Replace DomRefCell<bool> with Cell<bool> for Response::redirected field.
Changed redirected field from DomRefCell<bool> to Cell<bool> and updated
all related methods:
- Struct field: redirected: DomRefCell<bool> → redirected: Cell<bool>
- Constructor: DomRefCell::new(false) → Cell::new(false)
- Getter method: *self.redirected.borrow() → self.redirected.get()
- Setter method: *self.redirected.borrow_mut() = value →
self.redirected.set(value)
Testing: As noted in the issue, compilation is sufficient for this
change.
Fixes: #39288
Signed-off-by: ritoban23 <ankudutt101@gmail.com>
Sometimes, the computed scrolling area of window is larger than
viewport. This causes panics in `Window.scroll` with `f32::clamp(0.0,
some negative number)`.
Eventually, we should find out why "computed scrolling area of window is
larger than viewport". But let's avoid the panics first.
Testing: This avoids panic, so definitely not covered by existing tests.
But it would be hard to write a automated test for this in headless
mode.
Fixes: #39346
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
We have been consolidating all of our Python configuration in
`pyproject.toml`, so we can move our one `uv` specific setting there as
well.
Testing: There is no easy way to write an automated test for this but I
confirmed it work by running `uv run --show-settings`.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
This changes removes the integration with Instruments.app "Points of
Interest" track for a variety of reasons:
- This functionality is made somewhat redundant by Servo's support for
Perfetto traces.
- This functionality depends on the `signpost` crate which hasn't seen
activity for 9 years and only supports macOS.
Testing: This removes some functionality that is only observable via
Instruments.app, so testing it is difficult.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Bumps [inherent](https://github.com/dtolnay/inherent) from 1.0.12 to
1.0.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/inherent/releases">inherent's
releases</a>.</em></p>
<blockquote>
<h2>1.0.13</h2>
<ul>
<li>Support async function in trait (<a
href="https://redirect.github.com/dtolnay/inherent/issues/22">#22</a>,
thanks <a
href="https://github.com/rumpuslabs"><code>@rumpuslabs</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1eb353791a"><code>1eb3537</code></a>
Release 1.0.13</li>
<li><a
href="3ae614e289"><code>3ae614e</code></a>
Merge pull request 22 from rumpuslabs/async-fn</li>
<li><a
href="478ca232ae"><code>478ca23</code></a>
Support async function in trait</li>
<li><a
href="09f034c241"><code>09f034c</code></a>
Raise required compiler to Rust 1.61</li>
<li><a
href="3f94c40d42"><code>3f94c40</code></a>
Enforce trybuild >= 1.0.108</li>
<li><a
href="85353e625e"><code>85353e6</code></a>
Update actions/checkout@v4 -> v5</li>
<li><a
href="495c8a85e0"><code>495c8a8</code></a>
Raise minimum tested compiler to rust 1.70</li>
<li><a
href="641dc66b45"><code>641dc66</code></a>
Raise minimum tested compiler to rust 1.63</li>
<li><a
href="b99bff2ff0"><code>b99bff2</code></a>
Revert "Pin nightly toolchain used for miri job"</li>
<li><a
href="ecb7dd4681"><code>ecb7dd4</code></a>
Update ui test suite to nightly-2025-05-24</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/inherent/compare/1.0.12...1.0.13">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [rustls-webpki](https://github.com/rustls/webpki) from 0.103.5 to
0.103.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rustls/webpki/releases">rustls-webpki's
releases</a>.</em></p>
<blockquote>
<h2>0.103.6</h2>
<p>The extensible EKU validation released as part of 0.103.5 was
actually not usable due to missing type exports, and contained a
regression where empty ExtendedKeyUsage extensions would not trigger an
error. Both issues are fixed in this release.</p>
<h2>What's Changed</h2>
<ul>
<li>Export more types to enable ExtendedKeyUsageValidator
implementations by <a
href="https://github.com/djc"><code>@djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/381">rustls/webpki#381</a></li>
<li>Error on empty EKU extensions by <a
href="https://github.com/djc"><code>@djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/382">rustls/webpki#382</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b88328ac07"><code>b88328a</code></a>
Bump version to 0.103.6</li>
<li><a
href="54f896f56c"><code>54f896f</code></a>
Error on empty EKU extensions</li>
<li><a
href="6157541a7e"><code>6157541</code></a>
Export more types to enable ExtendedKeyUsageValidator
implementations</li>
<li>See full diff in <a
href="https://github.com/rustls/webpki/compare/v/0.103.5...v/0.103.6">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [camino](https://github.com/camino-rs/camino) from 1.1.12 to
1.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/camino-rs/camino/releases">camino's
releases</a>.</em></p>
<blockquote>
<h2>camino 1.2.0</h2>
<h3>Changed</h3>
<ul>
<li>MSRV updated to Rust 1.61 to support the switch to
<code>serde_core</code>.</li>
<li>camino now depends on <code>serde_core</code> rather than
<code>serde</code>. This allows camino's compilation to be parallelized
with <code>serde_derive</code>.</li>
<li><code>serde</code> and <code>proptest</code> are no longer available
as features. This is technically a breaking change, but these features
were already no-ops. Instead, use <code>serde1</code> and
<code>proptest1</code> respectively.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/camino-rs/camino/blob/main/CHANGELOG.md">camino's
changelog</a>.</em></p>
<blockquote>
<h2>[1.2.0] - 2025-09-14</h2>
<h3>Changed</h3>
<ul>
<li>MSRV updated to Rust 1.61 to support the switch to
<code>serde_core</code>.</li>
<li>camino now depends on <code>serde_core</code> rather than
<code>serde</code>. This allows camino's compilation to be parallelized
with <code>serde_derive</code>.</li>
<li><code>serde</code> and <code>proptest</code> are no longer available
as features. This is technically a breaking change, but these features
were already no-ops. Instead, use <code>serde1</code> and
<code>proptest1</code> respectively.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="62ddbaaad9"><code>62ddbaa</code></a>
[camino] version 1.2.0</li>
<li><a
href="b525ad9d67"><code>b525ad9</code></a>
changelog + minor doc updates</li>
<li><a
href="0150dc99ca"><code>0150dc9</code></a>
switch to serde_core</li>
<li><a
href="a2a7da05ea"><code>a2a7da0</code></a>
switch to dep: for optional dependencies</li>
<li><a
href="f16b48f68a"><code>f16b48f</code></a>
update edition to 2021</li>
<li><a
href="8540bc3ecf"><code>8540bc3</code></a>
update MSRV to Rust 1.61</li>
<li><a
href="2d6994cc68"><code>2d6994c</code></a>
add changelog link</li>
<li>See full diff in <a
href="https://github.com/camino-rs/camino/compare/camino-1.1.12...camino-1.2.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde-untagged](https://github.com/dtolnay/serde-untagged) from
0.1.8 to 0.1.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/serde-untagged/releases">serde-untagged's
releases</a>.</em></p>
<blockquote>
<h2>0.1.9</h2>
<ul>
<li>Switch serde dependency to serde_core (<a
href="https://redirect.github.com/dtolnay/serde-untagged/issues/11">#11</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3097fd8be3"><code>3097fd8</code></a>
Release 0.1.9</li>
<li><a
href="ff4a208c63"><code>ff4a208</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/serde-untagged/issues/11">#11</a>
from dtolnay/serdecore</li>
<li><a
href="0495a06b28"><code>0495a06</code></a>
Switch serde dependency to serde_core</li>
<li><a
href="80e2d81a16"><code>80e2d81</code></a>
Update actions/checkout@v4 -> v5</li>
<li>See full diff in <a
href="https://github.com/dtolnay/serde-untagged/compare/0.1.8...0.1.9">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [hyper-util](https://github.com/hyperium/hyper-util) from 0.1.16
to 0.1.17.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/hyperium/hyper-util/releases">hyper-util's
releases</a>.</em></p>
<blockquote>
<h2>v0.1.17</h2>
<h2>Highlights</h2>
<ul>
<li>Fix <code>legacy::Client</code> to allow absolute-form URIs when
<code>Connected::proxy(true)</code> is passed and the scheme is
<code>https</code>.</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>chore(test): remove some miri exception config by <a
href="https://github.com/tottoto"><code>@tottoto</code></a> in <a
href="https://redirect.github.com/hyperium/hyper-util/pull/222">hyperium/hyper-util#222</a></li>
<li>refactor(connect): safely convert <code>socket2::Socket</code> to
Tokio <code>TcpSocket</code> by <a
href="https://github.com/0x676e67"><code>@0x676e67</code></a> in <a
href="https://redirect.github.com/hyperium/hyper-util/pull/223">hyperium/hyper-util#223</a></li>
<li>refactor: set correct cfg on common::{Exec, Lazy, SyncWrapper} by <a
href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in
<a
href="https://redirect.github.com/hyperium/hyper-util/pull/224">hyperium/hyper-util#224</a></li>
<li>fix(client): allow absolute-form if is_proxied is set even on HTTPS
by <a
href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in
<a
href="https://redirect.github.com/hyperium/hyper-util/pull/225">hyperium/hyper-util#225</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/hyperium/hyper-util/compare/v0.1.16...v0.1.17">https://github.com/hyperium/hyper-util/compare/v0.1.16...v0.1.17</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/hyperium/hyper-util/blob/master/CHANGELOG.md">hyper-util's
changelog</a>.</em></p>
<blockquote>
<h1>0.1.17 (2025-09-15)</h1>
<ul>
<li>Fix <code>legacy::Client</code> to allow absolute-form URIs when
<code>Connected::proxy(true)</code> is passed and the scheme is
<code>https</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3021828e4a"><code>3021828</code></a>
v0.1.17</li>
<li><a
href="9fb7cd569c"><code>9fb7cd5</code></a>
fix(client): allow absolute-form if is_proxied is set even on HTTPS (<a
href="https://redirect.github.com/hyperium/hyper-util/issues/225">#225</a>)</li>
<li><a
href="00035bac2d"><code>00035ba</code></a>
refactor: set correct cfg on common::{rewind, Exec, Lazy, SyncWrapper}
(<a
href="https://redirect.github.com/hyperium/hyper-util/issues/224">#224</a>)</li>
<li><a
href="ad8c7c5a7b"><code>ad8c7c5</code></a>
refactor(connect): safely convert <code>Socket</code> to Tokio
<code>TcpSocket</code> (<a
href="https://redirect.github.com/hyperium/hyper-util/issues/223">#223</a>)</li>
<li><a
href="00911ecd3d"><code>00911ec</code></a>
chore(test): remove some miri exception config (<a
href="https://redirect.github.com/hyperium/hyper-util/issues/222">#222</a>)</li>
<li>See full diff in <a
href="https://github.com/hyperium/hyper-util/compare/v0.1.16...v0.1.17">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [peniko](https://github.com/linebender/peniko) from 0.4.0 to
0.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/linebender/peniko/releases">peniko's
releases</a>.</em></p>
<blockquote>
<h2>v0.4.1</h2>
<p><strong><a href="https://crates.io/crates/peniko/0.4.1">Crates.io</a>
| <a href="https://docs.rs/peniko/0.4.1/">Docs</a></strong></p>
<p>This release has an <a
href="README.md#minimum-supported-rust-version-msrv">MSRV</a> of
1.82.</p>
<h3>Changed</h3>
<ul>
<li>Use <a
href="https://github.com/linebender/peniko/blob/HEAD/#linebender-resource-handle">Linebender
Resource Handle</a> for <code>Font</code>, <code>Blob</code>, and
<code>WeakBlob</code>. (<a
href="https://redirect.github.com/linebender/peniko/issues/129">#129</a>
by <a href="https://github.com/DJMcNab"><code>@DJMcNab</code></a>, <a
href="https://github.com/nicoburns"><code>@nicoburns</code></a>)</li>
</ul>
<h3>Linebender Resource Handle</h3>
<p>Peniko's <code>Font</code> (and therefore also <code>Blob</code>) are
used as vocabulary types for font resources between crates.
However, this means that when Peniko made semver-incompatible releases,
those crates could no longer (easily) interoperate.
To resolve this, <code>Font</code>, <code>Blob</code>, and
<code>WeakBlob</code> are now re-exports from a new crate called <a
href="https://crates.io/crates/linebender_resource_handle">Linebender
Resource Handle</a>.
These types have identical API as in previous releases, but will now be
the same type across Peniko versions.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/linebender/peniko/compare/v0.4.0...v0.4.1">https://github.com/linebender/peniko/compare/v0.4.0...v0.4.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/linebender/peniko/blob/main/CHANGELOG.md">peniko's
changelog</a>.</em></p>
<blockquote>
<h2>[0.4.1][] (2025-09-15)</h2>
<p>This release has an [MSRV] of 1.82.</p>
<h3>Changed</h3>
<ul>
<li>Use <a
href="https://github.com/linebender/peniko/blob/main/#linebender-resource-handle">Linebender
Resource Handle</a> for <code>Font</code>, <code>Blob</code>, and
<code>WeakBlob</code>. (<a
href="https://redirect.github.com/linebender/peniko/issues/129">#129</a>[]
by [<a href="https://github.com/DJMcNab"><code>@DJMcNab</code></a>][],
[<a
href="https://github.com/nicoburns"><code>@nicoburns</code></a>][])</li>
</ul>
<h3>Linebender Resource Handle</h3>
<p>Peniko's <code>Font</code> (and therefore also <code>Blob</code>) are
used as vocabulary types for font resources between crates.
However, this means that when Peniko made semver-incompatible releases,
those crates could no longer (easily) interoperate.
To resolve this, <code>Font</code>, <code>Blob</code>, and
<code>WeakBlob</code> are now re-exports from a new crate called <a
href="https://crates.io/crates/linebender_resource_handle">Linebender
Resource Handle</a>.
These types have identical API as in previous releases, but will now be
the same type across Peniko versions.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0c0b6d04fd"><code>0c0b6d0</code></a>
Prepare to release v0.4.1 (<a
href="https://redirect.github.com/linebender/peniko/issues/131">#131</a>)</li>
<li><a
href="a369f053de"><code>a369f05</code></a>
Backport <a
href="https://redirect.github.com/linebender/peniko/issues/126">#126</a>
(Linebender Resource Handle) to v0.4.x (<a
href="https://redirect.github.com/linebender/peniko/issues/129">#129</a>)</li>
<li>See full diff in <a
href="https://github.com/linebender/peniko/compare/v0.4.0...v0.4.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Additionally also improve the warning message if the routed receiver
disconnects and exit the thread.
If the routed receiver disconnects, we can't receive any canvas messages
anymore, and any control messages can't remedy that, so we might as well
exit.
Testing: Channel changes are covered by existing tests. Exiting the
canvas thread if the routed thread disconnects is not tested, and needs
reviewer attention.
Part of https://github.com/servo/servo/issues/38912
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
The command-line help output for `-Z` and `DebugOptions were out of sync
again. This change makes sure they match again.
Testing: No tests necessary as this mainly just updates the help output.
Fixes: #39311
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
This option is supported via the WebView API now and you can enable it
in servoshell by pressing `Ctrl` + `F12`. The command-line argument and
`Opts` field are older and I believe are no longer necessary.
Testing: This just removes a redundant command-line option, so no tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Testing: No functional changes. Covered by existing wpt tests.
Part of https://github.com/servo/servo/issues/38912
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
Refactor the background hang monitor channels to use GenericChannel.
Deserialization errors of `BackgroundHangMonitorControlMsg` are now
logged and ignored instead of causing a panic.
Testing: No major functional changes. Covered by BHM tests.
GenericChannel is also already widely used in servo.
Part of #38912
---------
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
The first step for aborting fetch calls. It only
has the case where the signal was already aborted
prior to fetch starting.
Part of #34866
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
`winres` is unmaintained and it seems like `winresoures` is the
successor.
Testing: This should not have any behavior changes and just modifies
a build step, so shouldn't need tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Bumps [semver](https://github.com/dtolnay/semver) from 1.0.26 to 1.0.27.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/semver/releases">semver's
releases</a>.</em></p>
<blockquote>
<h2>1.0.27</h2>
<ul>
<li>Switch serde dependency to serde_core (<a
href="https://redirect.github.com/dtolnay/semver/issues/333">#333</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6ed8561154"><code>6ed8561</code></a>
Release 1.0.27</li>
<li><a
href="6967bba0e2"><code>6967bba</code></a>
Add serde version constraint</li>
<li><a
href="84d30574ff"><code>84d3057</code></a>
Exclude build.rs from crates.io package</li>
<li><a
href="b09aac935d"><code>b09aac9</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/semver/issues/343">#343</a>
from dtolnay/up</li>
<li><a
href="49b8570e34"><code>49b8570</code></a>
Delete backport module</li>
<li><a
href="9b04afee2f"><code>9b04afe</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/semver/issues/342">#342</a>
from dtolnay/up</li>
<li><a
href="83a8e91dba"><code>83a8e91</code></a>
Delete no_nonzero_bitscan configuration</li>
<li><a
href="e606a17855"><code>e606a17</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/semver/issues/341">#341</a>
from dtolnay/up</li>
<li><a
href="ebe7cf1897"><code>ebe7cf1</code></a>
Delete no_unsafe_op_in_unsafe_fn_lint configuration</li>
<li><a
href="a381bff044"><code>a381bff</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/semver/issues/340">#340</a>
from dtolnay/up</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/semver/compare/1.0.26...1.0.27">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Some WebIDL methods, attributes and dictionary members are named with
Rust keywords such as `type`, `use` and `continue`. Using those
identifiers directly in the generated Rust code would cause compilation
errors.
The code generator already addresses this issue for attributes and
dictionary members by adding a `_` suffix to the conflicting
identifiers, but does not yet apply the same treatment to methods. This
patch extends the handling to methods as well.
Fixes: #39286
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
Previously, when we click any element, it would trigger "scroll into
view". What's worse, for an anchor `<a>`, clicking it would "scroll into
view" instead of navigating to the url until you retry the click. The
reason is that we built `scrollIntoView` into the focus transaction
system with default option. However, the default `preventScroll` for
`FocusOption` is false according to spec, which triggers "scroll into
view" by default with focus triggered by interaction.
This PR
1. Adds spec document for those which really expects "scroll into view",
i.e. `<form>` when validating data.
2. Make sure when we begin focus transaction, we prevent "scroll into
view".
3. `Focus` method of element/document stays unchanged, which by default
scroll into view if no parameter provided according to spec.
Testing: Manually tested on `servo.org` and other websites, and examples
with `<form>` still correctly scroll into view when validation fails.
Fixes: #38616
---------
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.11.1 to
2.11.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's
changelog</a>.</em></p>
<blockquote>
<h2>2.11.3 (2025-09-15)</h2>
<ul>
<li>Make the minimum <code>serde</code> version only apply when
"serde" is enabled.</li>
</ul>
<h2>2.11.2 (2025-09-15)</h2>
<ul>
<li>Switched the "serde" feature to depend on
<code>serde_core</code>, improving build
parallelism in cases where other dependents have enabled
"serde/derive".</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fd5c819daf"><code>fd5c819</code></a>
Merge pull request <a
href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a>
from cuviper/release-2.11.3</li>
<li><a
href="9321145e1f"><code>9321145</code></a>
Release 2.11.3</li>
<li><a
href="7b485688c2"><code>7b48568</code></a>
Merge pull request <a
href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a>
from cuviper/release-2.11.2</li>
<li><a
href="49ce7fa471"><code>49ce7fa</code></a>
Release 2.11.2</li>
<li><a
href="58fd834804"><code>58fd834</code></a>
Merge pull request <a
href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a>
from DaniPopes/serde_core</li>
<li><a
href="5dc1d6ab31"><code>5dc1d6a</code></a>
Depend on <code>serde_core</code> instead of <code>serde</code></li>
<li><a
href="dc8f9b30e2"><code>dc8f9b3</code></a>
Merge pull request <a
href="https://redirect.github.com/indexmap-rs/indexmap/issues/415">#415</a>
from cuviper/vec-links</li>
<li><a
href="f3431bf938"><code>f3431bf</code></a>
Fix <code>Vec</code> doc links</li>
<li>See full diff in <a
href="https://github.com/indexmap-rs/indexmap/compare/2.11.1...2.11.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [async-signal](https://github.com/smol-rs/async-signal) from
0.2.12 to 0.2.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/smol-rs/async-signal/releases">async-signal's
releases</a>.</em></p>
<blockquote>
<h2>v0.2.13</h2>
<ul>
<li>Bump MSRV to 1.71. (<a
href="https://redirect.github.com/smol-rs/async-signal/issues/55">#55</a>)</li>
<li>Update to <code>windows-sys</code> v0.61. (<a
href="https://redirect.github.com/smol-rs/async-signal/issues/55">#55</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/smol-rs/async-signal/blob/master/CHANGELOG.md">async-signal's
changelog</a>.</em></p>
<blockquote>
<h1>Version 0.2.13</h1>
<ul>
<li>Bump MSRV to 1.71. (<a
href="https://redirect.github.com/smol-rs/async-signal/issues/55">#55</a>)</li>
<li>Update to <code>windows-sys</code> v0.61. (<a
href="https://redirect.github.com/smol-rs/async-signal/issues/55">#55</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="59b58c7330"><code>59b58c7</code></a>
Release 0.2.13</li>
<li><a
href="884088eb04"><code>884088e</code></a>
Update windows-sys requirement from 0.60 to 0.61 (<a
href="https://redirect.github.com/smol-rs/async-signal/issues/55">#55</a>)</li>
<li>See full diff in <a
href="https://github.com/smol-rs/async-signal/compare/v0.2.12...v0.2.13">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde_bytes](https://github.com/serde-rs/bytes) from 0.11.17 to
0.11.19.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/bytes/releases">serde_bytes's
releases</a>.</em></p>
<blockquote>
<h2>0.11.19</h2>
<ul>
<li>Fix propagation of "std" and "alloc" features to
serde (<a
href="https://redirect.github.com/serde-rs/bytes/issues/58">#58</a>)</li>
</ul>
<h2>0.11.18</h2>
<ul>
<li>Switch serde dependency to serde_core (<a
href="https://redirect.github.com/serde-rs/bytes/issues/57">#57</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34f3c7d442"><code>34f3c7d</code></a>
Release 0.11.19</li>
<li><a
href="181d7db539"><code>181d7db</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/bytes/issues/58">#58</a> from
serde-rs/serdecore</li>
<li><a
href="f7e67cabd4"><code>f7e67ca</code></a>
Fix serde_core feature enablement</li>
<li><a
href="582ea79755"><code>582ea79</code></a>
Release 0.11.18</li>
<li><a
href="abdc6e5999"><code>abdc6e5</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/bytes/issues/57">#57</a> from
serde-rs/serdecore</li>
<li><a
href="611073a7ab"><code>611073a</code></a>
Switch serde dependency to serde_core</li>
<li><a
href="d930d3ef0c"><code>d930d3e</code></a>
Update actions/checkout@v4 -> v5</li>
<li>See full diff in <a
href="https://github.com/serde-rs/bytes/compare/0.11.17...0.11.19">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sea-query](https://github.com/SeaQL/sea-query) from 1.0.0-rc.12
to 1.0.0-rc.14.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/SeaQL/sea-query/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
According to https://drafts.csswg.org/css-inline/#invisible-line-boxes,
if a line box contains non-zero inline-axis margins, padding or borders,
then it can't be phantom.
Therefore, this patch makes adds a `has_inline_pbm` flag to the line.
Note that we can't use the `has_content` flag, because that would add a
soft wrap opportunity between the padding/border/margin and the first
content of the line.
The patch also renames `InlineFormattingContext::had_inflow_content` to
`has_line_boxes`, which is what we care about for collapsing margins
through.
Testing: Adding new tests
Fixes: #39057
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
This patch refactors the logic for propagating overflow to the viewport,
fixing various issues:
- Now we won't propagate from the root element if it has no box. Note
the fix isn't observable in Servo because we lack scrollbars.
- If the first `<body>` element has no box, we won't keep searching for
other `<body>` elements. This deviates from the spec, but aligns us with
other browsers.
- We won't propagate from the `<body>` if it has no box. We were already
handling `display: none` but not `display: contents`. This deviates from
the spec, but aligns us with other browsers.
Also, when we flag the root or `<body>` as having propagated `overflow`
to the viewport, we retrieve the `LayoutBoxBase`. Therefore, now we get
the computed style from the `LayoutBoxBase` in a single operation,
instead of first retrieving the style from the DOM element and then
getting the `LayoutBoxBase` from the box.
Testing: Adding more tests. We were only failing one of them, but it's
hard to test the fixes given that we don't show scrollbars. The tests
that were already passing are useful too, e.g. Firefox fails one of
them.
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
The signal taken from the requestinit is now passed into
the request object with the relevant steps. I added all
spec comments to this method, as I had trouble figuring
out which steps I had to add.
This required implementing the algorithm to create
dependent signals, which is used in the `any()` method.
So that's now implemented as well.
All of that required the machinery to have dependent and
source signals on an AbortSignal. It uses an IndexSet
as the spec requires it to be an ordered set.
Part of #34866
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
The xpath resolver is a function provided by the user to resolve
namespace prefixes. Previously, we were ignoring the argument.
Testing: New web platform tests start to pass
Part of https://github.com/servo/servo/issues/34527
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
The WebCryptoAPI spec requires that when we generate crypto keys by the
generateKey method of SubtleCrypto interface we have to check whether
the usages is empty. If the usages is empty, throw a SyntaxError.
FYI, Step 9 of
https://w3c.github.io/webcrypto/#SubtleCrypto-method-generateKey
We have not yet implemented this logic, and this patch implements it.
Testing: Pass WPT tests that were expected to fail.
---------
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
This is currently unused, so it can be removed.
Testing: This just removes an unused field, so does not require tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
In Step 15, we are given the unwrapped key as bytes. If the format is
"jwk", we execute parse-a-JWK algorithm to parse it (and deserialize it
to a JsonWebKey dictionary).
In next step, we perform the import key operation on the unwrapped key.
In our current implementation, we serialize the JsonWebKey dictionary
(when format is "jwk") back to bytes, in order to perform the import key
operation.
In fact, this serialization step is redundant since we have already been
given the unwrapped key as bytes in Step 15. We can directly use it for
perform the import key operation. This patch remove this redundant step
of re-serializing the JsonWebKey dictionary.
Testing: Refactoring only. No change in tests.
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
Creating elements by directly calling their interface constructors leads
to some state not being intialized correctly (see #39285). It is also
not in line with the specifications as many of them refer to the
[`create an element`][1] algorithm when an element needs to be created,
which directly maps to `Element::create` in the script crate.
So, switch all such places where elements are created by script to use
`Element::create`.
[1]: https://dom.spec.whatwg.org/#concept-create-element
Testing: Existing WPT tests.
Fixes: #39285
Signed-off-by: Mukilan Thiyagarajan <mukilan@igalia.com>
Replace the `unwrap()` call with `log::error!()` in the
`send_request_to_devtools()` function to enhance error handling.
---
Before:
```
╰─❯ ./servo --devtools=1
[2025-09-15T14:35:07Z ERROR servoshell::desktop::app_state] Saw Servo error: DevtoolsFailedToStart!
called `Result::unwrap()` on an `Err` value: "SendError(..)" (thread tokio-runtime-5, at components/net/http_loader.rs:435)
[2025-09-15T14:35:07Z ERROR servoshell::panic_hook] called `Result::unwrap()` on an `Err` value: "SendError(..)"
```
After:
```
╰─❯ ./servo --devtools=1
[2025-09-16T01:24:59Z ERROR servoshell::desktop::app_state] Saw Servo error: DevtoolsFailedToStart!
[2025-09-16T01:24:59Z ERROR net::http_loader] DevTools send failed: sending on a disconnected channel
[2025-09-16T01:24:59Z ERROR net::http_loader] DevTools send failed: sending on a disconnected channel
...
```
Signed-off-by: Integral <integral@member.fsf.org>
This uses the ScriptThread::custom_element_reaction_stack to call the
enqueue_callback_reaction on the Rc instead of in the loop.
Potentially saving access to thread_local variables.
Testing: Should not change functionality and should be covered by wpt
tests.
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Follow the specification and validate tokens of the "x/w/h" descriptors
before applying the rules for parsing float-pointing numbers or
non-negative integers.
https://html.spec.whatwg.org/multipage/#parsing-a-srcset-attribute (step
13)
Testing: Improvements in the following tests
-
html/semantics/embedded-content/the-img-element/srcset/parse-a-srcset-attribute.html
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
one of the flaky failure modes we found in #38658 was that on linux,
geckordp occasionally fails to connect to servoshell’s devtools server.
this happens despite our preliminary connect check passing, which should
imply that the devtools server is listening and ready to use. we closed
the issue without any fix for that failure mode, because we were
ultimately unable to reproduce it, but it still happens in the wild
(#39273). we’ve now found a way to reproduce it, and we think it’s
caused by a race that occurs when moving from one test to the next. for
example:
- test 1 finishes
- we send SIGTERM to test 1’s servoshell, but it does not stop its
devtools server yet
- test 2 begins
- we spawn test 2’s servoshell, but it does not start its devtools
server yet
- we try to do our preliminary connects, and it succeeds against test
1’s servoshell immediately (the failure logs on GitHub never make this
clear, due to some kind of buffering problem that delays the `.` and `+`
outputs)
- test 1’s servoshell stops its devtools server
- we try to do our actual connect, and it fails because no devtools
server is listening
- test 2 fails
very rarely, one test’s servoshell may even fail to start its devtools
server, which we think happens because the previous test’s servoshell is
still listening. this has only ever happened once, and we’ve been unable
to reproduce it since, but we think it’s caused by the same kind of
race. for example:
- test 1 finishes
- we send SIGTERM to test 1’s servoshell, but it does not stop its
devtools server yet
- test 2 begins
- we spawn test 2’s servoshell, but it does not start its devtools
server yet
- test 2’s servoshell tries to start its devtools server, but fails
because test 1’s servoshell is still listening
- test 2 fails
in both cases, the failure can be explained by the fact that we send
SIGTERM to the previous test’s servoshell without actually waiting for
the process to exit. this patch ensures that we wait, and also moves all
of the output we do in the test suite from stdout to stderr to avoid it
getting mangled in GitHub Actions.
Testing: see [this
comment](https://github.com/servo/servo/pull/39309#issuecomment-3291007931)
(before) vs [this
comment](https://github.com/servo/servo/pull/39309#issuecomment-3291188997)
(after)
Fixes: #39273
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Following the definition of `TouchEvent` in
https://w3c.github.io/touch-events/#list-of-touchevent-types, all
`TouchEvent` should have its `composed` flag set to be able to propagate
past a shadow root layer.
Part of #35997
Testing: Would require a testdriver.
Signed-off-by: Jo Steven Novaryo <jo.steven.novaryo@huawei.com>
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.219 to
1.0.223.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/serde/releases">serde's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.223</h2>
<ul>
<li>Fix serde_core documentation links (<a
href="https://redirect.github.com/serde-rs/serde/issues/2978">#2978</a>)</li>
</ul>
<h2>v1.0.222</h2>
<ul>
<li>Make <code>serialize_with</code> attribute produce code that works
if respanned to 2024 edition (<a
href="https://redirect.github.com/serde-rs/serde/issues/2950">#2950</a>,
thanks <a href="https://github.com/aytey"><code>@aytey</code></a>)</li>
</ul>
<h2>v1.0.221</h2>
<ul>
<li>Documentation improvements (<a
href="https://redirect.github.com/serde-rs/serde/issues/2973">#2973</a>)</li>
<li>Deprecate <code>serde_if_integer128!</code> macro (<a
href="https://redirect.github.com/serde-rs/serde/issues/2975">#2975</a>)</li>
</ul>
<h2>v1.0.220</h2>
<ul>
<li>Add a way for data formats to depend on serde traits without waiting
for serde_derive compilation: <a
href="https://docs.rs/serde_core">https://docs.rs/serde_core</a> (<a
href="https://redirect.github.com/serde-rs/serde/issues/2608">#2608</a>,
thanks <a
href="https://github.com/osiewicz"><code>@osiewicz</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6c316d7cb5"><code>6c316d7</code></a>
Release 1.0.223</li>
<li><a
href="a4ac0c2bc6"><code>a4ac0c2</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2978">#2978</a>
from dtolnay/htmlrooturl</li>
<li><a
href="ed76364f87"><code>ed76364</code></a>
Change serde_core's html_root_url to docs.rs/serde_core</li>
<li><a
href="57e21a1afa"><code>57e21a1</code></a>
Release 1.0.222</li>
<li><a
href="bb58726133"><code>bb58726</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2950">#2950</a>
from aytey/fix_lifetime_issue_2024</li>
<li><a
href="3f6925125b"><code>3f69251</code></a>
Delete unneeded field of MapDeserializer</li>
<li><a
href="fd4decf2fe"><code>fd4decf</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2976">#2976</a>
from dtolnay/content</li>
<li><a
href="00b1b6b2b5"><code>00b1b6b</code></a>
Move Content's Deserialize impl from serde_core to serde</li>
<li><a
href="cf141aa8c7"><code>cf141aa</code></a>
Move Content's Clone impl from serde_core to serde</li>
<li><a
href="ff3aee490a"><code>ff3aee4</code></a>
Release 1.0.221</li>
<li>Additional commits viewable in <a
href="https://github.com/serde-rs/serde/compare/v1.0.219...v1.0.223">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [polling](https://github.com/smol-rs/polling) from 3.10.0 to
3.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/smol-rs/polling/releases">polling's
releases</a>.</em></p>
<blockquote>
<h2>v3.11.0</h2>
<ul>
<li>Bump MSRV to 1.71. (<a
href="https://redirect.github.com/smol-rs/polling/issues/251">#251</a>)</li>
<li>Update to <code>windows-sys</code> v0.61. (<a
href="https://redirect.github.com/smol-rs/polling/issues/251">#251</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/smol-rs/polling/blob/master/CHANGELOG.md">polling's
changelog</a>.</em></p>
<blockquote>
<h1>Version 3.11.0</h1>
<ul>
<li>Bump MSRV to 1.71. (<a
href="https://redirect.github.com/smol-rs/polling/issues/251">#251</a>)</li>
<li>Update to <code>windows-sys</code> v0.61. (<a
href="https://redirect.github.com/smol-rs/polling/issues/251">#251</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f404d08dd2"><code>f404d08</code></a>
Release 3.11.0</li>
<li><a
href="f081cc7b82"><code>f081cc7</code></a>
Update windows-sys requirement from 0.60 to 0.61 (<a
href="https://redirect.github.com/smol-rs/polling/issues/251">#251</a>)</li>
<li><a
href="dbb8b19ec0"><code>dbb8b19</code></a>
m: Fix new 1.70 clippy warning</li>
<li><a
href="d6191fd720"><code>d6191fd</code></a>
m: Don't re-implement OnceLock in AFD backend</li>
<li>See full diff in <a
href="https://github.com/smol-rs/polling/compare/v3.10.0...v3.11.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [async-io](https://github.com/smol-rs/async-io) from 2.5.0 to
2.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/smol-rs/async-io/releases">async-io's
releases</a>.</em></p>
<blockquote>
<h2>v2.6.0</h2>
<ul>
<li>Bump MSRV to 1.71. (<a
href="https://redirect.github.com/smol-rs/async-io/issues/243">#243</a>)</li>
<li>Expose <code>Timer::clear</code>. (<a
href="https://redirect.github.com/smol-rs/async-io/issues/239">#239</a>)</li>
<li>Implement <code>IoSafe</code> for <code>std::io::PipeReader</code>
and <code>std::io::PipeWriter</code> (<a
href="https://redirect.github.com/smol-rs/async-io/issues/237">#237</a>)</li>
<li>Update to <code>windows-sys</code> v0.61. (<a
href="https://redirect.github.com/smol-rs/async-io/issues/243">#243</a>)</li>
<li>Remove dependency on <code>async_lock</code>. (<a
href="https://redirect.github.com/smol-rs/async-io/issues/240">#240</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/smol-rs/async-io/blob/master/CHANGELOG.md">async-io's
changelog</a>.</em></p>
<blockquote>
<h1>Version 2.6.0</h1>
<ul>
<li>Bump MSRV to 1.71. (<a
href="https://redirect.github.com/smol-rs/async-io/issues/243">#243</a>)</li>
<li>Expose <code>Timer::clear</code>. (<a
href="https://redirect.github.com/smol-rs/async-io/issues/239">#239</a>)</li>
<li>Implement <code>IoSafe</code> for <code>std::io::PipeReader</code>
and <code>std::io::PipeWriter</code> (<a
href="https://redirect.github.com/smol-rs/async-io/issues/237">#237</a>)</li>
<li>Update to <code>windows-sys</code> v0.61. (<a
href="https://redirect.github.com/smol-rs/async-io/issues/243">#243</a>)</li>
<li>Remove dependency on <code>async_lock</code>. (<a
href="https://redirect.github.com/smol-rs/async-io/issues/240">#240</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="576b470ca3"><code>576b470</code></a>
Release 2.6.0</li>
<li><a
href="aabee96f29"><code>aabee96</code></a>
Update windows-sys requirement from 0.60 to 0.61 (<a
href="https://redirect.github.com/smol-rs/async-io/issues/243">#243</a>)</li>
<li><a
href="db95d9143f"><code>db95d91</code></a>
Add doc aliases <code>sleep</code> and <code>timeout</code> to
<code>Timer</code> (<a
href="https://redirect.github.com/smol-rs/async-io/issues/242">#242</a>)</li>
<li><a
href="25e861049e"><code>25e8610</code></a>
Use std::future::poll_fn instead of futures_lite::future::poll_fn</li>
<li><a
href="714aecc395"><code>714aecc</code></a>
Use std::pin::pin instead of futures_lite::pin</li>
<li><a
href="5112ed7066"><code>5112ed7</code></a>
Use std::task::ready instead of futures_lite::ready</li>
<li><a
href="bac7eac605"><code>bac7eac</code></a>
Use std::sync::OnceLock instead of async_lock::OnceCell</li>
<li><a
href="12b4f2e841"><code>12b4f2e</code></a>
Bump MSRV to 1.70</li>
<li><a
href="d1c6738912"><code>d1c6738</code></a>
Make Timer::clear public</li>
<li><a
href="be049a83cc"><code>be049a8</code></a>
impl IoSafe for std::io::PipeReader & std::io::PipeWriter (<a
href="https://redirect.github.com/smol-rs/async-io/issues/237">#237</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/smol-rs/async-io/compare/v2.5.0...v2.6.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [rustls-webpki](https://github.com/rustls/webpki) from 0.103.4 to
0.103.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rustls/webpki/releases">rustls-webpki's
releases</a>.</em></p>
<blockquote>
<h2>0.103.5</h2>
<ul>
<li><strong>New feature</strong>: support verification of P256+SHA512
and P384-SHA512 ECDSA signatures with aws-lc-rs. This is not a
recommended combination, but such signatures exist in the wild.</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Leverage extended API from rcgen 0.14.2 by <a
href="https://github.com/djc"><code>@djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/366">rustls/webpki#366</a></li>
<li>Update semver-compatible dependencies by <a
href="https://github.com/djc"><code>@djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/369">rustls/webpki#369</a></li>
<li>ci: take updated nightly for cargo-check-external-types by <a
href="https://github.com/cpu"><code>@cpu</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/370">rustls/webpki#370</a></li>
<li>build(deps): bump actions/checkout from 4 to 5 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/rustls/webpki/pull/371">rustls/webpki#371</a></li>
<li>build(deps): bump serde_json from 1.0.142 to 1.0.143 in the
crates-io group by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/rustls/webpki/pull/374">rustls/webpki#374</a></li>
<li>Clarify docs on <code>Cert</code> methods by <a
href="https://github.com/ctz"><code>@ctz</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/375">rustls/webpki#375</a></li>
<li>Extract trait for ExtendedKeyUsage validation by <a
href="https://github.com/djc"><code>@djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/376">rustls/webpki#376</a></li>
<li>build(deps): bump actions/setup-python from 5 to 6 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/rustls/webpki/pull/378">rustls/webpki#378</a></li>
<li>0.103.5: support P256+SHA512 and P384+SHA512 by <a
href="https://github.com/ctz"><code>@ctz</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/379">rustls/webpki#379</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/rustls/webpki/compare/v/0.103.4...v/0.103.5">https://github.com/rustls/webpki/compare/v/0.103.4...v/0.103.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="064a68b479"><code>064a68b</code></a>
Prepare 0.103.5</li>
<li><a
href="f6fbb2a7bf"><code>f6fbb2a</code></a>
Support P256+SHA512 and P384+SHA512</li>
<li><a
href="41cc1fce6d"><code>41cc1fc</code></a>
Take aws-lc-rs 1.14.0</li>
<li><a
href="ac0500dc29"><code>ac0500d</code></a>
build(deps): bump actions/setup-python from 5 to 6</li>
<li><a
href="57fa975b95"><code>57fa975</code></a>
Extract trait for ExtendedKeyUsage validation</li>
<li><a
href="67002080e8"><code>6700208</code></a>
Move ExtendedKeyUsage::check() to KeyUsage</li>
<li><a
href="260cb69dac"><code>260cb69</code></a>
Extract KeyPurposeId iteration from ExtendedKeyUsage::check()</li>
<li><a
href="3ed145a2e4"><code>3ed145a</code></a>
Simplify KeyPurposeId comparison</li>
<li><a
href="b20354a813"><code>b20354a</code></a>
Clarify docs on <code>Cert</code> methods</li>
<li><a
href="0616ac9d64"><code>0616ac9</code></a>
build(deps): bump serde_json in the crates-io group</li>
<li>Additional commits viewable in <a
href="https://github.com/rustls/webpki/compare/v/0.103.4...v/0.103.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps libredox from 0.1.9 to 0.1.10.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
