Skip to content

deps: bump zip from 7.0.0 to 8.6.0#9

Merged
builtbyjonas merged 1 commit into
mainfrom
dependabot/cargo/zip-8.5.1
Apr 29, 2026
Merged

deps: bump zip from 7.0.0 to 8.6.0#9
builtbyjonas merged 1 commit into
mainfrom
dependabot/cargo/zip-8.5.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 21, 2026

Copy link
Copy Markdown
Contributor

Bumps zip from 7.0.0 to 8.6.0.

Release notes

Sourced from zip's releases.

v8.6.0

🚀 Features

  • add compression not supported as enum error (#774)

🐛 Bug Fixes

  • allow for [u8] as filename (#775)

🚜 Refactor

  • mark ZipFlags as non-exhaustive and add test for HasZipMetadata (#777)
  • use and simplify is_dir (#776)

v8.5.1

🚜 Refactor

  • change magic finder to stack buffer (#763)
  • simplify extra field parsing (#764)

v8.5.0

🐛 Bug Fixes

  • remove zip64 comment and add zip64 extensible data sector (#747)

🚜 Refactor

  • remove useless magic in struct (#730)
  • change extra_field from Arc<Vec> to Arc<[u8]> (#741)

⚙️ Miscellaneous Tasks

  • cleanup README (#758)

v8.4.0

🚀 Features

  • add a check for building benches (#748)

🚜 Refactor

  • split part of read.rs for code readability (#744)
  • remove unused allow (#745)

⚡ Performance

  • skip BufReader for Stored files in make_reader (#739)

⚙️ Miscellaneous Tasks

... (truncated)

Changelog

Sourced from zip's changelog.

8.6.0 - 2026-04-25

🚀 Features

  • add compression not supported as enum error (#774)

🐛 Bug Fixes

  • allow for [u8] as filename (#775)

🚜 Refactor

  • mark ZipFlags as non-exhaustive and add test for HasZipMetadata (#777)
  • use and simplify is_dir (#776)

8.5.1 - 2026-04-06

🚜 Refactor

  • change magic finder to stack buffer (#763)
  • simplify extra field parsing (#764)

8.5.0 - 2026-04-01

🐛 Bug Fixes

  • remove zip64 comment and add zip64 extensible data sector (#747)

🚜 Refactor

  • remove useless magic in struct (#730)
  • change extra_field from Arc<Vec> to Arc<[u8]> (#741)

⚙️ Miscellaneous Tasks

  • cleanup README (#758)

8.4.0 - 2026-03-23

🚀 Features

  • add a check for building benches (#748)

🚜 Refactor

  • split part of read.rs for code readability (#744)
  • remove unused allow (#745)

⚡ Performance

... (truncated)

Commits
  • 771dfc5 chore: release v8.6.0 (#781)
  • 8e480cc chore(deps): update sha1 requirement from 0.10 to 0.11 (#767)
  • 2513bbe chore(deps): update aes requirement from 0.8 to 0.9 (#787)
  • 957e240 ci(deps): bump actions/cache from 5.0.4 to 5.0.5 (#786)
  • 0329d9d fix: allow for [u8] as filename (#775)
  • ddcf854 ci(deps): bump github/codeql-action from 4.35.1 to 4.35.2 (#788)
  • 42323a8 ci(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#785)
  • 901014a ci(deps): bump crate-ci/typos from 1.45.0 to 1.45.1 (#784)
  • 07702d4 feat: add compression not supported as enum error (#774)
  • 2d0c46b ci(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#783)
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github Apr 21, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@vercel

vercel Bot commented Apr 21, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
anymon-server Error Error Apr 29, 2026 8:00pm

Bumps [zip](https://github.com/zip-rs/zip2) from 7.0.0 to 8.6.0.
- [Release notes](https://github.com/zip-rs/zip2/releases)
- [Changelog](https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md)
- [Commits](zip-rs/zip2@v7.0.0...v8.6.0)

---
updated-dependencies:
- dependency-name: zip
  dependency-version: 8.5.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title deps: bump zip from 7.0.0 to 8.5.1 deps: bump zip from 7.0.0 to 8.6.0 Apr 29, 2026
@dependabot dependabot Bot force-pushed the dependabot/cargo/zip-8.5.1 branch from 41f4692 to 2f1f188 Compare April 29, 2026 19:53
@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedcargo/​zip@​7.0.0 ⏵ 8.6.0100 +110093100100

View full report

@builtbyjonas builtbyjonas merged commit 9844cbf into main Apr 29, 2026
9 of 10 checks passed
@dependabot dependabot Bot deleted the dependabot/cargo/zip-8.5.1 branch April 29, 2026 19:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant