rust 1.96.0 release notes landed on May 28. This is a maintenance release focused on backend improvements and bug fixes. The team shipped seven stabilized APIs including assert_matches! and debug_assert_matches!. Cargo received two security fixes for CVEs. No front-facing features headline this update.
This maintenance release is recommended for all Rust developers. It provides critical security patches for Cargo and stabilizes several useful macros and type conversions. Upgrade now to keep your toolchain current and secure.
What Changed
- Language: Allow passing expr metavariable to cfg. Support s390x vector registers in inline assembly. Allow using constants of type ManuallyDrop as patterns (fixing a regression from 1.94.0).
- Compiler: Enable link relaxation for LoongArch Linux targets. Update riscv64gc-unknown-fuchsia baseline to RVA22 + vector.
- Libraries: Support iterating over ranges of NonZero integers. Refactor valid-for-read/write definition to exclude null. Fix SGX delayed host lookup via ToSocketAddr.
- Stabilized APIs: assert_matches!, debug_assert_matches!, From
for AssertUnwindSafe, LazyCell, LazyLock, and several core::range types. - Cargo: Allow dependency to specify both git and alternate registry. Added target.’cfg(..)’.rustdocflags support. Fixed CVE-2026-5222 and CVE-2026-5223.
- Rustdoc: Deprecation notes render like other documentation. Separate methods and associated functions in sidebar.
- Compatibility Notes: Fix layout of #[repr(Int)] enums with uninhabited ZSTs. Prevent unsize-coercing into Pin
without Deref. Stop passing –allow-undefined on wasm targets. Remove -Csoft-float. Update minimum external LLVM to 21. Change c_double to f32 on avr targets (breaking). BTreeMap::append() optimized (may panic for bad Ord impls).
Why It Matters
- Security: Two Cargo CVEs patched. Users on older versions face potential supply chain attacks. Upgrade eliminates these risks.
- Fresh APIs: assert_matches! and debug_assert_matches! let you write concise pattern-based assertions. No more manual panic! calls.
- Better ergonomics: New From implementations reduce boilerplate when wrapping types in LazyCell or LazyLock.
- Platform polish: LoongArch and s390x get inline assembly and linking improvements. Embedded and Fuchsia targets see baseline bumps.
Who Should Upgrade
This release is particularly relevant for all Rust developers, especially those managing Cargo dependencies, using embedded targets (avr, LoongArch, s390x), or writing pattern-heavy code that benefits from assert_matches!. Teams on older toolchains should upgrade to receive the CVE fixes and LLVM 21 compatibility.
How to Upgrade
- Run
rustup update stableto fetch the latest stable toolchain (1.96.0). - Verify the installed version with
rustc --version. You should seerustc 1.96.0. - Update your project’s edition if needed. No edition change for this release.
- Review the compatibility notes for any code that uses unsize-coercions into Pin, #[repr(Int)] enums with ZSTs, or avr c_double.
- Run
cargo updateto refresh dependency lockfiles with the new Cargo.
Usage Examples
- Pattern assertion with assert_matches!: Replace
match val { Pattern => {}, _ => panic!() }with the new macro for shorter, clearer tests. - Iterating over NonZero ranges: Use
for n in NonZeroU8::range(1..=10)instead of manually filtering zero. - Lazy initialization: Use
let cache: LazyLock<HashMap<_,_>> = LazyLock::new(|| expensive_setup());with the new From conversion for simpler construction. - Fuchsia baseline update: Developers targeting riscv64gc-unknown-fuchsia no longer need manual vector support flags.
Breaking Changes
- avr c_double changed to f32: On AVR targets,
c_doublenow matches C’s 32-bit double. Update any FFI code that assumes 64-bit. - BTreeMap::append optimization: The faster append may panic for types with incorrect Ord implementations. Fix any broken Ord impls.
- Export attribute precedence: When multiple export_name, link_name, or link_section attributes exist, the first now wins. Review your attribute order.
- Importing structs with ::{self}:
use S::{self as Other};is no longer allowed. Use a normal alias instead. - unsize-coercing into Pin: Coercions into
Pin<Foo>whereFoo: !Derefnow error. Refactor to avoid this pattern.
Known Issues
- No known issues reported in official notes.
Feature Flow
Official Release Notes
π οΈ Try These Free Tools
Paste your dependency file to check for end-of-life packages.
Plan your upgrade path with breaking change warnings and step-by-step guidance.
Real-time CVE feed filtered by technology and severity.
Track These Releases