Skip to content

build(deps): bump the desktop-cargo group across 1 directory with 4 updates#9

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/src-tauri/desktop-cargo-1cf9a1a78a
Closed

build(deps): bump the desktop-cargo group across 1 directory with 4 updates#9
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/src-tauri/desktop-cargo-1cf9a1a78a

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 25, 2026
edited
Loading

Bumps the desktop-cargo group with 3 updates in the /src-tauri directory: serde_json, sqlx and tauri.

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

Commits
  • a1ae73a Release 1.0.150
  • 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
  • 2037b63 Reject non-string enum object keys
  • 5d30df6 Resolve manual_assert_eq pedantic clippy lint
  • dc8003a Raise required compiler for preserve_order feature to 1.85
  • a42fa98 Unpin CI miri toolchain
  • 684a60e Pin CI miri to nightly-2026-02-11
  • 7c7da33 Raise required compiler to Rust 1.71
  • acf4850 Simplify Number::is_f64
  • 6b8ceab Resolve unnecessary_map_or clippy lint
  • Additional commits viewable in compare view

Updates sqlx from 0.8.6 to 0.9.0

Changelog

Sourced from sqlx's changelog.

0.9.0 - 2026-05-06

Important Announcements

New Github Organization

Shortly after this release is published, the SQLx repository will be transferred to a new GitHub organization: https://github.com/transact-rs/

This is because SQLx has not been owned or maintained by LaunchBadge, LLC. for a few years now, and has since been informally transferred to the collective ownership of its principal authors. Moving the repository to a new organization makes this change more clear, and also allows for potentially inviting outside collaborators.

Cargo.lock Removed from Tracking

The Cargo.lock has been removed from tracking in Git. CI should now always test with the latest versions of all dependencies by default, alongside our pass that checks with cargo generate-lockfile -Z minimal-versions.

This should eliminate the need for any PRs that update dependencies to also update Cargo.lock or contend with an endless stream of merge conflicts against it.

N.B. cargo install --locked sqlx-cli will no longer work. However, cargo install sqlx-cli has always used the latest dependencies by default, ignoring the lockfile, so most users should not be affected. For users requiring reproducible builds, consider maintaining your own lockfile instead; historically, we only ran cargo update sporadically, so relying on SQLx's lockfile offered few guarantees anyway.

See [the manual page for cargo install][man-cargo-install] for details.

Breaking

As per our MSRV policy, the supported Rust version for this release cycle is 1.94.0.

  • [#3383]: feat: create sqlx.toml format [[@​abonander]]
    • SQLx and sqlx-cli now support per-crate configuration files (sqlx.toml)
    • New functionality includes, but is not limited to:
      • Rename DATABASE_URL for a crate (for multi-database workspaces)
      • Set global type overrides for the macros (supporting custom types)
      • Rename or relocate the _sqlx_migrations table (for multiple crates using the same database)
      • Set characters to ignore when hashing migrations (e.g. ignore whitespace)
    • More to be implemented in future releases.
    • Enable feature sqlx-toml to use.
      • sqlx-cli has it enabled by default, but sqlx does not.
      • Default features of library crates can be hard to completely turn off because of [feature unification], so it's better to keep the default feature set as limited as possible. [This is something we learned the hard way.][preferred-crates]
    • Guide: see sqlx::_config module in documentation.
    • Reference: [Link]
    • Examples (written for Postgres but can be adapted to other databases; PRs welcome!):
      • Multiple databases using DATABASE_URL renaming and global type overrides: [Link]
      • Multi-tenant database using _sqlx_migrations renaming and multiple schemas: [Link]
      • Force use of chrono when time is enabled (e.g. when using tower-sessions-sqlx-store): [[Link][preferred-crates]]
        • Forcing bigdecimal when rust_decimal is enabled is also shown, but problems with chrono/time are more common.

... (truncated)

Commits
  • 75bc048 Release 0.9.0 (#4256)
  • 6956cef Prefer to give real data to .bind() in README.md (#4257)
  • 45ba990 Add the possibility to skip migrations (#3846)
  • 66533fa Ensure Deterministic Migration Order (#4136)
  • db47fe3 ci: check direct minimal versions (#4173)
  • 9ecb76d Unescape PostgreSQL passfile password (#3993)
  • c0a3218 breaking(any+mysql): correctly convert text and blob types to AnyTypeInfo (...
  • d82b781 test(sqlite): add regression test for ORDER BY + LIMIT nullability (#4223)
  • b77ba16 chore: update to axum 0.8 (#4253)
  • c0ec9c0 fix(tls): potential deadlock in StdSocket::poll_ready() (#4251)
  • Additional commits viewable in compare view

Updates tauri from 2.11.1 to 2.11.2

Release notes

Sourced from tauri's releases.

tauri-cli v2.11.2

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 1090 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1088 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.55.0
    │   └── tauri-runtime-wry 2.11.2
    │       └── tauri 2.11.2
    │           ├── tauri-utils 2.9.2
    │           │   ├── tauri-schema-generator 0.0.0
    │           │   ├── tauri-runtime-wry 2.11.2
    │           │   ├── tauri-runtime 2.11.2
    │           │   │   ├── tauri-runtime-wry 2.11.2
    │           │   │   └── tauri 2.11.2
    │           │   ├── tauri-plugin 2.6.2
    │           │   │   ├── tauri-plugin-sample 0.1.0
    │           │   │   │   └── api 0.1.0
    │           │   │   └── tauri-plugin-log 2.6.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-macros 2.6.2
    │           │   │   └── tauri 2.11.2
    │           │   ├── tauri-codegen 2.6.2
    │           │   │   ├── tauri-macros 2.6.2
    │           │   │   └── tauri-build 2.6.2
    │           │   │       ├── tauri-file-associations-demo 0.1.0
    │           │   │       ├── tauri 2.11.2
    │           │   │       ├── resources 0.1.0
    │           │   │       ├── bench_helloworld 0.1.0
    │           │   │       ├── bench_files_transfer 0.1.0
    │           │   │       ├── bench_cpu_intensive 0.1.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-cli 2.11.2
    │           │   │   └── tauri-cli-node 0.0.0
    │           │   ├── tauri-bundler 2.9.2
    │           │   │   └── tauri-cli 2.11.2
    │           │   ├── tauri-build 2.6.2
</tr></table>

... (truncated)

Commits
  • 499df79 apply version updates (#15378)
  • 20bb033 Revert "feat: add Windows VC runtime linking and bundling options (#15372)" (...
  • b5b72ce fix(tauri-utils): preserve resource source file name when dest is empty (#15383)
  • 3fd8ba2 fix: resources after empty directory not copied (#15388)
  • 47e1b75 fix: set_as_windows_menu_for_nsapp command wrongly called `set_as_help_menu...
  • eadd8f5 chore(deps-dev): bump svelte from 5.53.11 to 5.55.7 (#15382)
  • 32d8166 feat: add Windows VC runtime linking and bundling options (#15372)
  • b15b859 refactor: make error dialog take &'static str (#15369)
  • 0e8e25f chore(deps): update dependency rollup to v4.60.3 (#15355)
  • See full diff in compare view

Updates tauri-build from 2.6.1 to 2.6.2

Release notes

Sourced from tauri-build's releases.

tauri-build v2.6.2

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 1090 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1088 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.55.0
    │   └── tauri-runtime-wry 2.11.2
    │       └── tauri 2.11.2
    │           ├── tauri-utils 2.9.2
    │           │   ├── tauri-schema-generator 0.0.0
    │           │   ├── tauri-runtime-wry 2.11.2
    │           │   ├── tauri-runtime 2.11.2
    │           │   │   ├── tauri-runtime-wry 2.11.2
    │           │   │   └── tauri 2.11.2
    │           │   ├── tauri-plugin 2.6.2
    │           │   │   ├── tauri-plugin-sample 0.1.0
    │           │   │   │   └── api 0.1.0
    │           │   │   └── tauri-plugin-log 2.6.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-macros 2.6.2
    │           │   │   └── tauri 2.11.2
    │           │   ├── tauri-codegen 2.6.2
    │           │   │   ├── tauri-macros 2.6.2
    │           │   │   └── tauri-build 2.6.2
    │           │   │       ├── tauri-file-associations-demo 0.1.0
    │           │   │       ├── tauri 2.11.2
    │           │   │       ├── resources 0.1.0
    │           │   │       ├── bench_helloworld 0.1.0
    │           │   │       ├── bench_files_transfer 0.1.0
    │           │   │       ├── bench_cpu_intensive 0.1.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-cli 2.11.2
    │           │   │   └── tauri-cli-node 0.0.0
    │           │   ├── tauri-bundler 2.9.2
    │           │   │   └── tauri-cli 2.11.2
    │           │   ├── tauri-build 2.6.2
</tr></table>

... (truncated)

Commits
  • 499df79 apply version updates (#15378)
  • 20bb033 Revert "feat: add Windows VC runtime linking and bundling options (#15372)" (...
  • b5b72ce fix(tauri-utils): preserve resource source file name when dest is empty (#15383)
  • 3fd8ba2 fix: resources after empty directory not copied (#15388)
  • 47e1b75 fix: set_as_windows_menu_for_nsapp command wrongly called `set_as_help_menu...
  • eadd8f5 chore(deps-dev): bump svelte from 5.53.11 to 5.55.7 (#15382)
  • 32d8166 feat: add Windows VC runtime linking and bundling options (#15372)
  • b15b859 refactor: make error dialog take &'static str (#15369)
  • 0e8e25f chore(deps): update dependency rollup to v4.60.3 (#15355)
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Dependency updates and maintenance needs triage Needs maintainer review and routing labels May 25, 2026
@dependabot dependabot Bot force-pushed the dependabot/cargo/src-tauri/desktop-cargo-1cf9a1a78a branch 2 times, most recently from 55c5cf5 to a750a7f Compare May 25, 2026 22:02
@dependabot
build(deps): bump the desktop-cargo group across 1 directory with 4 u…
6c27d3a 
…pdates

Bumps the desktop-cargo group with 3 updates in the /src-tauri directory: [serde_json](https://github.com/serde-rs/json), [sqlx](https://github.com/launchbadge/sqlx) and [tauri](https://github.com/tauri-apps/tauri).


Updates `serde_json` from 1.0.149 to 1.0.150
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.149...v1.0.150)

Updates `sqlx` from 0.8.6 to 0.9.0
- [Changelog](https://github.com/transact-rs/sqlx/blob/main/CHANGELOG.md)
- [Commits](transact-rs/sqlx@v0.8.6...v0.9.0)

Updates `tauri` from 2.11.1 to 2.11.2
- [Release notes](https://github.com/tauri-apps/tauri/releases)
- [Commits](tauri-apps/tauri@tauri-v2.11.1...tauri-v2.11.2)

Updates `tauri-build` from 2.6.1 to 2.6.2
- [Release notes](https://github.com/tauri-apps/tauri/releases)
- [Commits](tauri-apps/tauri@tauri-build-v2.6.1...tauri-build-v2.6.2)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-version: 1.0.150
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: desktop-cargo
- dependency-name: sqlx
  dependency-version: 0.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: desktop-cargo
- dependency-name: tauri
  dependency-version: 2.11.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: desktop-cargo
- dependency-name: tauri-build
  dependency-version: 2.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: desktop-cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/src-tauri/desktop-cargo-1cf9a1a78a branch from a750a7f to 6c27d3a Compare June 2, 2026 04:00
@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github Jun 8, 2026

Looks like these dependencies are no longer updatable, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 8, 2026
@dependabot dependabot Bot deleted the dependabot/cargo/src-tauri/desktop-cargo-1cf9a1a78a branch June 8, 2026 09:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Dependency updates and maintenance needs triage Needs maintainer review and routing

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants