chore(deps): bump the non-arrow group with 7 updates by dependabot[bot] · Pull Request #256 · stac-utils/rustac-py

dependabot · 2026-03-17T05:24:29Z

Bumps the non-arrow group with 7 updates:

Package	From	To
clap	`4.5.60`	`4.6.0`
geojson	`0.24.2`	`1.0.0`
openssl	`0.10.75`	`0.10.76`
rustac	`b25bce2`	`2b86ddf`
stac	`b25bce2`	`2b86ddf`
stac-duckdb	`b25bce2`	`2b86ddf`
stac-io	`b25bce2`	`2b86ddf`

Updates clap from 4.5.60 to 4.6.0

Changelog

Sourced from clap's changelog.

[4.6.0] - 2026-03-12

Compatibility

Update MSRV to 1.85

[4.5.61] - 2026-03-12

Internal

Update dependencies

Commits

9ab6dee chore: Release
374a30d docs: Update changelog
d0c8aab Merge pull request #6306 from epage/update
686ce2f chore: Upgrade compatible
8203238 Merge pull request #6305 from epage/msrv
c774a89 docs: Reduce main's in doctests
73534f6 chore: Upgrade to 2025 edition
dfe05a9 chore: Bump MSRV to 1.85
8b41d0b chore: Release
518220f docs: Update changelog
Additional commits viewable in compare view

Updates geojson from 0.24.2 to 1.0.0

Changelog

Sourced from geojson's changelog.

v1.0.0 - 2025-03-16
BREAKING: Position is now a struct, rather than a type alias for Vec. The new struct uses the tinyvec crate, which allows for faster GeoJSON processing in the common (2-D) case by avoiding per-coordinate heap allocations.
// BEFORE: Position *was* a Vec. A Vec is always allocated on the heap, which is slow.
let position: Position = vec![1.0, 2.0];
let x = position[0];
// AFTER: Position is its own type, buildable from a Vec.
let position: Position = vec![1.0, 2.0].into();
// index access is unchanged
let x = position[0];
// Alternatively, you can now construct from an Array, avoiding the Vec's heap allocation.
let position: Position = [1.0, 2.0].into();
// equivalently:
let position = Position::from([1.0, 2.0]);
// You can still build 3D+ Positions. These higher dimension coordinates will use Heap storage.
let position = Position::from([1.0, 2.0, 3.0]);
let position = Position::from(vec![1.0, 2.0, 3.0, 4.0, 5.0, 6.0]);
See georust/geojson#222
Substantially speed up parsing (Benches show 30% reduction). This was essentially a rewrite of our deserialization logic. Instead of going from input -> serde_json::JsonObject -> geojson types we now go directly from input -> geojson types.

Deserialization errors now include line number and column position. Before:

Encountered neither number type nor string type for 'id' field on 'feature' object: {} After: Error while deserializing GeoJSON: Feature 'id' must be a string or a number at line 3 column 11

BREAKING: geojson::Error has had many cases removed and some new cases added, reflecting the deserialization rewrite.

BREAKING: TryInto/From implementations for serde_json::Value and serde_json::Object have been removed now that they are not used for deserialization.

type is now the first field when serializing GeoJSON objects.

Since feature.id is optional, we now accept "id: null", whereas previously you were required to omit the id key. Now either is acceptable.

Fix: Return [] instead of [[]] for POLYGON EMPTY.

See georust/geojson#262

Potentially breaking: De/Serializing your custom structs with serde now maps your struct's id field to Feature.id, rather than to Feature.properties.id.

Fix geo_rect_conversion_test to conform to the correctly-wound Polygon output from geo_types::geometry::Rect.to_polygon

... (truncated)

Commits

f6eafed prepare for 1.0.0 release
8c12816 prepare for 0.25.0 release
c64043f simpler docs
fa96c26 update to rust 2024 (#273)
3c362b4 Additional ergonomic constructors (for Geometry and FeatureCollection) (#271)
f5fffd0 Remove methods related to json to/from now that we ser/de directly (#270)
de445d9 Speed up parsing by deserializing directly to geojson (without intermediate s...
a7870db Move code around - no new functionality (#268)
37ea3c9 Merge branch 'mkirk/derive-serialization-3'
67c07a1 derive Serialization rather than manual impls
Additional commits viewable in compare view

Updates openssl from 0.10.75 to 0.10.76

Release notes

Sourced from openssl's releases.

openssl-v0.10.76

What's Changed

feat: New methods EVP_PKEY_new_raw_*_key_ex and EVP_PKEY_is_a by @FinnRG in rust-openssl/rust-openssl#2521

Fix invalid value parsing of OCSP revocation reason by @danpashin in rust-openssl/rust-openssl#2523

Bump actions/checkout from 5 to 6 by @dependabot[bot] in rust-openssl/rust-openssl#2524

Bump aws-lc-sys from 0.27 to 0.34 by @goffrie in rust-openssl/rust-openssl#2526

Expose X509_NAME_dup on all versions of OpenSSL by @alex in rust-openssl/rust-openssl#2529

Unconditionally expose some *_dup() functions by @botovq in rust-openssl/rust-openssl#2530

reintroduce dir_name support for subject_alt_names by @mqqz in rust-openssl/rust-openssl#2528

Fix cipher comparison with NID instead of pointers by @lwestlund in rust-openssl/rust-openssl#2531

Remove ASN1_STRING_data for LibreSSL 4.3.0 by @botovq in rust-openssl/rust-openssl#2534

drop openssl 1.0.2 by @alex in rust-openssl/rust-openssl#2545

Bump actions/cache from 4 to 5 by @dependabot[bot] in rust-openssl/rust-openssl#2542

Add Debug implementation for EcdsaSig{,Ref} by @buytenh in rust-openssl/rust-openssl#2540

Add HKDF support by @Zenkibou in rust-openssl/rust-openssl#2543

Enhance Debug implementation for Nid by @buytenh in rust-openssl/rust-openssl#2547

Remove X509_VERIFY_PARAM_ID for LibreSSL 4.3.0 by @botovq in rust-openssl/rust-openssl#2549

Add UpperHex implementation for BigNum{,Ref} by @buytenh in rust-openssl/rust-openssl#2550

Add Debug implementation for EcGroup{,Ref} by @buytenh in rust-openssl/rust-openssl#2548

test against openssl 3.6.0 in ci by @alex in rust-openssl/rust-openssl#2546

Remove more OpenSSL 1.0.2 complications by @botovq in rust-openssl/rust-openssl#2559

Still more OpenSSL 1.0.2 complications by @botovq in rust-openssl/rust-openssl#2560

Remove more dead config branches by @botovq in rust-openssl/rust-openssl#2561

Let AWS-LC use the BoringSSL path for BIO_METHOD by @botovq in rust-openssl/rust-openssl#2562

Two small LibreSSL tweaks by @botovq in rust-openssl/rust-openssl#2563

Upgrade ctest to 0.5 by @alex in rust-openssl/rust-openssl#2569

add more brainpool curve NID constants by @butteronarchbtw in rust-openssl/rust-openssl#2567

fix min-version CI by @alex in rust-openssl/rust-openssl#2573

Fix use-after-free of error strings on BoringSSL/aws-lc by @alex in rust-openssl/rust-openssl#2572

Pin quote to 1.0.44 for min-version CI by @alex in rust-openssl/rust-openssl#2579

Constify from_raw by @DarkaMaul in rust-openssl/rust-openssl#2580

Support pregenerated Rust bindings from AWS-LC installations by @justsmth in rust-openssl/rust-openssl#2578

Bump aws-lc-sys to 0.38 by @goffrie in rust-openssl/rust-openssl#2581

Release openssl v0.10.76 and openssl-sys v0.9.112 by @weihanglo in rust-openssl/rust-openssl#2582

New Contributors

@FinnRG made their first contribution in rust-openssl/rust-openssl#2521

@danpashin made their first contribution in rust-openssl/rust-openssl#2523

@mqqz made their first contribution in rust-openssl/rust-openssl#2528

@lwestlund made their first contribution in rust-openssl/rust-openssl#2531

@buytenh made their first contribution in rust-openssl/rust-openssl#2540

@Zenkibou made their first contribution in rust-openssl/rust-openssl#2543

@butteronarchbtw made their first contribution in rust-openssl/rust-openssl#2567

@DarkaMaul made their first contribution in rust-openssl/rust-openssl#2580

@weihanglo made their first contribution in rust-openssl/rust-openssl#2582

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.75...openssl-v0.10.76

Commits

6b94124 Release openssl v0.10.76 and openssl-sys v0.9.112 (#2582)
30c3f2d Bump aws-lc-sys to 0.38 (#2581)
efc55bf Support pregenerated Rust bindings from AWS-LC installations (#2578)
80cd420 Constify from_raw (#2580)
e64c352 Pin quote to 1.0.44 for min-version CI (#2579)
c38b028 Fix use-after-free of error strings on BoringSSL/aws-lc (#2572)
9cd9a14 fix min-version CI (#2573)
87bf0e2 Merge pull request #2567 from butteronarchbtw/brainpool-nid-constants
61906a9 add libressl variants
e922826 add corresponding rust constants
Additional commits viewable in compare view

Updates rustac from b25bce2 to 2b86ddf

Commits

2b86ddf chore(deps): bump cairosvg from 2.8.2 to 2.9.0 (#990)
5a66a2c chore(deps): bump pillow from 11.3.0 to 12.1.1 (#989)
6c0b318 chore(deps): bump orjson from 3.11.4 to 3.11.6 (#988)
b2baa5f chore(deps): bump tar from 7.5.10 to 7.5.11 in /crates/wasm (#987)
See full diff in compare view

Updates stac from b25bce2 to 2b86ddf

Commits

2b86ddf chore(deps): bump cairosvg from 2.8.2 to 2.9.0 (#990)
5a66a2c chore(deps): bump pillow from 11.3.0 to 12.1.1 (#989)
6c0b318 chore(deps): bump orjson from 3.11.4 to 3.11.6 (#988)
b2baa5f chore(deps): bump tar from 7.5.10 to 7.5.11 in /crates/wasm (#987)
See full diff in compare view

Updates stac-duckdb from b25bce2 to 2b86ddf

Commits

2b86ddf chore(deps): bump cairosvg from 2.8.2 to 2.9.0 (#990)
5a66a2c chore(deps): bump pillow from 11.3.0 to 12.1.1 (#989)
6c0b318 chore(deps): bump orjson from 3.11.4 to 3.11.6 (#988)
b2baa5f chore(deps): bump tar from 7.5.10 to 7.5.11 in /crates/wasm (#987)
See full diff in compare view

Updates stac-io from b25bce2 to 2b86ddf

Commits

2b86ddf chore(deps): bump cairosvg from 2.8.2 to 2.9.0 (#990)
5a66a2c chore(deps): bump pillow from 11.3.0 to 12.1.1 (#989)
6c0b318 chore(deps): bump orjson from 3.11.4 to 3.11.6 (#988)
b2baa5f chore(deps): bump tar from 7.5.10 to 7.5.11 in /crates/wasm (#987)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the non-arrow group with 7 updates: | Package | From | To | | --- | --- | --- | | [clap](https://github.com/clap-rs/clap) | `4.5.60` | `4.6.0` | | [geojson](https://github.com/georust/geojson) | `0.24.2` | `1.0.0` | | [openssl](https://github.com/rust-openssl/rust-openssl) | `0.10.75` | `0.10.76` | | [rustac](https://github.com/stac-utils/rustac) | ``b25bce2`` | ``2b86ddf`` | | [stac](https://github.com/stac-utils/rustac) | ``b25bce2`` | ``2b86ddf`` | | [stac-duckdb](https://github.com/stac-utils/rustac) | ``b25bce2`` | ``2b86ddf`` | | [stac-io](https://github.com/stac-utils/rustac) | ``b25bce2`` | ``2b86ddf`` | Updates `clap` from 4.5.60 to 4.6.0 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](clap-rs/clap@clap_complete-v4.5.60...clap_complete-v4.6.0) Updates `geojson` from 0.24.2 to 1.0.0 - [Changelog](https://github.com/georust/geojson/blob/main/CHANGES.md) - [Commits](georust/geojson@0.24.2...v1.0.0) Updates `openssl` from 0.10.75 to 0.10.76 - [Release notes](https://github.com/rust-openssl/rust-openssl/releases) - [Commits](rust-openssl/rust-openssl@openssl-v0.10.75...openssl-v0.10.76) Updates `rustac` from `b25bce2` to `2b86ddf` - [Release notes](https://github.com/stac-utils/rustac/releases) - [Commits](stac-utils/rustac@b25bce2...2b86ddf) Updates `stac` from `b25bce2` to `2b86ddf` - [Release notes](https://github.com/stac-utils/rustac/releases) - [Commits](stac-utils/rustac@b25bce2...2b86ddf) Updates `stac-duckdb` from `b25bce2` to `2b86ddf` - [Release notes](https://github.com/stac-utils/rustac/releases) - [Commits](stac-utils/rustac@b25bce2...2b86ddf) Updates `stac-io` from `b25bce2` to `2b86ddf` - [Release notes](https://github.com/stac-utils/rustac/releases) - [Commits](stac-utils/rustac@b25bce2...2b86ddf) --- updated-dependencies: - dependency-name: clap dependency-version: 4.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: non-arrow - dependency-name: geojson dependency-version: 1.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: non-arrow - dependency-name: openssl dependency-version: 0.10.76 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: non-arrow - dependency-name: rustac dependency-version: 2b86ddf294c9ff3bff717b2f47553be850b70a95 dependency-type: direct:production dependency-group: non-arrow - dependency-name: stac dependency-version: 2b86ddf294c9ff3bff717b2f47553be850b70a95 dependency-type: direct:production dependency-group: non-arrow - dependency-name: stac-duckdb dependency-version: 2b86ddf294c9ff3bff717b2f47553be850b70a95 dependency-type: direct:production dependency-group: non-arrow - dependency-name: stac-io dependency-version: 2b86ddf294c9ff3bff717b2f47553be850b70a95 dependency-type: direct:production dependency-group: non-arrow ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Mar 17, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the non-arrow group with 7 updates#256

chore(deps): bump the non-arrow group with 7 updates#256
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/non-arrow-6beedbf6c4

dependabot bot commented on behalf of github Mar 17, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Mar 17, 2026

[4.6.0] - 2026-03-12

Compatibility

[4.5.61] - 2026-03-12

Internal

v1.0.0 - 2025-03-16

openssl-v0.10.76

What's Changed

New Contributors

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants