[pull] master from hasura:master#7
Open
pull[bot] wants to merge 1644 commits into
Open
Conversation
PR-URL: hasura/graphql-engine-mono#11332 GitOrigin-RevId: 64269ae1527b66e4435e2b7dab7cdad26f6c662a
GITHUB_PR_NUMBER: 10730 GITHUB_PR_URL: #10730 PR-URL: hasura/graphql-engine-mono#11260 Co-authored-by: Emmanuel Ferdman <35470921+emmanuel-ferdman@users.noreply.github.com> GitOrigin-RevId: 5a0d43817602ba3155b20bbef497f16436411dd3
PR-URL: hasura/graphql-engine-mono#11334 GitOrigin-RevId: 13dc216c7106941766d3f3f01c89a9b6663fbd3e
<!-- The PR description should answer 2 important questions: -->
### What
#### SQL Views Support
Added support for SQL views in metadata, allowing users to define
reusable SQL queries as views that can be queried through the `/v1/sql`
endpoint.
#### Metadata Format
Views are defined using the `View` metadata object:
```json
{
"kind": "View",
"version": "v1",
"definition": {
"name": "customer_summary",
"sqlExpression": "SELECT customer_id, COUNT(*) as order_count FROM orders GROUP BY customer_id",
"description": "Summary of customer orders"
}
}
```
#### Usage
Views can be queried via the SQL endpoint like regular models.
<!-- What is this PR trying to accomplish (and why, if it's not
obvious)? -->
<!-- Consider: do we need to add a changelog entry? -->
<!-- Does this PR introduce new validation that might break old builds?
-->
<!-- Consider: do we need to put new checks behind a flag? -->
### How
<!-- How is it trying to accomplish it (what are the implementation
steps)? -->
---------
Co-authored-by: Daniel Harvey <danieljamesharvey@gmail.com>
V3_GIT_ORIGIN_REV_ID: c7239d8245c91a5856d0791bc1c883cd74548543
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.219 to 1.0.223. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/serde/releases">serde's releases</a>.</em></p> <blockquote> <h2>v1.0.223</h2> <ul> <li>Fix serde_core documentation links (<a href="https://redirect.github.com/serde-rs/serde/issues/2978">#2978</a>)</li> </ul> <h2>v1.0.222</h2> <ul> <li>Make <code>serialize_with</code> attribute produce code that works if respanned to 2024 edition (<a href="https://redirect.github.com/serde-rs/serde/issues/2950">#2950</a>, thanks <a href="https://github.com/aytey"><code>@aytey</code></a>)</li> </ul> <h2>v1.0.221</h2> <ul> <li>Documentation improvements (<a href="https://redirect.github.com/serde-rs/serde/issues/2973">#2973</a>)</li> <li>Deprecate <code>serde_if_integer128!</code> macro (<a href="https://redirect.github.com/serde-rs/serde/issues/2975">#2975</a>)</li> </ul> <h2>v1.0.220</h2> <ul> <li>Add a way for data formats to depend on serde traits without waiting for serde_derive compilation: <a href="https://docs.rs/serde_core">https://docs.rs/serde_core</a> (<a href="https://redirect.github.com/serde-rs/serde/issues/2608">#2608</a>, thanks <a href="https://github.com/osiewicz"><code>@osiewicz</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/serde/commit/6c316d7cb5f3780d2a418d277a756516beeacc42"><code>6c316d7</code></a> Release 1.0.223</li> <li><a href="https://github.com/serde-rs/serde/commit/a4ac0c2bc6625ee83ddf4b35f11eca48f90ebae2"><code>a4ac0c2</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/serde/issues/2978">#2978</a> from dtolnay/htmlrooturl</li> <li><a href="https://github.com/serde-rs/serde/commit/ed76364f877a6ebc653a0339dcea89b9e3cc7507"><code>ed76364</code></a> Change serde_core's html_root_url to docs.rs/serde_core</li> <li><a href="https://github.com/serde-rs/serde/commit/57e21a1afa280ae982f19aea2776318fbcd711be"><code>57e21a1</code></a> Release 1.0.222</li> <li><a href="https://github.com/serde-rs/serde/commit/bb58726133fb30b89ccea3e357eb91f4b2d460a0"><code>bb58726</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/serde/issues/2950">#2950</a> from aytey/fix_lifetime_issue_2024</li> <li><a href="https://github.com/serde-rs/serde/commit/3f6925125bae7837d918da63f2dba6efabad8dec"><code>3f69251</code></a> Delete unneeded field of MapDeserializer</li> <li><a href="https://github.com/serde-rs/serde/commit/fd4decf2fe36a8e4408aefc493960141b8b0cd02"><code>fd4decf</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/serde/issues/2976">#2976</a> from dtolnay/content</li> <li><a href="https://github.com/serde-rs/serde/commit/00b1b6b2b5e6154eba81e2ad8c6a43b945583ad0"><code>00b1b6b</code></a> Move Content's Deserialize impl from serde_core to serde</li> <li><a href="https://github.com/serde-rs/serde/commit/cf141aa8c79a40fe7b7c5ac5dbfd28802f2e01f4"><code>cf141aa</code></a> Move Content's Clone impl from serde_core to serde</li> <li><a href="https://github.com/serde-rs/serde/commit/ff3aee490abff5267cac86f07e0301aa6d441760"><code>ff3aee4</code></a> Release 1.0.221</li> <li>Additional commits viewable in <a href="https://github.com/serde-rs/serde/compare/v1.0.219...v1.0.223">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 4875a437008422b4fbbe736af4adf41d36274717
Bumps [serde_path_to_error](https://github.com/dtolnay/path-to-error) from 0.1.17 to 0.1.19. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/path-to-error/releases">serde_path_to_error's releases</a>.</em></p> <blockquote> <h2>0.1.19</h2> <ul> <li>Raise serde version requirement to >=1.0.220</li> </ul> <h2>0.1.18</h2> <ul> <li>Switch serde dependency to serde_core (<a href="https://redirect.github.com/dtolnay/path-to-error/issues/35">#35</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/path-to-error/commit/6b45d3d50dd3a833f54c52fe88063fe2a75d82c5"><code>6b45d3d</code></a> Release 0.1.19</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/4d296f58948db708455a6b0e35d79db26607fe56"><code>4d296f5</code></a> Add serde version constraint</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/9e9c2982a9101ba25818a47aaf935e5f757f176e"><code>9e9c298</code></a> Release 0.1.18</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/caf49d38927dd0a96733f8351894629274a0b94e"><code>caf49d3</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/path-to-error/issues/35">#35</a> from dtolnay/serdecore</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/adf449fd7e798a225b028beb27a0f51276ffc05c"><code>adf449f</code></a> Switch serde dependency to serde_core</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/9cf730fa854d83762541b826ec7468a37458b62f"><code>9cf730f</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/path-to-error/issues/36">#36</a> from dtolnay/up</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/07b007cd8a37b6caed599bc268e7b92c0370b3c8"><code>07b007c</code></a> Ignore uninlined_format_args pedantic clippy lint</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/04edeea3af71aeb276a12bd8b5861898c676d11c"><code>04edeea</code></a> Raise required compiler to Rust 1.61</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/356f187cb65730b723c8a91ddd14066d83afbc95"><code>356f187</code></a> Update actions/checkout@v4 -> v5</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/bbbaa2d1a2b94902803a238c8601955ce2778c07"><code>bbbaa2d</code></a> Revert "Pin nightly toolchain used for miri job"</li> <li>Additional commits viewable in <a href="https://github.com/dtolnay/path-to-error/compare/0.1.17...0.1.19">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: a3e988f96271eb083ef5d2b9e55591d7614d9504
Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.11.0 to 2.11.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/f33f4d9d64b87be51dc3a957b755ffe7790dc8e5"><code>f33f4d9</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/413">#413</a> from cuviper/release-2.11.1</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/4c680a7dfa4c25ad21979ace9a2709337321caf7"><code>4c680a7</code></a> Release 2.11.1</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/b7005225c1a291c08f544435709ee3d0f379744b"><code>b700522</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/411">#411</a> from ya7010/add_get_key_value_mut</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/01f3ef0d4723ef297d6b27aa891b23c6a11f751b"><code>01f3ef0</code></a> Make <code>IndexMap::get_*</code> docs more consistent</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/cd4c1a53015aaf5e77241bddd70c523711fae090"><code>cd4c1a5</code></a> feat: add IndexMap::get_key_value_mut</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/48a98b70f932037c0e3387fc83f811a138e1eb70"><code>48a98b7</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/412">#412</a> from andymandias/relax-trait-bounds</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/2be44878bee3941d7df896ff49cb7c176f06da8e"><code>2be4487</code></a> Remove Ord trait bound on insert_sorted_by functions.</li> <li>See full diff in <a href="https://github.com/indexmap-rs/indexmap/compare/2.11.0...2.11.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: cbaf66dc2eb82f3df5871d3fb9b0f7d79fb0bb28
Bumps [semver](https://github.com/dtolnay/semver) from 1.0.26 to 1.0.27. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/semver/releases">semver's releases</a>.</em></p> <blockquote> <h2>1.0.27</h2> <ul> <li>Switch serde dependency to serde_core (<a href="https://redirect.github.com/dtolnay/semver/issues/333">#333</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/semver/commit/6ed8561154715b2c34df417a2052597d586f2c43"><code>6ed8561</code></a> Release 1.0.27</li> <li><a href="https://github.com/dtolnay/semver/commit/6967bba0e2f09b9ead04e4c9e6bc3991fd9fe078"><code>6967bba</code></a> Add serde version constraint</li> <li><a href="https://github.com/dtolnay/semver/commit/84d30574ff1460c741539ef934339219d972afe0"><code>84d3057</code></a> Exclude build.rs from crates.io package</li> <li><a href="https://github.com/dtolnay/semver/commit/b09aac935dcc468f76f1b80a1c5ff9645ddb51d1"><code>b09aac9</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/semver/issues/343">#343</a> from dtolnay/up</li> <li><a href="https://github.com/dtolnay/semver/commit/49b8570e3495a415edbeda1b627ef028935c0386"><code>49b8570</code></a> Delete backport module</li> <li><a href="https://github.com/dtolnay/semver/commit/9b04afee2f5df8912d518346365ce564827ff33b"><code>9b04afe</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/semver/issues/342">#342</a> from dtolnay/up</li> <li><a href="https://github.com/dtolnay/semver/commit/83a8e91dba4917e3a0b4aaff1b4e3c4f052da1c0"><code>83a8e91</code></a> Delete no_nonzero_bitscan configuration</li> <li><a href="https://github.com/dtolnay/semver/commit/e606a17855ae10f8a788c4057acaf650a8e69d49"><code>e606a17</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/semver/issues/341">#341</a> from dtolnay/up</li> <li><a href="https://github.com/dtolnay/semver/commit/ebe7cf18971686bedfab3e617b9dcb2eacbcdc01"><code>ebe7cf1</code></a> Delete no_unsafe_op_in_unsafe_fn_lint configuration</li> <li><a href="https://github.com/dtolnay/semver/commit/a381bff0447df3cdf8ba3b152abe4234001bfd4b"><code>a381bff</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/semver/issues/340">#340</a> from dtolnay/up</li> <li>Additional commits viewable in <a href="https://github.com/dtolnay/semver/compare/1.0.26...1.0.27">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 4c6e24da9743a1938eecf99620a75b10c49bf1eb
PR-URL: hasura/graphql-engine-mono#11335 GitOrigin-RevId: d76fb6d966b85e2f4889801bc310fa1ff7d04170
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.41 to 0.4.42. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.42</h2> <h2>What's Changed</h2> <ul> <li>Add fuzzer for DateTime::parse_from_str by <a href="https://github.com/tyler92"><code>@tyler92</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1700">chronotope/chrono#1700</a></li> <li>Fix wrong amount of micro/milliseconds by <a href="https://github.com/nmlt"><code>@nmlt</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1703">chronotope/chrono#1703</a></li> <li>Add warning about MappedLocalTime and wasm by <a href="https://github.com/lutzky"><code>@lutzky</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1702">chronotope/chrono#1702</a></li> <li>Fix incorrect parsing of fixed-length second fractions by <a href="https://github.com/chris-leach"><code>@chris-leach</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1705">chronotope/chrono#1705</a></li> <li>Fix cfgs for <code>wasm32-linux</code> support by <a href="https://github.com/arjunr2"><code>@arjunr2</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1707">chronotope/chrono#1707</a></li> <li>Fix OpenHarmony's <code>tzdata</code> parsing by <a href="https://github.com/ldm0"><code>@ldm0</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1679">chronotope/chrono#1679</a></li> <li>Convert NaiveDate to/from days since unix epoch by <a href="https://github.com/findepi"><code>@findepi</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1715">chronotope/chrono#1715</a></li> <li>Add <code>?Sized</code> bound to related methods of <code>DelayedFormat::write_to</code> by <a href="https://github.com/Huliiiiii"><code>@Huliiiiii</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1721">chronotope/chrono#1721</a></li> <li>Add <code>from_timestamp_secs</code> method to <code>DateTime</code> by <a href="https://github.com/jasonaowen"><code>@jasonaowen</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1719">chronotope/chrono#1719</a></li> <li>Migrate to core::error::Error by <a href="https://github.com/benbrittain"><code>@benbrittain</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1704">chronotope/chrono#1704</a></li> <li>Upgrade to windows-bindgen 0.63 by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1730">chronotope/chrono#1730</a></li> <li>strftime: simplify error handling by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1731">chronotope/chrono#1731</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chronotope/chrono/commit/f3fd15f976c8c8e56d97eda6237af4d485ba2297"><code>f3fd15f</code></a> Bump version to 0.4.42</li> <li><a href="https://github.com/chronotope/chrono/commit/5cf56035007f291b1b8f457fa3bfc79fb367419a"><code>5cf5603</code></a> strftime: add regression test case</li> <li><a href="https://github.com/chronotope/chrono/commit/a6231701ee934cbbeb595fe71328fcbbf1b584d5"><code>a623170</code></a> strftime: simplify error handling</li> <li><a href="https://github.com/chronotope/chrono/commit/36fbfb1221da05b1482eb9dd18254e6bd736cb31"><code>36fbfb1</code></a> strftime: move specifier handling out of match to reduce rightward drift</li> <li><a href="https://github.com/chronotope/chrono/commit/7f413c363b74e293d495dc6109335c02dda9d629"><code>7f413c3</code></a> strftime: yield None early</li> <li><a href="https://github.com/chronotope/chrono/commit/9d5dfe164098186bfff8af7d5eecbb05d7712d4d"><code>9d5dfe1</code></a> strftime: outline constants</li> <li><a href="https://github.com/chronotope/chrono/commit/e5f6be7db4a0c2756cad0a7c8186a5a180873f7a"><code>e5f6be7</code></a> strftime: move error() method below caller</li> <li><a href="https://github.com/chronotope/chrono/commit/d516c2764d74e467fa37e25e8e88d5633478bafa"><code>d516c27</code></a> strftime: merge impl blocks</li> <li><a href="https://github.com/chronotope/chrono/commit/0ee2172fb92df4e0be4cf7a733c860226eec37a0"><code>0ee2172</code></a> strftime: re-order items to keep impls together</li> <li><a href="https://github.com/chronotope/chrono/commit/757a8b0226e9c0a23b5334c7dc0986f1e487b8ac"><code>757a8b0</code></a> Upgrade to windows-bindgen 0.63</li> <li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.41...v0.4.42">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 27d513a4eb68601ec7c9beeedcf6587f2bb5864b
…ip (#2192) The LHS headers were getting lost, keep them. V3_GIT_ORIGIN_REV_ID: 1dea4b42fb66a39700cab2559d171e7bc11cba8b
Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.11.1 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when "serde" is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the "serde" feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled "serde/derive".</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.11.1...2.11.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 3d7804ee9f4f9b982639a51902927abd716999a4
Bumps [serde_path_to_error](https://github.com/dtolnay/path-to-error) from 0.1.19 to 0.1.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/path-to-error/releases">serde_path_to_error's releases</a>.</em></p> <blockquote> <h2>0.1.20</h2> <ul> <li>Support no-std (<a href="https://redirect.github.com/dtolnay/path-to-error/issues/37">#37</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/path-to-error/commit/097ed8772815ab6a676ebf3998b6de4770af090d"><code>097ed87</code></a> Release 0.1.20</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/b01872e214f232c16323369dbc6cc00c4faed57e"><code>b01872e</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/path-to-error/issues/37">#37</a> from dtolnay/nostd</li> <li><a href="https://github.com/dtolnay/path-to-error/commit/7d44c3f79e70275ae7e77aec67bc6b37acc24b9f"><code>7d44c3f</code></a> Support no-std</li> <li>See full diff in <a href="https://github.com/dtolnay/path-to-error/compare/0.1.19...0.1.20">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: e6b7c71984601c152a8f8abfcd30a492b71aa7a3
Bumps [lexical-core](https://github.com/Alexhuszagh/rust-lexical) from 1.0.5 to 1.0.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Alexhuszagh/rust-lexical/blob/main/CHANGELOG">lexical-core's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>Notes significant changes to <code>lexical</code> and <code>lexical-core</code>. The version specified is for <code>lexical-core</code>.</p> <p>The format is based on <a href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>, and this project adheres to <a href="https://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p> <h2>[Unreleased]</h2> <h3>Added</h3> <ul> <li>Additional trait impls for <code>f16</code> and <code>bf16</code> to better match Rust's interface (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/192">#192</a>).</li> <li>Added <code>Options::buffer_size_const</code> for integer and float writers (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Added <code>build_checked</code> and <code>build_unchecked</code> to our <code>NumberFormatBuilder</code> API (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Added <code>build_checked</code> to our <code>Options</code> API (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Added <code>has_digit_separator</code> to <code>NumberFormat</code> (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Re-export <code>NumberFormat</code> to our other crates (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Add <code>Options::from_radix</code> for all options for similar APIs for each (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/208">#208</a>).</li> </ul> <h3>Changed</h3> <ul> <li>Lowered the MSRV from 1.63.0 to 1.61.0 and adds support for most testing on 1.60.0 (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Reduced the required buffer size for integer and float writers when using <code>buffer_size</code> and <code>buffer_size_const</code> for decimal numbers (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Deprecated <code>NumberFormatBuilder::build</code> due to a lack of validation (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Deprecated <code>Options::set_*</code> in our write float API since options should be considered immutable (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Removed <code>static_assertions</code> dependency (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Migrate to using an external crate for our half-precision floats (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/198">#198</a>).</li> <li>Simplify feature detection internally to make auto-doc more reliable (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/207">#207</a>).</li> </ul> <h3>Fixed</h3> <ul> <li>Patch doctests with TODOs in dependencies (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/222">#222</a>).</li> <li>CI with OSS-Fuzz for the deprecated <code>actions/upload-artifact@v3</code> (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/221">#221</a>).</li> <li>Float parsing on <code>i586</code> targets (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/219">#219</a>).</li> <li>Bug where the <code>radix</code> feature wasn't enabling <code>power-of-two</code> in <code>lexical-core</code> or <code>lexical</code> (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/204">#204</a>).</li> <li>Fixed performance issues due to a lack of inlining on the Eisel-Lemire algorithm (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/210">#210</a>).</li> <li>Issue with parsing non-decimal exponent radixes when using a decimal mantissa radix for floating-point numbers (<a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/212">#212</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Alexhuszagh/rust-lexical/commit/c37664bb94219505c0007d590454337f72411f70"><code>c37664b</code></a> Increment high-level lexical version for release.</li> <li><a href="https://github.com/Alexhuszagh/rust-lexical/commit/ddfc0f6bfcc0085ff982f567f41f24a5541a14ea"><code>ddfc0f6</code></a> Increment version for 1.0.6 release.</li> <li><a href="https://github.com/Alexhuszagh/rust-lexical/commit/57dfd21ce4c0aff47e315d090105f77b37f3f9bc"><code>57dfd21</code></a> Merge pull request <a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/227">#227</a> from Alexhuszagh/doc-fixes</li> <li><a href="https://github.com/Alexhuszagh/rust-lexical/commit/2f6b6bbf3cb2c02aa0ed3208f209dd664518021f"><code>2f6b6bb</code></a> Ensure deprecated <code>parse</code> and <code>write</code> features exist, but are unused.</li> <li><a href="https://github.com/Alexhuszagh/rust-lexical/commit/ef89a675571b2423c49120951076d5724e33fa63"><code>ef89a67</code></a> Patch doc link references.</li> <li><a href="https://github.com/Alexhuszagh/rust-lexical/commit/c3dfaa26908cefe01b9cbadfedabe23056c62d71"><code>c3dfaa2</code></a> Patch version dependencies for our test suite.</li> <li><a href="https://github.com/Alexhuszagh/rust-lexical/commit/be25b410b5fec21fe9610a4ce7f77941ee197632"><code>be25b41</code></a> Fix clippy lints and minor documentation enhancements.</li> <li><a href="https://github.com/Alexhuszagh/rust-lexical/commit/988575dad6de2a9e86b34fff242c5f0a6e3dbf2c"><code>988575d</code></a> Merge pull request <a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/219">#219</a> from Alexhuszagh/issue_218</li> <li><a href="https://github.com/Alexhuszagh/rust-lexical/commit/709e6d7d1ebc981d13a8013ea5a6733092c9b31f"><code>709e6d7</code></a> Patch use of <code>set_precision</code> on i586.</li> <li><a href="https://github.com/Alexhuszagh/rust-lexical/commit/0d9e16137cf55ebaca45efc9d1c73061f680dfb1"><code>0d9e161</code></a> Merge pull request <a href="https://redirect.github.com/Alexhuszagh/rust-lexical/issues/222">#222</a> from Alexhuszagh/docs_todo</li> <li>Additional commits viewable in <a href="https://github.com/Alexhuszagh/rust-lexical/compare/1.0.5...1.0.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 1b2fb15f001cdadfea97faa0d2a429ad2d63c693
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.99 to 1.0.100. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/anyhow/releases">anyhow's releases</a>.</em></p> <blockquote> <h2>1.0.100</h2> <ul> <li>Teach clippy to lint formatting arguments in <code>bail!</code>, <code>ensure!</code>, <code>anyhow!</code> (<a href="https://redirect.github.com/dtolnay/anyhow/issues/426">#426</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/anyhow/commit/18c2598afa0f996f56217ef128aa3a20ea1e9512"><code>18c2598</code></a> Release 1.0.100</li> <li><a href="https://github.com/dtolnay/anyhow/commit/f2719888cb2f4f033c441cf6723cea1c532c0c87"><code>f271988</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/anyhow/issues/426">#426</a> from dtolnay/clippyfmt</li> <li><a href="https://github.com/dtolnay/anyhow/commit/52f2115a1fe22a79110747f19e35f01d52bdd1af"><code>52f2115</code></a> Mark macros with clippy::format_args</li> <li><a href="https://github.com/dtolnay/anyhow/commit/da5fd9d5a33c2949bc3ee3075d8d6f9e224363d5"><code>da5fd9d</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/anyhow/commit/211e4092b7e1fb1c6f5d22063474e5b2f8dd0f16"><code>211e409</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/anyhow/commit/b48fc02c327c502a81fcc2b46318eb61fda6b7b3"><code>b48fc02</code></a> Enforce trybuild >= 1.0.108</li> <li><a href="https://github.com/dtolnay/anyhow/commit/d5f59fbd45db00982bc0ea490edbe331ef8cab26"><code>d5f59fb</code></a> Update ui test suite to nightly-2025-09-07</li> <li><a href="https://github.com/dtolnay/anyhow/commit/238415d25b65dcf73ab2e3741d7adc56615af8c3"><code>238415d</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/anyhow/commit/3bab0709a347b90de15c5eaaf3779904cfcc1ac6"><code>3bab070</code></a> Update actions/checkout@v4 -> v5</li> <li><a href="https://github.com/dtolnay/anyhow/commit/42492546e3b5510378d0ee32b659fefee1f26158"><code>4249254</code></a> Order cap-lints flag in the same order as thiserror build script</li> <li>See full diff in <a href="https://github.com/dtolnay/anyhow/compare/1.0.99...1.0.100">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Daniel Harvey <danieljamesharvey@gmail.com> V3_GIT_ORIGIN_REV_ID: 0831568d31f3a6413d8df4187d89b6f339624dce
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.47 to 4.5.48. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.5.48</h2> <h2>[4.5.48] - 2025-09-19</h2> <h3>Documentation</h3> <ul> <li>Add a new CLI Concepts document as another way of framing clap</li> <li>Expand the <code>typed_derive</code> cookbook entry</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.5.48] - 2025-09-19</h2> <h3>Documentation</h3> <ul> <li>Add a new CLI Concepts document as another way of framing clap</li> <li>Expand the <code>typed_derive</code> cookbook entry</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/clap-rs/clap/commit/c3a1ddc1182fa7cf2cfe6d6dba4f76db83d48178"><code>c3a1ddc</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/4460ff44b375c8d596fb70b848ff401fe12942c0"><code>4460ff4</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/54947a1b4bc70745cd5787fb92a830081c6ed291"><code>54947a1</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5981">#5981</a> from mernen/fix-bash-clap-complete-space</li> <li><a href="https://github.com/clap-rs/clap/commit/fd3f6d271defef2aa2f111555a005689f71f6acb"><code>fd3f6d2</code></a> fix(complete): Restore nospace in bash</li> <li><a href="https://github.com/clap-rs/clap/commit/2f6a1083d94b832af96b791fc934beb043a969cb"><code>2f6a108</code></a> test(complete): Demonstrate current behavior</li> <li><a href="https://github.com/clap-rs/clap/commit/f88be5738e33018f3298fabb7b67835eefbc55e0"><code>f88be57</code></a> style: Ensure consistent newlines</li> <li><a href="https://github.com/clap-rs/clap/commit/f209bce2203498e743b171b7ac64f0fb9d3ae590"><code>f209bce</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/f33ff7f81ab78c227a127fbd2dbd0fed1455a6fb"><code>f33ff7f</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/bf06e6f8f6efc5af03a52c5e4cfea39c682aa500"><code>bf06e6f</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5974">#5974</a> from kryvashek/support-clearing-args-matches</li> <li><a href="https://github.com/clap-rs/clap/commit/5d357ada532d430290c2de14c918833564f12795"><code>5d357ad</code></a> feat(parser): Added ArgMatches::try_clear_id()</li> <li>Additional commits viewable in <a href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.47...clap_complete-v4.5.48">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 53d24fcac97515a67c9b2c2a7b5e1bcd8f8ae6a3
V3_GIT_ORIGIN_REV_ID: 763c29d397fe1aa5570fa32f9ffd597fee5cea1b
PR-URL: hasura/graphql-engine-mono#11336 GitOrigin-RevId: a54316a77b4b166e2c19c462a0c571bd6a4a5678
) <!-- The PR description should answer 2 important questions: --> ### What This is the first step in allowing Parquet and CSV files to be streamed through engine, from S3 or our own artifact store. For now, it's only enabled for tests and for the local dev server. Multitenant server integration is TBD. <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: a0fb2ae951fda4ba2ee439f9c5b49dda19794752
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.223 to 1.0.228. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/serde/releases">serde's releases</a>.</em></p> <blockquote> <h2>v1.0.228</h2> <ul> <li>Allow building documentation with <code>RUSTDOCFLAGS='--cfg=docsrs'</code> set for the whole dependency graph (<a href="https://redirect.github.com/serde-rs/serde/issues/2995">#2995</a>)</li> </ul> <h2>v1.0.227</h2> <ul> <li>Documentation improvements (<a href="https://redirect.github.com/serde-rs/serde/issues/2991">#2991</a>)</li> </ul> <h2>v1.0.226</h2> <ul> <li>Deduplicate variant matching logic inside generated Deserialize impl for adjacently tagged enums (<a href="https://redirect.github.com/serde-rs/serde/issues/2935">#2935</a>, thanks <a href="https://github.com/Mingun"><code>@Mingun</code></a>)</li> </ul> <h2>v1.0.225</h2> <ul> <li>Avoid triggering a deprecation warning in derived Serialize and Deserialize impls for a data structure that contains its own deprecations (<a href="https://redirect.github.com/serde-rs/serde/issues/2879">#2879</a>, thanks <a href="https://github.com/rcrisanti"><code>@rcrisanti</code></a>)</li> </ul> <h2>v1.0.224</h2> <ul> <li>Remove private types being suggested in rustc diagnostics (<a href="https://redirect.github.com/serde-rs/serde/issues/2979">#2979</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/serde/commit/a866b336f14aa57a07f0d0be9f8762746e64ecb4"><code>a866b33</code></a> Release 1.0.228</li> <li><a href="https://github.com/serde-rs/serde/commit/5adc9e816c155473ec66b6641fc81529a5ef3868"><code>5adc9e8</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/serde/issues/2995">#2995</a> from dtolnay/rustdocflags</li> <li><a href="https://github.com/serde-rs/serde/commit/ab581789f4aa6a92f8e149f3086040342dfaddcf"><code>ab58178</code></a> Workaround for RUSTDOCFLAGS='--cfg=docsrs'</li> <li><a href="https://github.com/serde-rs/serde/commit/415d9fc5601add94aac3c1882bd63e3f555ce2a2"><code>415d9fc</code></a> Release 1.0.227</li> <li><a href="https://github.com/serde-rs/serde/commit/7c58427e1259566b4835444951ff79406c75205f"><code>7c58427</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/serde/issues/2991">#2991</a> from dtolnay/inlinecoredoc</li> <li><a href="https://github.com/serde-rs/serde/commit/9d3410e3f4e38f9ea1a798e7ae9fab71577ab31b"><code>9d3410e</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/serde/issues/2992">#2992</a> from dtolnay/inplaceseed</li> <li><a href="https://github.com/serde-rs/serde/commit/2fb6748bf1ff939a2208d70b26708ddc75ab2e88"><code>2fb6748</code></a> Remove InPlaceSeed public re-export</li> <li><a href="https://github.com/serde-rs/serde/commit/f8137c79a20137c9483d21d3c8e628e83d3b91ba"><code>f8137c7</code></a> Inline serde_core into serde in docsrs mode</li> <li><a href="https://github.com/serde-rs/serde/commit/b7dbf7e3cb53bc9b9442047229e4f125bb07783e"><code>b7dbf7e</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/serde/issues/2990">#2990</a> from dtolnay/integer128</li> <li><a href="https://github.com/serde-rs/serde/commit/7c836915fc8d6fab4990764096e53e9a668cf3df"><code>7c83691</code></a> No longer macro_use integer128 module</li> <li>Additional commits viewable in <a href="https://github.com/serde-rs/serde/compare/v1.0.223...v1.0.228">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 722ce589017a7e9d5087326d1d5c58de3a5c7a61
Bumps [moka](https://github.com/moka-rs/moka) from 0.12.10 to 0.12.11. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/moka-rs/moka/blob/main/CHANGELOG.md">moka's changelog</a>.</em></p> <blockquote> <h2>Version 0.12.11</h2> <h3>Added</h3> <ul> <li>Support <code>Equivalent</code> trait for the key type <code>K</code> of the caches. (<a href="https://redirect.github.com/moka-rs/moka/issues/492">#492</a>[gh-pull-0492])</li> <li>Added the <code>jittered_expiry_policy</code> example (<a href="https://redirect.github.com/moka-rs/moka/issues/489">#489</a>[gh-pull-0489]).</li> </ul> <h3>Changed</h3> <ul> <li>Adjusted license expression: some code is Apache-2.0 only (<a href="https://redirect.github.com/moka-rs/moka/issues/529">#529</a>[gh-pull-0529], by [<a href="https://github.com/musicinmybrain"><code>@musicinmybrain</code></a>][gh-musicinmybrain]). <ul> <li>The license expression in <code>Cargo.toml</code> was changed from <code>MIT OR Apache-2.0</code> to <code>(MIT OR Apache-2.0) AND Apache-2.0</code>.</li> <li>See the <a href="https://github.com/moka-rs/moka/blob/main/README.md#license">license section</a> of the README for details.</li> </ul> </li> <li>Upgrading a crate in the dependencies: <ul> <li>Raised the minimum version of <code>crossbeam-channel</code> crate from <code>v0.5.5</code> to <code>v0.5.15</code> to avoid the following issue (<a href="https://redirect.github.com/moka-rs/moka/issues/514">#514</a>[gh-pull-0514], by [karankurbur][gh-karankurbur]). <ul> <li>[RUSTSEC-2025-0024] crossbeam-channel: double free on Drop</li> </ul> </li> </ul> </li> <li>Moving a crate from the dependencies to the dev-dependencies: <ul> <li>Switched <code>loom</code> crate to a dev-dependency (<a href="https://redirect.github.com/moka-rs/moka/issues/509">#509</a>[gh-pull-0509], by [thomaseizinger][gh-thomaseizinger]).</li> </ul> </li> <li>Updating a crate in the dev-dependencies: <ul> <li>Upgraded <code>reqwest</code> crate in the dev-dependencies from <code>v0.11</code> to <code>v0.12</code> (<a href="https://redirect.github.com/moka-rs/moka/issues/531">#531</a>[gh-pull-0531], by [musicinmybrain][gh-musicinmybrain]).</li> </ul> </li> </ul> <h3>Removed</h3> <ul> <li>Removing a crate from the dependencies: <ul> <li>Removed <code>thiserror</code> crate by manually implementing <code>std::error::Error</code> for <code>moka::PredicateError</code> (<a href="https://redirect.github.com/moka-rs/moka/issues/512">#512</a>[gh-pull-0512], by [<a href="https://github.com/brownjohnf"><code>@brownjohnf</code></a>][gh-brownjohnf]).</li> </ul> </li> <li>Removing crates from the dev-dependencies: <ul> <li>Removed unmaintained <code>paste</code> crate from the dev-dependencies (<a href="https://redirect.github.com/moka-rs/moka/issues/504">#504</a>[gh-pull-0504]). <ul> <li>[RUSTSEC-2024-0436] paste - no longer maintained</li> </ul> </li> <li>Removed discontinued <code>async-std</code> crate from the dev-dependencies (<a href="https://redirect.github.com/moka-rs/moka/issues/534">#534</a>[gh-pull-0534]). <ul> <li>[RUSTSEC-2025-0052] async-std has been discontinued</li> </ul> </li> </ul> </li> <li>Removed clippy ignore <code>non_send_fields_in_send_ty</code> that no longer applies (<a href="https://redirect.github.com/moka-rs/moka/issues/505">#505</a>[gh-pull-0505], by [<a href="https://github.com/qti3e"><code>@qti3e</code></a>][gh-qti3e]).</li> </ul> <h3>Fixed</h3> <ul> <li>Remove redundant word in source code comment (<a href="https://redirect.github.com/moka-rs/moka/issues/532">#532</a>[gh-pull-0532], by [<a href="https://github.com/quantpoet"><code>@quantpoet</code></a>][gh-quantpoet]).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/moka-rs/moka/commit/9f166f2a12f9cc14e536ce77920c9d72e01bcdff"><code>9f166f2</code></a> Merge pull request <a href="https://redirect.github.com/moka-rs/moka/issues/536">#536</a> from moka-rs/prepare-v0.12.11</li> <li><a href="https://github.com/moka-rs/moka/commit/d4f3911b60458d0b8dfaa4eefe703ff7d6bbeb1e"><code>d4f3911</code></a> Update the changelog for <code>v0.12.11</code></li> <li><a href="https://github.com/moka-rs/moka/commit/30665d701a3c759edfa57287a04332b82f1a1fdd"><code>30665d7</code></a> Merge pull request <a href="https://redirect.github.com/moka-rs/moka/issues/537">#537</a> from moka-rs/adjust-oss-license</li> <li><a href="https://github.com/moka-rs/moka/commit/de9cba3dc30358a755e4eabf7757e9a2abcb71ac"><code>de9cba3</code></a> doc - Remove the Markdown style links from the NOTICE file</li> <li><a href="https://github.com/moka-rs/moka/commit/6f780a05bc63b3141d50b984c98512725f1c086d"><code>6f780a0</code></a> doc: Explain two source files are distributed under the Apache 2.0 only</li> <li><a href="https://github.com/moka-rs/moka/commit/dcd4932d0eccae7f01f2c97242011fee2d8733a1"><code>dcd4932</code></a> Update the changelog for <code>v0.12.11</code></li> <li><a href="https://github.com/moka-rs/moka/commit/429f7563373bdccfde88ce60ad6a650a55c56cda"><code>429f756</code></a> Merge pull request <a href="https://redirect.github.com/moka-rs/moka/issues/530">#530</a> from moka-rs/fix-ci-2025-09-18</li> <li><a href="https://github.com/moka-rs/moka/commit/accfc7c7b1e1457f5fe67219e90d5d6f35ef1cea"><code>accfc7c</code></a> CI: Try to fix the CI for the minimum version dependencies</li> <li><a href="https://github.com/moka-rs/moka/commit/f21da3ba37cddda329d981551c461d0f9cc3aea1"><code>f21da3b</code></a> CI: Fix the CI for the MSRV 1.70</li> <li><a href="https://github.com/moka-rs/moka/commit/f5ce4f5f088dd4eb7e57c57da29524f911a8fbcb"><code>f5ce4f5</code></a> Merge branch 'main' into fix-ci-2025-09-18</li> <li>Additional commits viewable in <a href="https://github.com/moka-rs/moka/compare/v0.12.10...v0.12.11">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: db36974d248d5412fa7a0e72882d4ba28c1f9919
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild >= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -> v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 7a61e584a8fdfed39401fe6cd53288fc19436fd1
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.14.0 to 3.14.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jonasbb/serde_with/releases">serde_with's releases</a>.</em></p> <blockquote> <h2>serde_with v3.14.1</h2> <h3>Fixed</h3> <ul> <li>Show macro expansion in the docs.rs generated rustdoc. Since macros are used to generate trait implementations, this is useful to understand the exact generated code.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonasbb/serde_with/commit/15022b19fd7601f8ef20c9a9923c77d0d40f44c4"><code>15022b1</code></a> Bump version to 3.14.1 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/886">#886</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/69d8cea3b05a78ae7a6c174ead87558b2e3e4f8b"><code>69d8cea</code></a> Enable crates.io trusted publishing (<a href="https://redirect.github.com/jonasbb/serde_with/issues/885">#885</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/2e30bbb0811a6dc8bc10d09dec815557a2efd8da"><code>2e30bbb</code></a> Bump version to 3.14.1</li> <li><a href="https://github.com/jonasbb/serde_with/commit/afd1333dd86ea4fc4bd2a532926b31a1c723f85f"><code>afd1333</code></a> Enable crates.io trusted publishing</li> <li><a href="https://github.com/jonasbb/serde_with/commit/eec78a034d7e8417a92b99111d2dd1a164e65e42"><code>eec78a0</code></a> Add 1.90 to CI matrix (<a href="https://redirect.github.com/jonasbb/serde_with/issues/884">#884</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/ea091d1d442717a08ad0a702fc19d5175f468c4b"><code>ea091d1</code></a> Generate macro expansion in rustdoc (<a href="https://redirect.github.com/jonasbb/serde_with/issues/883">#883</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/8876010b46df78a52e53b82bd139b1f8309996e8"><code>8876010</code></a> Add 1.90 to CI matrix</li> <li><a href="https://github.com/jonasbb/serde_with/commit/555d2bb78b334831aec91fcc568b0e455094dbf4"><code>555d2bb</code></a> Update formatting for nightly rust (<a href="https://redirect.github.com/jonasbb/serde_with/issues/882">#882</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/b852142b8eb8dfa25ce648d0f975329e1f1e9bbe"><code>b852142</code></a> Generate macro expansion in rustdoc</li> <li><a href="https://github.com/jonasbb/serde_with/commit/f4144635bd78c7428b4057de1a0b738e3f1fd780"><code>f414463</code></a> Update formatting for nightly rust</li> <li>Additional commits viewable in <a href="https://github.com/jonasbb/serde_with/compare/v3.14.0...v3.14.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 3688efbcd57c9a8840b3f4162fdae6b48a7ed4d6
Bumps [object_store](https://github.com/apache/arrow-rs-object-store) from 0.12.3 to 0.12.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/apache/arrow-rs-object-store/blob/main/CHANGELOG-old.md">object_store's changelog</a>.</em></p> <blockquote> <!-- raw HTML omitted --> <h1>Historical Changelog</h1> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/arrow-rs-object-store/commit/9dc8d7df13e59d8ff6d9df138627977f0b78d6cb"><code>9dc8d7d</code></a> Update version to 0.12.4 and add changelog (<a href="https://redirect.github.com/apache/arrow-rs-object-store/issues/491">#491</a>)</li> <li><a href="https://github.com/apache/arrow-rs-object-store/commit/cac4bacf89133e12a8ff0f30055a1bc53cdca96c"><code>cac4bac</code></a> Revert "refactor: remove AWS dynamo integration (<a href="https://redirect.github.com/apache/arrow-rs-object-store/issues/407">#407</a>)" (<a href="https://redirect.github.com/apache/arrow-rs-object-store/issues/493">#493</a>)</li> <li><a href="https://github.com/apache/arrow-rs-object-store/commit/ebfd02f0209e1cc3f5625815e3e5431ed0976d93"><code>ebfd02f</code></a> AWS S3: Support STS endpoint, WebIdentity, RoleArn, RoleSession configuration...</li> <li><a href="https://github.com/apache/arrow-rs-object-store/commit/f1dd0752f5dde6b992602bd0641a5c62a7a32ca9"><code>f1dd075</code></a> Fix for clippy 1.90 (<a href="https://redirect.github.com/apache/arrow-rs-object-store/issues/492">#492</a>)</li> <li><a href="https://github.com/apache/arrow-rs-object-store/commit/ed17e120cd9ae3db6b6f4f940e12238939fe1e0b"><code>ed17e12</code></a> Add version 0.12.4 release plan to README (<a href="https://redirect.github.com/apache/arrow-rs-object-store/issues/490">#490</a>)</li> <li><a href="https://github.com/apache/arrow-rs-object-store/commit/da88a756b09fb2694c4a70aa6ac12fabf31cfe26"><code>da88a75</code></a> Add storage class for aws, gcp, and azure (<a href="https://redirect.github.com/apache/arrow-rs-object-store/issues/456">#456</a>)</li> <li><a href="https://github.com/apache/arrow-rs-object-store/commit/f73c457dd6a25d323bb66878e3c19b521dc11c85"><code>f73c457</code></a> aws: downgrade credential provider info! log messages to debug! (<a href="https://redirect.github.com/apache/arrow-rs-object-store/issues/436">#436</a>)</li> <li><a href="https://github.com/apache/arrow-rs-object-store/commit/59e554516a838cfc09de212a7e1719d5df2f716b"><code>59e5545</code></a> chore(client/retry): include error info in logs when retry occurs (<a href="https://redirect.github.com/apache/arrow-rs-object-store/issues/487">#487</a>)</li> <li><a href="https://github.com/apache/arrow-rs-object-store/commit/c0e241eb95a61d52964f3d7741673b91f86db58b"><code>c0e241e</code></a> build(deps): bump actions/github-script from 7 to 8 (<a href="https://redirect.github.com/apache/arrow-rs-object-store/issues/478">#478</a>)</li> <li><a href="https://github.com/apache/arrow-rs-object-store/commit/49ce8729830cfdbf3da74a6a50a900300d5c69cb"><code>49ce872</code></a> build(deps): bump actions/setup-node from 4 to 5 (<a href="https://redirect.github.com/apache/arrow-rs-object-store/issues/477">#477</a>)</li> <li>Additional commits viewable in <a href="https://github.com/apache/arrow-rs-object-store/compare/v0.12.3...v0.12.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 74d7f8f6e760842efa0311d95134077fd6d5802f
<!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: 03cf245dad1496b737d2b3db51dfe785ec5bb814
PR-URL: hasura/graphql-engine-mono#11337 GitOrigin-RevId: 7918250a6cdda9b2abfac2d9ddef9038d22edba8
PR-URL: hasura/graphql-engine-mono#11340 GitOrigin-RevId: d35c154107324d20a81c9c361317df0258d7a313
PR-URL: hasura/graphql-engine-mono#11343 GitOrigin-RevId: 84c14efb9b7dafef6fef36d2989a32009846de33
Bumps [oas3](https://github.com/x52dev/oas3-rs) from 0.20.1 to 0.21.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/x52dev/oas3-rs/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 1caaf5c47cc9ca1beaa19c503ef5f0211d096541
Bumps [mockito](https://github.com/lipanski/mockito) from 1.7.1 to 1.7.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lipanski/mockito/releases">mockito's releases</a>.</em></p> <blockquote> <h2>1.7.2</h2> <ul> <li>Update to reqwest 0.13 by <a href="https://github.com/tottoto"><code>@tottoto</code></a> in <a href="https://redirect.github.com/lipanski/mockito/pull/223">lipanski/mockito#223</a></li> <li>Allow returning a different status code based on a request by <a href="https://github.com/songokas"><code>@songokas</code></a> in <a href="https://redirect.github.com/lipanski/mockito/pull/224">lipanski/mockito#224</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lipanski/mockito/commit/2e16acfebeb623f3ff91bffa4574be1c04caee0b"><code>2e16acf</code></a> Bump to 1.7.2</li> <li><a href="https://github.com/lipanski/mockito/commit/e404bdf4e18cdf411f035ab31302211727d76ba0"><code>e404bdf</code></a> Update docs</li> <li><a href="https://github.com/lipanski/mockito/commit/e2c1692186e313bf592189d34a9fd99e03e9b0d0"><code>e2c1692</code></a> Merge pull request <a href="https://redirect.github.com/lipanski/mockito/issues/224">#224</a> from songokas/status-code-from-request</li> <li><a href="https://github.com/lipanski/mockito/commit/86596b774d1858a5b817774cd9b80b1b59bc8b4b"><code>86596b7</code></a> Allow returning a different status code based on a request</li> <li><a href="https://github.com/lipanski/mockito/commit/4a70878a4dfc06be403e6d978353e86c96dabfcd"><code>4a70878</code></a> Merge pull request <a href="https://redirect.github.com/lipanski/mockito/issues/223">#223</a> from tottoto/update-to-reqwest-0.13</li> <li><a href="https://github.com/lipanski/mockito/commit/35fccfb88357e1e62e0f62c5b1897ff035721def"><code>35fccfb</code></a> Update to reqwest 0.13</li> <li>See full diff in <a href="https://github.com/lipanski/mockito/compare/1.7.1...1.7.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: b31ec111ba94d84af0707c3567cbbe2bf0ba73f5
PR-URL: hasura/graphql-engine-mono#11514 GitOrigin-RevId: c673f6bc733594b2be81fa6f6a00a9bf49dc411d
Bumps [futures-util](https://github.com/rust-lang/futures-rs) from 0.3.31 to 0.3.32. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/futures-rs/releases">futures-util's releases</a>.</em></p> <blockquote> <h2>0.3.32</h2> <ul> <li>Bump MSRV of utility crates to 1.71. (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2989">#2989</a>)</li> <li>Soft-deprecate <code>ready!</code> macro in favor of <code>std::task::ready!</code> added in Rust 1.64 (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2925">#2925</a>)</li> <li>Soft-deprecate <code>pin_mut!</code> macro in favor of <code>std::pin::pin!</code> added in Rust 1.68 (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2929">#2929</a>)</li> <li>Add <code>FuturesOrdered::clear</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2927">#2927</a>)</li> <li>Add <code>mpsc::*Receiver::recv</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2947">#2947</a>)</li> <li>Add <code>mpsc::*Receiver::try_recv</code> and deprecate <code>mpsc::*Receiver::::try_next</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2944">#2944</a>)</li> <li>Implement <code>FusedStream</code> for <code>sink::With</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2948">#2948</a>)</li> <li>Add <code>no_std</code> support for <code>shared</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2868">#2868</a>)</li> <li>Make <code>Mutex::new()</code> const (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2956">#2956</a>)</li> <li>Add <code>#[clippy::has_significant_drop]</code> to guards (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2967">#2967</a>)</li> <li>Remove dependency to <code>pin-utils</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2929">#2929</a>)</li> <li>Remove dependency on <code>num_cpus</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2946">#2946</a>)</li> <li>Performance improvements (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2983">#2983</a>)</li> <li>Documentation improvements (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2925">#2925</a>, <a href="https://redirect.github.com/rust-lang/futures-rs/issues/2926">#2926</a>, <a href="https://redirect.github.com/rust-lang/futures-rs/issues/2940">#2940</a>, <a href="https://redirect.github.com/rust-lang/futures-rs/issues/2971">#2971</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/futures-rs/blob/master/CHANGELOG.md">futures-util's changelog</a>.</em></p> <blockquote> <h1>0.3.32 - 2026-02-15</h1> <ul> <li>Bump MSRV of utility crates to 1.71. (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2989">#2989</a>)</li> <li>Soft-deprecate <code>ready!</code> macro in favor of <code>std::task::ready!</code> added in Rust 1.64 (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2925">#2925</a>)</li> <li>Soft-deprecate <code>pin_mut!</code> macro in favor of <code>std::pin::pin!</code> added in Rust 1.68 (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2929">#2929</a>)</li> <li>Add <code>FuturesOrdered::clear</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2927">#2927</a>)</li> <li>Add <code>mpsc::*Receiver::recv</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2947">#2947</a>)</li> <li>Add <code>mpsc::*Receiver::try_recv</code> and deprecate <code>mpsc::*Receiver::::try_next</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2944">#2944</a>)</li> <li>Implement <code>FusedStream</code> for <code>sink::With</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2948">#2948</a>)</li> <li>Add <code>no_std</code> support for <code>shared</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2868">#2868</a>)</li> <li>Make <code>Mutex::new()</code> const (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2956">#2956</a>)</li> <li>Add <code>#[clippy::has_significant_drop]</code> to guards (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2967">#2967</a>)</li> <li>Remove dependency to <code>pin-utils</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2929">#2929</a>)</li> <li>Remove dependency on <code>num_cpus</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2946">#2946</a>)</li> <li>Performance improvements (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2983">#2983</a>)</li> <li>Documentation improvements (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2925">#2925</a>, <a href="https://redirect.github.com/rust-lang/futures-rs/issues/2926">#2926</a>, <a href="https://redirect.github.com/rust-lang/futures-rs/issues/2940">#2940</a>, <a href="https://redirect.github.com/rust-lang/futures-rs/issues/2971">#2971</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/futures-rs/commit/d9bba94c239daa1175a5bb2958f37a5c72db3f6a"><code>d9bba94</code></a> Release 0.3.32</li> <li><a href="https://github.com/rust-lang/futures-rs/commit/151e0b90dec62103df5239f0612f42467994f406"><code>151e0b9</code></a> Add comments on rust-version field in Cargo.toml</li> <li><a href="https://github.com/rust-lang/futures-rs/commit/4aaf00c35176d7180557559f54b0c151e2e608aa"><code>4aaf00c</code></a> Bump MSRV of utility crates to 1.71</li> <li><a href="https://github.com/rust-lang/futures-rs/commit/a4cce12c55942c6e1f2a507061fc6ca94c5b8862"><code>a4cce12</code></a> perf: improve AtomicWaker::wake performance (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2983">#2983</a>)</li> <li><a href="https://github.com/rust-lang/futures-rs/commit/ba9d102ca6e4a941a5068a1a8dcf0ff3a6c9085a"><code>ba9d102</code></a> Add <code>#[clippy::has_significant_drop]</code> to guards (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2967">#2967</a>)</li> <li><a href="https://github.com/rust-lang/futures-rs/commit/20396a83eff35414d17320dc35858243e54f0bc8"><code>20396a8</code></a> Fix rustdoc::broken_intra_doc_links warning</li> <li><a href="https://github.com/rust-lang/futures-rs/commit/815f6eb4e40ca9ff81d7d9a25a863d3c1ffdb79e"><code>815f6eb</code></a> Fix documentation of <code>BiLock::lock</code> (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2971">#2971</a>)</li> <li><a href="https://github.com/rust-lang/futures-rs/commit/0f0db0421d4edc9fc56c3643f7e7f3bd23058023"><code>0f0db04</code></a> futures-util: make <code>Mutex::new()</code> const (<a href="https://redirect.github.com/rust-lang/futures-rs/issues/2956">#2956</a>)</li> <li><a href="https://github.com/rust-lang/futures-rs/commit/5d6fc5e4083f5da376ccc7a50403d842e553e286"><code>5d6fc5e</code></a> ci: Test big-endian target (s390x Linux)</li> <li><a href="https://github.com/rust-lang/futures-rs/commit/9f739fe40b9c3e80b8f40054a739a220428a4675"><code>9f739fe</code></a> Ignore dead_code lint on Fn1 trait</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/futures-rs/compare/0.3.31...0.3.32">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: ef6524010fd0ed31e80bcbc05113e0efd7e10374
## Summary - Adds `compose.isolated.yaml` + `multi-session-override.yaml` enabling multiple parallel dev sessions on Aisura/shared machines without port or container conflicts - Modeled after the promptql-cloud `compose.v2.local-isolated.yaml` pattern using Docker Compose `!reset`/`!override` tags - Updates `CLAUDE.md` with an Aisura/Remote Dev section covering start, teardown, and port allocation ## Usage ```bash # Session 1 ENGINE_HOST_PORT=3000 JAEGER_HOST_PORT=4002 \ docker compose -p engine-1 -f compose.isolated.yaml up -d --build # Session 2 (parallel, no conflicts) ENGINE_HOST_PORT=3001 JAEGER_HOST_PORT=4003 \ docker compose -p engine-2 -f compose.isolated.yaml up -d --build # Tear down docker compose -p engine-1 -f compose.isolated.yaml down -v ``` ## How it works `multi-session-override.yaml` is layered on top of `docker-compose.yaml` via the `include` directive. It: - Strips `container_name` from all services (Docker auto-generates unique names per `-p` project) - Clears all fixed `ports` bindings to prevent host port conflicts between sessions - Re-exposes only `engine` (via `ENGINE_HOST_PORT`) and Jaeger UI (via `JAEGER_HOST_PORT`) with env-var-controlled host ports ## Test plan - [ ] `docker compose -p engine-1 -f compose.isolated.yaml config` validates without errors - [ ] Two sessions start in parallel with different port values and different `-p` names without conflict - [ ] `docker compose -p engine-1 -f compose.isolated.yaml down -v` cleanly tears down only session 1 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Aisura <aisura@aisura.hasura.office> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Phil Freeman <phil@hasura.io> V3_GIT_ORIGIN_REV_ID: dae63f712641019ad516f42a42f58fcae63b7809
GITHUB_PR_NUMBER: 10837 GITHUB_PR_URL: #10837 PR-URL: hasura/graphql-engine-mono#11518 Co-authored-by: Gajendra Malviya <219787351+thzgajendra@users.noreply.github.com> GitOrigin-RevId: 11cdeb79bd2507cee0bbced0fe2e7eb4e9b1e945
PR-URL: hasura/graphql-engine-mono#11525 GitOrigin-RevId: 4eab5fb6a11d66670c5c2c773ddc6ab762172624
PR-URL: hasura/graphql-engine-mono#11528 Co-authored-by: Toan Nguyen <1615675+hgiasac@users.noreply.github.com> GitOrigin-RevId: 955815476e2f08e07f0abf5b2157b6c0c31d75a6
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.49.0 to 1.50.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.50.0</h2> <h1>1.50.0 (Mar 3rd, 2026)</h1> <h3>Added</h3> <ul> <li>net: add <code>TcpStream::set_zero_linger</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7837">#7837</a>)</li> <li>rt: add <code>is_rt_shutdown_err</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7771">#7771</a>)</li> </ul> <h3>Changed</h3> <ul> <li>io: add optimizer hint that <code>memchr</code> returns in-bounds pointer (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7792">#7792</a>)</li> <li>io: implement vectored writes for <code>write_buf</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7871">#7871</a>)</li> <li>runtime: panic when <code>event_interval</code> is set to 0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7838">#7838</a>)</li> <li>runtime: shorten default thread name to fit in Linux limit (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7880">#7880</a>)</li> <li>signal: remember the result of <code>SetConsoleCtrlHandler</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7833">#7833</a>)</li> <li>signal: specialize windows <code>Registry</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7885">#7885</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>io: always cleanup <code>AsyncFd</code> registration list on deregister (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7773">#7773</a>)</li> <li>macros: remove (most) local <code>use</code> declarations in <code>tokio::select!</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7929">#7929</a>)</li> <li>net: fix <code>GET_BUF_SIZE</code> constant for <code>target_os = "android"</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7889">#7889</a>)</li> <li>runtime: avoid redundant unpark in current_thread scheduler (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7834">#7834</a>)</li> <li>runtime: don't park in <code>current_thread</code> if <code>before_park</code> defers waker (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7835">#7835</a>)</li> <li>io: fix write readiness on ESP32 on short writes (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7872">#7872</a>)</li> <li>runtime: wake deferred tasks before entering <code>block_in_place</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7879">#7879</a>)</li> <li>sync: drop rx waker when oneshot receiver is dropped (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7886">#7886</a>)</li> <li>runtime: fix double increment of <code>num_idle_threads</code> on shutdown (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7910">#7910</a>, <a href="https://redirect.github.com/tokio-rs/tokio/issues/7918">#7918</a>, <a href="https://redirect.github.com/tokio-rs/tokio/issues/7922">#7922</a>)</li> </ul> <h3>Unstable</h3> <ul> <li>fs: check for io-uring opcode support (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7815">#7815</a>)</li> <li>runtime: avoid lock acquisition after uring init (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7850">#7850</a>)</li> </ul> <h3>Documented</h3> <ul> <li>docs: update outdated unstable features section (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7839">#7839</a>)</li> <li>io: clarify the behavior of <code>AsyncWriteExt::shutdown()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7908">#7908</a>)</li> <li>io: explain how to flush stdout/stderr (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7904">#7904</a>)</li> <li>io: fix incorrect and confusing <code>AsyncWrite</code> documentation (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7875">#7875</a>)</li> <li>rt: clarify the documentation of <code>Runtime::spawn</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7803">#7803</a>)</li> <li>rt: fix missing quotation in docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7925">#7925</a>)</li> <li>runtime: correct the default thread name in docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7896">#7896</a>)</li> <li>runtime: fix <code>event_interval</code> doc (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7932">#7932</a>)</li> <li>sync: clarify RwLock fairness documentation (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7919">#7919</a>)</li> <li>sync: clarify that <code>recv</code> returns <code>None</code> once closed and no more messages (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7920">#7920</a>)</li> <li>task: clarify when to use <code>spawn_blocking</code> vs dedicated threads (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7923">#7923</a>)</li> <li>task: doc that task drops before <code>JoinHandle</code> completion (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7825">#7825</a>)</li> <li>signal: guarantee that listeners never return <code>None</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7869">#7869</a>)</li> <li>task: fix task module feature flags in docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7891">#7891</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tokio/commit/0273e45ead199dac7725faee1e3dc35a9c8753ab"><code>0273e45</code></a> chore: prepare Tokio v1.50.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7934">#7934</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/e3ee4e58dc9bb7accf26dfd51b0a2146922b5269"><code>e3ee4e5</code></a> chore: prepare tokio-macros v2.6.1 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7943">#7943</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/8c980ea75a0f8dd2799403777db700c2e8f4cda4"><code>8c980ea</code></a> io: add <code>write_all_vectored</code> to <code>tokio-util</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7768">#7768</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/e35fd6d6b7d9a8ba37ee621835ef91372c2565cb"><code>e35fd6d</code></a> ci: fix patch during clippy step (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7935">#7935</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/03fe44c10302fdb55c29dbe5b08d4f8769c80272"><code>03fe44c</code></a> runtime: fix <code>event_interval</code> doc (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7932">#7932</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d18e5dfbb0cdc28725bebb28cde80a6c11ee32bc"><code>d18e5df</code></a> io: fix race in <code>Mock::poll_write</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7882">#7882</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/f21f2693f02aec9a876ac2bd21566c85e15b682e"><code>f21f269</code></a> runtime: fix race condition during the blocking pool shutdown (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7922">#7922</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d81e8f0acbdd7d866bce4f733b3545fd834c7840"><code>d81e8f0</code></a> macros: remove (most) local <code>use</code> declarations in <code>tokio::select!</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7929">#7929</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/25e7f2641ef2555d688c267059431a2802805f1d"><code>25e7f26</code></a> rt: fix missing quotation in docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7925">#7925</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/e1a91ef114a301b542d810abab9956f2868861b9"><code>e1a91ef</code></a> util: fix typo in docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7926">#7926</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.49.0...tokio-1.50.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 44e55680e8f9f850c22cbdc487bf868df3b30ba5
## Summary - Adds `HASURA_GRAPHQL_DISABLE_EVENTING` env var (and `--disable-eventing` CLI flag) that turns off the entire eventing subsystem: event triggers, scheduled events, cron event generator, and async actions. Previously the OSS / single-tenant Pro path hardcoded `EventingMode = EventingEnabled`; only the multi-tenant cloud build had a `--disableEventing` flag, on a separate code path. - Sets the new env var on the temporary HGE instance launched by the `cli-migrations` v2 and v3 entrypoints, so migration jobs stop competing with the four eventing pollers for database resources. ## Why Single-tenant deployments running migration jobs against busy databases were seeing the temporary HGE instance's event/cron/async-action pollers compete with the migration workload for DB connections, causing knock-on issues. There was no way to disable those pollers individually in the single-tenant build — `HASURA_GRAPHQL_EVENTS_FETCH_BATCH_SIZE=0` only quiets event triggers, and the `EventingMode` umbrella was unreachable from outside the multi-tenant cloud arg parser. This patch reuses the existing `EventingMode` machinery (consumed at `server/src-lib/Hasura/App.hs:1110-1130`) so the env var flips all four threads off in one go. Multi-tenant cloud's existing flag is untouched. ## Test plan - [ ] `cabal build graphql-engine` succeeds (verified locally). - [ ] `cabal build graphql-engine-pro` succeeds. - [ ] Start OSS server with `HASURA_GRAPHQL_DISABLE_EVENTING=true` and confirm the startup log line "Starting in eventing disabled mode" appears and none of the four poller threads run. - [ ] Start OSS server unset / with `false` and confirm normal "eventing enabled" startup and behaviour. - [ ] Build a `cli-migrations:v3` image, run it against a Postgres with an event trigger, and confirm the temporary instance does not pull from `hdb_catalog.event_log` during the migration window. 🤖 Generated with [Claude Code](https://claude.com/claude-code) PR-URL: hasura/graphql-engine-mono#11530 GitOrigin-RevId: 42a25f648b5ccd3058939f8b5c3723faab95f086
PR-URL: hasura/graphql-engine-mono#11531 GitOrigin-RevId: c44017524fea8f7c03deffc567c0a6e0d1073ef5
…2511) ## Summary The `/v1/sql` relational pushdown path silently ignored `DataConnectorLink.argumentPresets`. Any header-forwarding configured on a connector link only worked for GraphQL and JSON:API requests; models queried via SQL saw the configured headers dropped on the floor. `process_argument_presets` already injects the resolved presets on the GraphQL path (`crates/plan/src/query/arguments.rs`). The relational planner has its own narrower `resolve_arguments` that only honoured ModelPermission `argument_presets`, so `data_connector_link_argument_presets` were never read, and the outgoing `RelationalQuery` always shipped with `request_arguments: None`. This change wires the same presets into the relational path: - Carries `link_argument_presets` and the source model's `type_mappings` alongside the existing `data_connector` through `PushdownRel`, `PlanResponse`, and `SendRel`. - Resolves those presets at execution time via the shared `process_connector_link_presets`, populating `RelationalQuery.request_arguments` with the same JSON-object payload that the GraphQL path emits per function argument. - Forwards through joins / unions / paginate / project / filter / aggregate / sort / window / subquery-alias by propagating the new fields in `from_df_plan` and `AbsorbIntoRel`. The selective forwarding behaviour Phil flagged in the originating thread is preserved: only headers listed in `forward` reach the connector — the test asserts that an unrelated `x-internal-secret` header configured in the request is NOT included in `request_arguments`, so adding sensitive internal headers later remains safe by default. ## Test plan - [x] `cargo check --workspace --all-targets` - [x] `cargo clippy -p sql --lib --all-targets` - [x] `cargo test -p sql --lib` — 93 passed (3 new tests in `pushdown_rel::tests`) - [x] `cargo test -p plan --lib` — 7 passed - [x] `cargo build -p ddn-engine-local-dev --tests` - [ ] Full `just test` requires Docker — run in CI New unit tests in `crates/cloud/sql/src/execute/planner/pushdown_rel.rs`: - `relational_request_arguments_are_none_when_no_presets` — empty presets ⇒ `None` (matches the on-wire `skip_serializing_if = \"BTreeMap::is_empty\"`) - `relational_request_arguments_forward_configured_headers` — only headers in the `forward` list show up under the configured argument name; unrelated request headers are dropped. ## Originating thread https://console.hasura.io/project/hasuraql/promptql-playground/thread/e0c5c5f2-ab7a-42ec-8a36-7a4244f67fdf Co-authored-by: Phil Freeman <phil@hasura.io> 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Aisura <aisura@aisura.hasura.office> Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: 68683c5c76dfadedd55efcc6ba259a0b223ce3ac
PR-URL: hasura/graphql-engine-mono#11546 GitOrigin-RevId: dd6f0528f90740e3155079481d4ada91862540f1
…elay) endpoint. PR-URL: hasura/graphql-engine-mono#11549 GitOrigin-RevId: f2f0879d4c635af825f9253a745365ad8fb71553
PR-URL: hasura/graphql-engine-mono#11550 GitOrigin-RevId: 98ffc30385dbfdf7cb36c7f33897df60f241113a
GitOrigin-RevId: 0eecf6abd95a5bdef5b38ff03c263ad09e277382
PR-URL: hasura/graphql-engine-mono#11559 GitOrigin-RevId: 2d3f68a88c1ec02b896eaedce53323856864605d
PR-URL: hasura/graphql-engine-mono#11555 GitOrigin-RevId: c6c931720dee9cc893044f3a8fbd1b85ad67c1d9
… postgres is unreachable 🤖 Generated with [Claude Code](https://claude.com/claude-code) PR-URL: hasura/graphql-engine-mono#11554 GitOrigin-RevId: 1695fade875d86b7dbfabdabe91f7a03c00aa259
PR-URL: hasura/graphql-engine-mono#11564 GitOrigin-RevId: d76ab0d242595d12c7f820df4adfff1b1bb65a6d
GitOrigin-RevId: 2fc6efeb063d187d4ee984b246855b0da0159d13
## Summary Add `docker-env-loader` outputs alongside the existing `docker` outputs in the Nix flake, so every binary that ships a regular Docker image now also has an env-loader variant built through the same pipeline. The variant wraps the binary with an entrypoint that reads `/secrets/*.json` into the environment before exec'ing the binary (same behavior as `hasura/minio-env-loader` wrapping `minio/minio`). This replaces the per-service `Dockerfile_EnvLoader` workflow introduced in #2502 with the Nix-based build pipeline used for every other image. The `Dockerfile_EnvLoader` from #2502 is left untouched in this PR; a follow-up can retire it once the new variant is wired into CI. Linked discussion: https://prompt.ql.app/promptql-playground/thread/742d2d35-57dd-4130-b6bd-7820b2f33c38 ## Approach 1. **Vendor the entrypoint script** at `nix/docker-entrypoint.sh`, copied verbatim from `hasura/lux:scripts/docker-entrypoint/docker-entrypoint.sh` (the source for the `lux-env-loader-entrypoint` image). No remote image pull at build time. 2. **`nix/docker.nix` grows an `envLoader` parameter.** When `true`: - The vendored script is installed at `/usr/local/bin/docker-entrypoint.sh` via a small `runCommand` derivation. - The image contents auto-include `busybox` (for `/bin/sh`), `jq` (to parse the secret JSON), and `inotify-tools` (for `inotifywait`, used when `ENABLE_AUTO_RESTART_ON_SECRET_CHANGE=true`). - The entrypoint is prepended with the script: `Entrypoint = [ "/usr/local/bin/docker-entrypoint.sh" "/bin/<pname>" ]`. Per-binary `extraConfig` still overrides (so `multitenant-engine`'s `Env`/`ExposedPorts` keep working). 3. **`flake.nix` emits a sibling `docker-env-loader`** under every `(binaryName, targetSystem)` tree node. Crucially, it passes `package = self.targets.<localSystem>.<binaryName>.<targetSystem>.binary` — the **same derivation** as the regular `docker` output — so the Rust build is not duplicated. Only the Docker packaging layers (image config, customisation layer, stream script, tarball) differ. ## What you get ``` .#targets.x86_64-linux.<binary>.x86_64-linux.docker # existing .#targets.x86_64-linux.<binary>.x86_64-linux.docker-env-loader # new .#targets.x86_64-linux.<binary>.aarch64-linux.docker # existing .#targets.x86_64-linux.<binary>.aarch64-linux.docker-env-loader # new ``` for every binary in `flake.nix`'s `binaries` list. Darwin systems get `null` for both, same as before. ## Verification Done locally on an aarch64-darwin host (full build needs Linux): - `nix eval .#targets.x86_64-linux.engine.x86_64-linux.docker-env-loader.outPath` and the same for `multitenant-engine.aarch64-linux` both succeed. - `nix derivation show --recursive` on `docker` and `docker-env-loader` shows the Rust derivations (`engine-3.0.0.drv`, `engine-deps-3.0.0.drv`) have the **same store hashes** in both graphs — i.e., the binary really is shared, not rebuilt. - The entrypoint derivation (`runCommand "env-loader-entrypoint"`) builds and produces `/usr/local/bin/docker-entrypoint.sh` with mode 0555 and the expected contents. ## Follow-ups (not in this PR) - Extend `.github/workflows/cloud-docker-images.yaml` to also build/push the `-env-loader` flake attrs (matrix expansion + a `-env-loader` suffix on the published image name). - Once CI ships env-loader images via Nix, delete `crates/cloud/v3-engine-multitenant/Dockerfile_EnvLoader` (the local Docker build PR'd in #2502). ## Test plan - [ ] CI evaluates the flake without errors - [ ] `nix build .#targets.x86_64-linux.multitenant-engine.x86_64-linux.docker-env-loader` produces a loadable image - [ ] Loaded image, with a JSON file at `/secrets/test.json`, exports the JSON's keys as env vars before exec'ing `multitenant-engine` - [ ] Loaded image without `/secrets` still launches the binary cleanly 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Aisura <aisura@aisura.hasura.office> Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com> Co-authored-by: Tom Skawinski <98830547+tomhasura@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: acbf1c737923e18cf3ef76b0120e1bc09a2977e2
As an alternative design for adding catalog names to models. ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> --------- Co-authored-by: Daniel Harvey <danieljamesharvey@gmail.com> V3_GIT_ORIGIN_REV_ID: 79719e53f31aec85d695a03923b37b567d50caa0
…ss (#2528) ## What Adds `make_session_for_directory` to the plan-crate golden test runner (`crates/plan/tests/plan_golden_tests.rs`). Each test fixture directory may now contain an optional `session_variables.json` (mirroring the JSON:API golden tests' folder-per-role mechanism) to run the planned query under a specific role. When the file is absent, the harness defaults to the **admin** role. ## Why This is **harness-only infrastructure**, split out from #2527 (the AISLE-2026-0087 field-level read-permission fix and its security-specific fixtures) so the reusable harness can be reviewed and merged independently of the security change. It enables golden tests to assert role-dependent planning behaviour directly from OpenDD query IR. ## Behaviour-preserving No existing fixture supplies a `session_variables.json`, so they all continue to run as `admin` and **no pre-existing snapshots change**. The only diff vs `main` is the single harness file. ## Testing `cargo test -p plan` passes (golden: `test_passing_plan`, `test_failing_plan`; 7 unit tests; 0 failed), with no snapshot diffs. ## Follow-up Once this merges, #2527 will be rebased to drop this duplicated harness hunk, leaving #2527 with only the production fix and the security fixtures. 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: 189765591b7ad4803f2a3938cdae0adfe24fb08b
Automated changelog update for release v2026.06.10. V3_GIT_ORIGIN_REV_ID: dbfcf4cc1dddc4a69f000c8ae4ca59d569bb373e
…ode (#2535) ## Summary Queries over external/Iceberg (Shelf) tables via `/v1/sql` fail with `pushdown not supported: LogicalPlan::TableScan is not supported` (and 300s timeouts) when running in `Required` relational-pushdown mode and there is no pushdown-capable connector (e.g. Trino) handling the scan. Aggregations / `GROUP BY` / unbounded `WHERE` queries are the typical triggers. Originating thread: https://prompt.ql.app/project/hasuraql/promptql-playground/thread/bc16a309-32dd-40a9-8775-e7506212339b ## Root cause When Trino is not used, the raw `LogicalPlan::TableScan` for an external/Iceberg table is left untouched by `ReplaceTableScan` (it only rewrites `model::Table`-backed scans) and reaches the `absorb_into_rel` optimizer rule (`AbsorbIntoRel`). In `from_df_plan` (`crates/cloud/sql/src/execute/relational/relational_plan.rs`), the raw/external `TableScan` fall-through was classified as `RelationalPushdownError::NotSupported`: ```rust Err(RelationalPushdownError::NotSupported( RelationalPushdownPlanNotSupported::Other( "LogicalPlan::TableScan is not supported".into(), ).into(), )) ``` `filter_out_with_reason` treats the `NotSupported` bucket as **mode-dependent**: graceful under `IfSupported`/`Never`, but a **hard error under `Required`**. So under `Required` mode the `?` in `AbsorbIntoRel::rewrite` propagates the error out of the optimizer and it surfaces to the caller as `pushdown not supported: LogicalPlan::TableScan is not supported`, rather than the optimizer simply leaving the plan alone for datafusion-iceberg to execute. Notably, the two sibling branches in that same match arm — `information_schema`/`hasura` scans and command-backed scans — are already classified as `KnownNotSupported` ("things that will never pushdown, but we are fine with this"), which `filter_out_with_reason` treats as **always graceful regardless of mode**. The external/Iceberg case was simply never added to that bucket. For an aggregation/`GROUP BY` query (`Projection → Aggregate → TableScan`), the bottom-up optimizer visits the leaf `TableScan` first, which is why the user-visible error is the `TableScan` message even for `GROUP BY`. ## Fix Re-classify the raw/external `TableScan` as `KnownNotSupported`, matching its sibling branches: - Add `RelationalPushdownKnownNotSupported::ExternalTableScan` (`crates/cloud/sql/src/execute/relational/error.rs`). - Return that variant from the fall-through arm in `from_df_plan` instead of `NotSupported`. An external/Iceberg `TableScan` has no NDC relational connector to absorb into, so it genuinely "will never push down, and that's fine". With this change `AbsorbIntoRel` returns `Transformed::no(plan)` even under `Required` mode and datafusion-iceberg executes the raw scan, instead of the optimizer erroring out. ##⚠️ Open question for reviewers (please weigh in) This also makes a raw external `TableScan` graceful under `Required` mode. `Required` means "must push down or fail". For an external Iceberg table there is no connector to push into, so treating it as a hard failure was arguably never meaningful — which is why this change groups it with the other always-graceful `KnownNotSupported` cases. However, if the team wants `Required` to keep **hard-failing for other genuinely-unpushable leaf nodes** while allowing external tables through, the `TableScan` branch could instead be **split by provider type** (external/Iceberg provider → `KnownNotSupported`; everything else → keep `NotSupported`). I did not implement that split because the current code does not make the external-vs-other provider distinction trivially at this point, and it would change `Required`-mode semantics for non-external scans. Happy to do it if reviewers prefer. ## Tests Added unit tests in `relational_plan.rs` that build a raw `TableScan` over a non-model (`EmptyTable`) provider standing in for an external/Iceberg table: - `external_table_scan_is_known_not_supported` — `from_df_plan` returns `KnownNotSupported::ExternalTableScan`. - `external_table_scan_is_graceful_in_all_modes` — `filter_out_with_reason` returns the graceful `NoReason` in `Required`, `IfSupported`, and `Never` modes (the regression assertion: no hard error under `Required`). ## Verification - `cargo test -p sql --lib` — 96 passed, 0 failed. - `cargo clippy -p sql --all-targets --no-deps` — clean. - `cargo fmt --check -p sql` — clean. - Added a `changelog.md` Fixed entry. 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Phil Freeman <phil@hasura.io> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: e0168d419d9cc4f92fe803d7ea99e3909d8f17c4
…lean (#2542) ## What Adds the currently-surfaced `cargo audit` advisory **RUSTSEC-2024-0436** (`paste` — no longer maintained) to the ignore list in `.cargo/audit.toml`, appending to the existing ignore list rather than replacing it. ## Why These advisories are all currently **unfixable**, so we want `cargo audit` to pass by ignoring them. `RUSTSEC-2024-0436` (`paste`) is a proc-macro pulled in transitively via `parquet` / `datafusion`. It has no maintained drop-in replacement, so there is no current fix. It was the only advisory still surfaced by `cargo audit` that was not already in the ignore list. > Note: with the previous config `cargo audit` already exited `0` because `paste` is reported as an *unmaintained* warning rather than a hard vulnerability. This change suppresses that remaining warning so the audit output is fully clean. The pre-existing ignores (`RUSTSEC-2024-0437`, `RUSTSEC-2023-0071`, `RUSTSEC-2026-0176`, `RUSTSEC-2026-0177`) are left untouched. ## Verification `cargo audit` now reports no warnings and no vulnerabilities (exit 0). ## Traceability PromptQL thread: https://prompt.ql.app/project/hasuraql/promptql-playground/thread/d563bd3e-abe5-4079-94f9-a4e4e99f27b4 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Daniel Harvey <4729125+danieljharvey@users.noreply.github.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: 4cf1d7d18546ef86c9d2d9724974085e95b2e4a3
#2527) ## Summary Order-by and filter operands were resolved straight from the unfiltered object type's `type_mappings`, without checking the field against the role-filtered `OutputObjectTypeView`. A low-privilege caller could **order or filter results by a column hidden from their role** (e.g. `salary`) and infer the hidden values through ordering / predicate side-channels (binary-search via pagination/filters) — even though the field itself is omitted from the response. - **CWE-285** (Improper Authorization), tracked as **AISLE-2026-0087**. - GraphQL and SQL never surfaced this because their generated schemas don't expose hidden fields. **JSON:API builds order-by/filter straight from free-form `sort`/`filter` query params**, which is where the gap was reachable. ## Fix The fix lives in the `plan` crate so **all frontends are covered uniformly** (`to_resolved_order_by_element` and the filter resolver are the single shared planning path used by GraphQL, SQL and JSON:API): - **`order_by.rs::resolve_field_operand`** — look up the field via `OutputObjectTypeView::get_field` before resolving its NDC column from `type_mappings`. Also lets us drop the redundant `.fields.get(..)` lookup in the nested branch. - **`filter.rs::to_field_comparison_expression`** — hoist a single `get_field` check to the top, covering both the scalar and nested-object branches, and replacing a misleading `PlanError::Internal` with the proper user-facing permission error. (Filtering already rejected hidden scalar fields, but via an internal-error path and without covering the nested-object branch.) Both paths now reject hidden fields with the user-facing `PermissionError::ObjectFieldNotFound` ("no permission to select from field …"). ## Tests - New JSON:API golden regression test `crates/jsonapi/tests/failing/sort_by_unauthorized_field/`: as role `user_1` (who cannot see `Album.ArtistId`), `fields[Album]=AlbumId,Title&sort=-ArtistId` now returns a permission error instead of leaking rows ordered by the hidden column. - Taught the jsonapi golden harness to run a case under a non-admin role via a per-directory `session_variables.json`, mirroring the `/v1/sql` golden tests. Existing tests default to `admin` and are unchanged. ## Audit While here, I audited every field-access site in `plan` against the principle "resolve user-referenced fields through `OutputObjectTypeView`": - **Output domain:** the two sites above were the only gaps; `column.rs`, `field_selection.rs`, relationship source fields already enforce via `get_field`. Relationship join-key mappings and argument presets operate on a different (non-output) domain. - **Input domain:** no analogous gap. Input permissions are preset-based (forced values via `InputObjectTypeView::field_presets`), enforced centrally in `apply_input_field_presets_to_value`, and every frontend (GraphQL via `query_to_plan`, SQL via `execute/planner`, JSON:API via the handler) funnels through plan's `from_model_selection`/`from_command`. ## Verification - `cargo fmt --check`, `prettier --check`, `cargo clippy --all-targets --no-deps` — clean - `just test` (full workspace + doctests, with Docker deps) — all passing 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Co-authored-by: dliub <build@hasura.io> V3_GIT_ORIGIN_REV_ID: eb1f87937f1bc8d92016c467911c7962bbeeb82c
<!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: a68581798510a16aafee05f737caf0c724dd019f
Automated changelog update for release v2026.07.15. V3_GIT_ORIGIN_REV_ID: 2276090e010cba4830c5e9d3da9adc61a525cd50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )