Skip to content

chore(deps): bump zip from 7.2.0 to 7.4.0 #58

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump zip from 7.2.0 to 7.4.0 #58

dependabot wants to merge 1 commit into from
+226 −9

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 9, 2026
edited
Loading

Bumps zip from 7.2.0 to 7.4.0.

Release notes

Sourced from zip's releases.

v7.4.0

🚀 Features

  • Increase MSRV to 1.88 and update dependencies (#626)

v7.3.0

🚀 Features

  • cleanup the benchs and Cargo.toml (#606)
  • Add support for per-file comments (#543)

🐛 Bug Fixes

  • Document feature unreserved and make the mapping of extra fields public (#616)
  • Return an error if abort_file() fails when exceeding non-large-file limit (#598)

⚙️ Miscellaneous Tasks

  • Bump version to 7.3.0 (semver checks fail if it's still 7.3.0-pre1)

v7.3.0-pre1

🐛 Bug Fixes

  • Reject empty ZipCrypto password when encrypting files (can still be used when decrypting)
  • make zip crate safer and more readable (#536)

⚡ Performance

  • Optimizations for CP437 conversion (#559)

⚙️ Miscellaneous Tasks

  • Trigger release 7.3.0-pre1 to reset cargo-semver-checks baseline
Changelog

Sourced from zip's changelog.

7.4.0 - 2026-02-05

🚀 Features

  • Increase MSRV to 1.88 and update dependencies (#626)

7.3.0 - 2026-02-04

🚀 Features

  • cleanup the benchmarks and Cargo.toml (#606)
  • Add support for per-file comments (#543)

🐛 Bug Fixes

  • Document feature unreserved and make the mapping of extra fields public (#616)
  • Return an error if abort_file() fails when exceeding non-large-file limit (#598)

⚙️ Miscellaneous Tasks

  • Bump version to 7.3.0 (semver checks fail if it's still 7.3.0-pre1)

7.3.0-pre1 - 2026-01-27

🐛 Bug Fixes

  • Reject empty ZipCrypto password when encrypting files (can still be used when decrypting)
  • make zip crate safer and more readable (#536)

⚡ Performance

  • Optimizations for CP437 conversion (#559)

⚙️ Miscellaneous Tasks

  • Trigger release 7.3.0-pre1 to reset cargo-semver-checks baseline
Commits
  • 016d421 chore: release v7.4.0 (#628)
  • 18792c2 feat: Increase MSRV to 1.88 and update dependencies (#626)
  • c9bce39 test: Potential fixes for 5 code quality findings (method-description comment...
  • 5b61c24 test: Potential fixes for 2 code quality findings in tests/end_to_end.rs (#624)
  • 1c59f3c Apply suggested fix to CHANGELOG.md from Copilot Autofix (#623)
  • 41aeb9f Revert "ci: Temporarily override baseline for semver checks (revert after 7.3...
  • ba77189 chore: release v7.3.0 (#580)
  • 57b5ecc fix: Document feature unreserved and make the mapping of extra fields publi...
  • 579b67c Apply suggested fix to tests/zip_crypto.rs from Copilot Autofix (#620)
  • ca432a0 Apply suggested fix to tests/wasm32.rs from Copilot Autofix (#618)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Feb 9, 2026
@github-actions github-actions bot requested a review from neoapps-dev February 9, 2026 21:27
@dependabot
chore(deps): bump zip from 7.2.0 to 7.4.0
0220e7e 
Bumps [zip](https://github.com/zip-rs/zip2) from 7.2.0 to 7.4.0.
- [Release notes](https://github.com/zip-rs/zip2/releases)
- [Changelog](https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md)
- [Commits](zip-rs/zip2@v7.2.0...v7.4.0)

---
updated-dependencies:
- dependency-name: zip
  dependency-version: 7.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/zip-7.4.0 branch from acb06d7 to 0220e7e Compare February 9, 2026 22:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@neoapps-dev neoapps-dev Awaiting requested review from neoapps-dev

At least 1 approving review is required to merge this pull request.

Assignees

@neoapps-dev neoapps-dev

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@neoapps-dev