Skip to content

build(deps): bump the cargo group across 1 directory with 2 updates#10

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/cargo-b1a7db945f
Open

build(deps): bump the cargo group across 1 directory with 2 updates#10
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/cargo-b1a7db945f

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Feb 25, 2026
edited
Loading

Bumps the cargo group with 2 updates in the / directory: wasmtime and aws-sdk-sso.

Updates wasmtime from 33.0.2 to 36.0.6

Release notes

Sourced from wasmtime's releases.

v36.0.6

36.0.6

Released 2026-02-24.

Changed

  • Wasmtime's implementation of WASI now has the ability to limit resource consumption on behalf of the guest, such as host-allocated memory. This means that some behaviors previously allowed by Wasmtime can now disallowed, such as transferring excessive data from the guest to the host. Additionally calls to wasi:random/random.get-random-bytes, for example, can have limits in place to avoid allocating too much memory on the host. To preserve backwards-compatible behavior these limits are NOT set by default. Embedders must opt-in to configuring these knobs as appropriate for their embeddings. For more information on this see the related security advisory with further details on knobs added and what behaviors can be restricted. GHSA-852m-cvvp-9p4w

Fixed

  • Panics when adding too many headers to a wasi:http/types.fields has been resolved GHSA-243v-98vx-264h

v36.0.5

36.0.5

Released 2026-01-26.

Fixed

  • Fixed a bug in lowering of f64.copysign on x86-64 whereby when combined with an f64.load, the resulting machine code could read 16 bytes rather than 8 bytes. This could result in a segfault when Wasmtime is configured without signals-based traps.

v36.0.4

36.0.4

Released 2026-01-14.

Fixed

  • A possible stack overflow in the x64 backend with cmp emission has been fixed. #12333

v36.0.3

36.0.3

... (truncated)

Changelog

Sourced from wasmtime's changelog.

36.0.6

Released 2026-02-24.

Changed

  • Wasmtime's implementation of WASI now has the ability to limit resource consumption on behalf of the guest, such as host-allocated memory. This means that some behaviors previously allowed by Wasmtime can now disallowed, such as transferring excessive data from the guest to the host. Additionally calls to wasi:random/random.get-random-bytes, for example, can have limits in place to avoid allocating too much memory on the host. To preserve backwards-compatible behavior these limits are NOT set by default. Embedders must opt-in to configuring these knobs as appropriate for their embeddings. For more information on this see the related security advisory with further details on knobs added and what behaviors can be restricted. GHSA-852m-cvvp-9p4w

Fixed

  • Panics when adding too many headers to a wasi:http/types.fields has been resolved GHSA-243v-98vx-264h

36.0.5

Released 2026-01-26.

Fixed

  • Fixed a bug in lowering of f64.copysign on x86-64 whereby when combined with an f64.load, the resulting machine code could read 16 bytes rather than 8 bytes. This could result in a segfault when Wasmtime is configured without signals-based traps.

36.0.4

Released 2026-01-14.

Fixed

  • A possible stack overflow in the x64 backend with cmp emission has been fixed. #12333

... (truncated)

Commits

Updates aws-sdk-sso from 1.88.0 to 1.90.0

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Feb 25, 2026
@dependabot dependabot bot force-pushed the dependabot/cargo/cargo-b1a7db945f branch from faf53c6 to 4087872 Compare February 26, 2026 09:17
@dependabot dependabot bot force-pushed the dependabot/cargo/cargo-b1a7db945f branch 2 times, most recently from b343684 to 5cf6018 Compare March 23, 2026 15:27
@dependabot
build(deps): bump the cargo group across 1 directory with 2 updates
4bc934b 
Bumps the cargo group with 2 updates in the / directory: [wasmtime](https://github.com/bytecodealliance/wasmtime) and [aws-sdk-sso](https://github.com/awslabs/aws-sdk-rust).


Updates `wasmtime` from 33.0.2 to 36.0.6
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/v36.0.6/RELEASES.md)
- [Commits](bytecodealliance/wasmtime@v33.0.2...v36.0.6)

Updates `aws-sdk-sso` from 1.88.0 to 1.90.0
- [Release notes](https://github.com/awslabs/aws-sdk-rust/releases)
- [Commits](https://github.com/awslabs/aws-sdk-rust/commits)

---
updated-dependencies:
- dependency-name: wasmtime
  dependency-version: 36.0.6
  dependency-type: direct:production
  dependency-group: cargo
- dependency-name: aws-sdk-sso
  dependency-version: 1.90.0
  dependency-type: indirect
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/cargo-b1a7db945f branch from 5cf6018 to 4bc934b Compare March 24, 2026 08:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants