Skip to content

fix(deps): update rust dependencies#202

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/rust-dependencies
Open

fix(deps): update rust dependencies#202
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/rust-dependencies

Conversation

@renovate

@renovate renovate Bot commented Jan 12, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change
anyhow build-dependencies patch 1.0.1001.0.103
axum dependencies patch 0.8.80.8.9
axum-tracing-opentelemetry (source) dependencies minor 0.32.10.38.0
config dependencies patch 0.15.190.15.25
futures (source) dev-dependencies patch 0.3.310.3.33
futures (source) dependencies patch 0.3.310.3.33
gcp_auth dependencies patch 0.12.60.12.7
opentelemetry (source) dependencies minor 0.31.00.32.0
opentelemetry-prometheus (source) dependencies minor 0.310.32
regex dev-dependencies minor 1.12.21.13.1
rust-telemetry dependencies minor 1.2.01.3.0
serde_json dependencies patch 1.0.1491.0.150
tokio (source) dependencies minor 1.49.01.53.0
tower dev-dependencies patch 0.5.20.5.3
tower dependencies patch 0.5.20.5.3
tower-http dependencies minor 0.6.60.7.0
tracing-subscriber (source) dependencies patch 0.3.220.3.23

Release Notes

dtolnay/anyhow (anyhow)

v1.0.103

Compare Source

  • Fix Stacked Borrows violation (UB) in Error::downcast_mut (#​451, #​452)

v1.0.102

Compare Source

v1.0.101

Compare Source

tokio-rs/axum (axum)

v0.8.9

Compare Source

  • added: WebSocketUpgrade::{requested_protocols, set_selected_protocol} for more flexible subprotocol selection (#​3597)
  • changed: Update minimum rust version to 1.80 (#​3620)
  • fixed: Set connect endpoint on correct field in MethodRouter (#​3656)
  • fixed: Return specific error message when multipart body limit is exceeded (#​3611)
davidB/tracing-opentelemetry-instrumentation-sdk (axum-tracing-opentelemetry)

v0.38.0

Compare Source

v0.33.1

Compare Source

v0.33.0

Compare Source

v0.32.3

Compare Source

rust-cli/config-rs (config)

v0.15.25

Compare Source

Fixes
  • (ron) Support u64, and not just i64

v0.15.24

Compare Source

Fixes
  • (json) Support u64, and not just i64

v0.15.23

Compare Source

Fixes
  • Environment::convert_case: correctly apply casing to each key segment

v0.15.22

Compare Source

Documentation
  • Polish examples
Internal
  • Update winnow

v0.15.21

Compare Source

Compatibility
  • Bump MSRV to 1.85

v0.15.20

Compare Source

Fixes
  • Serialize the full u64 range
Internal
  • (toml) Update to 1.0
rust-lang/futures-rs (futures)

v0.3.33

  • Fix ReadLine's soundness issue regarding to exception safety. (#​3020)
  • Fix unsound Send impl for IterPinRef and Iter. (#​3003)
  • Fix stacked borrows violation in compat01as03 implementation. (#​3012)
  • Fix memory leak in FuturesUnordered::IntoIter. (#​3005)
  • Add portable-atomic-alloc feature and use it in FuturesUnordered. (#​3007)
  • Re-export alloc::task::Wake. (#​3010)
  • Update spin to 0.12. (#​3014)

v0.3.32

Compare Source

  • Bump MSRV of utility crates to 1.71. (#​2989)
  • Soft-deprecate ready! macro in favor of std::task::ready! added in Rust 1.64 (#​2925)
  • Soft-deprecate pin_mut! macro in favor of std::pin::pin! added in Rust 1.68 (#​2929)
  • Add FuturesOrdered::clear (#​2927)
  • Add mpsc::*Receiver::recv (#​2947)
  • Add mpsc::*Receiver::try_recv and deprecate mpsc::*Receiver::::try_next (#​2944)
  • Implement FusedStream for sink::With (#​2948)
  • Add no_std support for shared (#​2868)
  • Make Mutex::new() const (#​2956)
  • Add #[clippy::has_significant_drop] to guards (#​2967)
  • Remove dependency to pin-utils (#​2929)
  • Remove dependency on num_cpus (#​2946)
  • Performance improvements (#​2983)
  • Documentation improvements (#​2925, #​2926, #​2940, #​2971)
djc/gcp_auth (gcp_auth)

v0.12.7

Compare Source

What's Changed

open-telemetry/opentelemetry-rust (opentelemetry)

v0.32.0

Compare Source

Released 2026-May-08

  • Added BoundCounter<T> and BoundHistogram<T> types that cache resolved
    aggregator references for a fixed attribute set. Created via Counter::bind()
    and Histogram::bind(), bound instruments bypass per-call attribute lookup,
    providing significant performance improvements for hot paths where the same
    attributes are used repeatedly. Both types implement Clone so a single bound
    state can be shared across threads or modules without re-binding. Also adds
    the SyncInstrument::bind() trait method and BoundSyncInstrument<T> trait
    for SDK implementors; the trait method has a no-op default so custom
    SyncInstrument impls degrade gracefully without panicking. Gated behind the
    experimental_metrics_bound_instruments feature flag.
  • Add reserve method to opentelemetry::propagation::Injector to hint at the number of elements that will be added to avoid multiple resize operations of the underlying data structure. Has an empty default implementation.
  • Breaking Removed the following public fields and methods from the SpanBuilder #​3227:
    • trace_id, span_id, end_time, status, sampling_result
    • with_trace_id, with_span_id, with_end_time, with_status, with_sampling_result
  • Added #[must_use] attribute to opentelemetry::metrics::AsyncInstrumentBuilder to add compile time warning when .build() is not called on observable instrument builders, preventing silent failures where callbacks are never registered and metrics are never reported.
  • Breaking Moved the following SDK sampling types from opentelemetry::trace to opentelemetry_sdk::trace #​3277:
    • SamplingDecision, SamplingResult
    • These types are SDK implementation details and should be imported from opentelemetry_sdk::trace instead.
  • "spec_unstable_logs_enabled" feature flag is removed. The capability (and the
    backing specification) is now stable and is enabled by default.
    3278
  • Remove the empty "message" field from tracing events emitted via the internal-logs feature
  • Fix panic when calling Context::current() from Drop implementations triggered by ContextGuard cleanup (#​3262).
open-telemetry/opentelemetry-rust (opentelemetry-prometheus)

v0.32.0

Compare Source

Released 2026-May-08

  • Un-deprecate opentelemetry-prometheus and remove stale discontinuation notices. #​3288
  • Set MSRV to 1.81.0 to match the prometheus dependency requirement.
rust-lang/regex (regex)

v1.13.1

Compare Source

===================
This is a release that fixes a bug where incorrect regex match offsets could be
reported. Note that this doesn't impact whether a match occurs or not, just
where it occurs. The match offsets are still valid for slicing, they just may
not refer to the correct leftmost-first match. See
#​1364 for (many) more details.

Bug fixes:

  • #​1354:
    Fixes previously unsound reverse suffix and inner optimizations.

v1.13.0

Compare Source

===================
This release includes a new API, a regex! macro, for lazy compilation of
a regex from a string literal. If you use regexes a lot, it's likely you've
already written one exactly like it. The new macro can be used like this:

use regex::regex;

fn is_match(line: &str) -> bool {
    // The regex will be compiled approximately once and reused automatically.
    // This avoids the footgun of using `Regex::new` here, which would
    // guarantee that it would be compiled every time this routine is called.
    // This would likely make this routine much slower than it needs to be.
    regex!(r"bar|baz").is_match(line)
}

let hay = "\
path/to/foo:54:Blue Harvest
path/to/bar:90:Something, Something, Something, Dark Side
path/to/baz:3:It's a Trap!
";

let matches = hay.lines().filter(|line| is_match(line)).count();
assert_eq!(matches, 2);

Improvements:

  • #​709:
    Add a new regex! macro for efficient and automatic reuse of a compiled regex.

v1.12.4

Compare Source

===================
This release includes a performance optimization for compilation of regexes
with very large character classes.

Improvements:

  • #​1308:
    Avoid re-canonicalizing the entire interval set when pushing new class ranges.

v1.12.3

Compare Source

===================
This release excludes some unnecessary things from the archive published to
crates.io. Specifically, fuzzing data and various shell scripts are now
excluded. If you run into problems, please file an issue.

Improvements:

  • #​1319:
    Switch from a Cargo exclude list to an include list, and exclude some
    unnecessary stuff.
famedly/rust-telemetry (rust-telemetry)

v1.3.0

Compare Source

Miscellaneous Tasks
  • Bump reqwest and famedly_rust_utils
serde-rs/json (serde_json)

v1.0.150

Compare Source

tokio-rs/tokio (tokio)

v1.53.0: Tokio v1.53.0

Compare Source

1.53.0 (July 17th, 2026)

Added
  • fs: implement From<OwnedFd> and From<OwnedHandle> for File (#​8266)
  • metrics: add task schedule latency metric (#​7986)
  • net: add SocketAddr methods to Unix sockets (#​8144)
Changed
  • io: add #[inline] to IO trait impls for in-memory types (#​8242)
  • net: implement UCred::pid on FreeBSD (#​8086)
  • net: support Nuttx target os (#​8259)
  • signal: refactor global variables on Windows (#​8231)
  • sync: mpsc::{Receiver,UnboundedReceiver} now drops waker on drop, even if there are still senders (#​8095)
  • taskdump: support taskdumps on s390x (#​8192)
  • time: add #[track_caller] to timeout_at() (#​8077)
  • time: consolidate mutex locks on spurious poll (#​8124)
  • time: defer waker clone on spurious poll (#​8107)
  • time: move lazy-registration state into Sleep (#​8132)
  • tracing: remove unnecessary span clone (#​8126)
Fixed
  • io: do not treat zero-length reads as EOF in Chain (#​8251)
  • net: use getpeereid for QNX peer credentials (#​8270)
  • runtime: avoid illegal state in FastRand (#​8078)
  • sync: wake mpsc receiver when a queued reserve[_many] returns permits (#​8260)
  • taskdump: skip double wake on Trace::capture/Trace::trace_with (#​8043)
  • time: avoid stack overflow in runtime constructor (#​8093)
  • time (alt timer): ensure timers stay in the same runtime after .reset() (#​8169)
IO uring (unstable)
  • fs: use io-uring for fs::try_exists (#​8080)
  • fs: use io-uring for renaming files (#​7800)
  • rt: flush io-uring CQE in case of CQE overflow (#​8277)
Documented
  • docs: clarify cancel safety wording (#​8181)
  • fs: clarify create_dir_all succeeds if path exists (#​8149)
  • io: add warning about stdout reordering with multiple handles (#​8276)
  • net: document pipe try_read*/try_write* readiness behavior (#​8032)
  • runtime: document interaction with fork() (#​8202)
  • sync: clarify broadcast lagging semantics (#​8239)
  • sync: document memory ordering guarantees for Semaphore (#​8119)
  • task: explain why yield_now defers its waker (#​8254)
  • time: add panic docs to timeout_at() (#​8077)
  • time: fix reversed poll order in timeout doc (#​8214)

v1.52.4: Tokio v1.52.4

Compare Source

1.52.4 (July 16th, 2026)

Fixed
  • runtime: don't skip the driver when before_park schedules work (#​8222)
Fixed (unstable)
  • taskdump: remove crate disambiguators from output (#​8264)

v1.52.3: Tokio v1.52.3

Compare Source

1.52.3 (May 8th, 2026)

Fixed
  • sync: fix underflow in mpsc channel len() (#​8062)
  • sync: notify receivers in mpsc OwnedPermit::release() method (#​8075)
  • sync: require that an RwLock has max_readers != 0 (#​8076)
  • sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#​8074)

v1.52.2: Tokio v1.52.2

Compare Source

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#​7431), due to its performance impact. (#​8100)

v1.52.1: Tokio v1.52.1

Compare Source

1.52.1 (April 16th, 2026)

Fixed

v1.52.0: Tokio v1.52.0

Compare Source

1.52.0 (April 14th, 2026)

Added

  • io: AioSource::register_borrowed for I/O safety support (#​7992)
  • net: add try_io function to unix::pipe sender and receiver types (#​8030)

Added (unstable)

  • runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#​8010)
  • taskdump: add trace_with() for customized task dumps (#​8025)
  • taskdump: allow impl FnMut() in trace_with instead of just fn() (#​8040)
  • fs: support io_uring in AsyncRead for File (#​7907)

Changed

  • runtime: improve spawn_blocking scalability with sharded queue (#​7757)
  • runtime: use compare_exchange_weak() in worker queue (#​8028)

Fixed

  • runtime: overflow second half of tasks when local queue is filled instead of first half (#​8029)

Documented

  • docs: fix typo in oneshot::Sender::send docs (#​8026)
  • docs: hide #[tokio::main] attribute in the docs of sync::watch (#​8035)
  • net: add docs on ConnectionRefused errors with UDP sockets (#​7870)

v1.51.4: Tokio v1.51.4

Compare Source

1.51.4 (July 16th, 2026)

Fixed
  • runtime: don't skip the driver when before_park schedules work (#​8222)

v1.51.3: Tokio v1.51.3

Compare Source

1.51.3 (May 8th, 2026)

Fixed
  • sync: fix underflow in mpsc channel len() (#​8062)
  • sync: notify receivers in mpsc OwnedPermit::release() method (#​8075)
  • sync: require that an RwLock has max_readers != 0 (#​8076)
  • sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#​8074)

v1.51.2: Tokio v1.51.1

Compare Source

1.51.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#​7431), due to its performance impact. (#​8100)

v1.51.1: Tokio v1.51.1

Compare Source

1.51.1 (April 8th, 2026)
Fixed
  • sync: fix semaphore reopens after forget (#​8021)
  • net: surface errors from SO_ERROR on recv for UDP sockets on Linux (#​8001)
Fixed (unstable)
  • metrics: fix worker_local_schedule_count test (#​8008)
  • rt: do not leak fd when cancelling io_uring open operation (#​7983)

v1.51.0: Tokio v1.51.0

Compare Source

1.51.0 (April 3rd, 2026)
Added
  • net: implement get_peer_cred on Hurd (#​7989)
  • runtime: add tokio::runtime::worker_index() (#​7921)
  • runtime: add runtime name (#​7924)
  • runtime: stabilize LocalRuntime (#​7557)
  • wasm: add wasm32-wasip2 networking support (#​7933)
Changed
  • runtime: steal tasks from the LIFO slot (#​7431)
Fixed
  • docs: do not show "Available on non-loom only." doc label (#​7977)
  • macros: improve overall macro hygiene (#​7997)
  • sync: fix notify_waiters priority in Notify (#​7996)
  • sync: fix panic in Chan::recv_many when called with non-empty vector on closed channel (#​7991)

v1.50.0: Tokio v1.50.0

Compare Source

1.50.0 (Mar 3rd, 2026)
Added
  • net: add TcpStream::set_zero_linger (#​7837)
  • rt: add is_rt_shutdown_err (#​7771)
Changed
  • io: add optimizer hint that memchr returns in-bounds pointer (#​7792)
  • io: implement vectored writes for write_buf (#​7871)
  • runtime: panic when event_interval is set to 0 (#​7838)
  • runtime: shorten default thread name to fit in Linux limit (#​7880)
  • signal: remember the result of SetConsoleCtrlHandler (#​7833)
  • signal: specialize windows Registry (#​7885)
Fixed
  • io: always cleanup AsyncFd registration list on deregister (#​7773)
  • macros: remove (most) local use declarations in tokio::select! (#​7929)
  • net: fix GET_BUF_SIZE constant for target_os = "android" (#​7889)
  • runtime: avoid redundant unpark in current_thread scheduler (#​7834)
  • runtime: don't park in current_thread if before_park defers waker (#​7835)
  • io: fix write readiness on ESP32 on short writes (#​7872)
  • runtime: wake deferred tasks before entering block_in_place (#​7879)
  • sync: drop rx waker when oneshot receiver is dropped (#​7886)
  • runtime: fix double increment of num_idle_threads on shutdown (#​7910, #​7918, #​7922)
Unstable
  • fs: check for io-uring opcode support (#​7815)
  • runtime: avoid lock acquisition after uring init (#​7850)
Documented
  • docs: update outdated unstable features section (#​7839)
  • io: clarify the behavior of AsyncWriteExt::shutdown() (#​7908)
  • io: explain how to flush stdout/stderr (#​7904)
  • io: fix incorrect and confusing AsyncWrite documentation (#​7875)
  • rt: clarify the documentation of Runtime::spawn (#​7803)
  • rt: fix missing quotation in docs (#​7925)
  • runtime: correct the default thread name in docs (#​7896)
  • runtime: fix event_interval doc (#​7932)
  • sync: clarify RwLock fairness documentation (#​7919)
  • sync: clarify that recv returns None once closed and no more messages (#​7920)
  • task: clarify when to use spawn_blocking vs dedicated threads (#​7923)
  • task: doc that task drops before JoinHandle completion (#​7825)
  • signal: guarantee that listeners never return None (#​7869)
  • task: fix task module feature flags in docs (#​7891)
  • task: fix two typos (#​7913)
  • task: improve the docs of Builder::spawn_local (#​7828)
  • time: add docs about auto-advance and when to use sleep (#​7858)
  • util: fix typo in docs (#​7926)
tower-rs/tower (tower)

v0.5.3: tower 0.5.3

Compare Source

Added
  • builder: Add ServiceBuilder::boxed_clone_sync() helper (#​804)
Fixed
  • retry: Check that supplied jitter is not NaN (#​843)
tower-rs/tower-http (tower-http)

v0.7.0

Compare Source

Changes since 0.6.11

Added

  • csrf: add cross-site request forgery (CSRF) protection middleware, porting the cross-origin protection scheme introduced in Go 1.25 (#​699)

    use tower::ServiceBuilder;
    use tower_http::csrf::CsrfLayer;
    
    // Rejects cross-origin state-changing requests using `Sec-Fetch-Site`,
    // an `Origin` allow-list, and an `Origin`/`Host` fallback. No per-request
    // token state required.
    let layer = CsrfLayer::new().add_trusted_origin("https://example.com")?;
    
    let service = ServiceBuilder::new().layer(layer).service_fn(handler);
  • timeout: add DeadlineBody for non-resetting body timeouts, applied via the new RequestBodyDeadlineLayer and ResponseBodyDeadlineLayer (#​688)

    Unlike TimeoutBody, which resets its deadline on every frame, DeadlineBody caps the total time of a body transfer. A slow client trickling one byte at a time never trips an idle timeout but will trip a deadline.

    use std::time::Duration;
    use tower::ServiceBuilder;
    use tower_http::timeout::RequestBodyDeadlineLayer;
    
    // Abort the request body transfer after 30s total, regardless of how
    // frequently data arrives.
    let service = ServiceBuilder::new()
        .layer(RequestBodyDeadlineLayer::new(Duration::from_secs(30)))
        .service_fn(handler);
  • fs: add strong ETag support to ServeDir, including If-Match and If-None-Match precondition handling per RFC 9110. 304 Not Modified responses now carry the ETag and Last-Modified validators (#​691)

  • fs: add a Backend trait to make ServeDir work with non-filesystem sources (e.g. embedded assets or object storage). The default TokioBackend preserves existing behavior. Use ServeDir::with_backend() to plug in custom implementations (#​684)

    use tower_http::services::fs::ServeDir;
    
    // `MyBackend` implements `tower_http::services::fs::Backend`.
    // The default `ServeDir::new()` continues to use `TokioBackend` (local FS).
    let service = ServeDir::with_backend("assets", MyBackend::new());
  • fs: add html_as_default_extension option to ServeDir, appending .html when the request path has no extension (#​519)

  • fs: add redirect_path_prefix option to ServeDir, prepending a prefix on trailing-slash redirects so the service can be mounted under a sub-path (#​486)

  • validate-request: add ValidateRequestHeaderLayer::has_header_value() to reject requests when a header does not have an expected value (#​360)

  • body: UnsyncBoxBody::new() constructor and From<ServeFileSystemResponseBody> conversion to avoid double-boxing when combining ServeDir responses with other body types (#​537)

  • limit: implement Default for limit::ResponseBody when the wrapped body also implements Default (#​679)

Changed

  • breaking: compression: the middleware now handles the * wildcard and identity;q=0 in Accept-Encoding per RFC 9110 §12.5.3. Requests that previously fell back to identity (e.g. *;q=0 or identity;q=0 with no other acceptable encoding) now receive a 406 Not Acceptable response. Clients that explicitly reject all encodings without listing an alternative will see different behavior. (#​693)

  • breaking: compression: upgrade the SizeAbove predicate threshold from u16 to u64, allowing minimum sizes above 64 KiB (#​704)

  • breaking: remove the implicit no-op tokio and async-compression features. These were kept as no-op features in 0.6.x for backwards compatibility after the switch to dep: syntax in #​642. Downstream crates that activate tower-http/tokio or tower http/async-compression should remove those feature entries; the underlying dependencies are still pulled in transitively by the features that need them (e.g. compression-gzip, fs, timeout). (#​628)

  • breaking: trace/classify: include the gRPC error message in tracing output. GrpcCode and GrpcFailureClass are now #[non_exhaustive], and GrpcStatus is exported from the classify module (#​422)

  • breaking: follow-redirect: FollowRedirect now forwards request Extensions to redirected requests instead of dropping them. The Standard policy drops extensions on cross-origin redirections (same-origin keeps them). Opt out with FollowRedirectLayer::preserve_extensions(false); keep specific types with FilterCredentials::allow_extension::<T>() or all of them with keep_all_extensions(). (#​706)

    use tower_http::follow_redirect::FollowRedirectLayer;
    
    // 0.7.0 forwards request `Extensions` across redirects by default.
    // Restore the previous behavior (drop all extensions) with:
    let layer = FollowRedirectLayer::new().preserve_extensions(false);
  • breaking: follow-redirect: header and extension filtering is now cumulative. A value a policy drops on one hop is no longer replayed on later hops, so FilterCredentials no longer re-sends Cookie/Authorization to a same-origin target reached after cross-origin hop. Custom Policy::on_request impls now see the previous hop's filtered request, not the original. (#​706)

  • trace: DefaultOnRequest, DefaultOnResponse, DefaultOnFailure, and DefaultOnEos now explicitly parent their tracing events to the request span rather than relying on the ambient span context. This fixes intermittent cases where events could appear without their request span attached (#​690)

  • cors: relax the Vary header defaults (#​674)

  • MSRV bumped from 1.64 to 1.65 (#​684)

Fixed

  • fs: ServeDir and ServeFile now emit a Vary: Accept-Encoding response
    header when precompressed serving is configured, ensuring caches correctly
    distinguish between compressed and uncompressed variants (#​692)
  • breaking: services: reject a trailing slash for file paths. File requests with a trailing slash now return 404 Not Found instead of serving the file (#​678)
  • fs: fix ServeDir stripping the file extension when serving with identity encoding (#​686)
  • compression: forward trailers from the inner body after compression finishes, fixing dropped gRPC status trailers (#​685)
  • trace: fire on_eos when the inner body reports is_end_stream with a precise content-length (#​687)
  • on-early-drop: suppress the early-drop guard when is_end_stream is reported after a data frame (#​687)
  • set-header: make SetMultipleRequestHeaders and SetMultipleResponseHeaders Clone for non-Clone HTTP bodies (#​703)

Thanks

New Contributors

v0.6.11

Compare Source

Added

  • set-header: add SetMultipleResponseHeadersLayer and
    SetMultipleResponseHeader for setting multiple response headers at once.
    Supports overriding, appending, and if_not_present modes. Header
    values can be fixed or computed dynamically via closures (#​672)

    use http::{Response, header::{self, HeaderValue}};
    use http_body::Body as _;
    use tower_http::set_header::response::SetMultipleResponseHeadersLayer;
    
    let layer = SetMultipleResponseHeadersLayer::overriding(vec![
        (header::X_FRAME_OPTIONS, HeaderValue::from_static("DENY")).into(),
        (header::CONTENT_LENGTH, |res: &Response<MyBody>| {
            res.body().size_hint().exact()
                .map(|size| HeaderValue::from_str(&size.to_string()).unwrap())
        }).into(),
    ]);
  • set-header: add SetMultipleRequestHeadersLayer and
    SetMultipleRequestHeaders for setting multiple request headers at once,
    mirroring the response-side API (#​677)

  • classify: add From<i32> and From<NonZeroI32> impls for GrpcCode.
    Unrecognized status codes map to GrpcCode::Unknown (#​506)

Changed

  • compression: compress application/grpc-web responses. Previously all
    application/grpc* content types were excluded from compression; now only
    application/grpc (non-web) is excluded (#​408)

Fixed

  • fs: fix ServeDir returning 500 instead of 405 for non-GET/HEAD requests
    when call_fallback_on_method_not_allowed is enabled but no fallback service
    is configured (#​587)
  • fs: remove duplicate cfg attribute on is_reserved_dos_name (#​675)

All PRs

New Contributors

Full Changelog: tower-rs/tower-http@tower-http-0.6.10...tower-http-0.6.11

v0.6.10

Compare Source

Added

  • follow-redirect: expose Attempt::method() and Attempt::previous_method()
    so redirect policies can react to method changes across redirects (e.g.
    POST to GET on 301/303) (#​559)

Fixed

  • Restore tokio and async-compression as no-op features. These will be
    removed next breaking release (#​667)

What's Changed

New Contributors

Full Changelog: tower-rs/tower-http@tower-http-0.6.9...tower-http-0.6.10

v0.6.9

Compare Source

Added:

  • on-early-drop: middleware that detects when a response future or response
    body is dropped before completion ([#​636])

    Two events get hooks: the response future being dropped before
    the inner service prod

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate
renovate Bot requested a review from a team as a code owner January 12, 2026 13:07
@codecov

codecov Bot commented Jan 12, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 90.17%. Comparing base (b97ce1d) to head (7df1059).
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@           Coverage Diff           @@
##             main     #202   +/-   ##
=======================================
  Coverage   90.17%   90.17%           
=======================================
  Files           9        9           
  Lines         529      529           
=======================================
  Hits          477      477           
  Misses         52       52           

Continue to review full report in Codecov by Harness.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b97ce1d...7df1059. Read the comment docs.

@renovate renovate Bot changed the title chore(deps): update rust crate axum-tracing-opentelemetry to v0.32.3 chore(deps): update rust dependencies Jan 12, 2026
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 3 times, most recently from 54106f7 to 021a581 Compare January 19, 2026 09:44
@renovate renovate Bot changed the title chore(deps): update rust dependencies fix(deps): update rust dependencies Jan 19, 2026
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 5 times, most recently from 92849c3 to c16a31e Compare January 24, 2026 05:26
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 3 times, most recently from 35e490a to 1f72067 Compare February 5, 2026 22:32
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 2 times, most recently from 92c4241 to 2cd35fb Compare February 20, 2026 04:50
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch from 2cd35fb to e4f4380 Compare March 3, 2026 14:06
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 4 times, most recently from 1977b6f to c0fc0d9 Compare March 17, 2026 22:02
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 2 times, most recently from 0b74947 to 2722eb9 Compare March 30, 2026 20:52
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 2 times, most recently from 886190f to dafccf8 Compare April 8, 2026 13:22
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 4 times, most recently from 5107987 to 262e86b Compare April 16, 2026 23:39
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 5 times, most recently from 909e84e to 36a6f57 Compare May 9, 2026 00:53
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 3 times, most recently from 60386d8 to f4384f8 Compare May 21, 2026 20:48
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 3 times, most recently from 0aaa90f to 068d5bb Compare May 26, 2026 20:56
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 3 times, most recently from 2053ed1 to 6e45436 Compare June 16, 2026 22:37
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 3 times, most recently from bbe8a4f to 7df1059 Compare June 26, 2026 20:03
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch from 7df1059 to bad5570 Compare June 30, 2026 13:14
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch 3 times, most recently from 0cc3d15 to 1c63d62 Compare July 16, 2026 14:50
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch from 1c63d62 to 0364d93 Compare July 17, 2026 08:46
@renovate
renovate Bot force-pushed the renovate/rust-dependencies branch from 0364d93 to d4699e2 Compare July 18, 2026 12:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants