chore(deps): bump the version-updates group across 1 directory with 9 updates

[dependabot]

Bumps the version-updates group with 9 updates in the / directory:

Package	From	To
tokio	1.47.1	1.48.0
tower-http	0.6.6	0.6.7
reqwest	0.12.23	0.12.24
config	0.15.18	0.15.19
tracing	0.1.41	0.1.43
tracing-subscriber	0.3.20	0.3.22
oauth2	4.4.2	5.0.0
bcrypt	0.15.1	0.17.1
rand	0.8.5	0.9.0

Updates tokio from 1.47.1 to 1.48.0

Release notes

Sourced from tokio's releases.

Tokio v1.48.0

1.48.0 (October 14th, 2025)

The MSRV is increased to 1.71.

Added

• fs: add File::max_buf_size (#7594)
• io: export Chain of AsyncReadExt::chain (#7599)
• net: add SocketAddr::as_abstract_name (#7491)
• net: add TcpStream::quickack and TcpStream::set_quickack (#7490)
• net: implement AsRef<Self> for TcpStream and UnixStream (#7573)
• task: add LocalKey::try_get (#7666)
• task: implement Ord for task::Id (#7530)

Changed

• deps: bump windows-sys to version 0.61 (#7645)
• fs: preserve max_buf_size when cloning a File (#7593)
• macros: suppress clippy::unwrap_in_result in #[tokio::main] (#7651)
• net: remove PollEvented noise from Debug formats (#7675)
• process: upgrade Command::spawn_with to use FnOnce (#7511)
• sync: remove inner mutex in SetOnce (#7554)
• sync: use UnsafeCell::get_mut in Mutex::get_mut and RwLock::get_mut (#7569)
• time: reduce the generated code size of Timeout<T>::poll (#7535)

Fixed

• macros: fix hygiene issue in join! and try_join! (#7638)
• net: fix copy/paste errors in udp peek methods (#7604)
• process: fix error when runtime is shut down on nightly-2025-10-12 (#7672)
• runtime: use release ordering in wake_by_ref() even if already woken (#7622)
• sync: close the broadcast::Sender in broadcast::Sender::new() (#7629)
• sync: fix implementation of unused RwLock::try_* methods (#7587)

Unstable

• tokio: use cargo features instead of --cfg flags for taskdump and io_uring (#7655, #7621)
• fs: support io_uring in fs::write (#7567)
• fs: support io_uring with File::open() (#7617)
• fs: support io_uring with OpenOptions (#7321)
• macros: add local runtime flavor (#7375, #7597)

Documented

• io: clarify the zero capacity case of AsyncRead::poll_read (#7580)
• io: fix typos in the docs of AsyncFd readiness guards (#7583)
• net: clarify socket gets closed on drop (#7526)
• net: clarify the behavior of UCred::pid() on Cygwin (#7611)
• net: clarify the supported platform of set_reuseport() and reuseport() (#7628)

... (truncated)

Commits

• 556820f chore: prepare Tokio v1.48.0 (#7677)
• fd1659a chore: prepare tokio-macros v2.6.0 (#7676)
• 53e8aca ci: update nightly version to 2025-10-12 (#7670)
• 9e5527d process: fix error when runtime is shut down on nightly-2025-10-12 (#7672)
• 25a24de net: remove PollEvented noise from Debug formats (#7675)
• c1fa25f task: clarify the behavior of several spawn_local methods (#7669)
• e7e02fc fs: use FileOptions inside fs::File to support uring (#7617)
• f7a7f62 ci: remove cargo-deny Unicode-DFS-2016 license exception config (#7619)
• d1f1499 tokio: use cargo feature for taskdump support instead of cfg (#7655)
• ad6f618 runtime: clarify the behavior of Handle::block_on (#7665)
• Additional commits viewable in compare view

Updates tower-http from 0.6.6 to 0.6.7

Release notes

Sourced from tower-http's releases.

tower-http-0.6.7

Added

• TimeoutLayer::with_status_code(status) to define the status code returned when timeout is reached. (#599)

Deprecated

• auth::require_authorization is too basic for real-world. (#591)
• TimeoutLayer::new() should be replaced with TimeoutLayer::with_status_code(). (Previously was StatusCode::REQUEST_TIMEOUT) (#599)

Fixed

• on_eos is now called even for successful responses. (#580)
• ServeDir: call fallback when filename is invalid (#586)
• decompression will not fail when body is empty (#618)

#580: tower-rs/tower-http#580 #586: tower-rs/tower-http#586 #591: tower-rs/tower-http#591 #599: tower-rs/tower-http#599 #618: tower-rs/tower-http#618

New Contributors

• @​mladedav made their first contribution in tower-rs/tower-http#580
• @​aryaveersr made their first contribution in tower-rs/tower-http#586
• @​soerenmeier made their first contribution in tower-rs/tower-http#588
• @​gjabell made their first contribution in tower-rs/tower-http#591
• @​FalkWoldmann made their first contribution in tower-rs/tower-http#599
• @​ducaale made their first contribution in tower-rs/tower-http#618

Full Changelog: tower-rs/tower-http@tower-http-0.6.6...tower-http-0.6.7

Commits

• 3bf1ba7 v0.6.7
• 723ca9a fix(decompression): Suppress EOF errors caused by decompressing empty body (#...
• 8ab9f82 chore(ci): use newer cargo-public-api-crates job (#619)
• 7cfdf76 doc: Replace doc_auto_cfg with doc_cfg (#609)
• 50beeaf Add support for custom status code in TimeoutLayer (#599)
• 35740de deps: Remove unnecessary dev-dependencies (#606)
• a7eefae ci: Re-enable ci on default branch (#605)
• 12a5b33 tests: Update to brotli 8 (#603)
• 0195198 ci: Update to actions/checkout v5 (#604)
• c757491 examples: Update to axum 0.8 (#602)
• Additional commits viewable in compare view

Updates reqwest from 0.12.23 to 0.12.24

Release notes

Sourced from reqwest's releases.

v0.12.24

Highlights

• Refactor cookie handling to an internal middleware.
• Refactor internal random generator.
• Refactor base64 encoding to reduce a copy.
• Documentation updates.

What's Changed

• build(deps): silence unused deps in WASM build by @​0x676e67 in seanmonstar/reqwest#2799
• perf(util): avoid extra copy when base64 encoding by @​0x676e67 in seanmonstar/reqwest#2805
• docs: fix method name in changelog entry by @​johannespfrang in seanmonstar/reqwest#2807
• chore: Align the name usage of TotalTimeout by @​Xuanwo in seanmonstar/reqwest#2657
• refactor(cookie): add CookieService by @​linyihai in seanmonstar/reqwest#2787
• Fixes typo in retry max_retries_per_request doc comment re 2813 by @​dmackinn in seanmonstar/reqwest#2824
• test(multipart): fix build failure with no-default-features by @​0x676e67 in seanmonstar/reqwest#2801
• refactor(cookie): avoid duplicate cookie insertion by @​0x676e67 in seanmonstar/reqwest#2834

New Contributors

• @​johannespfrang made their first contribution in seanmonstar/reqwest#2807
• @​dmackinn made their first contribution in seanmonstar/reqwest#2824

Full Changelog: seanmonstar/reqwest@v0.12.23...v0.12.24

Changelog

Sourced from reqwest's changelog.

v0.12.24

• Refactor cookie handling to an internal middleware.
• Refactor internal random generator.
• Refactor base64 encoding to reduce a copy.
• Documentation updates.

Commits

• b126ca4 v0.12.24
• 4023493 refactor: change fast_random from xorshift to siphash a counter
• fd61bc9 refactor(cookie): avoid duplicate cookie insertion (#2834)
• 0bfa526 test(multipart): fix build failure with no-default-features (#2801)
• 994b8a0 docs: typo in retry max_retries_per_request (#2824)
• da0702b refactor(cookie): de-duplicate cookie support as CookieService middleware (...
• 7ebddea chore: align internal name usage of TotalTimeout (#2657)
• b540a4e chore(readme): use correct CI status badge
• e4550c4 docs: fix method name in changelog entry (#2807)
• f4694a2 perf(util): avoid extra copy when base64 encoding (#2805)
• Additional commits viewable in compare view

Updates config from 0.15.18 to 0.15.19

Changelog

Sourced from config's changelog.

[0.15.19] - 2025-11-12

Internal

• (ron) Update to 0.12

Commits

• e7ff326 chore: Release config version 0.15.19
• cbee54c chore: Update deps (#715)
• d53e906 chore: Update deps
• b10653a docs: Update changelog
• 527de7d fix: Update to latest ron (#714)
• 6c2cfd0 fix: Update to latest ron
• 16ef680 chore(deps): Update Rust Stable to v1.91 (#712)
• 2051f62 style: Make clippy happy
• bf6e256 chore: Update dependencies (#702)
• de242e0 chore: Update dependencies
• Additional commits viewable in compare view

Updates tracing from 0.1.41 to 0.1.43

Release notes

Sourced from tracing's releases.

tracing 0.1.43

Important

The previous release [0.1.42] was yanked because #3382 was a breaking change. See further details in #3424. This release contains all the changes from that version, plus a revert for the problematic part of the breaking PR.

Fixed

• Revert "make valueset macro sanitary" (#3425)

#3382: tokio-rs/tracing#3382 #3424: tokio-rs/tracing#3424 #3425: tokio-rs/tracing#3425 [0.1.42]: https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42

tracing 0.1.42

Important

The [Span::record_all] method has been removed from the documented API. It was always unsuable via the documented API as it requried a ValueSet which has no publically documented constructors. The method remains, but should not be used outside of tracing macros.

Added

• attributes: Support constant expressions as instrument field names (#3158)
• Add record_all! macro for recording multiple values in one call (#3227)
• core: Improve code generation at trace points significantly (#3398)

Changed

• tracing-core: updated to 0.1.35 (#3414)
• tracing-attributes: updated to 0.1.31 (#3417)

Fixed

• Fix "name / parent" variant of event! (#2983)
• Remove 'r#' prefix from raw identifiers in field names (#3130)
• Fix perf regression when release_max_level_* not set (#3373)
• Use imported instead of fully qualified path (#3374)
• Make valueset macro sanitary (#3382)

Documented

• core: Add missing dyn keyword in Visit documentation code sample (#3387)

#2983: tokio-rs/tracing#2983 #3130: tokio-rs/tracing#3130 #3158: tokio-rs/tracing#3158

... (truncated)

Commits

• 64e1c8d chore: prepare tracing 0.1.43 (#3427)
• 7c44f7b tracing: revert "make valueset macro sanitary" (#3425)
• cdaf661 chore: prepare tracing-mock 0.1.0-beta.2 (#3422)
• a164fd3 chore: prepare tracing-journald 0.3.2 (#3421)
• 405397b chore: prepare tracing-appender 0.2.4 (#3420)
• a9eeed7 chore: prepare tracing-subscriber 0.3.21 (#3419)
• 5bd5505 chore: prepare tracing 0.1.42 (#3418)
• 5508623 chore: prepare tracing-attributes 0.1.31 (#3417)
• d92b4c0 chore: prepare tracing-core 0.1.35 (#3414)
• 9751b6e chore: run tracing-subscriber tests with all features (#3412)
• Additional commits viewable in compare view

Updates tracing-subscriber from 0.3.20 to 0.3.22

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.22

Important

The previous release [0.3.21] was yanked as it depended explicitly on [tracing-0.1.42], which was yanked due to a breaking change (see #3424 for details). This release contains all the changes from the previous release, plus an update to the newer version of tracing.

Changed

• tracing: updated to 0.1.43 (#3427)

#3424: tokio-rs/tracing#3424 #3427: tokio-rs/tracing#3427 [0.3.21]: https://github.com/tokio-rs/tracing/releases/tag/tracing-subscriber-0.3.21 [tracing-0.1.42]: https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42

tracing-subscriber 0.3.21

Fixed

• Change registry exit to decrement local span ref only (#3331)
• Make Layered propagate on_register_dispatch (#3379)

Changed

• tracing: updated to 0.1.42 (#3418)

Performance

• Remove clone_span on enter (#3289)

Documented

• Fix a few small things in the format module (#3339)
• Fix extra closing brace in layer docs (#3350)
• Fix link in FmtSpan docs (#3411)

#3289: tokio-rs/tracing#3289 #3331: tokio-rs/tracing#3331 #3339: tokio-rs/tracing#3339 #3350: tokio-rs/tracing#3350 #3379: tokio-rs/tracing#3379 #3411: tokio-rs/tracing#3411 #3418: tokio-rs/tracing#3418

Commits

• cc44064 chore: prepare tracing-subscriber 0.3.22 (#3428)
• 64e1c8d chore: prepare tracing 0.1.43 (#3427)
• 7c44f7b tracing: revert "make valueset macro sanitary" (#3425)
• cdaf661 chore: prepare tracing-mock 0.1.0-beta.2 (#3422)
• a164fd3 chore: prepare tracing-journald 0.3.2 (#3421)
• 405397b chore: prepare tracing-appender 0.2.4 (#3420)
• a9eeed7 chore: prepare tracing-subscriber 0.3.21 (#3419)
• 5bd5505 chore: prepare tracing 0.1.42 (#3418)
• 5508623 chore: prepare tracing-attributes 0.1.31 (#3417)
• d92b4c0 chore: prepare tracing-core 0.1.35 (#3414)
• Additional commits viewable in compare view

Updates oauth2 from 4.4.2 to 5.0.0

Release notes

Sourced from oauth2's releases.

5.0.0

Refer to the Upgrade Guide for tips on how to upgrade from 4.x.

Changes since 5.0.0-rc.1

Bug Fixes

• Improve HttpClientError::Reqwest error message (9a2b746)

Full Changelog: ramosbugs/oauth2-rs@5.0.0-rc.1...5.0.0

Summary of changes since 4.4.2

Breaking Changes

• Replace TokenResponse generic with associated type (30ced325da24312c4e6b9d802adcb36a88594353)
• Return impl Future instead of Pin<Box<dyn Future>> to fix Send/Sync bounds (6e583bd03203e42ef712fc90edb57cf5a389f9b7)
• Bump http to 1.0 and reqwest to 0.12 (408ecab500158145bf249e78a73a8010933bb0e2)
• Add conditional typestates (replacing Boolean typestates from 5.0.0-alpha.1) (85ea4700e1ad8a3efef7aa78660fd0056d9b46e6)
• Consolidate HTTP client errors into oauth2::HttpClientError and flatten exports (e.g., oauth2::reqwest instead of oauth2::reqwest::reqwest) (4391eed01c26c3e9e9fd5a14d90f111a02636a4c)
• reqwest: Migrate to shared Error type and use thiserror's From impl by @​MarijnS95 (#238)
• Bump MSRV to 1.65 and institute a policy supporting Rust releases going back at least 6 months (same policy as openidconnect crate) (576f8096914c7da82a5cd8c2253d47541697aa6a)
• Improve Display output of RequestTokenError::ServerResponse (96c6f9b17b5fdea98a6a7b84bec8e420671342eb)
• Track Client endpoints statically via typestates (1d1f4d17ecdf2a3feb565eb1789cc8649cac7705)
• Refactor crate into smaller private modules and make devicecode and revocation modules private (9d8f11addf819134f15c6d7f03276adb3d32e80b)
• Add reqwest-blocking feature (da7d1c51ccfac95b25af67d2e725ae510d185f5b)
• Rename URI/URL getters and setters (4d55c26ad6e233d8f23b4514fe743d365a5a432f)
• Add AsyncHttpClient and SyncHttpClient traits (23b952b23e6069525bc7e4c4f2c4924b8d28ce3a)

New Features

• Implement SecretType::into_secret (#272)
• Add timing-resistant-secret-traits feature for PartialEq/Hash by @​kate-shine (ramosbugs/oauth2-rs#232)
• Derive Eq for types that already derive PartialEq (b19ad89262af501f53c1b82015046506834c98e9)
• Implement From instead of Into for newtypes (d9402c42767b35a4c05bc4db3780b1df115b7b24)
• Implement Display trait for URL types (8bd0ff1e0339c0945871552210b300c05e89c519)

Bug Fixes

• Improve HttpClientError::Reqwest error message (9a2b746)
• Accept null device code interval (#278)
• Ignore async token revocation response body (#282)
• Derive Clone and Debug for EndpointState types (#263)

Other Changes

• Inline format args (#270)
• Update dev dependencies (#285)
• Remove defunct sponsorship from README
• Remove client secret from implicit flow example (#286)
• Use --locked on MSRV build in CI
• Allow base64 0.21 or 0.22 (#261)
• Bump base64 to 0.21 (db0ea44657bd6c1130b83ce135ac2691ba091fad)
• Set minimum version of chrono to 0.4.31 (7b667fc29b52392f4c47c07f0923c88847951b50)
• Mention openidconnect crate in README (7b667fc29b52392f4c47c07f0923c88847951b50)

... (truncated)

Upgrade guide

Sourced from oauth2's upgrade guide.

Upgrade Guide

Upgrading from 4.x to 5.x

The 5.0 release includes breaking changes to address several long-standing API issues, along with a few minor improvements. Consider following the tips below to help ensure a smooth upgrade process.

Upgrade Rust to 1.65 or newer

The minimum supported Rust version (MSRV) is now 1.65. Going forward, this crate will maintain a policy of supporting Rust releases going back at least 6 months. Changes that break compatibility with Rust releases older than 6 months will no longer be considered SemVer breaking changes and will not result in a new major version number for this crate. MSRV changes will coincide with minor version updates and will not happen in patch releases.

Add typestate generic types to Client

Each auth flow depends on one or more server endpoints. For example, the authorization code flow depends on both an authorization endpoint and a token endpoint, while the client credentials flow only depends on a token endpoint. Previously, it was possible to instantiate a Client without a token endpoint and then attempt to use an auth flow that required a token endpoint, leading to errors at runtime. Also, the authorization endpoint was always required, even for auth flows that do not use it.

In the 5.0 release, all endpoints are optional. Typestates are used to statically track, at compile time, which endpoints' setters (e.g., set_auth_uri()) have been called. Auth flows that depend on an endpoint cannot be used without first calling the corresponding setter, which is enforced by the compiler's type checker. This guarantees that certain errors will not arise at runtime.

In addition to unconditional setters (e.g., set_auth_uri()), each endpoint has a corresponding conditional setter (e.g., set_auth_uri_option()) that sets a conditional typestate (EndpointMaybeSet). When the conditional typestate is set, endpoints can be used via fallible methods that return Err(ConfigurationError::MissingUrl(_)) if an endpoint has not been set. This is useful in dynamic scenarios such as OpenID Connect Discovery, in which it cannot be determined until runtime whether an endpoint is configured.

There are three possible typestates, each implementing the EndpointState trait:

• EndpointNotSet: the corresponding endpoint has not been set and cannot be used.
• EndpointSet: the corresponding endpoint has been set and is ready to be used.
• EndpointMaybeSet: the corresponding endpoint may have been set and can be used via fallible methods that return Result<_, ConfigurationError>.

The following code changes are required to support the new interface:

1. Update calls to Client::new() to use the single-argument constructor (which accepts only a ClientId). Use the set_auth_uri(), set_token_uri(), and set_client_secret() methods to set the authorization endpoint,

... (truncated)

Commits

• f3424b4 Update Cargo-1.65.lock
• 61ec227 Bump version to 5.0.0
• 9a2b746 Improve HttpClientError::Reqwest error message
• 2492d69 Bump version to 5.0.0-rc.1
• c599c12 Use --locked on MSRV build in CI
• 03cb079 Remove client secret from implicit flow example
• 9c41286 Update dev dependencies (#285)
• c74aec9 Remove sponsorship from README
• 459811d Accept null device code interval
• 5b2ab88 Ignore token revocation response body
• Additional commits viewable in compare view

Updates bcrypt from 0.15.1 to 0.17.1

Commits

• 920e169 Update version
• bbc28fa Implement Display for HashParts instead of ToString directly (#92)
• a03a944 v0.17.0
• 37da262 Upgrade getrandom to 0.3 (#91)
• c905948 Update msrv
• 378f356 Add more docs + bump version
• 1cdfc22 Use feature "error_on_truncation" to send error on truncation (#89)
• 9c9e138 Allow testing/example with no features (#85)
• 5cb58ce Add Clone and Debug traits to Version enum (#84)
• See full diff in compare view

Updates rand from 0.8.5 to 0.9.0

Changelog

Sourced from rand's changelog.

[0.9.0] - 2025-01-27

Security and unsafe

• Policy: "rand is not a crypto library" (#1514)
• Remove fork-protection from ReseedingRng and ThreadRng. Instead, it is recommended to call ThreadRng::reseed on fork. (#1379)
• Use zerocopy to replace some unsafe code (#1349, #1393, #1446, #1502)

Dependencies

• Bump the MSRV to 1.63.0 (#1207, #1246, #1269, #1341, #1416, #1536); note that 1.60.0 may work for dependents when using --ignore-rust-version
• Update to rand_core v0.9.0 (#1558)

Features

• Support std feature without getrandom or rand_chacha (#1354)
• Enable feature small_rng by default (#1455)
• Remove implicit feature rand_chacha; use std_rng instead. (#1473)
• Rename feature serde1 to serde (#1477)
• Rename feature getrandom to os_rng (#1537)
• Add feature thread_rng (#1547)

API changes: rand_core traits

• Add fn RngCore::read_adapter implementing std::io::Read (#1267)
• Add trait CryptoBlockRng: BlockRngCore; make trait CryptoRng: RngCore (#1273)
• Add traits TryRngCore, TryCryptoRng (#1424, #1499)
• Rename fn SeedableRng::from_rng -> try_from_rng and add infallible variant fn from_rng (#1424)
• Rename fn SeedableRng::from_entropy -> from_os_rng and add fallible variant fn try_from_os_rng (#1424)
• Add bounds Clone and AsRef to associated type SeedableRng::Seed (#1491)

API changes: Rng trait and top-level fns

• Rename fn rand::thread_rng() to rand::rng() and remove from the prelude (#1506)
• Remove fn rand::random() from the prelude (#1506)
• Add top-level fns random_iter, random_range, random_bool, random_ratio, fill (#1488)
• Re-introduce fn Rng::gen_iter as random_iter (#1305, #1500)
• Rename fn Rng::gen to random to avoid conflict with the new gen keyword in Rust 2024 (#1438)
• Rename fns Rng::gen_range to random_range, gen_bool to random_bool, gen_ratio to random_ratio (#1505)
• Annotate panicking methods with #[track_caller] (#1442, #1447)

API changes: RNGs

• Fix <SmallRng as SeedableRng>::Seed size to 256 bits (#1455)
• Remove first parameter (rng) of ReseedingRng::new (#1533)

API changes: Sequences

• Split trait SliceRandom into IndexedRandom, IndexedMutRandom, SliceRandom (#1382)
• Add IndexedRandom::choose_multiple_array, index::sample_array (#1453, #1469)

API changes: Distributions: renames

• Rename module rand::distributions to rand::distr (#1470)
• Rename distribution Standard to StandardUniform (#1526)
• Move distr::Slice -> distr::slice::Choose, distr::EmptySlice -> distr::slice::Empty (#1548)
• Rename trait distr::DistString -> distr::SampleString (#1548)
• Rename distr::DistIter -> distr::Iter, distr::DistMap -> distr::Map (#1548)

... (truncated)

Commits

• 96f8df6 Prepare 0.9.0 release (#1558)
• 34da321 Enable stdarch_x86_avx512 for cpu has avx512bw (#1551)
• b4b1eb7 Re-org with distr::slice, distr::weighted modules (#1548)
• 16eb7de Add the thread_rng feature flag (#1547)
• afa24e4 Fix test status badges (#1544)
• c681dfc Create FUNDING.yml
• 9f05e22 Update: getrandom v0.3.0 rc.0 (#1541)
• 88c310b Fix docs.rs build options (#1539)
• b879689 Adjust GH Actions (#1538)
• 3fac49f Prepare 0.9.0-beta.0 (#1535)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions