build(deps): bump semver compatible dependencies #3665

paolobarbolini · 2025-01-04T16:50:47Z

sqlx hasn't bumped locked dependencies in a while, resulting in it using very old dependencies. As an example libc was still at v0.2.153, published almost 1 year ago. Some of the locked versions have been in the meanwhile yanked, have had advisories published, or don't support architectures like loongarch64 or s390x.

This is a problem for sqlx-cli because users and distros are encouraged to install binary crates using --locked, which makes cargo install use the versions pinned by Cargo.lock.

Detailed cargo-audit and cargo update output

Fixed cargo-audit warnings/errors:

Crate:     openssl
Version:   0.10.64
Title:     `MemBio::get_buf` has undefined behavior with empty buffers
Date:      2024-07-21
ID:        RUSTSEC-2024-0357
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0357
Solution:  Upgrade to >=0.10.66
Dependency tree:
openssl 0.10.64
├── sqlx-cli 0.8.3
└── native-tls 0.2.11
    └── sqlx-core 0.8.3
        ├── sqlx-sqlite 0.8.3
        │   ├── sqlx-macros-core 0.8.3
        │   │   └── sqlx-macros 0.8.3
        │   │       └── sqlx 0.8.3
        │   │           ├── sqlx-test 0.1.0
        │   │           │   └── sqlx 0.8.3
        │   │           ├── sqlx-sqlite 0.8.3
        │   │           ├── sqlx-postgres 0.8.3
        │   │           │   ├── sqlx-macros-core 0.8.3
        │   │           │   └── sqlx 0.8.3
        │   │           ├── sqlx-mysql 0.8.3
        │   │           │   ├── sqlx-macros-core 0.8.3
        │   │           │   └── sqlx 0.8.3
        │   │           ├── sqlx-example-sqlite-todos 0.1.0
        │   │           ├── sqlx-example-postgres-transaction 0.1.0
        │   │           ├── sqlx-example-postgres-todos 0.1.0
        │   │           ├── sqlx-example-postgres-mockable-todos 0.1.0
        │   │           ├── sqlx-example-postgres-listen 0.1.0
        │   │           ├── sqlx-example-postgres-json 0.1.0
        │   │           ├── sqlx-example-postgres-files 0.1.0
        │   │           ├── sqlx-example-postgres-chat 0.1.0
        │   │           ├── sqlx-example-postgres-axum-social 0.1.0
        │   │           ├── sqlx-example-mysql-todos 0.1.0
        │   │           ├── sqlx-core 0.8.3
        │   │           └── sqlx-cli 0.8.3
        │   └── sqlx 0.8.3
        ├── sqlx-postgres 0.8.3
        ├── sqlx-mysql 0.8.3
        ├── sqlx-macros-core 0.8.3
        ├── sqlx-macros 0.8.3
        └── sqlx 0.8.3

Crate:     futures-util
Version:   0.3.30
Warning:   yanked
Dependency tree:
futures-util 0.3.30
├── tower-http 0.3.5
│   └── axum 0.5.17
│       └── sqlx-example-postgres-axum-social 0.1.0
├── tower 0.4.13
│   ├── tower-http 0.3.5
│   ├── sqlx-example-postgres-axum-social 0.1.0
│   └── axum 0.5.17
├── sqlx-sqlite 0.8.3
│   ├── sqlx-macros-core 0.8.3
│   │   └── sqlx-macros 0.8.3
│   │       └── sqlx 0.8.3
│   │           ├── sqlx-test 0.1.0
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-sqlite 0.8.3
│   │           ├── sqlx-postgres 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-mysql 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-example-sqlite-todos 0.1.0
│   │           ├── sqlx-example-postgres-transaction 0.1.0
│   │           ├── sqlx-example-postgres-todos 0.1.0
│   │           ├── sqlx-example-postgres-mockable-todos 0.1.0
│   │           ├── sqlx-example-postgres-listen 0.1.0
│   │           ├── sqlx-example-postgres-json 0.1.0
│   │           ├── sqlx-example-postgres-files 0.1.0
│   │           ├── sqlx-example-postgres-chat 0.1.0
│   │           ├── sqlx-example-postgres-axum-social 0.1.0
│   │           ├── sqlx-example-mysql-todos 0.1.0
│   │           ├── sqlx-core 0.8.3
│   │           │   ├── sqlx-sqlite 0.8.3
│   │           │   ├── sqlx-postgres 0.8.3
│   │           │   ├── sqlx-mysql 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   ├── sqlx-macros 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           └── sqlx-cli 0.8.3
│   └── sqlx 0.8.3
├── sqlx-postgres 0.8.3
├── sqlx-mysql 0.8.3
├── sqlx-core 0.8.3
├── hyper 0.14.28
│   └── axum 0.5.17
├── futures-executor 0.3.30
│   ├── sqlx-sqlite 0.8.3
│   └── futures 0.3.30
│       ├── sqlx-example-sqlite-todos 0.1.0
│       ├── sqlx-example-postgres-transaction 0.1.0
│       ├── sqlx-example-postgres-todos 0.1.0
│       ├── sqlx-example-postgres-mockable-todos 0.1.0
│       ├── sqlx-example-postgres-listen 0.1.0
│       ├── sqlx-example-postgres-json 0.1.0
│       ├── sqlx-example-postgres-chat 0.1.0
│       ├── sqlx-example-mysql-todos 0.1.0
│       ├── sqlx-cli 0.8.3
│       ├── sqlx 0.8.3
│       └── criterion 0.5.1
│           └── sqlx 0.8.3
├── futures 0.3.30
├── axum-core 0.2.9
│   └── axum 0.5.17
└── axum 0.5.17

Crate:     url
Version:   2.5.3
Warning:   yanked
Dependency tree:
url 2.5.3
├── validator 0.16.1
│   └── sqlx-example-postgres-axum-social 0.1.0
├── sqlx-sqlite 0.8.3
│   ├── sqlx-macros-core 0.8.3
│   │   └── sqlx-macros 0.8.3
│   │       └── sqlx 0.8.3
│   │           ├── sqlx-test 0.1.0
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-sqlite 0.8.3
│   │           ├── sqlx-postgres 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-mysql 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           ├── sqlx-example-sqlite-todos 0.1.0
│   │           ├── sqlx-example-postgres-transaction 0.1.0
│   │           ├── sqlx-example-postgres-todos 0.1.0
│   │           ├── sqlx-example-postgres-mockable-todos 0.1.0
│   │           ├── sqlx-example-postgres-listen 0.1.0
│   │           ├── sqlx-example-postgres-json 0.1.0
│   │           ├── sqlx-example-postgres-files 0.1.0
│   │           ├── sqlx-example-postgres-chat 0.1.0
│   │           ├── sqlx-example-postgres-axum-social 0.1.0
│   │           ├── sqlx-example-mysql-todos 0.1.0
│   │           ├── sqlx-core 0.8.3
│   │           │   ├── sqlx-sqlite 0.8.3
│   │           │   ├── sqlx-postgres 0.8.3
│   │           │   ├── sqlx-mysql 0.8.3
│   │           │   ├── sqlx-macros-core 0.8.3
│   │           │   ├── sqlx-macros 0.8.3
│   │           │   └── sqlx 0.8.3
│   │           └── sqlx-cli 0.8.3
│   └── sqlx 0.8.3
├── sqlx-macros-core 0.8.3
├── sqlx-core 0.8.3
└── sqlx 0.8.3

Result of cargo update:

    Updating crates.io index
    Updating addr2line v0.21.0 -> v0.24.2
    Removing adler v1.0.2
      Adding adler2 v2.0.0
    Removing ahash v0.8.11
    Updating aho-corasick v1.1.2 -> v1.1.3
    Updating allocator-api2 v0.2.16 -> v0.2.21
    Updating anstream v0.6.13 -> v0.6.18
    Updating anstyle v1.0.6 -> v1.0.10
    Updating anstyle-parse v0.2.3 -> v0.2.6
    Updating anstyle-query v1.0.2 -> v1.1.2
    Updating anstyle-wincon v3.0.2 -> v3.0.6
    Updating anyhow v1.0.81 -> v1.0.95
    Updating arrayvec v0.7.4 -> v0.7.6
    Updating assert_cmd v2.0.14 -> v2.0.16
    Updating async-channel v2.2.0 -> v2.3.1
    Updating async-executor v1.8.0 -> v1.13.1
    Updating async-io v2.3.2 -> v2.4.0
    Updating async-lock v3.3.0 -> v3.4.0
    Updating async-task v4.7.0 -> v4.7.1
    Updating async-trait v0.1.77 -> v0.1.84
    Updating autocfg v1.1.0 -> v1.4.0
    Updating aws-lc-rs v1.8.0 -> v1.12.0
    Updating aws-lc-sys v0.19.0 -> v0.24.1
    Updating backtrace v0.3.69 -> v0.3.74
    Updating base64 v0.22.0 -> v0.22.1
    Removing basic-toml v0.1.9
    Updating bigdecimal v0.4.3 -> v0.4.7
    Updating bindgen v0.69.4 -> v0.69.5 (latest: v0.71.1)
    Updating bitflags v2.4.2 -> v2.6.0
    Updating blocking v1.5.1 -> v1.6.1
    Updating borsh v1.5.1 -> v1.5.3
    Updating borsh-derive v1.5.1 -> v1.5.3
    Updating bstr v1.9.1 -> v1.11.3
    Updating bumpalo v3.15.4 -> v3.16.0
    Updating bytes v1.5.0 -> v1.9.0
    Updating camino v1.1.6 -> v1.1.9
    Updating cargo-platform v0.1.7 -> v0.1.9
    Updating cc v1.1.6 -> v1.2.7
      Adding cfg_aliases v0.1.1 (latest: v0.2.1)
    Updating chrono v0.4.35 -> v0.4.39
    Updating clap v4.5.2 -> v4.5.23
    Updating clap_builder v4.5.2 -> v4.5.23
    Updating clap_complete v4.5.1 -> v4.5.40
    Updating clap_derive v4.5.0 -> v4.5.18
    Updating clap_lex v0.7.0 -> v0.7.4
    Updating cmake v0.1.50 -> v0.1.52
    Updating colorchoice v1.0.0 -> v1.0.3
    Updating concurrent-queue v2.4.0 -> v2.5.0
    Updating console v0.15.8 -> v0.15.10
      Adding core-foundation v0.10.0
    Updating core-foundation-sys v0.8.6 -> v0.8.7
    Updating cpufeatures v0.2.12 -> v0.2.16
    Updating crc v3.0.1 -> v3.2.1
    Updating crossbeam-deque v0.8.5 -> v0.8.6
    Updating crossbeam-queue v0.3.11 -> v0.3.12
    Updating crossbeam-utils v0.8.19 -> v0.8.21
    Updating darling v0.20.8 -> v0.20.10
    Updating darling_core v0.20.8 -> v0.20.10
    Updating darling_macro v0.20.8 -> v0.20.10
    Updating der v0.7.8 -> v0.7.9
    Updating dunce v1.0.4 -> v1.0.5
    Updating either v1.10.0 -> v1.13.0
    Updating encode_unicode v0.3.6 -> v1.0.0
    Updating env_filter v0.1.0 -> v0.1.3
    Updating env_logger v0.11.3 -> v0.11.6
    Updating errno v0.3.8 -> v0.3.10
    Removing event-listener v4.0.3
    Removing event-listener v5.2.0
      Adding event-listener v5.3.1
    Removing event-listener-strategy v0.4.0
    Removing event-listener-strategy v0.5.0
      Adding event-listener-strategy v0.5.3
    Updating fastrand v2.0.1 -> v2.3.0
    Updating filetime v0.2.23 -> v0.2.25
    Removing finl_unicode v1.2.0
    Updating flume v0.11.0 -> v0.11.1
    Updating foldhash v0.1.3 -> v0.1.4
    Updating futures v0.3.30 -> v0.3.31
    Updating futures-channel v0.3.30 -> v0.3.31
    Updating futures-core v0.3.30 -> v0.3.31
    Updating futures-executor v0.3.30 -> v0.3.31
    Updating futures-io v0.3.30 -> v0.3.31
    Updating futures-lite v2.2.0 -> v2.5.0
    Updating futures-macro v0.3.30 -> v0.3.31
    Updating futures-sink v0.3.30 -> v0.3.31
    Updating futures-task v0.3.30 -> v0.3.31
    Updating futures-util v0.3.30 -> v0.3.31
    Updating getrandom v0.2.12 -> v0.2.15
    Updating gimli v0.28.1 -> v0.31.1
    Updating glob v0.3.1 -> v0.3.2
    Updating half v2.4.0 -> v2.4.1
    Removing hashbrown v0.14.5
      Adding hermit-abi v0.4.0
    Updating httparse v1.8.0 -> v1.9.5
    Updating hyper v0.14.28 -> v0.14.32 (latest: v1.5.2)
    Updating iana-time-zone v0.1.60 -> v0.1.61
    Updating indexmap v2.2.5 -> v2.7.0
    Updating instant v0.1.12 -> v0.1.13
    Updating is-terminal v0.4.12 -> v0.4.13
      Adding is_terminal_polyfill v1.70.1
    Updating itoa v1.0.10 -> v1.0.14
    Updating jobserver v0.1.31 -> v0.1.32
    Updating js-sys v0.3.69 -> v0.3.76
    Updating lazy_static v1.4.0 -> v1.5.0
    Updating libc v0.2.153 -> v0.2.169
    Updating libloading v0.8.4 -> v0.8.6
    Updating libm v0.2.8 -> v0.2.11
    Updating libredox v0.0.1 -> v0.1.3
    Updating linux-raw-sys v0.4.13 -> v0.4.14 (latest: v0.6.5)
    Updating litemap v0.7.3 -> v0.7.4
    Updating lock_api v0.4.11 -> v0.4.12
    Updating log v0.4.21 -> v0.4.22
    Updating lru v0.12.3 -> v0.12.5
    Updating mac_address v1.1.5 -> v1.1.7
    Updating memchr v2.7.1 -> v2.7.4
      Adding memoffset v0.9.1
    Updating miniz_oxide v0.7.2 -> v0.8.2
      Adding mio v1.0.3
    Removing mirai-annotations v1.12.0
    Updating native-tls v0.2.11 -> v0.2.12
      Adding nix v0.28.0 (latest: v0.29.0)
    Updating num-bigint v0.4.4 -> v0.4.6
    Updating num-iter v0.1.44 -> v0.1.45
    Updating num-traits v0.2.18 -> v0.2.19
    Removing num_cpus v1.16.0
    Updating object v0.32.2 -> v0.36.7
    Updating once_cell v1.19.0 -> v1.20.2
    Updating oorandom v11.1.3 -> v11.1.4
    Updating openssl v0.10.64 -> v0.10.68
    Updating openssl-src v300.2.3+3.2.1 -> v300.4.1+3.4.0
    Updating openssl-sys v0.9.101 -> v0.9.104
    Updating parking v2.2.0 -> v2.2.1
    Updating parking_lot v0.12.1 -> v0.12.3
    Updating parking_lot_core v0.9.9 -> v0.9.10
    Updating paste v1.0.14 -> v1.0.15
    Updating pin-project v1.1.5 -> v1.1.7
    Updating pin-project-internal v1.1.5 -> v1.1.7
    Updating pin-project-lite v0.2.13 -> v0.2.15
    Updating piper v0.2.1 -> v0.2.4
    Updating pkg-config v0.3.30 -> v0.3.31
    Updating plotters v0.3.5 -> v0.3.7
    Updating plotters-backend v0.3.5 -> v0.3.7
    Updating plotters-svg v0.3.5 -> v0.3.7
    Updating polling v3.5.0 -> v3.7.4
    Updating ppv-lite86 v0.2.17 -> v0.2.20
    Updating predicates v3.1.0 -> v3.1.3
    Updating predicates-core v1.0.6 -> v1.0.9
    Updating predicates-tree v1.0.9 -> v1.0.12
    Updating prettyplease v0.2.17 -> v0.2.25
    Updating proc-macro-crate v3.1.0 -> v3.2.0
    Updating proc-macro2 v1.0.89 -> v1.0.92
    Updating quote v1.0.35 -> v1.0.38
    Updating rayon v1.9.0 -> v1.10.0
    Updating redox_syscall v0.4.1 -> v0.5.8
    Updating redox_users v0.4.4 -> v0.4.6 (latest: v0.5.0)
    Updating regex v1.10.3 -> v1.11.1
    Updating regex-automata v0.4.6 -> v0.4.9
    Updating regex-syntax v0.8.2 -> v0.8.5
    Updating rkyv v0.7.44 -> v0.7.45 (latest: v0.8.9)
    Updating rkyv_derive v0.7.44 -> v0.7.45 (latest: v0.8.9)
    Updating rsa v0.9.6 -> v0.9.7
    Updating rust_decimal v1.34.3 -> v1.36.0
    Updating rustc-demangle v0.1.23 -> v0.1.24
    Updating rustix v0.38.31 -> v0.38.42
    Updating rustls v0.23.11 -> v0.23.20
    Updating rustls-native-certs v0.8.0 -> v0.8.1
    Updating rustls-pemfile v2.1.2 -> v2.2.0
    Updating rustls-pki-types v1.7.0 -> v1.10.1
    Updating rustls-webpki v0.102.5 -> v0.102.8
    Updating rustversion v1.0.17 -> v1.0.19
    Updating ryu v1.0.17 -> v1.0.18
    Updating schannel v0.1.23 -> v0.1.27
    Removing security-framework v2.9.2
      Adding security-framework v2.11.1 (latest: v3.1.0)
      Adding security-framework v3.1.0
    Updating security-framework-sys v2.9.1 -> v2.13.0
    Updating semver v1.0.22 -> v1.0.24
    Updating serde v1.0.197 -> v1.0.217
    Updating serde_derive v1.0.197 -> v1.0.217
    Updating serde_json v1.0.114 -> v1.0.134
      Adding serde_spanned v0.6.8
    Updating signal-hook-mio v0.2.3 -> v0.2.4
    Updating signal-hook-registry v1.4.1 -> v1.4.2
    Updating simdutf8 v0.1.4 -> v0.1.5
    Updating smallvec v1.13.1 -> v1.13.2
    Updating socket2 v0.5.6 -> v0.5.8
    Removing spin v0.5.2
    Updating stringprep v0.1.4 -> v0.1.5
    Removing strsim v0.10.0
    Removing strsim v0.11.0
      Adding strsim v0.11.1
    Updating subtle v2.5.0 -> v2.6.1
    Updating syn v2.0.87 -> v2.0.94
    Removing syn_derive v0.1.8
      Adding target-triple v0.1.3
    Updating tempfile v3.10.1 -> v3.15.0
    Updating termtree v0.4.1 -> v0.5.1
    Removing thiserror v1.0.58
    Removing thiserror v2.0.0
      Adding thiserror v1.0.69 (latest: v2.0.9)
      Adding thiserror v2.0.9
    Removing thiserror-impl v1.0.58
    Removing thiserror-impl v2.0.0
      Adding thiserror-impl v1.0.69 (latest: v2.0.9)
      Adding thiserror-impl v2.0.9
    Updating time v0.3.36 -> v0.3.37
    Updating time-macros v0.2.18 -> v0.2.19
    Updating tinyvec v1.6.0 -> v1.8.1
    Updating tokio v1.36.0 -> v1.42.0
    Updating tokio-macros v2.2.0 -> v2.4.0
    Updating tokio-stream v0.1.14 -> v0.1.17
      Adding toml v0.8.19
    Updating toml_datetime v0.6.6 -> v0.6.8
    Updating toml_edit v0.21.1 -> v0.22.22
    Updating tower-layer v0.3.2 -> v0.3.3
    Updating tower-service v0.3.2 -> v0.3.3
    Updating tracing v0.1.40 -> v0.1.41
    Updating tracing-attributes v0.1.27 -> v0.1.28
    Updating tracing-core v0.1.32 -> v0.1.33
    Updating trybuild v1.0.89 -> v1.0.101
    Updating unicode-bidi v0.3.15 -> v0.3.18
    Updating unicode-ident v1.0.12 -> v1.0.14
    Updating unicode-normalization v0.1.23 -> v0.1.24
      Adding unicode-properties v0.1.3
    Updating unicode-segmentation v1.11.0 -> v1.12.0
    Removing unicode-width v0.1.13
      Adding unicode-width v0.1.14 (latest: v0.2.0)
      Adding unicode-width v0.2.0
    Updating url v2.5.3 -> v2.5.4
    Updating utf8parse v0.2.1 -> v0.2.2
    Updating uuid v1.7.0 -> v1.11.0
    Updating value-bag v1.8.0 -> v1.10.0
    Updating version_check v0.9.4 -> v0.9.5
    Updating waker-fn v1.1.1 -> v1.2.0
    Updating wasm-bindgen v0.2.92 -> v0.2.99
    Updating wasm-bindgen-backend v0.2.92 -> v0.2.99
    Updating wasm-bindgen-futures v0.4.42 -> v0.4.49
    Updating wasm-bindgen-macro v0.2.92 -> v0.2.99
    Updating wasm-bindgen-macro-support v0.2.92 -> v0.2.99
    Updating wasm-bindgen-shared v0.2.92 -> v0.2.99
    Updating web-sys v0.3.69 -> v0.3.76
    Updating webpki-roots v0.26.3 -> v0.26.7
    Updating whoami v1.5.1 -> v1.5.2
    Updating winapi-util v0.1.6 -> v0.1.9
      Adding windows-sys v0.59.0
    Updating windows-targets v0.52.4 -> v0.52.6
    Updating windows_aarch64_gnullvm v0.52.4 -> v0.52.6
    Updating windows_aarch64_msvc v0.52.4 -> v0.52.6
    Updating windows_i686_gnu v0.52.4 -> v0.52.6
      Adding windows_i686_gnullvm v0.52.6
    Updating windows_i686_msvc v0.52.4 -> v0.52.6
    Updating windows_x86_64_gnu v0.52.4 -> v0.52.6
    Updating windows_x86_64_gnullvm v0.52.4 -> v0.52.6
    Updating windows_x86_64_msvc v0.52.4 -> v0.52.6
    Updating winnow v0.5.40 -> v0.6.22
    Updating yoke v0.7.4 -> v0.7.5
    Updating yoke-derive v0.7.4 -> v0.7.5
    Updating zerocopy v0.7.32 -> v0.7.35 (latest: v0.8.14)
    Updating zerocopy-derive v0.7.32 -> v0.7.35 (latest: v0.8.14)
    Updating zerofrom v0.1.4 -> v0.1.5
    Updating zerofrom-derive v0.1.4 -> v0.1.5
    Updating zeroize v1.7.0 -> v1.8.1
    Removing zeroize_derive v1.4.2
note: pass `--verbose` to see 88 unchanged dependencies behind latest

Fixes the following cargo-audit feedback: ``` Crate: openssl Version: 0.10.64 Title: `MemBio::get_buf` has undefined behavior with empty buffers Date: 2024-07-21 ID: RUSTSEC-2024-0357 URL: https://rustsec.org/advisories/RUSTSEC-2024-0357 Solution: Upgrade to >=0.10.66 Dependency tree: openssl 0.10.64 ├── sqlx-cli 0.8.3 └── native-tls 0.2.11 └── sqlx-core 0.8.3 ├── sqlx-sqlite 0.8.3 │ ├── sqlx-macros-core 0.8.3 │ │ └── sqlx-macros 0.8.3 │ │ └── sqlx 0.8.3 │ │ ├── sqlx-test 0.1.0 │ │ │ └── sqlx 0.8.3 │ │ ├── sqlx-sqlite 0.8.3 │ │ ├── sqlx-postgres 0.8.3 │ │ │ ├── sqlx-macros-core 0.8.3 │ │ │ └── sqlx 0.8.3 │ │ ├── sqlx-mysql 0.8.3 │ │ │ ├── sqlx-macros-core 0.8.3 │ │ │ └── sqlx 0.8.3 │ │ ├── sqlx-example-sqlite-todos 0.1.0 │ │ ├── sqlx-example-postgres-transaction 0.1.0 │ │ ├── sqlx-example-postgres-todos 0.1.0 │ │ ├── sqlx-example-postgres-mockable-todos 0.1.0 │ │ ├── sqlx-example-postgres-listen 0.1.0 │ │ ├── sqlx-example-postgres-json 0.1.0 │ │ ├── sqlx-example-postgres-files 0.1.0 │ │ ├── sqlx-example-postgres-chat 0.1.0 │ │ ├── sqlx-example-postgres-axum-social 0.1.0 │ │ ├── sqlx-example-mysql-todos 0.1.0 │ │ ├── sqlx-core 0.8.3 │ │ └── sqlx-cli 0.8.3 │ └── sqlx 0.8.3 ├── sqlx-postgres 0.8.3 ├── sqlx-mysql 0.8.3 ├── sqlx-macros-core 0.8.3 ├── sqlx-macros 0.8.3 └── sqlx 0.8.3 Crate: futures-util Version: 0.3.30 Warning: yanked Dependency tree: futures-util 0.3.30 ├── tower-http 0.3.5 │ └── axum 0.5.17 │ └── sqlx-example-postgres-axum-social 0.1.0 ├── tower 0.4.13 │ ├── tower-http 0.3.5 │ ├── sqlx-example-postgres-axum-social 0.1.0 │ └── axum 0.5.17 ├── sqlx-sqlite 0.8.3 │ ├── sqlx-macros-core 0.8.3 │ │ └── sqlx-macros 0.8.3 │ │ └── sqlx 0.8.3 │ │ ├── sqlx-test 0.1.0 │ │ │ └── sqlx 0.8.3 │ │ ├── sqlx-sqlite 0.8.3 │ │ ├── sqlx-postgres 0.8.3 │ │ │ ├── sqlx-macros-core 0.8.3 │ │ │ └── sqlx 0.8.3 │ │ ├── sqlx-mysql 0.8.3 │ │ │ ├── sqlx-macros-core 0.8.3 │ │ │ └── sqlx 0.8.3 │ │ ├── sqlx-example-sqlite-todos 0.1.0 │ │ ├── sqlx-example-postgres-transaction 0.1.0 │ │ ├── sqlx-example-postgres-todos 0.1.0 │ │ ├── sqlx-example-postgres-mockable-todos 0.1.0 │ │ ├── sqlx-example-postgres-listen 0.1.0 │ │ ├── sqlx-example-postgres-json 0.1.0 │ │ ├── sqlx-example-postgres-files 0.1.0 │ │ ├── sqlx-example-postgres-chat 0.1.0 │ │ ├── sqlx-example-postgres-axum-social 0.1.0 │ │ ├── sqlx-example-mysql-todos 0.1.0 │ │ ├── sqlx-core 0.8.3 │ │ │ ├── sqlx-sqlite 0.8.3 │ │ │ ├── sqlx-postgres 0.8.3 │ │ │ ├── sqlx-mysql 0.8.3 │ │ │ ├── sqlx-macros-core 0.8.3 │ │ │ ├── sqlx-macros 0.8.3 │ │ │ └── sqlx 0.8.3 │ │ └── sqlx-cli 0.8.3 │ └── sqlx 0.8.3 ├── sqlx-postgres 0.8.3 ├── sqlx-mysql 0.8.3 ├── sqlx-core 0.8.3 ├── hyper 0.14.28 │ └── axum 0.5.17 ├── futures-executor 0.3.30 │ ├── sqlx-sqlite 0.8.3 │ └── futures 0.3.30 │ ├── sqlx-example-sqlite-todos 0.1.0 │ ├── sqlx-example-postgres-transaction 0.1.0 │ ├── sqlx-example-postgres-todos 0.1.0 │ ├── sqlx-example-postgres-mockable-todos 0.1.0 │ ├── sqlx-example-postgres-listen 0.1.0 │ ├── sqlx-example-postgres-json 0.1.0 │ ├── sqlx-example-postgres-chat 0.1.0 │ ├── sqlx-example-mysql-todos 0.1.0 │ ├── sqlx-cli 0.8.3 │ ├── sqlx 0.8.3 │ └── criterion 0.5.1 │ └── sqlx 0.8.3 ├── futures 0.3.30 ├── axum-core 0.2.9 │ └── axum 0.5.17 └── axum 0.5.17 Crate: url Version: 2.5.3 Warning: yanked Dependency tree: url 2.5.3 ├── validator 0.16.1 │ └── sqlx-example-postgres-axum-social 0.1.0 ├── sqlx-sqlite 0.8.3 │ ├── sqlx-macros-core 0.8.3 │ │ └── sqlx-macros 0.8.3 │ │ └── sqlx 0.8.3 │ │ ├── sqlx-test 0.1.0 │ │ │ └── sqlx 0.8.3 │ │ ├── sqlx-sqlite 0.8.3 │ │ ├── sqlx-postgres 0.8.3 │ │ │ ├── sqlx-macros-core 0.8.3 │ │ │ └── sqlx 0.8.3 │ │ ├── sqlx-mysql 0.8.3 │ │ │ ├── sqlx-macros-core 0.8.3 │ │ │ └── sqlx 0.8.3 │ │ ├── sqlx-example-sqlite-todos 0.1.0 │ │ ├── sqlx-example-postgres-transaction 0.1.0 │ │ ├── sqlx-example-postgres-todos 0.1.0 │ │ ├── sqlx-example-postgres-mockable-todos 0.1.0 │ │ ├── sqlx-example-postgres-listen 0.1.0 │ │ ├── sqlx-example-postgres-json 0.1.0 │ │ ├── sqlx-example-postgres-files 0.1.0 │ │ ├── sqlx-example-postgres-chat 0.1.0 │ │ ├── sqlx-example-postgres-axum-social 0.1.0 │ │ ├── sqlx-example-mysql-todos 0.1.0 │ │ ├── sqlx-core 0.8.3 │ │ │ ├── sqlx-sqlite 0.8.3 │ │ │ ├── sqlx-postgres 0.8.3 │ │ │ ├── sqlx-mysql 0.8.3 │ │ │ ├── sqlx-macros-core 0.8.3 │ │ │ ├── sqlx-macros 0.8.3 │ │ │ └── sqlx 0.8.3 │ │ └── sqlx-cli 0.8.3 │ └── sqlx 0.8.3 ├── sqlx-macros-core 0.8.3 ├── sqlx-core 0.8.3 └── sqlx 0.8.3 ``` Result of cargo update: ``` Updating crates.io index Updating addr2line v0.21.0 -> v0.24.2 Removing adler v1.0.2 Adding adler2 v2.0.0 Removing ahash v0.8.11 Updating aho-corasick v1.1.2 -> v1.1.3 Updating allocator-api2 v0.2.16 -> v0.2.21 Updating anstream v0.6.13 -> v0.6.18 Updating anstyle v1.0.6 -> v1.0.10 Updating anstyle-parse v0.2.3 -> v0.2.6 Updating anstyle-query v1.0.2 -> v1.1.2 Updating anstyle-wincon v3.0.2 -> v3.0.6 Updating anyhow v1.0.81 -> v1.0.95 Updating arrayvec v0.7.4 -> v0.7.6 Updating assert_cmd v2.0.14 -> v2.0.16 Updating async-channel v2.2.0 -> v2.3.1 Updating async-executor v1.8.0 -> v1.13.1 Updating async-io v2.3.2 -> v2.4.0 Updating async-lock v3.3.0 -> v3.4.0 Updating async-task v4.7.0 -> v4.7.1 Updating async-trait v0.1.77 -> v0.1.84 Updating autocfg v1.1.0 -> v1.4.0 Updating aws-lc-rs v1.8.0 -> v1.12.0 Updating aws-lc-sys v0.19.0 -> v0.24.1 Updating backtrace v0.3.69 -> v0.3.74 Updating base64 v0.22.0 -> v0.22.1 Removing basic-toml v0.1.9 Updating bigdecimal v0.4.3 -> v0.4.7 Updating bindgen v0.69.4 -> v0.69.5 (latest: v0.71.1) Updating bitflags v2.4.2 -> v2.6.0 Updating blocking v1.5.1 -> v1.6.1 Updating borsh v1.5.1 -> v1.5.3 Updating borsh-derive v1.5.1 -> v1.5.3 Updating bstr v1.9.1 -> v1.11.3 Updating bumpalo v3.15.4 -> v3.16.0 Updating bytes v1.5.0 -> v1.9.0 Updating camino v1.1.6 -> v1.1.9 Updating cargo-platform v0.1.7 -> v0.1.9 Updating cc v1.1.6 -> v1.2.7 Adding cfg_aliases v0.1.1 (latest: v0.2.1) Updating chrono v0.4.35 -> v0.4.39 Updating clap v4.5.2 -> v4.5.23 Updating clap_builder v4.5.2 -> v4.5.23 Updating clap_complete v4.5.1 -> v4.5.40 Updating clap_derive v4.5.0 -> v4.5.18 Updating clap_lex v0.7.0 -> v0.7.4 Updating cmake v0.1.50 -> v0.1.52 Updating colorchoice v1.0.0 -> v1.0.3 Updating concurrent-queue v2.4.0 -> v2.5.0 Updating console v0.15.8 -> v0.15.10 Adding core-foundation v0.10.0 Updating core-foundation-sys v0.8.6 -> v0.8.7 Updating cpufeatures v0.2.12 -> v0.2.16 Updating crc v3.0.1 -> v3.2.1 Updating crossbeam-deque v0.8.5 -> v0.8.6 Updating crossbeam-queue v0.3.11 -> v0.3.12 Updating crossbeam-utils v0.8.19 -> v0.8.21 Updating darling v0.20.8 -> v0.20.10 Updating darling_core v0.20.8 -> v0.20.10 Updating darling_macro v0.20.8 -> v0.20.10 Updating der v0.7.8 -> v0.7.9 Updating dunce v1.0.4 -> v1.0.5 Updating either v1.10.0 -> v1.13.0 Updating encode_unicode v0.3.6 -> v1.0.0 Updating env_filter v0.1.0 -> v0.1.3 Updating env_logger v0.11.3 -> v0.11.6 Updating errno v0.3.8 -> v0.3.10 Removing event-listener v4.0.3 Removing event-listener v5.2.0 Adding event-listener v5.3.1 Removing event-listener-strategy v0.4.0 Removing event-listener-strategy v0.5.0 Adding event-listener-strategy v0.5.3 Updating fastrand v2.0.1 -> v2.3.0 Updating filetime v0.2.23 -> v0.2.25 Removing finl_unicode v1.2.0 Updating flume v0.11.0 -> v0.11.1 Updating foldhash v0.1.3 -> v0.1.4 Updating futures v0.3.30 -> v0.3.31 Updating futures-channel v0.3.30 -> v0.3.31 Updating futures-core v0.3.30 -> v0.3.31 Updating futures-executor v0.3.30 -> v0.3.31 Updating futures-io v0.3.30 -> v0.3.31 Updating futures-lite v2.2.0 -> v2.5.0 Updating futures-macro v0.3.30 -> v0.3.31 Updating futures-sink v0.3.30 -> v0.3.31 Updating futures-task v0.3.30 -> v0.3.31 Updating futures-util v0.3.30 -> v0.3.31 Updating getrandom v0.2.12 -> v0.2.15 Updating gimli v0.28.1 -> v0.31.1 Updating glob v0.3.1 -> v0.3.2 Updating half v2.4.0 -> v2.4.1 Removing hashbrown v0.14.5 Adding hermit-abi v0.4.0 Updating httparse v1.8.0 -> v1.9.5 Updating hyper v0.14.28 -> v0.14.32 (latest: v1.5.2) Updating iana-time-zone v0.1.60 -> v0.1.61 Updating indexmap v2.2.5 -> v2.7.0 Updating instant v0.1.12 -> v0.1.13 Updating is-terminal v0.4.12 -> v0.4.13 Adding is_terminal_polyfill v1.70.1 Updating itoa v1.0.10 -> v1.0.14 Updating jobserver v0.1.31 -> v0.1.32 Updating js-sys v0.3.69 -> v0.3.76 Updating lazy_static v1.4.0 -> v1.5.0 Updating libc v0.2.153 -> v0.2.169 Updating libloading v0.8.4 -> v0.8.6 Updating libm v0.2.8 -> v0.2.11 Updating libredox v0.0.1 -> v0.1.3 Updating linux-raw-sys v0.4.13 -> v0.4.14 (latest: v0.6.5) Updating litemap v0.7.3 -> v0.7.4 Updating lock_api v0.4.11 -> v0.4.12 Updating log v0.4.21 -> v0.4.22 Updating lru v0.12.3 -> v0.12.5 Updating mac_address v1.1.5 -> v1.1.7 Updating memchr v2.7.1 -> v2.7.4 Adding memoffset v0.9.1 Updating miniz_oxide v0.7.2 -> v0.8.2 Adding mio v1.0.3 Removing mirai-annotations v1.12.0 Updating native-tls v0.2.11 -> v0.2.12 Adding nix v0.28.0 (latest: v0.29.0) Updating num-bigint v0.4.4 -> v0.4.6 Updating num-iter v0.1.44 -> v0.1.45 Updating num-traits v0.2.18 -> v0.2.19 Removing num_cpus v1.16.0 Updating object v0.32.2 -> v0.36.7 Updating once_cell v1.19.0 -> v1.20.2 Updating oorandom v11.1.3 -> v11.1.4 Updating openssl v0.10.64 -> v0.10.68 Updating openssl-src v300.2.3+3.2.1 -> v300.4.1+3.4.0 Updating openssl-sys v0.9.101 -> v0.9.104 Updating parking v2.2.0 -> v2.2.1 Updating parking_lot v0.12.1 -> v0.12.3 Updating parking_lot_core v0.9.9 -> v0.9.10 Updating paste v1.0.14 -> v1.0.15 Updating pin-project v1.1.5 -> v1.1.7 Updating pin-project-internal v1.1.5 -> v1.1.7 Updating pin-project-lite v0.2.13 -> v0.2.15 Updating piper v0.2.1 -> v0.2.4 Updating pkg-config v0.3.30 -> v0.3.31 Updating plotters v0.3.5 -> v0.3.7 Updating plotters-backend v0.3.5 -> v0.3.7 Updating plotters-svg v0.3.5 -> v0.3.7 Updating polling v3.5.0 -> v3.7.4 Updating ppv-lite86 v0.2.17 -> v0.2.20 Updating predicates v3.1.0 -> v3.1.3 Updating predicates-core v1.0.6 -> v1.0.9 Updating predicates-tree v1.0.9 -> v1.0.12 Updating prettyplease v0.2.17 -> v0.2.25 Updating proc-macro-crate v3.1.0 -> v3.2.0 Updating proc-macro2 v1.0.89 -> v1.0.92 Updating quote v1.0.35 -> v1.0.38 Updating rayon v1.9.0 -> v1.10.0 Updating redox_syscall v0.4.1 -> v0.5.8 Updating redox_users v0.4.4 -> v0.4.6 (latest: v0.5.0) Updating regex v1.10.3 -> v1.11.1 Updating regex-automata v0.4.6 -> v0.4.9 Updating regex-syntax v0.8.2 -> v0.8.5 Updating rkyv v0.7.44 -> v0.7.45 (latest: v0.8.9) Updating rkyv_derive v0.7.44 -> v0.7.45 (latest: v0.8.9) Updating rsa v0.9.6 -> v0.9.7 Updating rust_decimal v1.34.3 -> v1.36.0 Updating rustc-demangle v0.1.23 -> v0.1.24 Updating rustix v0.38.31 -> v0.38.42 Updating rustls v0.23.11 -> v0.23.20 Updating rustls-native-certs v0.8.0 -> v0.8.1 Updating rustls-pemfile v2.1.2 -> v2.2.0 Updating rustls-pki-types v1.7.0 -> v1.10.1 Updating rustls-webpki v0.102.5 -> v0.102.8 Updating rustversion v1.0.17 -> v1.0.19 Updating ryu v1.0.17 -> v1.0.18 Updating schannel v0.1.23 -> v0.1.27 Removing security-framework v2.9.2 Adding security-framework v2.11.1 (latest: v3.1.0) Adding security-framework v3.1.0 Updating security-framework-sys v2.9.1 -> v2.13.0 Updating semver v1.0.22 -> v1.0.24 Updating serde v1.0.197 -> v1.0.217 Updating serde_derive v1.0.197 -> v1.0.217 Updating serde_json v1.0.114 -> v1.0.134 Adding serde_spanned v0.6.8 Updating signal-hook-mio v0.2.3 -> v0.2.4 Updating signal-hook-registry v1.4.1 -> v1.4.2 Updating simdutf8 v0.1.4 -> v0.1.5 Updating smallvec v1.13.1 -> v1.13.2 Updating socket2 v0.5.6 -> v0.5.8 Removing spin v0.5.2 Updating stringprep v0.1.4 -> v0.1.5 Removing strsim v0.10.0 Removing strsim v0.11.0 Adding strsim v0.11.1 Updating subtle v2.5.0 -> v2.6.1 Updating syn v2.0.87 -> v2.0.94 Removing syn_derive v0.1.8 Adding target-triple v0.1.3 Updating tempfile v3.10.1 -> v3.15.0 Updating termtree v0.4.1 -> v0.5.1 Removing thiserror v1.0.58 Removing thiserror v2.0.0 Adding thiserror v1.0.69 (latest: v2.0.9) Adding thiserror v2.0.9 Removing thiserror-impl v1.0.58 Removing thiserror-impl v2.0.0 Adding thiserror-impl v1.0.69 (latest: v2.0.9) Adding thiserror-impl v2.0.9 Updating time v0.3.36 -> v0.3.37 Updating time-macros v0.2.18 -> v0.2.19 Updating tinyvec v1.6.0 -> v1.8.1 Updating tokio v1.36.0 -> v1.42.0 Updating tokio-macros v2.2.0 -> v2.4.0 Updating tokio-stream v0.1.14 -> v0.1.17 Adding toml v0.8.19 Updating toml_datetime v0.6.6 -> v0.6.8 Updating toml_edit v0.21.1 -> v0.22.22 Updating tower-layer v0.3.2 -> v0.3.3 Updating tower-service v0.3.2 -> v0.3.3 Updating tracing v0.1.40 -> v0.1.41 Updating tracing-attributes v0.1.27 -> v0.1.28 Updating tracing-core v0.1.32 -> v0.1.33 Updating trybuild v1.0.89 -> v1.0.101 Updating unicode-bidi v0.3.15 -> v0.3.18 Updating unicode-ident v1.0.12 -> v1.0.14 Updating unicode-normalization v0.1.23 -> v0.1.24 Adding unicode-properties v0.1.3 Updating unicode-segmentation v1.11.0 -> v1.12.0 Removing unicode-width v0.1.13 Adding unicode-width v0.1.14 (latest: v0.2.0) Adding unicode-width v0.2.0 Updating url v2.5.3 -> v2.5.4 Updating utf8parse v0.2.1 -> v0.2.2 Updating uuid v1.7.0 -> v1.11.0 Updating value-bag v1.8.0 -> v1.10.0 Updating version_check v0.9.4 -> v0.9.5 Updating waker-fn v1.1.1 -> v1.2.0 Updating wasm-bindgen v0.2.92 -> v0.2.99 Updating wasm-bindgen-backend v0.2.92 -> v0.2.99 Updating wasm-bindgen-futures v0.4.42 -> v0.4.49 Updating wasm-bindgen-macro v0.2.92 -> v0.2.99 Updating wasm-bindgen-macro-support v0.2.92 -> v0.2.99 Updating wasm-bindgen-shared v0.2.92 -> v0.2.99 Updating web-sys v0.3.69 -> v0.3.76 Updating webpki-roots v0.26.3 -> v0.26.7 Updating whoami v1.5.1 -> v1.5.2 Updating winapi-util v0.1.6 -> v0.1.9 Adding windows-sys v0.59.0 Updating windows-targets v0.52.4 -> v0.52.6 Updating windows_aarch64_gnullvm v0.52.4 -> v0.52.6 Updating windows_aarch64_msvc v0.52.4 -> v0.52.6 Updating windows_i686_gnu v0.52.4 -> v0.52.6 Adding windows_i686_gnullvm v0.52.6 Updating windows_i686_msvc v0.52.4 -> v0.52.6 Updating windows_x86_64_gnu v0.52.4 -> v0.52.6 Updating windows_x86_64_gnullvm v0.52.4 -> v0.52.6 Updating windows_x86_64_msvc v0.52.4 -> v0.52.6 Updating winnow v0.5.40 -> v0.6.22 Updating yoke v0.7.4 -> v0.7.5 Updating yoke-derive v0.7.4 -> v0.7.5 Updating zerocopy v0.7.32 -> v0.7.35 (latest: v0.8.14) Updating zerocopy-derive v0.7.32 -> v0.7.35 (latest: v0.8.14) Updating zerofrom v0.1.4 -> v0.1.5 Updating zerofrom-derive v0.1.4 -> v0.1.5 Updating zeroize v1.7.0 -> v1.8.1 Removing zeroize_derive v1.4.2 note: pass `--verbose` to see 88 unchanged dependencies behind latest ```

paolobarbolini force-pushed the bump-dependencies branch from 8f93bd0 to fb53869 Compare January 4, 2025 17:05

paolobarbolini mentioned this pull request Jan 6, 2025

refactor(cli): replace promptly with dialoguer #3669

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump semver compatible dependencies #3665

build(deps): bump semver compatible dependencies #3665

paolobarbolini commented Jan 4, 2025 •

edited

Loading

build(deps): bump semver compatible dependencies #3665

Are you sure you want to change the base?

build(deps): bump semver compatible dependencies #3665

Conversation

paolobarbolini commented Jan 4, 2025 • edited Loading

paolobarbolini commented Jan 4, 2025 •

edited

Loading