From c523add8955bcc4bd205a47d542bde5164c2e295 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 15 Nov 2025 18:46:37 +1100
Subject: [PATCH] build(deps): bump zip from 5.1.1 to 6.0.0 in /rust (#10829)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [zip](https://github.com/zip-rs/zip2) from 5.1.1 to 6.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/zip-rs/zip2/releases">zip's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>panic when reading empty extended-timestamp field (<a
href="https://redirect.github.com/zip-rs/zip2/pull/404">#404</a>) (<a
href="https://redirect.github.com/zip-rs/zip2/pull/422">#422</a>)</li>
<li>Restore original file timestamp when unzipping with
<code>chrono</code> (<a
href="https://redirect.github.com/zip-rs/zip2/pull/46">#46</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h3>
<ul>
<li>Configure Amazon Q rules (<a
href="https://redirect.github.com/zip-rs/zip2/pull/421">#421</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md">zip's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v5.1.1...v6.0.0">6.0.0</a>
- 2025-10-09</h2>
<h3><!-- raw HTML omitted -->🚀 Features</h3>
<ul>
<li>Add by_index_with_options(), which can be used to ignore encryption
in a file's metadata (<a
href="https://redirect.github.com/zip-rs/zip2/pull/439">#439</a>) and
may be used for other file-specific overrides in the future.</li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h3>
<ul>
<li>[<strong>breaking</strong>] <code>FileOptions::add_extra_data</code>
is now generic and accepts any <code>AsRef&lt;[u8]&gt;</code>. (<a
href="https://redirect.github.com/zip-rs/zip2/issues/435">#435</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/zip-rs/zip2/commit/abfc23d19e5c6038cba27eb3a897bc34c6d5bf86"><code>abfc23d</code></a>
feat: Upgrade [Extended]FileOptions::add_extra_data() data from
Box&lt;[u8]&gt; to ...</li>
<li><a
href="https://github.com/zip-rs/zip2/commit/eb1b586d0e7807dd5a0d9f6064aa98122e9bf2d7"><code>eb1b586</code></a>
docs: Update zip_writer documentation example (<a
href="https://redirect.github.com/zip-rs/zip2/issues/431">#431</a>)</li>
<li><a
href="https://github.com/zip-rs/zip2/commit/26e6e08e704def56c3dc34c0171765325761799e"><code>26e6e08</code></a>
feat: Add by_index_with_options() for ignoring encryption (<a
href="https://redirect.github.com/zip-rs/zip2/issues/439">#439</a>)</li>
<li><a
href="https://github.com/zip-rs/zip2/commit/165415d7e241b33af66913f15c27c09e80a38b5a"><code>165415d</code></a>
chore(deps): update nt-time requirement from 0.10.6 to 0.12.1 (<a
href="https://redirect.github.com/zip-rs/zip2/issues/429">#429</a>)</li>
<li><a
href="https://github.com/zip-rs/zip2/commit/1d5d4edf6ce16fd6025d362da195e2f40eadeac2"><code>1d5d4ed</code></a>
chore(deps): update lzma-rust2 requirement from 0.13 to 0.14 (<a
href="https://redirect.github.com/zip-rs/zip2/issues/432">#432</a>)</li>
<li><a
href="https://github.com/zip-rs/zip2/commit/72cce40def72573208cee0b27448ad575cc1a842"><code>72cce40</code></a>
chore(deps): update nt-time requirement from 0.10.6 to 0.12.1 (<a
href="https://redirect.github.com/zip-rs/zip2/issues/428">#428</a>)</li>
<li><a
href="https://github.com/zip-rs/zip2/commit/2ef4d3e5494d7f549d11c14dc4aa2aedf574dd14"><code>2ef4d3e</code></a>
chore(deps): update nt-time requirement from 0.10.6 to 0.12.1 (<a
href="https://redirect.github.com/zip-rs/zip2/issues/427">#427</a>)</li>
<li><a
href="https://github.com/zip-rs/zip2/commit/9cf28cb6c0e192029ec12331230e14150afb1ba4"><code>9cf28cb</code></a>
test(ci): Fix: <code>rename</code> can't be skipped</li>
<li><a
href="https://github.com/zip-rs/zip2/commit/5987cdd7096cc9cf3d39947f4f363aa14841f023"><code>5987cdd</code></a>
test(ci): Fix: need recursive rename</li>
<li><a
href="https://github.com/zip-rs/zip2/commit/74f8a3c1897e79252fcf81d2431a787a1294dbcc"><code>74f8a3c</code></a>
test(ci): Need to rename more files during fuzz runs</li>
<li>Additional commits viewable in <a
href="https://github.com/zip-rs/zip2/compare/v5.1.1...v6.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zip&package-manager=cargo&previous-version=5.1.1&new-version=6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 rust/Cargo.lock | 4 ++--
 rust/Cargo.toml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/rust/Cargo.lock b/rust/Cargo.lock
index 94dcec338..bf110c243 100644
--- a/rust/Cargo.lock
+++ b/rust/Cargo.lock
@@ -10117,9 +10117,9 @@ dependencies = [
 
 [[package]]
 name = "zip"
-version = "5.1.1"
+version = "6.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2f852905151ac8d4d06fdca66520a661c09730a74c6d4e2b0f27b436b382e532"
+checksum = "eb2a05c7c36fde6c09b08576c9f7fb4cda705990f73b58fe011abf7dfb24168b"
 dependencies = [
  "arbitrary",
  "crc32fast",
diff --git a/rust/Cargo.toml b/rust/Cargo.toml
index 33a543d20..e35570235 100644
--- a/rust/Cargo.toml
+++ b/rust/Cargo.toml
@@ -224,7 +224,7 @@ windows-implement = "0.60.0"
 windows-service = "0.8.0"
 winreg = "0.55.0"
 zbus = "5.11.0"
-zip = { version = "5", default-features = false }
+zip = { version = "6", default-features = false }
 
 [workspace.lints.clippy]
 dbg_macro = "warn"