build(deps): bump the dependencies group with 8 updates #913

dependabot · 2025-11-24T00:50:53Z

Bumps the dependencies group with 8 updates:

Package	From	To
bytesize	`2.2.0`	`2.3.0`
aws-config	`1.8.10`	`1.8.11`
aws-credential-types	`1.2.9`	`1.2.10`
aws-sdk-s3	`1.113.0`	`1.115.0`
convert_case	`0.9.0`	`0.10.0`
hashbrown	`0.16.0`	`0.16.1`
rumqttc	`0.25.0`	`0.25.1`
starshard	`0.5.0`	`0.6.0`

Updates bytesize from 2.2.0 to 2.3.0

Release notes

Sourced from bytesize's releases.

bytesize: v2.3.0

Add Unit enum.

Add UnitParseError type.

Changelog

Sourced from bytesize's changelog.

2.3.0

Add Unit enum.

Add UnitParseError type.

Commits

f626cc8 chore: release v2.3.0 (#124)
6630c55 feat: expose Unit (#123)
See full diff in compare view

Updates aws-config from 1.8.10 to 1.8.11

Commits

See full diff in compare view

Updates aws-credential-types from 1.2.9 to 1.2.10

Commits

See full diff in compare view

Updates aws-sdk-s3 from 1.113.0 to 1.115.0

Commits

See full diff in compare view

Updates convert_case from 0.9.0 to 0.10.0

Commits

See full diff in compare view

Updates hashbrown from 0.16.0 to 0.16.1

Release notes

Sourced from hashbrown's releases.

v0.16.1

Added

Added HashTable methods related to the raw bucket index (#657)

Added VacantEntryRef::insert_with_key (#579)

Changed

Removed specialization for Copy types (#662)

The get_many_mut family of methods have been renamed to get_disjoint_mut to match the standard library. The old names are still present for now, but deprecated. (#648)

Recognize and use over-sized allocations when using custom allocators. (#523)

Depend on serde_core instead of serde. (#649)

Optimized collect on rayon parallel iterators. (#652)

Changelog

Sourced from hashbrown's changelog.

0.16.1 - 2025-11-20

Added

Added HashTable methods related to the raw bucket index (#657)

Added VacantEntryRef::insert_with_key (#579)

Changed

Removed specialization for Copy types (#662)

The get_many_mut family of methods have been renamed to get_disjoint_mut to match the standard library. The old names are still present for now, but deprecated. (#648)

Recognize and use over-sized allocations when using custom allocators. (#523)

Depend on serde_core instead of serde. (#649)

Optimized collect on rayon parallel iterators. (#652)

Commits

1876e4f Add PR link for get_disjoint_mut rename
2e363b6 Update CHANGELOG for version 0.16.1
88d54a5 chore: release v0.16.1
21be06c Merge pull request #657 from cuviper/table-bucket
af971f3 Add T to bucket iterators and inline their methods
7ccb6d6 Add HashTable::iter_buckets and iter_hash_buckets
aeb7996 Add HashTable::get_bucket_entry_unchecked
e885a4e get_bucket_entry -> Result\<OccupiedEntry, AbsentEntry>
dabfbef Add get_bucket_unchecked and get_bucket_unchecked_mut
42d9377 Make HashTable entries use Tag instead of a full hash
Additional commits viewable in compare view

Updates rumqttc from 0.25.0 to 0.25.1

Release notes

Sourced from rumqttc's releases.

rumqttc-0.25.1

rumqttc v0.25.1

This patch release focuses on fixing the broken WebSocket feature and includes dependency updates.

Highlights

WebSocket Fix: This release resolves a build issue that occurred when the websocket feature was enabled, caused by incompatibility with ws_stream_tungstenite v0.14.0. The dependency has been updated to v0.15.0, restoring full WebSocket functionality.

Changes

Fixed: Build failure when compiling with the websocket feature enabled (#999)

Added: New use-rustls-no-provider feature for more flexible TLS configuration (#988)

Maintenance: Updated dependencies (#1006 )

Contributors

Welcome to our new contributors:

@giridher-art

@Matt3o12

@MightyPork

Full Changelog: [rumqttc-0.25.0...rumqttc-0.25.1]

Commits

2167da0 Merge pull request #1006 from giridher-art/main
f1e9e8d chore(deps): updating deps
f334174 Merge pull request #999 from MightyPork/fix-websocket-build
bf80181 Fix rumqttc build with websocket feature enabled
c03ba8b chore: release rumqttd-0.20.0 (#998)
0dc418d Merge pull request #988 from Matt3o12/main
a571e58 feat(rumqttc): add use-rustls-no-provider feature
7605cc2 Merge pull request #994 from giridher-art/release-v0.25.0
e6edfd7 chore: release chore cargo lock
da1961c chore: release chore
See full diff in compare view

Updates starshard from 0.5.0 to 0.6.0

Commits

b4967af set starshard version 0.6.0
06af5fc upgrade actions/checkout from v5 to v6
610958d upgrade crates version
9b342da chore(deps): bump github/codeql-action from 3 to 4 (#1)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

CLAassistant · 2025-11-24T00:51:03Z

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

github-actions · 2025-11-24T00:51:04Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

cargo/aws-config

1.8.11

Unknown

cargo/aws-credential-types

1.2.10

Unknown

cargo/aws-runtime

1.5.16

Unknown

cargo/aws-sdk-s3

1.115.0

Unknown

cargo/aws-sdk-sso

1.90.0

Unknown

cargo/aws-sdk-ssooidc

1.92.0

Unknown

cargo/aws-sdk-sts

1.94.0

Unknown

cargo/bytesize

2.3.0

Unknown

cargo/convert_case

0.10.0

🟢 4.5

Details

Check	Score	Reason
Packaging	⚠️ -1	packaging workflow not detected
Code-Review	⚠️ 1	Found 1/9 approved changesets -- score normalized to 1
Dangerous-Workflow	⚠️ -1	no workflows found
Maintained	🟢 10	13 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	⚠️ -1	No tokens found
Pinned-Dependencies	⚠️ -1	no dependencies found
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Security-Policy	⚠️ 0	security policy file not detected
Signed-Releases	⚠️ -1	no releases found
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/hashbrown

0.16.1

🟢 6.6

Details

Check	Score	Reason
Code-Review	🟢 10	all changesets reviewed
Maintained	🟢 10	30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy	🟢 10	security policy file detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/rumqttc

0.25.1

🟢 4

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Code-Review	🟢 9	Found 20/21 approved changesets -- score normalized to 9
Maintained	🟢 10	10 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
Vulnerabilities	⚠️ 0	11 existing vulnerabilities detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

cargo/starshard

0.6.0

Unknown

Scanned Files

Cargo.lock

houseme · 2025-11-24T02:19:02Z

@dependabot rebase

…ndabot/cargo/dependencies-065cff4cf8

* build(deps): bump the dependencies group with 10 updates * build(deps): bump the dependencies group with 8 updates (#913) Bumps the dependencies group with 8 updates: | Package | From | To | | --- | --- | --- | | [bytesize](https://github.com/bytesize-rs/bytesize) | `2.2.0` | `2.3.0` | | [aws-config](https://github.com/smithy-lang/smithy-rs) | `1.8.10` | `1.8.11` | | [aws-credential-types](https://github.com/smithy-lang/smithy-rs) | `1.2.9` | `1.2.10` | | [aws-sdk-s3](https://github.com/awslabs/aws-sdk-rust) | `1.113.0` | `1.115.0` | | [convert_case](https://github.com/rutrum/convert-case) | `0.9.0` | `0.10.0` | | [hashbrown](https://github.com/rust-lang/hashbrown) | `0.16.0` | `0.16.1` | | [rumqttc](https://github.com/bytebeamio/rumqtt) | `0.25.0` | `0.25.1` | | [starshard](https://github.com/houseme/starshard) | `0.5.0` | `0.6.0` | Updates `bytesize` from 2.2.0 to 2.3.0 - [Release notes](https://github.com/bytesize-rs/bytesize/releases) - [Changelog](https://github.com/bytesize-rs/bytesize/blob/master/CHANGELOG.md) - [Commits](bytesize-rs/bytesize@bytesize-v2.2.0...bytesize-v2.3.0) Updates `aws-config` from 1.8.10 to 1.8.11 - [Release notes](https://github.com/smithy-lang/smithy-rs/releases) - [Changelog](https://github.com/smithy-lang/smithy-rs/blob/main/CHANGELOG.md) - [Commits](https://github.com/smithy-lang/smithy-rs/commits) Updates `aws-credential-types` from 1.2.9 to 1.2.10 - [Release notes](https://github.com/smithy-lang/smithy-rs/releases) - [Changelog](https://github.com/smithy-lang/smithy-rs/blob/main/CHANGELOG.md) - [Commits](https://github.com/smithy-lang/smithy-rs/commits) Updates `aws-sdk-s3` from 1.113.0 to 1.115.0 - [Release notes](https://github.com/awslabs/aws-sdk-rust/releases) - [Commits](https://github.com/awslabs/aws-sdk-rust/commits) Updates `convert_case` from 0.9.0 to 0.10.0 - [Commits](https://github.com/rutrum/convert-case/commits) Updates `hashbrown` from 0.16.0 to 0.16.1 - [Release notes](https://github.com/rust-lang/hashbrown/releases) - [Changelog](https://github.com/rust-lang/hashbrown/blob/master/CHANGELOG.md) - [Commits](rust-lang/hashbrown@v0.16.0...v0.16.1) Updates `rumqttc` from 0.25.0 to 0.25.1 - [Release notes](https://github.com/bytebeamio/rumqtt/releases) - [Changelog](https://github.com/bytebeamio/rumqtt/blob/main/CHANGELOG.md) - [Commits](bytebeamio/rumqtt@rumqttc-0.25.0...rumqttc-0.25.1) Updates `starshard` from 0.5.0 to 0.6.0 - [Commits](houseme/starshard@0.5.0...0.6.0) --- updated-dependencies: - dependency-name: bytesize dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: aws-config dependency-version: 1.8.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: aws-credential-types dependency-version: 1.2.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: aws-sdk-s3 dependency-version: 1.115.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: convert_case dependency-version: 0.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: hashbrown dependency-version: 0.16.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: rumqttc dependency-version: 0.25.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: starshard dependency-version: 0.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: houseme <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Nov 24, 2025

houseme changed the base branch from main to dependabot/cargo/dependencies-7c8269a12d1124 November 24, 2025 02:18

dependabot bot changed the base branch from dependabot/cargo/dependencies-7c8269a12d1124 to main November 24, 2025 02:32

dependabot bot force-pushed the dependabot/cargo/dependencies-065cff4cf8 branch from ed28ddf to b27d224 Compare November 24, 2025 02:32

houseme approved these changes Nov 24, 2025

View reviewed changes

houseme changed the base branch from main to dependabot/cargo/dependencies-7c8269a12d1124 November 24, 2025 02:43

Merge branch 'dependabot/cargo/dependencies-7c8269a12d1124' into depe…

bc1999e

…ndabot/cargo/dependencies-065cff4cf8

houseme merged commit 83647c2 into dependabot/cargo/dependencies-7c8269a12d1124 Nov 24, 2025
1 check was pending

houseme deleted the dependabot/cargo/dependencies-065cff4cf8 branch November 24, 2025 02:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump the dependencies group with 8 updates #913

build(deps): bump the dependencies group with 8 updates #913

Uh oh!

dependabot bot commented on behalf of github Nov 24, 2025 •

edited

Loading

Uh oh!

CLAassistant commented Nov 24, 2025

Uh oh!

github-actions bot commented Nov 24, 2025 •

edited

Loading

Uh oh!

houseme commented Nov 24, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

build(deps): bump the dependencies group with 8 updates #913

build(deps): bump the dependencies group with 8 updates #913

Uh oh!

Conversation

dependabot bot commented on behalf of github Nov 24, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

bytesize: v2.3.0

2.3.0

v0.16.1

Added

Changed

0.16.1 - 2025-11-20

Added

Changed

rumqttc-0.25.1

rumqttc v0.25.1

Highlights

Changes

Contributors

Uh oh!

CLAassistant commented Nov 24, 2025

Uh oh!

github-actions bot commented Nov 24, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Dependency Review

OpenSSF Scorecard

Scanned Files

Uh oh!

houseme commented Nov 24, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

dependabot bot commented on behalf of github Nov 24, 2025 •

edited

Loading

github-actions bot commented Nov 24, 2025 •

edited

Loading