Skip to content

build(deps): bump the cargo group across 1 directory with 3 updates#2273

Merged
kixelated merged 2 commits into
mainfrom
dependabot/cargo/cargo-32dda4e0fb
Jul 18, 2026
Merged

build(deps): bump the cargo group across 1 directory with 3 updates#2273
kixelated merged 2 commits into
mainfrom
dependabot/cargo/cargo-32dda4e0fb

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor

Compatibility fixes

  • Migrates EC key generation to the elliptic-curve 0.14 SEC1 APIs.
  • Removes redundant backend match patterns rejected by Rust 1.97 Clippy.
  • No public API changes.

The dependency bump changed the elliptic-curve array re-export and renamed its SEC1 traits and methods, so moq-token no longer compiled against p256 and p384 0.14.

Test plan

  • cargo test -p moq-token: 99 passed.
  • Rust compile, Clippy, dependency policy, and rustdoc CI phases passed.
  • The all-features nextest run passed 1,676 tests before an unrelated SRT timeout under full load; that test passed individually on rerun.
  • Nix flake, Markdown, shell, TOML, Nix, justfile, and workflow checks passed.

(Written by GPT-5)


Bumps the cargo group with 3 updates in the / directory: uniffi, p256 and p384.

Updates uniffi from 0.31.2 to 0.32.0

Changelog

Sourced from uniffi's changelog.

v0.32.0 (backend crates: v0.32.0) - (2026-06-30)

⚠️ Breaking Changes ⚠️

  • Kotlin and Python now fail to generate bindings when there are async primary constructors. Previously these languages skipped the constructor in this case or generated a constructor that always threw. You can get similar behavior by adding the primary constructor to the uniffi.toml excludes list in uniffi.toml (e.g. `excludes = ["MyObject.new"])
  • Ruby: Force named parameters for enum constructors (#2880)
  • The --config flag now expects a global config file rather than a flat uniffi.toml-style override. Old-style files will produce a warning and be ignored. See #2866
  • [ByRef] bytes UDL arguments now map to &[u8] on the Rust side instead of &Vec<u8>. UDL-defined functions whose Rust implementations take &Vec<u8> must change to &[u8]. Proc-macro signatures (fn foo(x: &[u8])) are unchanged. On the Kotlin side, call sites must now pass a direct java.nio.ByteBuffer rather than ByteArray; migrate with ByteBuffer.allocateDirect(arr.size).put(arr).flip(). Swift (Data) and Python (bytes) call sites are unchanged. (#2878)
  • Reworked the experimental pipeline bindgen code. Any external binding generators using this will need to be reworked as well. See #2787 for examples of how this can be done.

⚠️ Breaking Changes for external bindings authors ⚠️

  • The signature for CrateConfigSupplier::from_cargo_metadata_command has changed. It now inputs a MetadataCommand instance and a CargoMetadataOptions rather than just a no_deps flag.

What's Fixed

  • Fixed bug that sometimes prevented renaming items inside a submodule #2792
  • Exempted UniFfiTag from clippy::exhaustive_structs since downstream projects may depend on it #2809
  • Fixed compile errors when exporting ambiguous method names #2937
  • Ruby: Code for all kinds of enums and custom types is now correctly generated #2880 and #2891

⚠️ Breaking Changes for external bindings authors ⚠️

  • There's a new GlobalConfig struct for managing config. It replaces BindgenPathsLayer::get_config() method which has been removed. See #2866.
  • [ByRef] bytes arguments now travel across the FFI as a ForeignBytes (pointer + length) value rather than a RustBuffer. External bindings need to accept the foreign-language byte buffer at the call site and lower it to ForeignBytes for the duration of the call (no copy). (#2878)

What's New?

  • Global config file support via --config. See the docs.

  • Traits can now be exported with #[uniffi::export(foreign)] for foreign-only implementations, or #[uniffi::export(rust, foreign)] for both Rust and foreign implementations. The with_foreign flag is deprecated in favor of rust, foreign.

  • Recursive enums are now supported. UniFFI automatically detects when enum and record types participate in cycles — self-referential, mutually recursive, or cycling through a record — and generates appropriate bindings: indirect in Swift, forward references in Python (#2834).

  • Box<T> now automatically implements FFI traits when T implements them, allowing direct use in enum variants and function parameters without NewType wrappers (#2808)

  • Record fields can now be renamed with the proc-macro name = "new_field_name" attribute (#2794)

  • Items can be excluded from the generated bindings using uniffi.toml.

  • Added mutable_records configuration option to allow specific records to remain mutable even when generate_immutable_records is enabled (Kotlin and Swift).

  • Kotlin objects now have an uniffiIsDestroyed property that returns true if the Rust reference no longer exists (#2825)

  • Updated askama version to 0.15.6

  • Custom Types can have docstrings in some languages (#2853)

  • Ruby: Expose standard Rust traits for generated ruby code (#2883)

  • Ruby: Add support for sync foreign traits (#2916)

  • Ruby: Add async support (#2923)

  • Added zero-copy transfer of &[u8] / [ByRef] bytes arguments from foreign code to Rust. Kotlin (java.nio.ByteBuffer, must be direct), Swift (Data), and Python (bytes-like, buffer protocol) pass byte buffers as pointer + length (ForeignBytes) rather than copying through RustBuffer. Not yet supported on Ruby, and not yet supported in async functions on any language (#2878).

  • #[uniffi::export(async_runtime = "tokio")] can now be applied to trait exports, wrapping each method's FFI scaffolding future in async_compat::Compat the same way it does for inherent impls and free functions (#2899).

  • Added support for using HashSet with proc-macros

... (truncated)

Commits

Updates p256 from 0.13.2 to 0.14.0

Commits

Updates p384 from 0.13.1 to 0.14.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the cargo group with 3 updates in the / directory: [uniffi](https://github.com/mozilla/uniffi-rs), [p256](https://github.com/RustCrypto/elliptic-curves) and [p384](https://github.com/RustCrypto/elliptic-curves).


Updates `uniffi` from 0.31.2 to 0.32.0
- [Changelog](https://github.com/mozilla/uniffi-rs/blob/main/CHANGELOG.md)
- [Commits](mozilla/uniffi-rs@v0.31.2...v0.32.0)

Updates `p256` from 0.13.2 to 0.14.0
- [Commits](RustCrypto/elliptic-curves@p256/v0.13.2...p256/v0.14.0)

Updates `p384` from 0.13.1 to 0.14.0
- [Commits](RustCrypto/elliptic-curves@sm2/v0.13.1...p384/v0.14.0)

---
updated-dependencies:
- dependency-name: uniffi
  dependency-version: 0.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: p256
  dependency-version: 0.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: p384
  dependency-version: 0.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jul 15, 2026

@sourcery-ai sourcery-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry @dependabot[bot], you have reached your weekly rate limit of 500000 diff characters.

Please try again later or upgrade to continue using Sourcery

Migrate elliptic-curve key generation to the 0.14 SEC1 APIs and remove redundant backend patterns rejected by Rust 1.97 Clippy.

Co-Authored-By: GPT-5 <noreply@openai.com>
@kixelated
kixelated merged commit 4302c04 into main Jul 18, 2026
2 checks passed
@kixelated
kixelated deleted the dependabot/cargo/cargo-32dda4e0fb branch July 18, 2026 12:20
This was referenced Jul 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant