Bump the cargo_dependencies group across 1 directory with 11 updates

[dependabot]

Bumps the cargo_dependencies group with 11 updates in the / directory:

Package	From	To
tokio	1.48.0	1.49.0
chrono	0.4.42	0.4.43
socket2	0.6.1	0.6.2
ratatui	0.29.0	0.30.0
rlimit	0.10.2	0.11.0
toml	0.9.10+spec-1.1.0	0.9.11+spec-1.1.0
thiserror	2.0.17	2.0.18
insta	1.45.0	1.46.3
clap	4.5.53	4.5.56
tui-popup	0.6.2	0.7.2
zip	7.0.0	7.2.0

Updates tokio from 1.48.0 to 1.49.0

Release notes

Sourced from tokio's releases.

Tokio v1.49.0

1.49.0 (January 3rd, 2026)

Added

• net: add support for TCLASS option on IPv6 (#7781)
• runtime: stabilize runtime::id::Id (#7125)
• task: implement Extend for JoinSet (#7195)
• task: stabilize the LocalSet::id() (#7776)

Changed

• net: deprecate {TcpStream,TcpSocket}::set_linger (#7752)

Fixed

• macros: fix the hygiene issue of join! and try_join! (#7766)
• runtime: revert "replace manual vtable definitions with Wake" (#7699)
• sync: return TryRecvError::Disconnected from Receiver::try_recv after Receiver::close (#7686)
• task: remove unnecessary trait bounds on the Debug implementation (#7720)

Unstable

• fs: handle EINTR in fs::write for io-uring (#7786)
• fs: support io-uring with tokio::fs::read (#7696)
• runtime: disable io-uring on EPERM (#7724)
• time: add alternative timer for better multicore scalability (#7467)

Documented

• docs: fix a typos in bounded.rs and park.rs (#7817)
• io: add SyncIoBridge cross-references to copy and copy_buf (#7798)
• io: doc that AsyncWrite does not inherit from std::io::Write (#7705)
• metrics: clarify that num_alive_tasks is not strongly consistent (#7614)
• net: clarify the cancellation safety of the TcpStream::peek (#7305)
• net: clarify the drop behavior of unix::OwnedWriteHalf (#7742)
• net: clarify the platform-dependent backlog in TcpSocket docs (#7738)
• runtime: mention LocalRuntime in new_current_thread docs (#7820)
• sync: add missing period to mpsc::Sender::try_send docs (#7721)
• sync: clarify the cancellation safety of oneshot::Receiver (#7780)
• sync: improve the docs for the errors of mpsc (#7722)
• task: add example for spawn_local usage on local runtime (#7689)

#7125: tokio-rs/tokio#7125 #7195: tokio-rs/tokio#7195 #7305: tokio-rs/tokio#7305 #7467: tokio-rs/tokio#7467 #7614: tokio-rs/tokio#7614 #7686: tokio-rs/tokio#7686 #7689: tokio-rs/tokio#7689

... (truncated)

Commits

• e3b89bb chore: prepare Tokio v1.49.0 (#7824)
• 4f577b8 Merge 'tokio-1.47.3' into 'master'
• f320197 chore: prepare Tokio v1.47.3 (#7823)
• ea6b144 ci: freeze rustc on nightly-2025-01-25 in netlify.toml (#7652)
• 264e703 Merge tokio-1.43.4 into tokio-1.47.x (#7822)
• dfb0f00 chore: prepare Tokio v1.43.4 (#7821)
• 4a91f19 ci: fix wasm32-wasip1 tests (#7788)
• 601c383 ci: upgrade FreeBSD from 14.2 to 14.3 (#7758)
• 484cb52 sync: return TryRecvError::Disconnected from Receiver::try_recv after `Re...
• 16f20c3 rt: mention LocalRuntime in new_current_thread docs (#7820)
• Additional commits viewable in compare view

Updates chrono from 0.4.42 to 0.4.43

Release notes

Sourced from chrono's releases.

0.4.43

What's Changed

• Install extra components for lint workflow by @​djc in chronotope/chrono#1741
• Upgrade windows-bindgen to 0.64 by @​djc in chronotope/chrono#1742
• Improve windows-bindgen setup by @​djc in chronotope/chrono#1744
• Drop stabilized feature doc_auto_cfg by @​djc in chronotope/chrono#1745
• Faster RFC 3339 parsing by @​djc in chronotope/chrono#1748
• Update windows-bindgen requirement from 0.64 to 0.65 by @​dependabot[bot] in chronotope/chrono#1751
• add NaiveDate::abs_diff by @​Kinrany in chronotope/chrono#1752
• Add feature gated defmt support. by @​pebender in chronotope/chrono#1747
• Drop deny lints, eager Debug impls are a mixed blessing by @​djc in chronotope/chrono#1753
• chore: minor improvement for docs by @​spuradage in chronotope/chrono#1756
• Added doctest for the NaiveDate years_since function by @​LucasBou in chronotope/chrono#1755
• Prepare 0.4.43 by @​djc in chronotope/chrono#1765
• Update copyright year to 2026 in LICENSE.txt by @​taozui472 in chronotope/chrono#1767

Commits

• 45caaa9 Update copyright year to 2026 in LICENSE.txt
• 1c0b8f0 Bump version to 0.4.43
• a03e43b Upgrade windows-bindgen to 0.66
• 4fedaba Ignore bincode advisory
• f4b7bbd Bump actions/checkout from 5 to 6
• db12973 Added doctest for the NaiveDate years_since function (#1755)
• 34b5f49 chore: minor improvement for docs
• 8c82711 Bump actions/setup-node from 5 to 6
• ea1f11b Drop deny lints, eager Debug impls are a mixed blessing
• 35f9f2d Add feature gated defmt support.
• Additional commits viewable in compare view

Updates socket2 from 0.6.1 to 0.6.2

Changelog

Sourced from socket2's changelog.

0.6.2

• MsgHdr and MsgHdrMut are marked as transparent meaning both have the same layout as msghdr on Unix and WSAMSG on Windows (rust-lang/socket2#635).
• Don't set SO_NOSIGPIPE when accepting sockets, this is inherited from the parent socket (rust-lang/socket2#632).
• Fixes Socket::tcp_notsent_lowat by using the correct argument type (rust-lang/socket2#622).

Commits

• 9a30f4f Release v0.6.2
• 3403a44 make MsgHdr and MsgHdrMut repr(transparent) to allow legally obtaining ...
• feac83a Don't set SO_NOSIGPIPE when accepting sockets (#632)
• 3fe6576 Test MSRV on Windows in CI
• a18be6a Re-enable CI check for armv7-sony-vita-newlibeabihf
• 853f9a7 Fix some typos in comments
• 299c2e5 Fixed cfg in original_dst_v6 test (#626)
• 9463a02 Enable CI for aarch64-apple-visionos
• 4af7d3d fix getsockopt generic argument in notsent_lowat
• a0810cd Update FreeBSD CI environment
• See full diff in compare view

Updates ratatui from 0.29.0 to 0.30.0

Release notes

Sourced from ratatui's releases.

ratatui-v0.30.0

"Rats don't just survive; they discover; they create. ... I mean, just look at what they do with the terminal!" – Remy & Orhun

We are excited to announce the biggest release of ratatui so far - a Rust library that's all about cooking up TUIs 👨‍🍳🐀

🌠 Added "no_std" support for embedded targets, modularized architecture, major widget & layout upgrades!

✨ Release highlights: https://ratatui.rs/highlights/v030/

⚠️ List of breaking changes can be found here.

Features

• 90a77aa (direction) Add Direction::perpendicular(self) by @​b-guild in #2197

• 56d5e05 (bar) Update label and text_value to accept Into<> by @​Emivvvvv in #1471 [breaking]

  BREAKING CHANGE:label and text_value now accept Into<> types, which breaks type inference.

  - Bar::default().label("foo".into());
  + Bar::default().label("foo");

  - Bar::default().text_value("bar".into());
  + Bar::default().text_value("bar");

• b76ad3b (bar) Impl Styled for Bar by @​Emivvvvv in #1476

  Related:ratatui/ratatui#683

• e15fefa (barchar) Add BarChart::grouped constructor by @​joshka in #1513

  Add a new constructor to the BarChart widget that allows creating a grouped barchart with multiple groups of bars.

  Also add a new constructor to the BarGroup widget that allows creating a group of bars with a label.

• 369b18e (barchart) Reduce barchart creation verbosity by @​Emivvvvv in #1453

  Adds constructor methods for BarChart, BarGroup, and Bar

• 1dc18bf (calendar) Add width and height functions by @​joshka in #2198

  Fixes ratatui/ratatui#2016

... (truncated)

Changelog

Sourced from ratatui's changelog.

v0.30.0 - 2025-12-26

"Rats don't just survive; they discover; they create. ... I mean, just look at what they do with the terminal!" – Remy & Orhun

We are excited to announce the biggest release of ratatui so far - a Rust library that's all about cooking up TUIs 👨‍🍳🐀

🌠 Added "no_std" support for embedded targets, modularized architecture, major widget & layout upgrades!

✨ Release highlights: https://ratatui.rs/highlights/v030/

⚠️ List of breaking changes can be found here.

Features

• 90a77aa (direction) Add Direction::perpendicular(self) by @b-guild in #2197

• 56d5e05 (bar) Update label and text_value to accept Into<> by @Emivvvvv in #1471 [breaking]

  BREAKING CHANGE:label and text_value now accept Into<> types, which breaks type inference.

  - Bar::default().label("foo".into());
  + Bar::default().label("foo");

  - Bar::default().text_value("bar".into());
  + Bar::default().text_value("bar");

• b76ad3b (bar) Impl Styled for Bar by @Emivvvvv in #1476

  Related:ratatui/ratatui#683

• e15fefa (barchar) Add BarChart::grouped constructor by @joshka in #1513

  Add a new constructor to the BarChart widget that allows creating a grouped barchart with multiple groups of bars.

  Also add a new constructor to the BarGroup widget that allows creating a group of bars with a label.

• 369b18e (barchart) Reduce barchart creation verbosity by @Emivvvvv in #1453

  Adds constructor methods for BarChart, BarGroup, and Bar

• 1dc18bf (calendar) Add width and height functions by @joshka in #2198

... (truncated)

Commits

• 0a2a7c0 chore(ratatui): unleash the rats v0.30.0 (#2294)
• 8c620d6 docs(widgets): add link to no-std concept page (#2288)
• 686d955 chore: re-release 0.30.0-beta.1 (#2292)
• 04e86bb chore: revert the 0.30-beta.1 update to re-trigger release-plz (#2291)
• 06a30cc chore(widgets): disable scrape-examples and revert ratatui dev dep (#2290)
• 3936b10 chore: release 0.30.0-beta.1 (#2287)
• 1f7efe9 build(deps): bump dtolnay/rust-toolchain from 0b1efabc08b657293548b77fb76cc02...
• fbd560a build(deps): bump taiki-e/install-action from 2.63.3 to 2.65.1 (#2282)
• 4495754 build(deps): bump serde_json from 1.0.145 to 1.0.146 (#2284)
• a8d8afe build(deps): bump tracing from 0.1.43 to 0.1.44 (#2283)
• Additional commits viewable in compare view

Updates rlimit from 0.10.2 to 0.11.0

Changelog

Sourced from rlimit's changelog.

0.11.0 - 2026-02-02

• [PR #71](Nugine/rlimit#71): Add system-wide file descriptor limits support (SysLimits) on Linux/Android.
• [PR #75](Nugine/rlimit#75): Fix setmaxstdio crash on Windows when values exceed c_int::MAX.
• [PR #78](Nugine/rlimit#78): Document number casting safety across platform boundaries.
• Bump MSRV to 1.65.0.
• Update libc bindings (libc 0.2.180).

Commits

• 839f347 release v0.11.0
• d005b28 build(deps): bump libc from 0.2.178 to 0.2.180 in the dependencies group (#84)
• 21e479b Regenerate bindings to match libc cfg output (#83)
• d774e91 build(deps): bump the actions group with 2 updates (#82)
• abb97b6 Configure Dependabot for monthly updates and GitHub Actions tracking (#81)
• 2b7bf90 fix: update bindings
• e7b4e0d Document number casting safety across platform boundaries (#78)
• 2af2ec5 Add system-wide file descriptor limits support (/proc/sys/fs) (#71)
• a2c6cc2 ci: macos-15-intel
• 4b4bf10 build(deps): bump libc from 0.2.177 to 0.2.178 (#76)
• Additional commits viewable in compare view

Updates toml from 0.9.10+spec-1.1.0 to 0.9.11+spec-1.1.0

Commits

• febf44c chore: Release
• 5009cf2 docs: Update changelog
• b5798aa fix(toml): Support serializing u64, i128, u128 (#1086)
• 9fd8b72 fix(toml): Support serializing i128/u128
• 94fc5e0 fix(toml): Support serializing full u64 range
• 2e09401 chore: Release
• See full diff in compare view

Updates thiserror from 2.0.17 to 2.0.18

Release notes

Sourced from thiserror's releases.

2.0.18

• Make compatible with project-level needless_lifetimes = "forbid" (#443, thanks @​LucaCappelletti94)

Commits

• dc0f6a2 Release 2.0.18
• 0275292 Touch up PR 443
• 3c33bc6 Merge pull request #443 from LucaCappelletti94/master
• 995939c Reproduce issue 442
• 21653d1 Made clippy lifetime allows conditional
• 45e5388 Update actions/upload-artifact@v5 -> v6
• 386aac1 Update actions/upload-artifact@v4 -> v5
• ec50561 Update actions/checkout@v5 -> v6
• 247eab5 Update name of empty_enum clippy lint
• 91b181f Raise required compiler to Rust 1.68
• Additional commits viewable in compare view

Updates insta from 1.45.0 to 1.46.3

Release notes

Sourced from insta's releases.

1.46.3

Release Notes

• Fix inline escaped snapshots incorrectly stripping leading newlines when content contains control characters like carriage returns. The escaped format (used for snapshots with control chars) now correctly preserves the original content without stripping a non-existent formatting newline. #865

Install cargo-insta 1.46.3

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.46.3/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.46.3/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.46.3

File	Platform	Checksum
cargo-insta-aarch64-apple-darwin.tar.xz	Apple Silicon macOS	checksum
cargo-insta-x86_64-apple-darwin.tar.xz	Intel macOS	checksum
cargo-insta-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
cargo-insta-x86_64-unknown-linux-gnu.tar.xz	x64 Linux	checksum
cargo-insta-x86_64-unknown-linux-musl.tar.xz	x64 MUSL Linux	checksum

1.46.2

Release Notes

• Fix inline snapshot corruption with carriage returns. The leading_space() function incorrectly treated \r as indentation, causing carriage returns to be stripped from snapshot content. #866
• Remove < 0.4.17 upper bound on globset dependency. #864

Install cargo-insta 1.46.2

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.46.2/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.46.2/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.46.2

... (truncated)

Changelog

Sourced from insta's changelog.

1.46.3

• Fix inline escaped snapshots incorrectly stripping leading newlines when content contains control characters like carriage returns. The escaped format (used for snapshots with control chars) now correctly preserves the original content without stripping a non-existent formatting newline. #865

1.46.2

• Fix inline snapshot corruption with carriage returns. The leading_space() function incorrectly treated \r as indentation, causing carriage returns to be stripped from snapshot content. #866
• Remove < 0.4.17 upper bound on globset dependency. #864

1.46.1

• Fix inline snapshot corruption when multiple snapshots appear inside with_settings! macro. #858

1.46.0

• Add INSTA_PENDING_DIR environment variable for Bazel and other hermetic build systems. When set, pending snapshots are written to a separate directory while keeping the source tree read-only. We are very open to feedback on this feature. #852
• Fix documentation for test.runner_fallback config key. #853

1.45.1

• Fix backward compatibility with TOML format produced by insta < 1.45.0. #849 (@​chitoku-k)

Commits

• 1324590 Release 1.46.3 (#870)
• b26bc7f Fix escaped format inline snapshots not stripping formatting newline (#869)
• 2ab00cc Release 1.46.2 (#867)
• 97c6f57 Fix inline snapshot corruption with carriage returns (#866)
• 2a9f7ad Remove globset version cap (#864)
• 8a5b775 Release 1.46.1 (#859)
• 822f404 Fix inline snapshot corruption with multiple snapshots in with_settings! (#858)
• 7d27e3a Release 1.46.0 (#855)
• 3aa59d6 Add INSTA_PENDING_DIR environment variable for hermetic builds (#852)
• fd40cf7 Fix docs for test.runner_fallback config key (#853)
• Additional commits viewable in compare view

Updates clap from 4.5.53 to 4.5.56

Release notes

Sourced from clap's releases.

v4.5.56

[4.5.56] - 2026-01-29

Fixes

• On conflict error, don't show conflicting arguments in the usage

v4.5.55

[4.5.55] - 2026-01-27

Fixes

• Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

v4.5.54

[4.5.54] - 2026-01-02

Fixes

• (help) Move [default] to its own paragraph when PossibleValue::help is present in --help

Changelog

Sourced from clap's changelog.

[4.5.56] - 2026-01-29

Fixes

• On conflict error, don't show conflicting arguments in the usage

[4.5.55] - 2026-01-27

Fixes

• Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

[4.5.54] - 2026-01-02

Fixes

• (help) Move [default] to its own paragraph when PossibleValue::help is present in --help

Commits

• 9cec100 chore: Release
• 00e72e0 docs: Update changelog
• c7848ff Merge pull request #6094 from epage/home
• 60184fb feat(complete): Expand ~ in native completions
• 09969d3 chore(deps): Update Rust Stable to v1.89 (#6093)
• 520beb5 chore: Release
• 2bd8ab3 docs: Update changelog
• 220875b Merge pull request #6091 from epage/possible
• e5eb6c9 fix(help): Integrate 'Possible Values:' into 'Arg::help'
• 594a771 refactor(help): Make empty tracking more consistent
• Additional commits viewable in compare view

Updates tui-popup from 0.6.2 to 0.7.2

Release notes

Sourced from tui-popup's releases.

tui-popup-v0.7.2

📚 Documentation

• Refresh widget docs (#148)

  Standardize widget crate docs and README layouts. Unify badges, links, and license references. Add consistent usage sections and link style updates.

tui-popup-v0.7.1

⚙️ Miscellaneous Tasks

• Refresh readmes and rdme check (#140)

  Regenerate crate READMEs via cargo-rdme and add a CI check to keep workspace readmes in sync.

tui-popup-v0.7.0

🚀 Features

• [breaking] Migrate to ratatui 0.30 (#120)

  feat!: migrate to ratatui 0.30

  • Update workspace deps to ratatui 0.30, ratatui-core, ratatui-widgets, crossterm 0.29
  • Shift widget crates to ratatui-core/ratatui-widgets imports where needed
  • Update tui-popup/tui-prompts event handling to use crossterm types
  • Revise tui-popup rendering/ref semantics and docs to match reference rendering rules
  • Add rolling breaking changes doc and markdownlint config
  • Bump direct deps needed for minimal-versions and examples (document-features, colorgrad, unicode-width)

tui-popup-v0.7.0-alpha.0

🐛 Bug Fixes

• Broken links from move to tui-widgets

Changelog

Sourced from tui-popup's changelog.

Changelog

All notable changes to this project will be documented in this file.

[0.7.0] - 2026-01-02

🚀 Features

• (scrollbar) Add tui-scrollbar crate (#164)

  Summary

  Introduce tui-scrollbar, a new widget crate for Ratatui that renders smooth, fractional scrollbars with precise thumb feedback and stateless input handling. The crate focuses on clear geometry via ScrollMetrics, configurable glyph sets (including legacy computing symbols), and ergonomic examples for keyboard and mouse interaction.

  

  Why

  Ratatui’s built-in scrollbar favors full-cell glyphs and stateful use. This crate prioritizes fractional thumbs for more accurate feedback, exposes pure metrics for testing/composition, and keeps scroll state in the application for predictable input behavior.

  Docs and Examples

  The crate-level docs include a quick start, API map, and input-handling guidance. Two examples show the fractional glyph sweep and an interactive mouse/keyboard demo.

  use ratatui_core::buffer::Buffer;
  use ratatui_core::layout::Rect;
  use ratatui_core::widgets::Widget;
  use tui_scrollbar::{ScrollBar, ScrollBarArrows, ScrollLengths};
  let area = Rect::new(0, 0, 1, 6);
  let lengths = ScrollLengths {
  content_len: 120,
  viewport_len: 30,
  };
  let scrollbar = ScrollBar::vertical(lengths)
  .arrows(ScrollBarArrows::Both)
  .offset(45);

... (truncated)

Commits

• 659920e chore(tui-popup): release v0.7.2 (#155)
• 5a8e9fd chore(tui-qrcode): release v0.2.2 (#152)
• eb33339 chore(tui-bar-graph): release v0.3.1 (#151)
• 88b52a5 chore(tui-cards): release v0.3.1 (#150)
• 53bad47 chore(tui-box-text): release v0.3.1 (#149)
• 9fbf7f7 docs: refresh widget docs (#148)
• a4f18e7 chore(tui-scrollview): release v0.6.1 (#146)
• ea3ad16 chore(tui-widgets): release v0.6.1 (#144)
• f0f7f75 chore(tui-popup): release v0.7.1 (#145)
• c76e9b1 chore(tui-scrollview): release v0.6.1 (#142)
• Additional commits viewable in compare view

Updates zip from 7.0.0 to 7.2.0

Release notes

Sourced from zip's releases.

v7.2.0

🚀 Features

• add read_zipfile_from_stream_with_compressed_size (#70)
• Allow choosing bzip2 rust backend (#329)

🐛 Bug Fixes

• Need to include zip64 extra field in central directory (fix #353) (#360)
• Fails to extract file which might or might not be malformed (#376) (#426)
• (aes) Allow AES encryption while streaming (#463)
• Default "platform" field in zip files should be set to the local platform, rather than always "Unix" (#470) (#471)

🚜 Refactor

• Define cfg_if! and cfg_if_expr! internal macros (#438)

⚡ Performance

• Change an assert to debug_assert when encrypting/decrypting AES, and eliminate a fallible operation (#521)
• eliminate a String clone per new file added to archive, and other related refactors (#522)

⚙️ Miscellaneous Tasks

• Fix another merge error, this one affecting only builds with flate2 and not zopfli
• Fix more merge issues
• Fix merge
• Fix write_dir build errors on specific feature configs
• Fix clippy warning
• Fix --all-features build error
• Fix merge

v7.1.0

🚀 Features

• display the underlying error in Display impl for ZipError::Display (#483)
• Enable creation of ZipArchive without reparsing (#485)

🐛 Bug Fixes

• Return InvalidPassword rather than panic when AES key is the wrong length (#457)
• bench with auto zip64 comment (#505)
• add condition for getrandom dependency (#504)
• (zipcrypto) Support streaming ZipCrypto encryption, don't store entire file in memory (#462)

🚜 Refactor

• Clean up imports and move types (#461)
• Replace handwritten Ord and PartialOrd for DateTime (#484)

... (truncated)

Changelog

Sourced from zip's changelog.

7.2.0 - 2026-01-20

🚀 Features

• add read_zipfile_from_stream_with_compressed_size (#70)
• Allow choosing bzip2 rust backend (#329)

🐛 Bug Fixes

• Need to include zip64 extra field in central directory (fix #353) (#360)
• Fails to extract file which might or might not be malformed (#376) (#426)
• (aes) Allow AES encryption while streaming (#463)
• Default "platform" field in zip files should be set to the local platform, rather than always "Unix" (#470) (#471)

🚜 Refactor

• Define cfg_if! and cfg_if_expr! internal macros (#438)

⚡ Performance

• Change an assert to debug_assert when encrypting/decrypting AES, and eliminate a fallible operation (#521)
• eliminate a String clone per new file added to archive, and other related refactors (#522)

7.1.0 - 2026-01-14

🚀 Features

• display the underlying error in Display impl for ZipError (#483)
• Enable creation of ZipArchive without reparsing (#485)

🐛 Bug Fixes

• Return InvalidPassword rather than panic when AES key is the wrong length (#457)
• bench with auto zip64 comment (#505)
• add condition for getrandom dependency (#504)
• (zipcrypto) Support streaming ZipCrypto encryption, don't store entire file in memory (#462)

🚜 Refactor

• Clean up imports and move types (#461)
• Replace handwritten Ord and PartialOrd for DateTime (#484)

⚙️ Miscellaneous Tasks

• Lock lzma-rust2 to at least 0.15.5 (#491)

Commits

• 46dc29c chore: release v7.2.0 (#526)
• 8a586c6 test: Move a test that was in wrong folder and was using main() instead of `#...
• cfbb476 docs(examples): Fix remaining log-injection alerts, and simplify writeln to e...
• d905296 ci: Disable trigger on non-master push (#538)
• a3a8696 chore(deps): Increase zstd minimum version to 0.13.3 (#539)
• abd8bc8 ci: Add wasm tests and restore conditional wasm-bindgen dependency (#525)
• c10c339 doc(examples): add delete/update examples (#56)
• 9c1a9c7 docs(examples): Fix code scanning alert no. 228: Uncontrolled data used in pa...
• a12eaaf ci: Combine rename invocations (#533)
• e86d376 fix: Need to include zip64 extra field in central directory (fix #353) (#360)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

❌ Patch coverage is 25.00000% with 3 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
src/run.rs	0.0%	3 Missing ⚠️

Files with missing lines	Coverage Δ
crates/mds-tui/src/config_window.rs	45.5% <100.0%> (ø)
crates/mds-tui/src/error_box.rs	0.0% <ø> (ø)
crates/mds-tui/src/table_pane/ipinfo_popup.rs	5.3% <ø> (+<0.1%)	⬆️
src/run.rs	0.0% <0.0%> (ø)

... and 20 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.