[PR #404] [MERGED] Bump zip from 3.0.0 to 4.0.0 #486

New issue

Closed

opened 2026-03-03 13:47:43 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 13:47:43 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/gopher64/gopher64/pull/404
Author: @dependabot[bot]
Created: 5/22/2025
Status: ✅ Merged
Merged: 5/22/2025
Merged by: @loganmc10

Base: main ← Head: dependabot/cargo/zip-4.0.0

📝 Commits (1)

5feb69f Bump zip from 3.0.0 to 4.0.0

📊 Changes

2 files changed (+24 additions, -50 deletions)

View changed files

📝 Cargo.lock (+23 -49)
📝 Cargo.toml (+1 -1)

📄 Description

Bumps zip from 3.0.0 to 4.0.0.

Release notes

Sourced from zip's releases.

v4.0.0

🐛 Bug Fixes

Allow extraction of Zip64 where "Version needed to extract" is higher than "Version made by" (#356)

⚙️ Miscellaneous Tasks

Revert nt-time upgrade (would increase MSRV)

Revert constant_time_eq update (would increase MSRV)

Update fully-qualified names of liblzma imports

Changelog

Sourced from zip's changelog.

4.0.0 - 2025-05-21

🐛 Bug Fixes

Allow extraction of Zip64 where "Version needed to extract" is higher than "Version made by" (#356)

⚙️ Miscellaneous Tasks

Revert nt-time upgrade (would increase MSRV)

Revert constant_time_eq update (would increase MSRV)

Update fully-qualified names of liblzma imports

Commits

b87a248 chore: release v4.0.0 (#357)
2514c4c fix: Allow extraction of Zip64 where "Version needed to extract" is higher th...
4aadb85 docs: Update fuzzing section of README
470394d chore: Revert nt-time upgrade (would increase MSRV)
e4ab083 test(ci): Remove redundant semver checks
89fd4ff deps!: Use dep: to suppress implicit features that may change in the future
7d7d265 chore: Revert constant_time_eq update (would increase MSRV)
2d75b28 style: cargo fmt --all
3a5094d deps: Replace lzma-rs with liblzma
b93fc34 chore: Update fully-qualified names of liblzma imports
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/gopher64/gopher64/pull/404 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 5/22/2025 **Status:** ✅ Merged **Merged:** 5/22/2025 **Merged by:** [@loganmc10](https://github.com/loganmc10) **Base:** `main` ← **Head:** `dependabot/cargo/zip-4.0.0` --- ### 📝 Commits (1) - [`5feb69f`](https://github.com/gopher64/gopher64/commit/5feb69fd4d797a9f864f97e87a359f4a099735a2) Bump zip from 3.0.0 to 4.0.0 ### 📊 Changes **2 files changed** (+24 additions, -50 deletions) <details> <summary>View changed files</summary> 📝 `Cargo.lock` (+23 -49) 📝 `Cargo.toml` (+1 -1) </details> ### 📄 Description Bumps [zip](https://github.com/zip-rs/zip2) from 3.0.0 to 4.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/zip-rs/zip2/releases">zip's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <h3>🐛 Bug Fixes</h3> <ul> <li>Allow extraction of Zip64 where "Version needed to extract" is higher than "Version made by" (<a href="https://redirect.github.com/zip-rs/zip2/pull/356">#356</a>)</li> </ul> <h3>⚙️ Miscellaneous Tasks</h3> <ul> <li>Revert nt-time upgrade (would increase MSRV)</li> <li>Revert constant_time_eq update (would increase MSRV)</li> <li>Update fully-qualified names of liblzma imports</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md">zip's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/zip-rs/zip2/compare/v3.0.0...v4.0.0">4.0.0</a> - 2025-05-21</h2> <h3>🐛 Bug Fixes</h3> <ul> <li>Allow extraction of Zip64 where "Version needed to extract" is higher than "Version made by" (<a href="https://redirect.github.com/zip-rs/zip2/pull/356">#356</a>)</li> </ul> <h3>⚙️ Miscellaneous Tasks</h3> <ul> <li>Revert nt-time upgrade (would increase MSRV)</li> <li>Revert constant_time_eq update (would increase MSRV)</li> <li>Update fully-qualified names of liblzma imports</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zip-rs/zip2/commit/b87a2482e2d2a05b96e77eba93a504d13a6348e0"><code>b87a248</code></a> chore: release v4.0.0 (<a href="https://redirect.github.com/zip-rs/zip2/issues/357">#357</a>)</li> <li><a href="https://github.com/zip-rs/zip2/commit/2514c4cde2de888dbfb0013290fe0b1bf84c45a6"><code>2514c4c</code></a> fix: Allow extraction of Zip64 where "Version needed to extract" is higher th...</li> <li><a href="https://github.com/zip-rs/zip2/commit/4aadb854b2928644a850cbd579a5c1e1c01ec1e0"><code>4aadb85</code></a> docs: Update fuzzing section of README</li> <li><a href="https://github.com/zip-rs/zip2/commit/470394d7ef8c757aac092c8f1352070320c6f061"><code>470394d</code></a> chore: Revert nt-time upgrade (would increase MSRV)</li> <li><a href="https://github.com/zip-rs/zip2/commit/e4ab083cc700b58187bf9b1e065646cbcb77d2a6"><code>e4ab083</code></a> test(ci): Remove redundant semver checks</li> <li><a href="https://github.com/zip-rs/zip2/commit/89fd4ffd6a75cccccb546d05d98bb9ee7c6aaa1c"><code>89fd4ff</code></a> deps!: Use <code>dep:</code> to suppress implicit features that may change in the future</li> <li><a href="https://github.com/zip-rs/zip2/commit/7d7d26531411c9c1bc8f3db57351e3c3a283e6a6"><code>7d7d265</code></a> chore: Revert constant_time_eq update (would increase MSRV)</li> <li><a href="https://github.com/zip-rs/zip2/commit/2d75b28b6f35b671223abd2cafbf938a068fa993"><code>2d75b28</code></a> style: cargo fmt --all</li> <li><a href="https://github.com/zip-rs/zip2/commit/3a5094ded1f158b6cee2e484ccc8e3e86f03cf4f"><code>3a5094d</code></a> deps: Replace lzma-rs with liblzma</li> <li><a href="https://github.com/zip-rs/zip2/commit/b93fc342660436252d979e375ac2cf18f56dba1a"><code>b93fc34</code></a> chore: Update fully-qualified names of liblzma imports</li> <li>Additional commits viewable in <a href="https://github.com/zip-rs/zip2/compare/v3.0.0...v4.0.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zip&package-manager=cargo&previous-version=3.0.0&new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>