chore(deps): bump rcgen from 0.12.1 to 0.14.5 #2467

Closed

dependabot[bot] wants to merge 1 commit from refs/pull/2467/head into main

dependabot[bot] commented

2025-11-24 02:34:02 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #1999
Original author: @dependabot[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1999
Original created: 2025-11-24T02:34:02Z
Original updated: 2025-12-15T02:32:28Z
Original head: carverauto/serviceradar:dependabot/cargo/rcgen-0.14.5
Original base: main

Bumps rcgen from 0.12.1 to 0.14.5.

Release notes

Sourced from rcgen's releases.

0.14.5

Implement SigningKey for &impl SigningKey to make Issuer more broadly useful.

What's Changed

Forward signing and public key data through references by @djc in rustls/rcgen#380

0.14.4

What's Changed

Upgrade botan to 0.12 by @djc in rustls/rcgen#377

Upgrade x509-parser to 0.18 by @djc in rustls/rcgen#376

Add unstable support for ML-DSA algorithms by @djc in rustls/rcgen#374

0.14.3

What's Changed

docs: fix typo in PKCS_RSA_SHA384 doc comment by @Bravo555 in rustls/rcgen#367

Fix regression in key usage purpose encoding by @djc in rustls/rcgen#369

0.14.2

Add a CertifiedIssuer type (see #363)

What's changed

Add a CertifiedIssuer by @djc in rustls/rcgen#363

Provide a non-owning constructor for Issuer by @p-avital in rustls/rcgen#362

Allow access to the CertifiedIssuer's Certificate by @djc in rustls/rcgen#364

0.14.1

Declare 1.71 rust-version and check MSRV in CI.

What's Changed

Check MSRV in CI by @djc in rustls/rcgen#361

0.14.0 contains a number of potentially breaking API changes, though hopefully the rate of API change should slow down after this. Here is a summary of the most noticeable changes you might run into:

signed_by() methods now take a reference to an &Issuer type that contains both the issuer's relevant certificate parameters and the signing key (see #356). The from_ca_cert_der() and from_ca_cert_pem() constructors that were previously attached to CertificateParams are now attached to Issuer instead, removing a number of documented caveats.

The RemoteKeyPair trait is now called SigningKey and instead of KeyPair being an enum that contains a Remote variant, that variant has been removed in favor of KeyPair implementing the trait (see #328). To align with this change, the CertifiedKey::key_pair field is now called signing_key, and CertifiedKey is generic over the signing key type.

The KeyPair::public_key_der() method has moved to PublicKeyData::subject_public_key_info() (see #328).

Output types like Certificate no longer contain their originating CertificateParams. Instead, signed_by() and self_signed() now take &self, allowing the caller to retain access to the input parameters (see #328). In order to make this possible, Certificate::key_identifier() can now be accessed via CertificateParams directly.

String types have been moved into a module (see #329).

What's Changed

Revert impl AsRef issuer by @audunhalland in rustls/rcgen#325

Move string types to separate module by @est31 in rustls/rcgen#329

Unbundle params from output types by @djc in rustls/rcgen#328

Deduplicate Issuer construction by @djc in rustls/rcgen#332

... (truncated)

Commits

957a3d8 Bump rcgen version to 0.14.5
befba1f Forward signing and public key data through references
9f7fbb6 Bump rcgen to 0.14.4
12f96a8 Add unstable support for ML-DSA algorithms
28ff3b3 Move verification tests into a separate crate
cfe8b2e Alphabetize features and dependencies
00883a9 Use more conventional order in Cargo.toml files
ef07b92 Move all dependency specifications to the workspace
1bb5ba3 Remove ring-specific documentation links
b4d001b cli: implement explicit FromStr impl for KeyPairAlgorithm
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Imported from GitHub pull request. Original GitHub pull request: #1999 Original author: @dependabot[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1999 Original created: 2025-11-24T02:34:02Z Original updated: 2025-12-15T02:32:28Z Original head: carverauto/serviceradar:dependabot/cargo/rcgen-0.14.5 Original base: main --- Bumps [rcgen](https://github.com/rustls/rcgen) from 0.12.1 to 0.14.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rustls/rcgen/releases">rcgen's releases</a>.</em></p> <blockquote> <h2>0.14.5</h2> <p>Implement SigningKey for <code>&impl SigningKey</code> to make <code>Issuer</code> more broadly useful.</p> <h2>What's Changed</h2> <ul> <li>Forward signing and public key data through references by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/380">rustls/rcgen#380</a></li> </ul> <h2>0.14.4</h2> <h2>What's Changed</h2> <ul> <li>Upgrade botan to 0.12 by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/377">rustls/rcgen#377</a></li> <li>Upgrade x509-parser to 0.18 by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/376">rustls/rcgen#376</a></li> <li>Add unstable support for ML-DSA algorithms by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/374">rustls/rcgen#374</a></li> </ul> <h2>0.14.3</h2> <h2>What's Changed</h2> <ul> <li>docs: fix typo in <code>PKCS_RSA_SHA384</code> doc comment by <a href="https://github.com/Bravo555"><code>@Bravo555</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/367">rustls/rcgen#367</a></li> <li>Fix regression in key usage purpose encoding by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/369">rustls/rcgen#369</a></li> </ul> <h2>0.14.2</h2> <ul> <li>Add a <code>CertifiedIssuer</code> type (see <a href="https://redirect.github.com/rustls/rcgen/issues/363">#363</a>)</li> </ul> <h2>What's changed</h2> <ul> <li>Add a CertifiedIssuer by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/363">rustls/rcgen#363</a></li> <li>Provide a non-owning constructor for <code>Issuer</code> by <a href="https://github.com/p-avital"><code>@p-avital</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/362">rustls/rcgen#362</a></li> <li>Allow access to the CertifiedIssuer's Certificate by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/364">rustls/rcgen#364</a></li> </ul> <h2>0.14.1</h2> <p>Declare 1.71 <code>rust-version</code> and check MSRV in CI.</p> <h2>What's Changed</h2> <ul> <li>Check MSRV in CI by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/361">rustls/rcgen#361</a></li> </ul> <p>0.14.0 contains a number of potentially breaking API changes, though hopefully the rate of API change should slow down after this. Here is a summary of the most noticeable changes you might run into:</p> <ul> <li><code>signed_by()</code> methods now take a reference to an <code>&Issuer</code> type that contains both the issuer's relevant certificate parameters and the signing key (see <a href="https://redirect.github.com/rustls/rcgen/issues/356">#356</a>). The <code>from_ca_cert_der()</code> and <code>from_ca_cert_pem()</code> constructors that were previously attached to <code>CertificateParams</code> are now attached to <code>Issuer</code> instead, removing a number of documented caveats.</li> <li>The <code>RemoteKeyPair</code> trait is now called <code>SigningKey</code> and instead of <code>KeyPair</code> being an enum that contains a <code>Remote</code> variant, that variant has been removed in favor of <code>KeyPair</code> implementing the trait (see <a href="https://redirect.github.com/rustls/rcgen/issues/328">#328</a>). To align with this change, the <code>CertifiedKey::key_pair</code> field is now called <code>signing_key</code>, and <code>CertifiedKey</code> is generic over the signing key type.</li> <li>The <code>KeyPair::public_key_der()</code> method has moved to <code>PublicKeyData::subject_public_key_info()</code> (see <a href="https://redirect.github.com/rustls/rcgen/issues/328">#328</a>).</li> <li>Output types like <code>Certificate</code> no longer contain their originating <code>CertificateParams</code>. Instead, <code>signed_by()</code> and <code>self_signed()</code> now take <code>&self</code>, allowing the caller to retain access to the input parameters (see <a href="https://redirect.github.com/rustls/rcgen/issues/328">#328</a>). In order to make this possible, <code>Certificate::key_identifier()</code> can now be accessed via <code>CertificateParams</code> directly.</li> <li>String types have been moved into a module (see <a href="https://redirect.github.com/rustls/rcgen/issues/329">#329</a>).</li> </ul> <h2>What's Changed</h2> <ul> <li>Revert impl AsRef issuer by <a href="https://github.com/audunhalland"><code>@audunhalland</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/325">rustls/rcgen#325</a></li> <li>Move string types to separate module by <a href="https://github.com/est31"><code>@est31</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/329">rustls/rcgen#329</a></li> <li>Unbundle params from output types by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/328">rustls/rcgen#328</a></li> <li>Deduplicate Issuer construction by <a href="https://github.com/djc"><code>@djc</code></a> in <a href="https://redirect.github.com/rustls/rcgen/pull/332">rustls/rcgen#332</a></li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rustls/rcgen/commit/957a3d80d90bac59123b664808a31727b2a8e767"><code>957a3d8</code></a> Bump rcgen version to 0.14.5</li> <li><a href="https://github.com/rustls/rcgen/commit/befba1fba89431f08cc18d08be1d206a8d4cde66"><code>befba1f</code></a> Forward signing and public key data through references</li> <li><a href="https://github.com/rustls/rcgen/commit/9f7fbb653e505cf0f4a84d8eb25fc3827216a30f"><code>9f7fbb6</code></a> Bump rcgen to 0.14.4</li> <li><a href="https://github.com/rustls/rcgen/commit/12f96a85e4bb91f387e8e28bdb962162fde39b70"><code>12f96a8</code></a> Add unstable support for ML-DSA algorithms</li> <li><a href="https://github.com/rustls/rcgen/commit/28ff3b3d485949c88ba1be7adfb5cb03c5871f55"><code>28ff3b3</code></a> Move verification tests into a separate crate</li> <li><a href="https://github.com/rustls/rcgen/commit/cfe8b2e89b1a6af75522297afd8aa8d8c04be746"><code>cfe8b2e</code></a> Alphabetize features and dependencies</li> <li><a href="https://github.com/rustls/rcgen/commit/00883a930302fd9281383c9a229248c2595f6af5"><code>00883a9</code></a> Use more conventional order in Cargo.toml files</li> <li><a href="https://github.com/rustls/rcgen/commit/ef07b92a5f60bd217d65e98b8d7f33156c6c6c53"><code>ef07b92</code></a> Move all dependency specifications to the workspace</li> <li><a href="https://github.com/rustls/rcgen/commit/1bb5ba32861ba2a9d227eda2f58723f10f83e7e3"><code>1bb5ba3</code></a> Remove ring-specific documentation links</li> <li><a href="https://github.com/rustls/rcgen/commit/b4d001b73e0295523ecaa002376ec3fef47b230d"><code>b4d001b</code></a> cli: implement explicit FromStr impl for KeyPairAlgorithm</li> <li>Additional commits viewable in <a href="https://github.com/rustls/rcgen/compare/v0.12.1...v0.14.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rcgen&package-manager=cargo&previous-version=0.12.1&new-version=0.14.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

dependabot[bot] commented

2025-12-15 02:32:26 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @dependabot[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1999#issuecomment-3652647847
Original created: 2025-12-15T02:32:26Z

Superseded by #2138.

Imported GitHub PR comment. Original author: @dependabot[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1999#issuecomment-3652647847 Original created: 2025-12-15T02:32:26Z --- Superseded by #2138.