chore(deps): bump the all-dependencies-cargo group across 1 directory with 8 updates

[dependabot]

Bumps the all-dependencies-cargo group with 8 updates in the / directory:

Package	From	To
colored	2.2.0	3.0.0
petgraph	0.6.5	0.8.1
gix	0.68.0	0.70.0
age	0.10.1	0.11.1
gethostname	0.5.0	1.0.2
octocrab	0.41.2	0.44.1
rand	0.8.5	0.9.1
gix-protocol	0.46.1	0.48.0

Updates colored from 2.2.0 to 3.0.0

Release notes

Sourced from colored's releases.

v3.0.0

• [BREAKING CHANGE]: Upgrade MSRV to 1.80 and remove the then unnecessary lazy_static dependency.

Changelog

Sourced from colored's changelog.

3.0.0

• [BREAKING CHANGE]: Upgrade MSRV to 1.80 and remove the then unnecessary lazy_static dependency.

Commits

• 95b2de8 Remove unnecessary lazy_static dependency (#176)
• 037e091 Fix missing 2.2.0 release in changelog
• See full diff in compare view

Updates petgraph from 0.6.5 to 0.8.1

Release notes

Sourced from petgraph's releases.

petgraph-v0.8.1

This patch release re-adds a missing VisitMap implementation that was dropped in the 0.8.0 release, improves error messaging in panicking functions, and adds capacity management methods to UnionFind.

Bug Fixes

• Bring back VisitMap impl for std HashSet (#764)

New Features

• Add UnionFind capacity management methods (#736)
• add #[track_caller] to functions that panic (#748)

Contributors

• @​starovoid

• @​marcospb19

petgraph-v0.8.0

Breaking changes

• Add no_std Support (#747)
• Add VisitMap::unvisit as proposed in #610 (#611)
• Add support for specifying rankdir on dot plots. (#728)
• Make dot::Config non_exhaustive (#756)
• Add from_f32/64 methods for Float, Unit, and Bounded measures (#733)

New algorithms

• Add articulation points implementation (#681)
• Add Prim's Algorithm for Minimum Spanning Tree (#625)
• Add Kou's algorithm for finding a MST (#682)
• Add Bron-Kerbosch algorithm for maximal cliques (#662)
• Add Shortest Path Faster Algorithm Implementation (#686)

New features

• Add UnionFind::new_set (#684)
• Implement Csr::try_add_edge (#719)
• Add checked UnionFind methods (#730)
• Add MatrixGraph methods with recoverable errors (#720)
• Add methods with recoverable errors for Graph and StableGraph (#718)

CI & fixes

• Fix all clippy lints and check them on CI (#726)
• Pin once_cell version for MSRV builds (#750)
• Require conventional commits tag in PR titles (#734)
• Fix wrong trigger for pr-title check (#751)

... (truncated)

Changelog

Sourced from petgraph's changelog.

0.8.1 - 2025-04-07

This patch release re-adds a missing VisitMap implementation that was dropped in the 0.8.0 release, improves error messaging in panicking functions, and adds capacity management methods to UnionFind.

Bug Fixes

• Bring back VisitMap impl for std HashSet (#764)

New Features

• Add UnionFind capacity management methods (#736)
• add #[track_caller] to functions that panic (#748)

0.8.0 - 2025-04-05

Breaking changes

• Add no_std Support (#747)
• Add VisitMap::unvisit as proposed in #610 (#611)
• Add support for specifying rankdir on dot plots. (#728)
• Make dot::Config non_exhaustive (#756)
• Add from_f32/64 methods for Float, Unit, and Bounded measures (#733)

New algorithms

• Add articulation points implementation (#681)
• Add Prim's Algorithm for Minimum Spanning Tree (#625)
• Add Kou's algorithm for finding a MST (#682)
• Add Bron-Kerbosch algorithm for maximal cliques (#662)
• Add Shortest Path Faster Algorithm Implementation (#686)

New features

• Add UnionFind::new_set (#684)
• Implement Csr::try_add_edge (#719)
• Add checked UnionFind methods (#730)
• Add MatrixGraph methods with recoverable errors (#720)
• Add methods with recoverable errors for Graph and StableGraph (#718)

CI & fixes

• Fix all clippy lints and check them on CI (#726)
• Pin once_cell version for MSRV builds (#750)
• Require conventional commits tag in PR titles (#734)
• Fix wrong trigger for pr-title check (#751)
• Solve clippy warnings (#749)
• Fix github token in pr-title action (#752)
• Add new triggers for semver-checks (#754)

... (truncated)

Commits

• 305a5b2 chore: release v0.8.1 (#762)
• 8ca4ab2 fix: Bring back VisitMap impl for std HashSet (#764)
• 4d30c42 ci: Disable semver-checks lints with false positives (#765)
• ba115d8 feat: add #[track_caller] to functions that panic (#748)
• c69b94a feat: Add UnionFind capacity management methods (#736)
• 2678994 ci: Enable automatic CHANGELOG generation (#761)
• 5f5791c feat!: Release 0.8.0 (#753)
• 1f611f8 ci: Use release-plz for automated changelog generation and publication (#735)
• 3145fa8 fix!: Correct typing for steiner_tree (#759)
• 0038703 docs: Add some missed features into crate-lvl doc (#758)
• Additional commits viewable in compare view

Updates gix from 0.68.0 to 0.70.0

Release notes

Sourced from gix's releases.

gix-odb v0.69.1

Commit Statistics

• 1 commit contributed to the release.
• 0 commits were understood as conventional.
• 0 issues like '(#ID)' were seen in commit messages

Commit Details

• Uncategorized
  • Bump all prior pratch levels to majors (5f7f805)

gix-odb v0.69.0

Bug Fixes

• Adapt to changes in gix-actor Use the committer date and author date that are now backed by bytes and interpret these bytes into a gix_date::Time on demand.

Commit Statistics

• 19 commits contributed to the release.
• 1 commit was understood as conventional.
• 0 issues like '(#ID)' were seen in commit messages

Thanks Clippy

Clippy helped 1 time to make code idiomatic.

Commit Details

• Uncategorized
  • Adjusting changelogs prior to release of gix-path v0.10.16, gix-features v0.42.0, gix-hash v0.17.1, gix-object v0.49.0, gix-glob v0.19.1, gix-quote v0.5.1, gix-attributes v0.25.1, gix-command v0.5.1, gix-packetline-blocking v0.18.4, gix-filter v0.19.0, gix-fs v0.14.1, gix-commitgraph v0.27.1, gix-revwalk v0.20.0, gix-traverse v0.46.0, gix-worktree-stream v0.21.0, gix-archive v0.21.0, gix-tempfile v17.0.1, gix-lock v17.0.1, gix-index v0.39.1, gix-config-value v0.14.13, gix-pathspec v0.10.1, gix-ignore v0.14.1, gix-worktree v0.40.1, gix-diff v0.52.0, gix-blame v0.2.0, gix-ref v0.52.0, gix-sec v0.10.13, gix-config v0.45.0, gix-prompt v0.10.1, gix-url v0.30.1, gix-credentials v0.28.1, gix-discover v0.40.0, gix-dir v0.14.0, gix-mailmap v0.27.0, gix-revision v0.34.0, gix-merge v0.5.0, gix-negotiate v0.20.0, gix-pack v0.59.0, gix-odb v0.69.0, gix-refspec v0.30.0, gix-shallow v0.3.1, gix-packetline v0.18.5, gix-transport v0.46.1, gix-protocol v0.50.0, gix-status v0.19.0, gix-submodule v0.19.0, gix-worktree-state v0.18.1, gix v0.72.0, gix-fsck v0.11.0, gitoxide-core v0.47.0, gitoxide v0.43.0, safety bump 7 crates (49fa9f3)
  • Release gix-date v0.10.0, gix-utils v0.2.1, gix-actor v0.35.0, gix-validate v0.9.5, gix-path v0.10.15, gix-features v0.42.0, gix-hash v0.17.1, gix-object v0.49.0, gix-glob v0.19.1, gix-quote v0.5.1, gix-attributes v0.25.0, gix-command v0.5.1, gix-packetline-blocking v0.18.4, gix-filter v0.19.0, gix-fs v0.14.0, gix-commitgraph v0.27.1, gix-revwalk v0.20.0, gix-traverse v0.46.0, gix-worktree-stream v0.21.0, gix-archive v0.21.0, gix-tempfile v17.0.1, gix-lock v17.0.1, gix-index v0.39.0, gix-config-value v0.14.13, gix-pathspec v0.10.1, gix-ignore v0.14.1, gix-worktree v0.40.0, gix-diff v0.52.0, gix-blame v0.2.0, gix-ref v0.51.0, gix-sec v0.10.13, gix-config v0.45.0, gix-prompt v0.10.1, gix-url v0.30.1, gix-credentials v0.28.1, gix-discover v0.40.0, gix-dir v0.14.0, gix-mailmap v0.27.0, gix-revision v0.34.0, gix-merge v0.5.0, gix-negotiate v0.20.0, gix-pack v0.59.0, gix-odb v0.69.0, gix-refspec v0.30.0, gix-shallow v0.3.1, gix-packetline v0.18.5, gix-transport v0.46.0, gix-protocol v0.50.0, gix-status v0.19.0, gix-submodule v0.19.0, gix-worktree-state v0.18.0, gix v0.72.0, gix-fsck v0.11.0, gitoxide-core v0.46.0, gitoxide v0.43.0, safety bump 30 crates (db0b095)
  • Update changelogs prior to release (0bf84db)
  • Merge pull request #1935 from pierrechevalier83/fix_1923 (3b1bef7)
  • J fmt (c3c6504)
  • Thanks clippy (6f009d7)
  • Adapt to changes in gix-date and gix-actor (afdf1a5)
  • Adapt to changes in gix-actor (b07f907)
  • Merge pull request #1853 from GitoxideLabs/odb-issue (cd1a777)

... (truncated)

Commits

• dea106a Release gix-utils v0.1.14, gix-actor v0.33.2, gix-hash v0.16.0, gix-trace v0....
• 7570daa don't specify version numbers in dev-dependencies
• 1f6390c update all changelogs prior to release
• 1e37e95 Merge pull request #1777 from EliahKagan/run-ci/arm
• d5dc5bf Merge pull request #1776 from EliahKagan/fuzz-next
• 90e08f1 Merge pull request #1774 from EliahKagan/complex-graph-no-baseline-next
• c7f5013 Let either test-32bit cancel the other on failure
• c3d4cff Remove the test-32bit-cross job
• fbc27b5 Install 64-bit libstdc++ in both 32-bit containers
• cbe3793 Use the ARM runner for some 32-bit tests
• Additional commits viewable in compare view

Updates age from 0.10.1 to 0.11.1

Release notes

Sourced from age's releases.

rage v0.11.1

Security

Fixed a security vulnerability that could allow an attacker to execute an arbitrary binary under certain conditions. See GHSA-4fg7-vxc8-qx5w. Plugin names are now required to only contain alphanumeric characters or the four special characters +-._. Thanks to ⬡-49016 for reporting this issue.

rage v0.11.0

rage

Added

• Partial French translation!

Fixed

• [Unix] Files can now be encrypted with rage --passphrase when piped over stdin, without requiring an explicit - argument as INPUT.

age

Added

• New streamlined APIs for use with a single recipient or identity and a small amount of data (that can fit entirely in memory):
  • age::encrypt
  • age::encrypt_and_armor
  • age::decrypt
• age::Decryptor::{decrypt, decrypt_async, is_scrypt}
• age::IdentityFile::to_recipients
• age::IdentityFile::with_callbacks
• age::IdentityFile::write_recipients_file
• age::IdentityFileConvertError
• age::NoCallbacks
• age::scrypt, providing recipient and identity types for passphrase-based encryption.
• Partial French translation!

Changed

• Migrated to i18n-embed 0.15, secrecy 0.10.
• age::Encryptor::with_recipients now takes recipients by reference instead of by value. This aligns it with age::Decryptor (which takes identities by reference), and also means that errors with recipients are reported earlier. This causes the following changes to the API:
  • Encryptor::with_recipients takes impl Iterator<Item = &'a dyn Recipient> instead of Vec<Box<dyn Recipient + Send>>.
  • Verification of recipients and generation of stanzas now happens in Encryptor::with_recipients instead of Encryptor::wrap_output and Encryptor::wrap_async_output.
  • Encryptor::with_recipients returns Result<Self, EncryptError> instead of Option<Self>, and Encryptor::{wrap_output, wrap_async_output} return io::Result<StreamWriter<W>> instead of Result<StreamWriter<W>, EncryptError>.
  • age::EncryptError has a new variant MissingRecipients, taking the place of the None that Encryptor::with_recipients could previously return.
• age::Decryptor is now an opaque struct instead of an enum with Recipients and Passphrase variants.
• age::IdentityFile now has a C: Callbacks generic parameter, which defaults to NoCallbacks.
• age::IdentityFile::into_identities now returns Result<Vec<Box<dyn crate::Identity>>, DecryptError> instead of Vec<IdentityFileEntry>.
• age::Recipient::wrap_file_key now returns (Vec<Stanza>, HashSet<String>): a tuple of the stanzas to be placed in an age file header, and labels that constrain how the stanzas may be combined with those from other recipients.
• age::plugin::RecipientPluginV1 now supports the labels extension.

Fixed

• age::cli_common::read_identities once again correctly parses identity files that are a single line without a trailing newline. This broke in 0.10.0 due to an unrelated refactor.

Removed

• age::decryptor::PassphraseDecryptor (use age::Decryptor with age::scrypt::Identity instead).
• age::decryptor::RecipientsDecryptor (use age::Decryptor instead).
• age::IdentityFileEntry

age-plugin 0.6.0

Added

... (truncated)

Commits

• 0780882 Update changelog with GHSA for security vulnerability
• a82a76a v0.11.1
• 383b6f5 Replace the test NoCallbacks with the library version
• 741de97 Merge branch 'bugfix-0.10.1' into bugfix-0.11.1
• 1744661 Merge pull request #545 from str4d/release-0.11.0
• d35d442 v0.11.0
• e3a5c5f Update user handles in readmes
• 25e0503 fuzz: Fix targets
• 597f1aa Merge pull request #544 from str4d/pre-release-changes
• ae5a392 Provide a better error on invalid filename or missing directory
• Additional commits viewable in compare view

Updates gethostname from 0.5.0 to 1.0.2

Updates octocrab from 0.41.2 to 0.44.1

Release notes

Sourced from octocrab's releases.

v0.44.1

Fixed

• (docs) Update and fix crate documentation for docs.rs, update README (#769)
• print deprecation warning to stderr (#768)

Other

• Add optional name field to Author struct (#771)
• Add 'dowload' and 'download_zip' functions to client (#766)
• Add enum EventInstallation::id() helper (#763)
• examples/graphql_issues.rs: Update schema URL (#764)

v0.44.0

Added

• Implement Serialize for Page (#761)

Fixed

• [breaking] sha is optional in DiffEntry if file contents are unchanged (#750)
• insert auth headers for api.github.com (#754)
• (emails) visibility can be null (#756)

v0.43.0

Other

• Enable client reuse when authenticating via a Github app using user access tokens (#740)
• [breaking] Box the github error & fix clippy lints (#743)
• issues can now be closed as duplicate (#741)
• Add "merged" field to PullRequest (#737)

v0.42.1

Other

• Secret scanning alert locations API (#735)

v0.42.0

Added

• added ssh_signing_keys ops (#725)

Other

• Secrets and Code scanning alerts API (#730)
• add support for custom executors (#728)
• Fixup route in api/issues/update (#732)

Changelog

Sourced from octocrab's changelog.

0.44.1 - 2025-05-06

Fixed

• (docs) Update and fix crate documentation for docs.rs, update README (#769)
• print deprecation warning to stderr (#768)

Other

• Add optional name field to Author struct (#771)
• Add 'dowload' and 'download_zip' functions to client (#766)
• Add enum EventInstallation::id() helper (#763)
• examples/graphql_issues.rs: Update schema URL (#764)

0.44.0 - 2025-03-26

Added

• Implement Serialize for Page (#761)

Fixed

• [breaking] sha is optional in DiffEntry if file contents are unchanged (#750)
• insert auth headers for api.github.com (#754)
• (emails) visibility can be null (#756)

0.43.0 - 2025-01-13

Other

• Enable client reuse when authenticating via a Github app using user access tokens (#740)
• [breaking] Box the github error & fix clippy lints (#743)
• issues can now be closed as duplicate (#741)
• Add "merged" field to PullRequest (#737)

0.42.1 - 2024-11-22

Other

• Secret scanning alert locations API (#735)

0.42.0 - 2024-11-13

Added

• added ssh_signing_keys ops (#725)

Other

• Secrets and Code scanning alerts API (#730)

... (truncated)

Commits

• a193ce6 chore: release v0.44.1 (#765)
• c80670a fix(docs): Update and fix crate documentation for docs.rs, update README (#769)
• e124312 models: Add optional name field to Author struct (#771)
• 53bb435 Add 'dowload' and 'download_zip' functions to client (#766)
• 854be9e fix: print deprecation warning to stderr (#768)
• 38817ec models: Add enum EventInstallation::id() helper (#763)
• 7873417 docs: examples/graphql_issues.rs: Update schema URL (#764)
• 3a779f3 chore: release v0.43.1 (#762)
• 689cb92 fix!: sha is optional in DiffEntry if file contents are unchanged (#750)
• e37e5a8 fix: insert auth headers for api.github.com (#754)
• Additional commits viewable in compare view

Updates rand from 0.8.5 to 0.9.1

Changelog

Sourced from rand's changelog.

[0.9.1] - 2025-04-17

Security and unsafe

• Revise "not a crypto library" policy again (#1565)
• Remove zerocopy dependency from rand (#1579)

Fixes

• Fix feature simd_support for recent nightly rust (#1586)

Changes

• Allow fn rand::seq::index::sample_weighted and fn IndexedRandom::choose_multiple_weighted to return fewer than amount results (#1623), reverting an undocumented change (#1382) to the previous release.

Additions

• Add rand::distr::Alphabetic distribution. (#1587)
• Re-export rand_core (#1604)

[0.9.0] - 2025-01-27

Security and unsafe

• Policy: "rand is not a crypto library" (#1514)
• Remove fork-protection from ReseedingRng and ThreadRng. Instead, it is recommended to call ThreadRng::reseed on fork. (#1379)
• Use zerocopy to replace some unsafe code (#1349, #1393, #1446, #1502)

Dependencies

• Bump the MSRV to 1.63.0 (#1207, #1246, #1269, #1341, #1416, #1536); note that 1.60.0 may work for dependents when using --ignore-rust-version
• Update to rand_core v0.9.0 (#1558)

Features

• Support std feature without getrandom or rand_chacha (#1354)
• Enable feature small_rng by default (#1455)
• Remove implicit feature rand_chacha; use std_rng instead. (#1473)
• Rename feature serde1 to serde (#1477)
• Rename feature getrandom to os_rng (#1537)
• Add feature thread_rng (#1547)

API changes: rand_core traits

• Add fn RngCore::read_adapter implementing std::io::Read (#1267)
• Add trait CryptoBlockRng: BlockRngCore; make trait CryptoRng: RngCore (#1273)
• Add traits TryRngCore, TryCryptoRng (#1424, #1499)
• Rename fn SeedableRng::from_rng -> try_from_rng and add infallible variant fn from_rng (#1424)
• Rename fn SeedableRng::from_entropy -> from_os_rng and add fallible variant fn try_from_os_rng (#1424)
• Add bounds Clone and AsRef to associated type SeedableRng::Seed (#1491)

API changes: Rng trait and top-level fns

• Rename fn rand::thread_rng() to rand::rng() and remove from the prelude (#1506)
• Remove fn rand::random() from the prelude (#1506)
• Add top-level fns random_iter, random_range, random_bool, random_ratio, fill (#1488)
• Re-introduce fn Rng::gen_iter as random_iter (#1305, #1500)
• Rename fn Rng::gen to random to avoid conflict with the new gen keyword in Rust 2024 (#1438)
• Rename fns Rng::gen_range to random_range, gen_bool to random_bool, gen_ratio to random_ratio (#1505)
• Annotate panicking methods with #[track_caller] (#1442, #1447)

... (truncated)

Commits

• ec6d5c0 Prepare rand_core v0.9.1 (#1591)
• 6a06056 rand_core: introduce an UnwrapMut wrapper (#1589)
• 8929123 Add Alphabetic distribution (#1587)
• 06b1642 Remove unnecessary underscore from `impl<T, const N: usize> Distribution<[T; ...
• 49d76cd rename extract to extract_lane (#1586)
• e0a70fd Change to use array::from_fn in Distribution\<[T; N]> for StandardUniform ...
• 0bc3f65 Move rand distr (#1577)
• 2677c49 Revise "not a crypto library" policy and SECURITY.md (#1565)
• bfd1826 SeedableRng docs: add note on (lack of) reproducibility (#1572)
• c01aee7 Fix some links (#1571)
• Additional commits viewable in compare view

Updates gix-protocol from 0.46.1 to 0.48.0

Commits

• dea106a Release gix-utils v0.1.14, gix-actor v0.33.2, gix-hash v0.16.0, gix-trace v0....
• 7570daa don't specify version numbers in dev-dependencies
• 1f6390c update all changelogs prior to release
• 1e37e95 Merge pull request #1777 from EliahKagan/run-ci/arm
• d5dc5bf Merge pull request #1776 from EliahKagan/fuzz-next
• 90e08f1 Merge pull request #1774 from EliahKagan/complex-graph-no-baseline-next
• c7f5013 Let either test-32bit cancel the other on failure
• c3d4cff Remove the test-32bit-cross job
• fbc27b5 Install 64-bit libstdc++ in both 32-bit containers
• cbe3793 Use the ARM runner for some 32-bit tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.