Skip to content

build(deps): bump actix-http from 3.12.0 to 3.12.1#1227

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/actix-http-3.12.1
Closed

build(deps): bump actix-http from 3.12.0 to 3.12.1#1227
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/actix-http-3.12.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 22, 2026
edited
Loading

Bumps actix-http from 3.12.0 to 3.12.1.

Release notes

Sourced from actix-http's releases.

actix-http: v3.12.1

Notice: This release contains a security fix. Users are encouraged to update to this version ASAP.

  • SECURITY: Reject HTTP/1 requests with ambiguous request framing from Content-Length and Transfer-Encoding headers to prevent request smuggling.
  • Encode the HTTP/1 Connection: Upgrade header in Camel-Case when camel-case header formatting is enabled.#3953
  • Fix HeaderMap iterators' len() and size_hint() implementations for multi-value headers.
  • Update rand dependency to 0.10.
  • Update sha1 dependency to 0.11.

#3953: actix/actix-web#3953

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Apr 22, 2026
@dependabot dependabot Bot force-pushed the dependabot/cargo/actix-http-3.12.1 branch 7 times, most recently from 4843dc4 to c46b382 Compare April 29, 2026 08:02
@dependabot dependabot Bot force-pushed the dependabot/cargo/actix-http-3.12.1 branch 2 times, most recently from dffe20b to dede381 Compare May 4, 2026 16:17
@dependabot
build(deps): bump actix-http from 3.12.0 to 3.12.1
204dea6 
Bumps [actix-http](https://github.com/actix/actix-web) from 3.12.0 to 3.12.1.
- [Release notes](https://github.com/actix/actix-web/releases)
- [Changelog](https://github.com/actix/actix-web/blob/main/CHANGES.md)
- [Commits](actix/actix-web@http-v3.12.0...http-v3.12.1)

---
updated-dependencies:
- dependency-name: actix-http
  dependency-version: 3.12.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/actix-http-3.12.1 branch from dede381 to 204dea6 Compare May 6, 2026 08:34
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 7, 2026

Looks like actix-http is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this May 7, 2026
@dependabot dependabot Bot deleted the dependabot/cargo/actix-http-3.12.1 branch May 7, 2026 09:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants