mirror of
https://github.com/lancedb/lancedb.git
synced 2026-05-20 21:40:43 +00:00
2d5298b6ee
Weekly dependabot refresh of `Cargo.lock`. Dependabot's original PR also raised the lower-bound version requirements in `Cargo.toml` (arrow, tokio, aws-sdk-*, etc.) to match the new lockfile versions. That forces our library's consumers onto newer minimum versions and broke the MSRV check, which downgrades aws-sdk-* crates to verify they still build on Rust 1.91. Changes from the original: - Reverted all `Cargo.toml` requirement changes; `Cargo.lock` regenerated with `cargo update` within the existing ranges. The lockfile (and the binaries we ship) stays current on security fixes without bumping our public minimum versions. - Set `versioning-strategy: lockfile-only` in `.github/dependabot.yml` so future cargo dependabot PRs only touch `Cargo.lock`. Note: `aws-lc-rs` stays at 1.16.3 — `nodejs/Cargo.toml` pins it with `=`, which `lockfile-only` cannot move; bumping it needs a manual change. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Will Jones <will.jones127@gmail.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Co-authored-by: Will Jones <willjones127@gmail.com>