timsaucer opened a new pull request, #1534: URL: https://github.com/apache/datafusion-python/pull/1534
## Which issue does this PR close? N/A — combined dependabot bumps. ## Rationale for this change Each of the listed dependabot PRs already had CI passing; bundling them into one PR cuts review/merge churn. ## What changes are included in this PR? Cargo updates (`Cargo.toml` + `Cargo.lock`): - tokio 1.50.0 -> 1.52.3 (closes #1530) - arrow-array 58.1.0 -> 58.3.0 (closes #1522) - arrow-schema 58.1.0 -> 58.3.0 (closes #1523) - datafusion 53.0.0 -> 53.1.0 (closes #1515) - datafusion-catalog 53.0.0 -> 53.1.0 (closes #1513) - datafusion-ffi 53.0.0 -> 53.1.0 (closes #1512) - datafusion-proto 53.0.0 -> 53.1.0 (closes #1511) - datafusion-common 53.0.0 -> 53.1.0 (closes #1510) - mimalloc 0.1.48 -> 0.1.50 (closes #1514) - uuid 1.23.0 -> 1.23.1 (closes #1508) - rustls-webpki 0.103.10 -> 0.103.13 (closes #1506) - rand 0.9.2 -> 0.9.4 (closes #1495) GitHub Actions: - github/codeql-action 4.32.5 -> 4.35.4 (closes #1531) - astral-sh/setup-uv 7.3.1 -> 8.1.0 (closes #1500) Local `cargo check` and `cargo clippy --all-targets --workspace -- -D warnings` both pass. ## Are there any user-facing changes? No. Dependency bumps only. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
