From 5378525e702e4894f2bb95db1c5a3424d846c6c1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 22 Oct 2025 03:33:19 +0000
Subject: [PATCH] build(deps): bump zip from 2.4.2 to 5.1.1 in /rust (#10652)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [zip](https://github.com/zip-rs/zip2) from 2.4.2 to 5.1.1.
Release notes
Sourced from zip's
releases.
v5.1.1
🐛 Bug Fixes
- panic when reading empty extended-timestamp field (#404) (#422)
- Restore original file timestamp when unzipping with
chrono (#46)
⚙️ Miscellaneous Tasks
- Configure Amazon Q rules (#421)
v5.1.0
🚀 Features
- Add legacy shrink/reduce/implode compression (#303)
v5.0.1
🐛 Bug Fixes
- AES metadata was not copied correctly in raw copy methods, which
could corrupt the copied file. (#417)
v5.0.0
🚀 Features
- Implement by_path*() methods on ZipArchive (#382)
v4.6.1
🐛 Bug Fixes
- Fixes an issue introduced by the swap from
lzma-rs to
liblzma (#407)
v4.6.0
🚀 Features
- Allow to read zip files with unsupported extended timestamps (#400)
🐛 Bug Fixes
- enable clamp_opt for ppmd and xz (#401)
v4.5.0
🚀 Features
- Allow reading ZIP files where the central directory comes
before the files (#384) (#396)
v4.4.0
🚀 Features
- Add
lzma-static and xz-static features
that enable liblzma/static (#393)
⚙️ Miscellaneous Tasks
... (truncated)
Changelog
Sourced from zip's
changelog.
5.1.1
- 2025-09-11
🐛 Bug Fixes
- panic when reading empty extended-timestamp field (#404) (#422)
- Restore original file timestamp when unzipping with
chrono (#46)
⚙️ Miscellaneous Tasks
- Configure Amazon Q rules (#421)
5.1.0
- 2025-09-10
🚀 Features
- Add legacy shrink/reduce/implode compression (#303)
5.0.1
- 2025-09-09
🐛 Bug Fixes
- AES metadata was not copied correctly in raw copy methods, which
could corrupt the copied file. (#417)
5.0.0
- 2025-09-05
🚀 Features
- Implement by_path*() methods on ZipArchive (#382)
4.6.1
- 2025-09-03
🐛 Bug Fixes
- Fixes an issue introduced by the swap from
lzma-rs to
liblzma (#407)
4.6.0
- 2025-08-30
🚀 Features
- Allow to read zip files with unsupported extended timestamps (#400)
🐛 Bug Fixes
- enable clamp_opt for ppmd and xz (#401)
4.5.0
- 2025-08-21
🚀 Features
- Allow reading ZIP files where the central directory comes
before the files (#384) (#396)
... (truncated)
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
rust/Cargo.lock | 25 +++++++++++++++++++------
rust/Cargo.toml | 2 +-
2 files changed, 20 insertions(+), 7 deletions(-)
diff --git a/rust/Cargo.lock b/rust/Cargo.lock
index 3c48f2358..8e853c3c8 100644
--- a/rust/Cargo.lock
+++ b/rust/Cargo.lock
@@ -2704,6 +2704,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7ced92e76e966ca2fd84c8f7aa01a4aea65b0eb6648d72f7c8f3e2764a67fece"
dependencies = [
"crc32fast",
+ "libz-rs-sys",
"miniz_oxide",
]
@@ -4246,6 +4247,15 @@ dependencies = [
"libc",
]
+[[package]]
+name = "libz-rs-sys"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "840db8cf39d9ec4dd794376f38acc40d0fc65eec2a8f484f7fd375b84602becd"
+dependencies = [
+ "zlib-rs",
+]
+
[[package]]
name = "linux-raw-sys"
version = "0.4.15"
@@ -4799,7 +4809,7 @@ version = "0.7.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "af1844ef2428cc3e1cb900be36181049ef3d3193c63e43026cfe202983b27a56"
dependencies = [
- "proc-macro-crate 1.3.1",
+ "proc-macro-crate 3.3.0",
"proc-macro2",
"quote",
"syn 2.0.106",
@@ -10031,22 +10041,25 @@ dependencies = [
[[package]]
name = "zip"
-version = "2.4.2"
+version = "5.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fabe6324e908f85a1c52063ce7aa26b68dcb7eb6dbc83a2d148403c9bc3eba50"
+checksum = "2f852905151ac8d4d06fdca66520a661c09730a74c6d4e2b0f27b436b382e532"
dependencies = [
"arbitrary",
"crc32fast",
- "crossbeam-utils",
- "displaydoc",
"flate2",
"indexmap 2.9.0",
"memchr",
- "thiserror 2.0.16",
"time",
"zopfli",
]
+[[package]]
+name = "zlib-rs"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2f06ae92f42f5e5c42443fd094f245eb656abf56dd7cce9b8b263236565e00f2"
+
[[package]]
name = "zopfli"
version = "0.8.2"
diff --git a/rust/Cargo.toml b/rust/Cargo.toml
index 11c115782..6a6fde4a1 100644
--- a/rust/Cargo.toml
+++ b/rust/Cargo.toml
@@ -208,7 +208,7 @@ windows-implement = "0.60.0"
windows-service = "0.8.0"
winreg = "0.52.0"
zbus = "5.11.0"
-zip = { version = "2", default-features = false }
+zip = { version = "5", default-features = false }
[workspace.lints.clippy]
dbg_macro = "warn"