build(deps): bump rustls-webpki from 0.102.2 to 0.102.8 by dependabot[bot] · Pull Request #157 · joshka/ja

dependabot · 2026-03-21T09:18:21Z

Bumps rustls-webpki from 0.102.2 to 0.102.8.

Release notes

Sourced from rustls-webpki's releases.

0.102.8

Release notes

Support for aws-lc-rs 1.9 added. This release adds supports for compressed EC public keys, when used with aws-lc-rs.

What's Changed

Take aws-lc-rs 1.9 by @ctz in rustls/webpki#284

Full Changelog: rustls/webpki@v/0.102.7...v/0.102.8

0.102.7

Initial support for RFC 7250 "Raw public keys". A new RawPublicKeyEntity type has been added, offering a verify_signature() fn for verifying the signature over a given message using a raw public key produced from a pki_types::SubjectPublicKeyInfoDer instance.

Relaxed CRL requirements for certificates with CRL distribution point extensions. Previously the revocation checking logic only considered a CRL authoritative for a certificate when it had a CRL distribution point extension if the CRL also had an issuing distribution point extension that matched. This has now been relaxed to consider a CRL without any issuing distribution point extension as authoritative for certificates with a matching issuer.

What's Changed

build(deps): bump serde_json from 1.0.120 to 1.0.121 in the crates-io group by @dependabot in rustls/webpki#274

Update deny config by @djc in rustls/webpki#277

crl: CRL w/o IDP ext auth. for cert w/ DP by @cpu in rustls/webpki#276

build(deps): bump serde_json from 1.0.121 to 1.0.122 in the crates-io group by @dependabot in rustls/webpki#278

API for allowing signature validation given a SPKI/RPK by @holodorum in rustls/webpki#275

build(deps): bump the crates-io group with 2 updates by @dependabot in rustls/webpki#279

build(deps): bump the crates-io group with 2 updates by @dependabot in rustls/webpki#280

build(deps): bump the crates-io group with 2 updates by @dependabot in rustls/webpki#283

New Contributors

@holodorum made their first contribution in rustls/webpki#275

Full Changelog: rustls/webpki@v/0.102.6...v/0.102.7

0.102.6

Add support for P-521 curve with SHA-256/SHA-384 digests

What's Changed

types: avoid markdown footnotes by @cpu in rustls/webpki#268

build(deps): bump serde from 1.0.203 to 1.0.204 in the crates-io group by @dependabot in rustls/webpki#269

Update EndEntityCert documentation by @djc in rustls/webpki#271

Add support for P-521 curve with SHA-256/SHA-384 digests by @samin-cf in rustls/webpki#272

New Contributors

@samin-cf made their first contribution in rustls/webpki#272

Full Changelog: rustls/webpki@v/0.102.5...v/0.102.6

0.102.5

Notable changes

EndEntityCert::subject_public_key_info() as added in 0.102.4 neglected to specify the return type's lifetime, limiting the visible lifetime to the lifetime of the EndEntityCert. The actual lifetime was 'static; we've made this explicit and enabled warnings for elided_lifetimes_in_paths to avoid similar issues in the future.

... (truncated)

Commits

5fedee2 Prepare 0.102.8
0f57bda Add test for SPKI-inside-SPKI
99b43ae Add tests for point compression support
82b091a aws_lc_rs_algs: validate RFC5280 clause about EC keys
a59c59d Take aws-lc-rs 1.9
380a7d5 build(deps): bump the crates-io group with 2 updates
f067bda build(deps): bump the crates-io group with 2 updates
99d73fc build(deps): bump the crates-io group with 2 updates
b244be4 Update version to 0.102.7
c8e6527 Add integration tests
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [rustls-webpki](https://github.com/rustls/webpki) from 0.102.2 to 0.102.8. - [Release notes](https://github.com/rustls/webpki/releases) - [Commits](rustls/webpki@v/0.102.2...v/0.102.8) --- updated-dependencies: - dependency-name: rustls-webpki dependency-version: 0.102.8 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Mar 21, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump rustls-webpki from 0.102.2 to 0.102.8#157

build(deps): bump rustls-webpki from 0.102.2 to 0.102.8#157
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/rustls-webpki-0.102.8

dependabot bot commented on behalf of github Mar 21, 2026

Labels

0 participants

Conversation

dependabot bot commented on behalf of github Mar 21, 2026

0.102.8

Release notes

What's Changed

0.102.7

What's Changed

New Contributors

0.102.6

What's Changed

New Contributors

0.102.5

Notable changes

Labels

0 participants