From 4fa92e514cede737d6963505371776ef10f68d29 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 30 Oct 2025 03:39:53 +0000
Subject: [PATCH] build(deps): bump axum from 0.8.4 to 0.8.5 in /rust (#10719)
Bumps [axum](https://github.com/tokio-rs/axum) from 0.8.4 to 0.8.5.
Release notes
Sourced from axum's
releases.
axum v0.8.5
- fixed: Reject JSON request bodies with trailing
characters after the JSON document (#3453)
- added: Implement
OptionalFromRequest
for Multipart (#3220)
- added: Getter methods
Location::{status_code,
location}
- added: Support for writing arbitrary binary data
into server-sent events (#3425)]
- added:
middleware::ResponseAxumBodyLayer for mapping response body
to axum::body::Body (#3469)
- added:
impl FusedStream for WebSocket
(#3443)
- changed: The
sse module and
Sse type no longer depend on the tokio feature
(#3154)
- changed: If the location given to one of
Redirects constructors is not a valid header value, instead
of panicking on construction, the IntoResponse impl now
returns an HTTP 500, just like Json does when serialization
fails (#3377)
- changed: Update minimum rust version to 1.78 (#3412)
#3154:
tokio-rs/axum#3154
#3220:
tokio-rs/axum#3220
#3377:
tokio-rs/axum#3377
#3412:
tokio-rs/axum#3412
#3425:
tokio-rs/axum#3425
#3443:
tokio-rs/axum#3443
#3453:
tokio-rs/axum#3453
#3469:
tokio-rs/axum#3469
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
rust/Cargo.lock | 12 +++++-------
rust/Cargo.toml | 2 +-
2 files changed, 6 insertions(+), 8 deletions(-)
diff --git a/rust/Cargo.lock b/rust/Cargo.lock
index 1bff636b7..29cd2ab17 100644
--- a/rust/Cargo.lock
+++ b/rust/Cargo.lock
@@ -596,9 +596,9 @@ checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26"
[[package]]
name = "axum"
-version = "0.8.4"
+version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "021e862c184ae977658b36c4500f7feac3221ca5da43e3f25bd04ab6c79a29b5"
+checksum = "8a18ed336352031311f4e0b4dd2ff392d4fbb370777c9d18d7fc9d7359f73871"
dependencies = [
"axum-core",
"bytes",
@@ -615,8 +615,7 @@ dependencies = [
"mime",
"percent-encoding",
"pin-project-lite",
- "rustversion",
- "serde",
+ "serde_core",
"serde_path_to_error",
"serde_urlencoded",
"sync_wrapper",
@@ -628,9 +627,9 @@ dependencies = [
[[package]]
name = "axum-core"
-version = "0.5.2"
+version = "0.5.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "68464cd0412f486726fb3373129ef5d2993f90c34bc2bc1c1e9943b2f4fc7ca6"
+checksum = "59446ce19cd142f8833f856eb31f3eb097812d1479ab224f54d72428ca21ea22"
dependencies = [
"bytes",
"futures-core",
@@ -639,7 +638,6 @@ dependencies = [
"http-body-util",
"mime",
"pin-project-lite",
- "rustversion",
"sync_wrapper",
"tower-layer",
"tower-service",
diff --git a/rust/Cargo.toml b/rust/Cargo.toml
index 5dfffa5dc..8696913c7 100644
--- a/rust/Cargo.toml
+++ b/rust/Cargo.toml
@@ -46,7 +46,7 @@ arbitrary = "1.4.2"
arboard = { version = "3.6.1", default-features = false }
async-trait = { version = "0.1", default-features = false }
atomicwrites = "0.4.4"
-axum = { version = "0.8.4", default-features = false }
+axum = { version = "0.8.5", default-features = false }
aya = { git = "https://github.com/aya-rs/aya" }
aya-build = { git = "https://github.com/aya-rs/aya" }
aya-ebpf = { git = "https://github.com/aya-rs/aya" }