chore(deps): bump the rust-deps group across 1 directory with 8 updates by dependabot[bot] · Pull Request #128 · ImpulseB23/prismoid

dependabot · 2026-06-22T22:08:27Z

Bumps the rust-deps group with 7 updates in the /apps/desktop/src-tauri directory:

Package	From	To
tauri	`2.10.3`	`2.11.3`
tauri-plugin-opener	`2.5.3`	`2.5.4`
chrono	`0.4.44`	`0.4.45`
reqwest	`0.13.3`	`0.13.4`
serde_json	`1.0.149`	`1.0.150`
tokio	`1.52.1`	`1.52.3`
getrandom	`0.4.2`	`0.4.3`

Updates tauri from 2.10.3 to 2.11.3

Release notes

Sourced from tauri's releases.

tauri-cli v2.11.3

Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 1133 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1085 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Crate: atk-sys Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0416 URL: https://rustsec.org/advisories/RUSTSEC-2024-0416 Crate: fxhash Version: 0.2.1 Warning: unmaintained Title: fxhash - no longer maintained Date: 2025-09-05 ID: RUSTSEC-2025-0057 URL: https://rustsec.org/advisories/RUSTSEC-2025-0057 Crate: gdk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0412 URL: https://rustsec.org/advisories/RUSTSEC-2024-0412 Crate: gdk-sys Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0418 URL: https://rustsec.org/advisories/RUSTSEC-2024-0418

Crate: gdkwayland-sys </tr></table>

... (truncated)

Commits

6f6ab12 apply version updates (#15409)
728c8d4 fix(cli): skip building bundles when using tauri android run (#15473)
e25f45c refactor: remove impl clone on inner menus (#15553)
fbcf1b0 chore(deps): update dependency eslint-plugin-security to v4.0.1 (#15545)
828f710 fix(cli): respect src/bin required-features (fix: #15325) (#15427)
ed8fd41 chore(cli): lesser verbose ureq_proto log (#15552)
50b0237 fix(android): escape special characters in strings.xml (#15549)
800223d docs: fix some missing and wrong docs (#15548)
5075c81 fix: check is_maximizable in internal_toggle_maximize (#15550)
532c22a chore(deps-dev): bump vite from 8.0.5 to 8.0.16 (#15547)
Additional commits viewable in compare view

Updates tauri-plugin-opener from 2.5.3 to 2.5.4

Release notes

Sourced from tauri-plugin-opener's releases.

opener-js v2.5.4

[2.5.4]

c1fd33b3 (#3343 by @Legend-Master) Fix revealItemInDir/reveal_items_in_dir can't reveal network paths like \\wsl.localhost\Ubuntu\etc on Windows

npm warn Unknown user config "always-auth". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm warn publish npm auto-corrected some errors in your package.json when publishing.  Please run "npm pkg fix" to address these errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an object
npm warn publish "repository.url" was normalized to "git+https://github.com/tauri-apps/plugins-workspace.git"
npm notice
npm notice 📦  @tauri-apps/plugin-opener@2.5.4
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 4.2kB README.md
npm notice 3.1kB dist-js/index.cjs
npm notice 2.0kB dist-js/index.d.ts
npm notice 3.1kB dist-js/index.js
npm notice 11B dist-js/init.d.ts
npm notice 730B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-opener
npm notice version: 2.5.4
npm notice filename: tauri-apps-plugin-opener-2.5.4.tgz
npm notice package size: 3.5 kB
npm notice unpacked size: 14.1 kB
npm notice shasum: b37883e4d36125b8c5a0c74f683395958a65bd7d
npm notice integrity: sha512-1HnPkb+AmgO29[...]aUJtT57lfO9CQ==
npm notice total files: 7
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and public access
npm notice publish Signed provenance statement with source and build information from GitHub Actions
npm notice publish Provenance statement published to transparency log: https://search.sigstore.dev/?logIndex=1429011743
+ @tauri-apps/plugin-opener@2.5.4

opener v2.5.4

[2.5.4]

c1fd33b3 (#3343 by @Legend-Master) Fix revealItemInDir/reveal_items_in_dir can't reveal network paths like \\wsl.localhost\Ubuntu\etc on Windows

... (truncated)

Commits

e7a68fa publish new versions (#3068)
b5550a3 chore: temp delete updater changefile
93426f8 fix: fix docsrs builds
4ee61e0 Revert "chore: temp delete updater changefile"
See full diff in compare view

Updates chrono from 0.4.44 to 0.4.45

Release notes

Sourced from chrono's releases.

0.4.45

What's Changed

fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow by @SAY-5 in chronotope/chrono#1787

tz_data: fix tzdata locations on Android by @caruschalalamove in chronotope/chrono#1789

Commits

1703382 Prepare 0.4.45 release
881f9ab tz_data: fix tzdata locations on Android
f14ead4 fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow
c6063e6 Update similar-asserts requirement from 1.6.1 to 2.0.0
120686c Bump codecov/codecov-action from 5 to 6
See full diff in compare view

Updates reqwest from 0.13.3 to 0.13.4

Release notes

Sourced from reqwest's releases.

v0.13.4

tl;dr

Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.

Add ClientBuilder::http2_keep_alive_* options for the blocking client.

Add TLS 1.3 support when using native-tls backend.

Fix redirect handling to strip sensitive headers when the scheme changes.

Fix HTTP/3 happy-eyeball connection creation.

Upgrade hickory-resolver to 0.26.

What's Changed

fix(tls): improve rustls-no-provider panic message and add module docs by @smythg4 in seanmonstar/reqwest#3021

fix: do not lose the url in error when decoding json by @Dushistov in seanmonstar/reqwest#3026

Add tls_sslkeylogfile builder method by @passcod in seanmonstar/reqwest#2923

fix(redirect): strip sensitive headers on scheme change across redirects by @SAY-5 in seanmonstar/reqwest#3034

chore: upgrade MSRV to 1.85 by @seanmonstar in seanmonstar/reqwest#3038

chore: clean up minimal-versions CI job by @seanmonstar in seanmonstar/reqwest#3039

fix(http3): use happy eyeballs for h3 connect by @lyuzichong in seanmonstar/reqwest#3030

fix: update hickory-resolver to 0.26 and adjust code accordingly by @seanmonstar in seanmonstar/reqwest#3040

fix: remove unwrap in hickory initialization by @mat813 in seanmonstar/reqwest#3041

feat(https): support TLS 1.3 as min version under native-tls 🎉 by @AverageHelper in seanmonstar/reqwest#2975

Expose keep alive configurations in blocking client by @aeb-dev in seanmonstar/reqwest#3043

Prepare v0.13.4 by @seanmonstar in seanmonstar/reqwest#3046

New Contributors

@smythg4 made their first contribution in seanmonstar/reqwest#3021

@Dushistov made their first contribution in seanmonstar/reqwest#3026

@SAY-5 made their first contribution in seanmonstar/reqwest#3034

@mat813 made their first contribution in seanmonstar/reqwest#3041

@AverageHelper made their first contribution in seanmonstar/reqwest#2975

@aeb-dev made their first contribution in seanmonstar/reqwest#3043

Full Changelog: seanmonstar/reqwest@v0.13.3...v0.13.4

Changelog

Sourced from reqwest's changelog.

v0.13.4

Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.

Add ClientBuilder::http2_keep_alive_* options for the blocking client.

Add TLS 1.3 support when using native-tls backend.

Fix redirect handling to strip sensitive headers when the scheme changes.

Fix HTTP/3 happy-eyeball connection creation.

Upgrade hickory-resolver to 0.26.

Commits

11489b3 v0.13.4
d31ffbb feat: Expose HTTP2 keep alive configurations in blocking client (#3043)
79ed0d7 feat: support TLS 1.3 as min version under native-tls 🎉 (#2975)
fb7bf6a fix: remove unwrap in hickory initialization (#3041)
3da616f fix: update hickory-resolver to 0.26 and adjust code accordingly (#3040)
c77e7b2 fix(http3): use happy eyeballs for h3 connect (#3030)
9cbb65b chore: clean up minimal-versions CI job (#3039)
17a7dc5 chore: upgrade MSRV to 1.85 (#3038)
03db63a fix(redirect): strip sensitive headers on scheme change across redirects (#3034)
4b813a8 feat: add tls_sslkeylogfile builder method (#2923)
Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

Reject non-string enum object keys (#1324, thanks @puneetdixit200)

Commits

a1ae73a Release 1.0.150
1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
2037b63 Reject non-string enum object keys
5d30df6 Resolve manual_assert_eq pedantic clippy lint
dc8003a Raise required compiler for preserve_order feature to 1.85
a42fa98 Unpin CI miri toolchain
684a60e Pin CI miri to nightly-2026-02-11
7c7da33 Raise required compiler to Rust 1.71
acf4850 Simplify Number::is_f64
6b8ceab Resolve unnecessary_map_or clippy lint
Additional commits viewable in compare view

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

sync: fix underflow in mpsc channel len() (#8062)

sync: notify receivers in mpsc OwnedPermit::release() method (#8075)

sync: require that an RwLock has max_readers != 0 (#8076)

sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

d875691 chore: prepare Tokio v1.52.3 (#8130)
e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
fd63094 chore: prepare Tokio v1.51.3 (#8127)
8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
11bfc13 chore: prepare Tokio v1.47.5 (#8122)
f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
Additional commits viewable in compare view

Updates getrandom from 0.4.2 to 0.4.3

Changelog

Sourced from getrandom's changelog.

0.4.3 - 2026-06-17

Added

wasm64-unknown-unknown target support for wasm_js backend #848

Changed

Drop wasip2 and wasip3 dependencies in favor of manual bindings #830

#830: rust-random/getrandom#830 #848: rust-random/getrandom#848

Commits

5e7cd57 Release v0.4.3 (#853)
1ea268a Use manual bindings for WASIp2/3 (#830)
f7290b0 Update Cargo.lock (#852)
16ce801 Update Cargo.lock (#850)
e5adfca Add wasm64-unknown-unknown support for wasm_js backend (#848)
626df8d Update Cargo.lock (#846)
4a01cb2 Update Cargo.lock (#841)
f87bf39 Update Cargo.lock (#836)
eadb879 ci: re-enable build job for x86_64-pc-cygwin (#832)
d715d73 CI: Reduce the number of packages that are updated for wasip2 MSRV test (#825)
Additional commits viewable in compare view

Updates tauri-build from 2.5.6 to 2.6.3

Release notes

Sourced from tauri-build's releases.

tauri-build v2.6.3

Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 1133 security advisories (from /home/runner/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (1085 crate dependencies) Crate: atk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0413 URL: https://rustsec.org/advisories/RUSTSEC-2024-0413 Crate: atk-sys Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0416 URL: https://rustsec.org/advisories/RUSTSEC-2024-0416 Crate: fxhash Version: 0.2.1 Warning: unmaintained Title: fxhash - no longer maintained Date: 2025-09-05 ID: RUSTSEC-2025-0057 URL: https://rustsec.org/advisories/RUSTSEC-2025-0057 Crate: gdk Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0412 URL: https://rustsec.org/advisories/RUSTSEC-2024-0412 Crate: gdk-sys Version: 0.18.2 Warning: unmaintained Title: gtk-rs GTK3 bindings - no longer maintained Date: 2024-03-04 ID: RUSTSEC-2024-0418 URL: https://rustsec.org/advisories/RUSTSEC-2024-0418

Crate: gdkwayland-sys </tr></table>

... (truncated)

Commits

6f6ab12 apply version updates (#15409)
728c8d4 fix(cli): skip building bundles when using tauri android run (#15473)
e25f45c refactor: remove impl clone on inner menus (#15553)
fbcf1b0 chore(deps): update dependency eslint-plugin-security to v4.0.1 (#15545)
828f710 fix(cli): respect src/bin required-features (fix: #15325) (#15427)
ed8fd41 chore(cli): lesser verbose ureq_proto log (#15552)
50b0237 fix(android): escape special characters in strings.xml (#15549)
800223d docs: fix some missing and wrong docs (#15548)
5075c81 fix: check is_maximizable in internal_toggle_maximize (#15550)
532c22a chore(deps-dev): bump vite from 8.0.5 to 8.0.16 (#15547)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the rust-deps group with 7 updates in the /apps/desktop/src-tauri directory: | Package | From | To | | --- | --- | --- | | [tauri](https://github.com/tauri-apps/tauri) | `2.10.3` | `2.11.3` | | [tauri-plugin-opener](https://github.com/tauri-apps/plugins-workspace) | `2.5.3` | `2.5.4` | | [chrono](https://github.com/chronotope/chrono) | `0.4.44` | `0.4.45` | | [reqwest](https://github.com/seanmonstar/reqwest) | `0.13.3` | `0.13.4` | | [serde_json](https://github.com/serde-rs/json) | `1.0.149` | `1.0.150` | | [tokio](https://github.com/tokio-rs/tokio) | `1.52.1` | `1.52.3` | | [getrandom](https://github.com/rust-random/getrandom) | `0.4.2` | `0.4.3` | Updates `tauri` from 2.10.3 to 2.11.3 - [Release notes](https://github.com/tauri-apps/tauri/releases) - [Commits](tauri-apps/tauri@tauri-v2.10.3...tauri-v2.11.3) Updates `tauri-plugin-opener` from 2.5.3 to 2.5.4 - [Release notes](https://github.com/tauri-apps/plugins-workspace/releases) - [Commits](tauri-apps/plugins-workspace@http-v2.5.3...http-v2.5.4) Updates `chrono` from 0.4.44 to 0.4.45 - [Release notes](https://github.com/chronotope/chrono/releases) - [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md) - [Commits](chronotope/chrono@v0.4.44...v0.4.45) Updates `reqwest` from 0.13.3 to 0.13.4 - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.13.3...v0.13.4) Updates `serde_json` from 1.0.149 to 1.0.150 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](serde-rs/json@v1.0.149...v1.0.150) Updates `tokio` from 1.52.1 to 1.52.3 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.52.1...tokio-1.52.3) Updates `getrandom` from 0.4.2 to 0.4.3 - [Changelog](https://github.com/rust-random/getrandom/blob/master/CHANGELOG.md) - [Commits](rust-random/getrandom@v0.4.2...v0.4.3) Updates `tauri-build` from 2.5.6 to 2.6.3 - [Release notes](https://github.com/tauri-apps/tauri/releases) - [Commits](tauri-apps/tauri@tauri-build-v2.5.6...tauri-build-v2.6.3) --- updated-dependencies: - dependency-name: tauri dependency-version: 2.11.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-deps - dependency-name: tauri-plugin-opener dependency-version: 2.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-deps - dependency-name: chrono dependency-version: 0.4.45 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-deps - dependency-name: reqwest dependency-version: 0.13.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-deps - dependency-name: serde_json dependency-version: 1.0.150 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-deps - dependency-name: tokio dependency-version: 1.52.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-deps - dependency-name: getrandom dependency-version: 0.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: rust-deps - dependency-name: tauri-build dependency-version: 2.6.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: rust-deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Dependency updates rust Rust/Tauri changes labels Jun 22, 2026

dependabot Bot requested a review from ImpulseB23 as a code owner June 22, 2026 22:08

dependabot Bot added dependencies Dependency updates rust Rust/Tauri changes labels Jun 22, 2026

github-actions Bot added the size/m 100-500 lines changed label Jun 22, 2026

github-actions Bot enabled auto-merge (squash) June 22, 2026 22:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the rust-deps group across 1 directory with 8 updates#128

chore(deps): bump the rust-deps group across 1 directory with 8 updates#128
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/apps/desktop/src-tauri/rust-deps-61a067d14e

dependabot Bot commented on behalf of github Jun 22, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 22, 2026

tauri-cli v2.11.3

opener-js v2.5.4

[2.5.4]

opener v2.5.4

[2.5.4]

0.4.45

What's Changed

v0.13.4

tl;dr

What's Changed

New Contributors

v0.13.4

v1.0.150

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

Tokio v1.52.2

1.52.2 (May 4th, 2026)

0.4.3 - 2026-06-17

Added

Changed

tauri-build v2.6.3

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants