Skip to content

build(deps): bump actix-http from 3.11.2 to 3.13.1 in /graph-data.rs#9720

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/graph-data.rs/actix-http-3.13.1
Open

build(deps): bump actix-http from 3.11.2 to 3.13.1 in /graph-data.rs#9720
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/graph-data.rs/actix-http-3.13.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 23, 2026

Copy link
Copy Markdown
Contributor

Bumps actix-http from 3.11.2 to 3.13.1.

Release notes

Sourced from actix-http's releases.

actix-http: v3.13.1

3.13.1

  • Fix HTTP/1 WebSocket upgrade responses being overwritten with Connection: close when the upgraded request payload remains open. #4115

#4115: actix/actix-web#4115

actix-http: v3.13.0

3.13.0

  • When configured, gracefully close HTTP/1 connections after early responses to unread request bodies. #3967
  • Wake HTTP/1 payload receivers with an incomplete-payload error when the sender is dropped before EOF. #3100
  • Update foldhash dependency to 0.2.

#3967: actix/actix-web#3967 #3100: actix/actix-web#3100

actix-http: v3.12.1

Notice: This release contains a security fix. Users are encouraged to update to this version ASAP.

  • SECURITY: Reject HTTP/1 requests with ambiguous request framing from Content-Length and Transfer-Encoding headers to prevent request smuggling.
  • Encode the HTTP/1 Connection: Upgrade header in Camel-Case when camel-case header formatting is enabled.#3953
  • Fix HeaderMap iterators' len() and size_hint() implementations for multi-value headers.
  • Update rand dependency to 0.10.
  • Update sha1 dependency to 0.11.

#3953: actix/actix-web#3953

actix-http: v3.12.0

  • Minimum supported Rust version (MSRV) is now 1.88.
  • Increase default HTTP/2 flow control window sizes. #3638
  • Expose configuration methods to improve upload throughput. #3638
  • Fix truncated body ending without error when connection closed abnormally. #3067
  • Add config/method for TCP_NODELAY. #3918
  • Do not compress 206 Partial Content responses. #3191
  • Fix lingering sockets and client stalls when responding early to dropped chunked request payloads. #2972

#3638: actix/actix-web#3638 #3067: actix/actix-web#3067 #3918: actix/actix-web#3918 #3191: actix/actix-web#3191 #2972: actix/actix-web#2972

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [actix-http](https://github.com/actix/actix-web) from 3.11.2 to 3.13.1.
- [Release notes](https://github.com/actix/actix-web/releases)
- [Changelog](https://github.com/actix/actix-web/blob/main/CHANGES.md)
- [Commits](actix/actix-web@http-v3.11.2...http-v3.13.1)

---
updated-dependencies:
- dependency-name: actix-http
  dependency-version: 3.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 23, 2026
@coderabbitai

coderabbitai Bot commented Jun 23, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 06fdcc28-325f-4c54-bbfc-59a739f50582

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dependabot/cargo/graph-data.rs/actix-http-3.13.1

Comment @coderabbitai help to get the list of available commands.

@openshift-ci openshift-ci Bot requested review from DavidHurta and wking June 23, 2026 01:22
@openshift-ci

openshift-ci Bot commented Jun 23, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign fao89 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci

openshift-ci Bot commented Jun 23, 2026

Copy link
Copy Markdown
Contributor

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e dcea72c link true /test e2e
ci/prow/images dcea72c link true /test images

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants