/unchecked
• 3b13a4f feat(stream): Allow unchecked slicing
• 38458d2 refactor(stream): Simplify peek_slice
• a5345d5 Merge pull request #760 from epage/repeat
• Additional commits viewable in compare view

Updates faster-hex from 0.9.0 to 0.10.0

Commits

• See full diff in compare view

Updates smallvec from 1.14.0 to 1.15.0

Release notes

Sourced from smallvec's releases.

v1.15.0

What's Changed

• Fix typos by @​waywardmonkeys in servo/rust-smallvec#373
• Implement bincode2 encode/decode support for smallvec v1 by @​markbt in servo/rust-smallvec#375

New Contributors

• @​markbt made their first contribution in servo/rust-smallvec#375

Full Changelog: servo/rust-smallvec@v1.14.0...v1.15.0

Commits

• 7c4d350 Versoin 1.15.0
• aeceb0a Temporarily disable broken fuzzing in CI
• a2fb430 Pin honggfuzz binary version
• 35e7ffe Add support for bincode encode and decode
• 0d019cd Rename bincode dev-dependency to bincode1
• 6c8751d Merge pull request #373 from waywardmonkeys/v1-fix-typos
• 36317fa Fix typos
• See full diff in compare view

Updates tempfile from 3.19.0 to 3.19.1

Changelog

Sourced from tempfile's changelog.

3.19.1

• Don't unlink temporary files immediately on Windows (fixes #339). Unfortunately, this seemed to corrupt the file object (possibly a Windows kernel bug) in rare cases and isn't strictly speaking necessary.

Commits

• 95540ed chore: release v3.19.1
• b60aae4 fix(windows): don't automatically delete files on open (#344)
• 167f544 ci(cargo-deny): remove windows-sys exception (#343)
• See full diff in compare view

Updates bytesize from 1.3.2 to 2.0.1

Release notes

Sourced from bytesize's releases.

bytesize: v2.0.1

• Add support for precision in Display implementations.

bytesize: v2.0.0

• Add support for no_std targets.
• Use IEC (binary) format by default with Display.
• Use "kB" for SI unit.
• Add Display type for customizing printed format.
• Add ByteSize::display() method.
• Implement Sub<ByteSize> for ByteSize.
• Implement Sub<impl Into<u64>> for ByteSize.
• Implement SubAssign<ByteSize> for ByteSize.
• Implement SubAssign<impl Into<u64>> for ByteSize.
• Reject parsing non-unit characters after whitespace.
• Remove ByteSize::to_string_as() method.
• Remove top-level to_string() method.
• Remove top-level B constant.

Changelog

Sourced from bytesize's changelog.

2.0.1

• Add support for precision in Display implementations.

v2.0.0

• Add support for no_std targets.
• Use IEC (binary) format by default with Display.
• Use "kB" for SI unit.
• Add Display type for customizing printed format.
• Add ByteSize::display() method.
• Implement Sub<ByteSize> for ByteSize.
• Implement Sub<impl Into<u64>> for ByteSize.
• Implement SubAssign<ByteSize> for ByteSize.
• Implement SubAssign<impl Into<u64>> for ByteSize.
• Reject parsing non-unit characters after whitespace.
• Remove ByteSize::to_string_as() method.
• Remove top-level to_string() method.
• Remove top-level B constant.

Commits

• d2ac87b chore: prepare release v2.0.1 (#85)
• 0a54210 feat: control precision via standard format options (#84)
• 9aa5e11 Fix Display documentation (#83)
• 0b8f894 chore: prepare release 2.0.0 (#80)
• 6aa04b1 test: black box bench inputs (#81)
• 341d47c chore: prepare release v2.0.0 (#79)
• a17c093 feat: no std (#78)
• ce103e6 feat: display type (#76)
• 0dcc0ac chore: enforce usual rust lints (#75)
• b4c6916 docs: document all public items (#73)
• Additional commits viewable in compare view

Updates flate2 from 1.1.0 to 1.1.1

Release notes

Sourced from flate2's releases.

1.1.1

This release should be smaller and thus faster to download. Additionally, when using the zlib-rs backend, duplicate symbol issues shouldn't occur anymore.

What's Changed

• docs: Update README to promote zlib-rs by @​Xuanwo in rust-lang/flate2-rs#470
• Update miniz_oxide to 0.8.5 by @​oyvindln in rust-lang/flate2-rs#475
• Remove stale CHANGELOG.md by @​jayvdb in rust-lang/flate2-rs#476
• More informative README on backends by @​Shnatsel in rust-lang/flate2-rs#480
• Rewrite outdated backend notes in lib.rs by @​Shnatsel in rust-lang/flate2-rs#481
• upgrade zlib-rs to version 0.5.0 by @​folkertdev in rust-lang/flate2-rs#482

New Contributors

• @​Xuanwo made their first contribution in rust-lang/flate2-rs#470
• @​jayvdb made their first contribution in rust-lang/flate2-rs#476

Full Changelog: rust-lang/flate2-rs@1.1.0...1.1.1

Commits

• 98c98c8 Merge pull request #482 from folkertdev/update-zlib-rs-0.5.0
• 94b36b0 upgrade zlib-rs to version 0.5.0
• a79bfe4 Merge pull request #481 from Shnatsel/backend-docs
• 694e822 less editorializing
• 6debe95 Merge pull request #480 from Shnatsel/zlib-rs-readme
• a24e276 Rewrite outdated backend notes in lib.rs
• 78ca174 More informative README on backends
• c9a3efa Merge pull request #476 from jayvdb/rm-changelog
• 0b2137d Remove stale CHANGELOG.md
• 0abbd1c Merge pull request #475 from oyvindln/patch-1
• Additional commits viewable in compare view

Updates jiff from 0.2.4 to 0.2.6

Changelog

Sourced from jiff's changelog.

0.2.6 (TBD)

TODO

Enhancements:

• #315: Add support for automatically finding the tzdb on Illumos.

Bug fixes:

• #305: Fixed Zoned rounding on days with DST time zone transitions.
• #309: Fixed bug where TimeZone::preceding could omit historical time zone transitions for time zones that have eliminated DST in the present.
• #312: Fixed nth_weekday_in_month, where it would sometimes incorrectly return an error.

0.2.5 (2025-03-22)

This release updates Jiff's bundled copy of the [IANA Time Zone Database] to 2025b. See the 2025b release announcement for more details.

Enhancements:

• #300: Update jiff-tzdb to 2025b.

Commits

• 0bdb3b0 0.2.6
• 6c1cd0e changelog: 0.2.6
• 2bd7148 tz: add /usr/share/lib/zoneinfo
• 7bbe21a civil: fix Date::nth_weekday_of_month
• f41d586 shared: remove pointless as_ref
• 9aeb3f1 changelog: add entry for #309
• 9259f79 tz: fix retrieval of past time zone transitions for America/Sao_Paulo
• 2b84020 zoned: fix rounding to "days" when near a time zone transition
• a22abc7 bench: add benchmarks for constructing a timestamp type
• ef5ee45 span: avoid cloning when rounding
• Additional commits viewable in compare view

Updates rustix from 0.38.44 to 1.0.3

Release notes

Sourced from rustix's releases.

1.0.0

This release introduces the Buffer trait, which is used in read, pread, recv, recvfrom, getrandom, readlinkat_raw, epoll::wait, kevent, port::getn, getxattr, lgetxattr, fgetxattr, listxattr, llistxattr, and flistxattr, and adds support for reading data into uninitialized buffers, as well as safely reading data into the spare capacity of Vecs.

This release also simplifies the way network addresses are handled. Instead of having separate functions with _v4, _v6, _unix, _xdp, and now _netlink suffixes, rustix now uses a SocketAddrArg trait so that functions such as bind, connect, sendto, and sendmsg_addr can accept any type of address, and are easier to extend to new address types in the future.

And, this release simplifies the ioctl API, replacing opcode wrapper types with const generics.

This updates several APIs to add Linux 6.13 features, and raw linux-raw-sys types are no longer exposed in the public API, so it should be easier to stay up to date with new Linux releases.

And many more new features, bug fixes, and cleanups. See the CHANGES.md file for the full list of breaking changes.

Commits

• 458ab31 chore: Release rustix version 1.0.3
• b3cd8a1 Use a consistent error mechanism for timeout overflow. (#1422)
• 10ce1e0 Update the backends tests. (#1423)
• 7f40ac9 Miscellaneous documentaion cleanups. (#1421)
• 4bc94ab Restore Signal::from_raw as Signal::from_named_raw. (#1406)
• f006fb9 Update the public comment for fd and simplify the fd module. (#1420)
• 1cd4f00 Alphabetize targets in any and all in cfg directives. (#1419)
• f2e1474 Add cygwin support (#1410)
• 75ec9ee docs: add missing link to README (#1418)
• e09e003 Disable "unused unsafe" warnings in the libc makedev code. (#1414)
• Additional commits viewable in compare view

Updates windows-sys from 0.52.0 to 0.59.0

Release notes

Sourced from windows-sys's releases.

0.59.0

This release includes an update to the windows-sys crate only. The windows-sys crate is updated very infrequently and only when there is an explicit need to do so. The 0.59.0 release includes a rollup of API fixes, updates, and additions since the 0.52.0 release nine months ago. Notably:

• This update introduces support for Arm64EC (#2957)
• Updated bindings for the latest APIs https://github.com/microsoft/windows-rs/tree/0.59.0/crates/libs/bindgen/default
• Derive standard traits (#3041)
• Updates to code generation to handle newer Rust warnings and lints
• Overall smaller crate and more efficient code gen to reduce build time
• Support for feature search https://microsoft.github.io/windows-rs/features/#/0.59.0
• MSRV is updated to 1.60

Full Changelog: microsoft/windows-rs@0.52.0...0.59.0

0.58.0

This release includes updates to metadata for new or fixed API definitions (#3111, #3136), various improvements and fixes to code generation, compliance with new Rust warnings, additional COM authoring support improvements (#3065), limited non-Windows support (#3135), and more.

It includes major updates to the following crates, mainly due to breaking changes in metadata for API definitions.

• riddle 0.58.0
• windows 0.58.0
• windows-bindgen 0.58.0
• windows-core 0.58.0
• windows-implement 0.58.0
• windows-interface 0.58.0
• windows-metadata 0.58.0

It also includes major updates to the following utility crates.

• windows-result 0.2.0
• windows-registry 0.2.0

The windows-result crate now provides limited non-Windows support, and the windows-registry crate offers new lossless queries for binary and wide string values.

And it includes minor updates to the windows-targets crates, with the addition of several new APIs.

• windows-targets 0.52.6

This release also includes the first published version of the windows-strings crate, moving the string types from the windows-core crate into a dedicated crate as a smaller dependency. It also offers an efficient HSTRING builder (#3133).

To clarify, the only crates that continue to support limited non-Windows builds are:

• windows-bindgen and windows-metadata for code generation on non-Windows platforms.
• windows-core and windows-result for COM support on non-Windows platforms.

What's Changed

• Fix default rustfmt for repo by @​kennykerr in microsoft/windows-rs#3084
• Simplify standalone test by calling windows-bindgen directly by @​kennykerr in microsoft/windows-rs#3086
• Disable docs and tests for test crates by @​kennykerr in microsoft/windows-rs#3085
• Simplify pointer writes in generated code by @​kennykerr in microsoft/windows-rs#3089
• Infer return type in generated bindings by @​kennykerr in microsoft/windows-rs#3090

... (truncated)

Commits

• 308e08e Release 0.59.0 (#3182)
• 429666e Fix support for no_std (#3180)
• 02c4f29 Update component sample to use static factory (#3154)
• 7cec74f Implement static COM objects (#3144)
• 12f4621 Reduce boilerplate code in windows-core crate for VARIANT support (#3151)
• db06b51 Release 0.58.0 (#3140)
• ab03721 Make new windows-strings crate Windows-only (#3143)
• f6c49f4 Ensure that HSTRING builder provides initialized memory (#3141)
• 12a60df Remove Future implementation (#3142)
• 9f96662 Implement Send and Sync for Weak\<T> (#3138)
• Additional commits viewable in compare view

Updates windows from 0.58.0 to 0.61.1

Commits

• See full diff in compare view

Updates winreg from 0.52.0 to 0.55.0

Release notes

Sourced from winreg's releases.

0.55.0 (windows-sys)

• Breaking change: Increate MSRV to 1.60
• Breaking change: Upgrade windows-sys to version 0.59 (#77)

0.54.0 (windows-sys)

• Breaking change: Migrate to the 2021 edition of Rust (MSRV 1.56)
• Breaking change: Upgrade windows-sys to version 0.52 (closes #63, #70)

0.53.0 (windows-sys)

• Don't stop deserialization of Any due to REG_NONE (pullrequest #67, fixes #66)
• Implement (de)serialization of Option (#56)
• Add RegKey methods for creating/opening subkeys with custom options (#65)

Changelog

Sourced from winreg's changelog.

0.55.0

• Breaking change: Increate MSRV to 1.60
• Breaking change: Upgrade windows-sys to version 0.59 (#77)

0.54.0

• Breaking change: Migrate to the 2021 edition of Rust (MSRV 1.56)
• Breaking change: Upgrade windows-sys to version 0.52 (closes #63, #70)

0.15.0, 0.53.0

• Don't stop deserialization of Any due to REG_NONE (pullrequest #67, fixes #66)
• Implement (de)serialization of Option (#56)
• Add RegKey methods for creating/opening subkeys with custom options (#65)

Commits

• 9243b23 Bump version to 0.55.0
• f044074 Upgrade windows-sys to version 0.59 (and MSRV to 1.60)
• 4574feb Bump version to 0.54.0
• 105ca7a Upgrade windows-sys to version 0.52
• 93aefdf Migrate to the 2021 edition of Rust
• c9315d0 Clippy: remove unnecessary typecasts
• e62111e Merge branch 'winapi'
• 049035f Update the transaction example in the docs
• 5baac5d CI: upgrade actions to the latest versions
• cbaeb4e CI: check Cargo.toml formatting
• Additional commits viewable in compare view

Updates fs-err from 2.11.0 to 3.1.0

Changelog

Sourced from fs-err's changelog.

3.1.0

• Added new wrappers for create_new and options functions on File (#69)

3.0.0

• Error messages now include the original message from std::io::Error by default (#60). Previously this was exposed through the Error::source() method. For example, previously a message would look like:

  failed to open file `file.txt`
  

  and you would have to remember to print the source, or use a library like anyhow to print the full chain of source errors. The new error message includes the cause by default

  failed to open file `file.txt`: The system cannot find the file specified. (os error 2)
  

  Note that the original error is no longer exposed though Error::source() by default. If you need access to it, you can restore the previous behaviour with the expose_original_error feature flag.

• The io_safety feature flag has been removed, and this functionality is now always enabled on Rust versions which support it (1.63.0 and greater).

• Removed deprecated APIs: File::from_options, tokio::symlink

Commits

• 6155620 chore: Release fs-err version 3.1.0
• 94406b8 Update CHANGELOG
• 5ba87e1 Add missing File / OpenOptions constructors (#69)
• 5cefbe6 chore: Release fs-err version 3.0.0
• 9bf99af Replace default_features with default-features in Cargo.toml
• 11a6460 Remove deprecated APIs (#66)
• 27144b0 Remove io_safety feature flag (#65)
• 1a26274 Update changelog and docs for #60

[EliahKagan]

This fork-internal PR explores the effect of enabling Dependabot version updates for Rust dependencies.

Configuration being tested

This Dependabot PR was produced with the fork's main up to date with the upstream, where the upstream suppresses Dependabot version updates in this ecosystem. That was achieved through a weird edge case, where #17 was produced with a change like 88b2fc3 pushed to main, then main was reset, then that PR was superseded by this new PR rather than merely closed because open-pull-request-limit sometimes allows such replacements even when over the limit and even when the limit that was exceeded is set to zero.

But the ordinary way to produce such updates would be to merge 88b2fc3, which is the change I would propose upstream in a separate PR.

Notes toward a forthcoming PR editing dependabot.yml - background

When Dependabot version updates for Rust dependencies were turned off in 5f2d28e for GitoxideLabs#144, it looks like the alternative of switching to grouped version updates (with a not-too-frequent cadence) would have been taken, if Dependabot had that feature at the time. From GitoxideLabs#143 (reply in thread):

Indeed, it bundling its updates and making it once a month or even less often would be the preferred mode of operation.

One concern was expressed about that:

On the other hand, there may be value in seeing each PR as it contains release notes and changes, which admittedly I don't read for patch releases.

But, as shown above, release notes and changelogs are shown for each updated dependency in the group.

Notes toward a forthcoming PR editing dependabot.yml - rationale

However, there does remain the question of whether dependencies in Cargo.toml files are intended to be upgraded regularly. That seems to have been the intention in the past, and we simply didn't keep doing it after disabling Dependabot version updates. But the alternative of running cargo update does not achieve this. It may also be considered to have some downsides--sometimes a older version of a crate is still stable and there is nothing wrong with it.

On the other hand, newer software may use newer versions of the same crates, which leads to building multiple versions of the same crate if it also uses gitoxide library crates. Furthermore, it tends eventually to be necessary to upgrade to stay supported, and doing so regularly helps avoid big leaps requiring many changes or an elevated risk of undetected regressions in subtle behavior such as performance or under-tested edge cases.

It seems to me that we should probably do this. If not, we should at least update to the latest SemVer-compatible versions in Cargo.lock. Sometimes regressions occur and are not detected until much later. When this is because they don't apply until much later, this is sometimes not a problem, because bisecting can usually reveal the version of the dependency where the regression arose. But for nondeterministic failures or those whose preconditions are challenging to set up, this is not always so easy.

This line of thinking--and, to a significant extent, my renewed interest in using Dependabot broadly for Rust dependency version updates--is motivated by GitoxideLabs#1894, which was deterministic enough that bisection revealed where it started (I'll give an update on that soon), but that turned out to be nondeterministic in subtle ways that could've complicated its detection.

A further reason to keep dependencies up to date, including in Cargo.toml files are that, even assuming all security bugs get advisories, some bug fixes offer valuable runtime benefits including creased speed. A possible past reason not to do so, or not to do so through Dependabot version updates, is that CI coverage is not perfect. However, CI coverage has become much more extensive since Dependabot version updates were last used here, including various tricky Windows scenarios that were previously not covered.

Specific concrete failures from the updates: ordinary interface changes

The windows, windows-sys, and sysinfo crates had breaking changes that required small adjustments to make code in a few crates compile again. This sort of breakage was expected, and identifying what broke and how to fix it was straightforward.

The three commits added to this PR after the Dependabot commit are those fixes.

A more curious failure in the journey tests

The remaining failure is in the journey tests:
https://github.com/EliahKagan/gitoxide/actions/runs/14386928215/job/40344543159?pr=18

The journey tests fail fast, so I don't know if this will be the only failure, but the observe failure is in the "gix free pack verify" test, test pack verification with statistics, in max-pure. The most relevant output is:

-----------------------------------------------------
gix free pack verify
-----------------------------------------------------
     [with] the 'verify' sub-command
        [with] a valid pack file
           [it] verifies the pack successfully and with desired output
        [with] a valid pack INDEX file
           [with] no statistics
              [it] verifies the pack index successfully and with desired output
           [with] statistics
18,21c18,21
< 	compressed entries size       : 51.8 KB
< 	decompressed entries size     : 103.7 KB
< 	total object size             : 288.7 KB
< 	pack size                     : 51.9 KB
---
> 	compressed entries size       : 50.5 KiB
> 	decompressed entries size     : 101.3 KiB
> 	total object size             : 281.9 KiB
> 	pack size                     : 50.7 KiB
              [it] verifies the pack index successfully and with desired output - FAIL
$ /home/runner/work/gitoxide/gitoxide/target/debug/gix --no-verbose free pack verify --statistics /home/runner/work/gitoxide/gitoxide/tests/fixtures/packs/pack-11fdfa9e156ab73caae3b6da867192221f2089c2.idx
Output snapshot did not match snapshot at '/home/runner/work/gitoxide/gitoxide/tests/snapshots/plumbing/no-repo/pack/verify/index-with-statistics-success'
objects per delta chain length
	 0: 18
	 1: 4
	 2: 3
	 3: 1
	 4: 2
	 5: 1
	 6: 1
	->: 30

averages
	delta chain length:            1;
	decompressed entry [B]:        3456;
	compressed entry [B]:          1725;
	decompressed object size [B]:  9621;

compression
	compressed entries size       : 50.5 KiB
	decompressed entries size     : 101.3 KiB
	total object size             : 281.9 KiB
	pack size                     : 50.7 KiB

	num trees                     : 15
	num blobs                     : 5
	num commits                   : 10
	num tags                      : 0

	compression ratio             : 2.00
	delta compression ratio       : 5.58
	delta gain                    : 2.78
	pack overhead                 : 0.235%
error: Recipe `journey-tests-pure` failed on line 213 with exit code 1

I do not know why this happens, or whether it needs to be fixed by keeping back a dependency, or adapting previously correct code under test to a new dependency version, or fixing a long-standing but heretofore-undetected bug in the code under test, or modifying the test and/or its snapshots to account for correct changes elsewhere. But it looks deeper than just requiring a superficial adjustment to the test itself.

Update: Analysis of journey test failure

I should've looked more closely at the units!

The sizes are expected to be reported in kilobytes (kB, but with the somewhat ambiguous abbreviation KB), but since updating dependencies they are reported in kibibytes (KiB), where 1 KB = 1 kB = 1000 B while 1 KiB = 1024 B.

One of the changes in the bytesize crate in version 2.0.0:

Use IEC (binary) format by default with Display.

Update: Upstream PR

This fork-internal PR is for testing only. But I applied the configuration that produces grouped version updates like this in GitoxideLabs#1948, and Dependabot has accordingly opened GitoxideLabs#1949.

[EliahKagan]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.