Skip to content

deps(deps): bump the rust-minor-patch group with 3 updates#66

Merged
bellini666 merged 1 commit intomasterfrom
dependabot/cargo/rust-minor-patch-98fa99ff59
Feb 7, 2026
Merged

deps(deps): bump the rust-minor-patch group with 3 updates#66
bellini666 merged 1 commit intomasterfrom
dependabot/cargo/rust-minor-patch-98fa99ff59

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Feb 7, 2026

Bumps the rust-minor-patch group with 3 updates: clap, memchr and insta.

Updates clap from 4.5.56 to 4.5.57

Release notes

Sourced from clap's releases.

v4.5.57

[4.5.57] - 2026-02-03

Fixes

  • Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)
Changelog

Sourced from clap's changelog.

[4.5.57] - 2026-02-03

Fixes

  • Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)
Commits
  • 69c0ddb chore: Release
  • 8206bba docs: Update changelog
  • c109d67 Merge pull request #6104 from epage/hide
  • 9d7f212 fix(complete): Hide dot files on dynamic completer
  • 77b3fdb test(complete): Show dot file behavior
  • f89b9b8 test(derive): Make stable across upgrade
  • 58eb8a9 chore: Release
  • 10a2a75 docs: Update changelog
  • a42eebf Merge pull request #6103 from epage/mut_subcommands
  • 5335f54 feat: Add Command::mut_subcommands
  • Additional commits viewable in compare view

Updates memchr from 2.7.6 to 2.8.0

Commits
  • 886ca4c 2.8.0
  • 7de50d0 memmem: add owned finder constructor variants
  • 1230fc5 benchmarks: fix date in file name
  • 43300c6 benchmarks: add latest x86-64 benchmark results
  • 9bf2301 benchmarks: update everything
  • See full diff in compare view

Updates insta from 1.46.2 to 1.46.3

Release notes

Sourced from insta's releases.

1.46.3

Release Notes

  • Fix inline escaped snapshots incorrectly stripping leading newlines when content contains control characters like carriage returns. The escaped format (used for snapshots with control chars) now correctly preserves the original content without stripping a non-existent formatting newline. #865

Install cargo-insta 1.46.3

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.46.3/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.46.3/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.46.3

File Platform Checksum
cargo-insta-aarch64-apple-darwin.tar.xz Apple Silicon macOS checksum
cargo-insta-x86_64-apple-darwin.tar.xz Intel macOS checksum
cargo-insta-x86_64-pc-windows-msvc.zip x64 Windows checksum
cargo-insta-x86_64-unknown-linux-gnu.tar.xz x64 Linux checksum
cargo-insta-x86_64-unknown-linux-musl.tar.xz x64 MUSL Linux checksum
Changelog

Sourced from insta's changelog.

1.46.3

  • Fix inline escaped snapshots incorrectly stripping leading newlines when content contains control characters like carriage returns. The escaped format (used for snapshots with control chars) now correctly preserves the original content without stripping a non-existent formatting newline. #865
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps(deps): bump the rust-minor-patch group with 3 updates
f4ef09a 
Bumps the rust-minor-patch group with 3 updates: [clap](https://github.com/clap-rs/clap), [memchr](https://github.com/BurntSushi/memchr) and [insta](https://github.com/mitsuhiko/insta).


Updates `clap` from 4.5.56 to 4.5.57
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](clap-rs/clap@clap_complete-v4.5.56...clap_complete-v4.5.57)

Updates `memchr` from 2.7.6 to 2.8.0
- [Commits](BurntSushi/memchr@2.7.6...2.8.0)

Updates `insta` from 1.46.2 to 1.46.3
- [Release notes](https://github.com/mitsuhiko/insta/releases)
- [Changelog](https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md)
- [Commits](mitsuhiko/insta@1.46.2...1.46.3)

---
updated-dependencies:
- dependency-name: clap
  dependency-version: 4.5.57
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor-patch
- dependency-name: memchr
  dependency-version: 2.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: rust-minor-patch
- dependency-name: insta
  dependency-version: 1.46.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: rust-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Feb 7, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Feb 7, 2026

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
cargo/clap 4.5.57 🟢 4.9
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 1Found 2/13 approved changesets -- score normalized to 1
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Vulnerabilities⚠️ 014 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
cargo/clap_builder 4.5.57 🟢 4.9
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 1Found 2/13 approved changesets -- score normalized to 1
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Packaging⚠️ -1packaging workflow not detected
License🟢 10license file detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Vulnerabilities⚠️ 014 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
cargo/insta 1.46.3 🟢 4.4
Details
CheckScoreReason
Code-Review⚠️ 1Found 4/30 approved changesets -- score normalized to 1
Maintained🟢 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy⚠️ 0security policy file not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Vulnerabilities🟢 91 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
cargo/memchr 2.8.0 UnknownUnknown

Scanned Files

  • Cargo.lock

@bellini666 bellini666 merged commit 461c0d9 into master Feb 7, 2026
13 checks passed
@bellini666 bellini666 deleted the dependabot/cargo/rust-minor-patch-98fa99ff59 branch February 7, 2026 08:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bellini666