Skip to content

Bump serde_with from 3.18.0 to 3.21.0 in /scylla-server#656

Merged
bracyw merged 1 commit into
developfrom
dependabot/cargo/scylla-server/serde_with-3.20.0
Jun 7, 2026
Merged

Bump serde_with from 3.18.0 to 3.21.0 in /scylla-server#656
bracyw merged 1 commit into
developfrom
dependabot/cargo/scylla-server/serde_with-3.20.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 2, 2026
edited
Loading

Bumps serde_with from 3.18.0 to 3.21.0.

Release notes

Sourced from serde_with's releases.

serde_with v3.21.0

Security

  • GHSA-7gcf-g7xr-8hxj: KeyValueMap serialization panics on empty sequence or map entries Bad or attacker controlled values could cause a panic while allocating too large values. Fixed in #966 by setting a maximum allocation size during the creation of collections like Vec or sets.

    Thanks to @​7thParkk for reporting the issue.

Added

  • Add NoneAsZero adapter that maps Option<NonZero*> to a plain integer, encoding None as 0 by @​SAY-5 (#486)

Changed

  • Re-enable link-to-definition on docs.rs (#964)

Fixed

  • Fix some doc links to point to the correct types (#963)
  • Re-enable unused_qualifications and fix the resulting findings by @​lms0806 (#962)

serde_with v3.20.0

Added

  • Add support for base58 encoding, similar to the existing base64 setup by @​mitinarseny (#943)

Fixed

serde_with v3.19.0

Added

  • Add support for hashbrown v0.17 (#940)

    This extends the existing support for hashbrown to the newly released version.

Commits
  • 0f4ca67 Update changelog for 3.21.0 (#967)
  • 7654841 Update changelog for 3.21.0
  • c8a1d82 Protect all collection creations against capacity overflow by using `size_hin...
  • 6ad5fa5 Properly feature gate the vec_with_capacity_cautious function
  • ef7d141 Protect all collection creations against capacity overflow by using `size_hin...
  • a348da3 Add serde_as deserialize_as explain (#958)
  • 2e5bc20 Bump the github-actions group with 3 updates (#965)
  • 927a3d6 Bump the github-actions group with 3 updates
  • 62d14ec Enable link-to-definition on docs.rs again, after the upstream issue was reso...
  • 4584d94 Enable link-to-definition on docs.rs again, after the upstream issue was reso...
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jun 2, 2026
@dependabot
Bump serde_with from 3.18.0 to 3.21.0 in /scylla-server
55797c7 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.18.0 to 3.21.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](jonasbb/serde_with@v3.18.0...v3.21.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-version: 3.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump serde_with from 3.18.0 to 3.20.0 in /scylla-server Bump serde_with from 3.18.0 to 3.21.0 in /scylla-server Jun 7, 2026
@dependabot dependabot Bot force-pushed the dependabot/cargo/scylla-server/serde_with-3.20.0 branch from 96938f3 to 55797c7 Compare June 7, 2026 05:24
@bracyw bracyw merged commit d042fbe into develop Jun 7, 2026
4 checks passed
@dependabot dependabot Bot deleted the dependabot/cargo/scylla-server/serde_with-3.20.0 branch June 7, 2026 06:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bracyw bracyw bracyw approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bracyw