Closed dependabot[bot] closed 3 weeks ago
IMO we shouldn't take these Cargo.toml
updates. If the update gets yanked later, every downstream is broken for no good reason.
@djc Would it be better in that case to either disable Dependabot or switch to Renovate like the main repo?
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.
To ignore these dependencies, configure ignore rules in dependabot.yml
@djc Would it be better in that case to either disable Dependabot or switch to Renovate like the main repo?
Yeah, might be. I'm not sure I fully understand when Dependabot bumps the requirement vs not, maybe they bump it on any minor update?
Bumps the crates-io group with 1 update in the / directory: tempfile.
Updates
tempfile
from 3.12.0 to 3.13.0Changelog
Sourced from tempfile's changelog.
Commits
a354f8c
chore: release 3.13.0d21b602
chore: update depsd6600da
Add forwith_suffix
(#299)19280c5
Document current default permissions for tempdirs (#296)c5eac9f
fix: address clippy unnecessary deref lint in test (#294)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show