Skip to content
Rust Releases

Rust 1.96.0: Maintenance & Security Release Notes

rust 1.96.0 release notes landed on May 28. This is a maintenance release focused on backend improvements and bug fixes. The team shipped seven stabilized APIs including assert_matches! and debug_assert_matches!. Cargo received two security fixes for CVEs. No front-facing features headline this update. This maintenance release is recommended for all Rust developers. It provides critical […]

Jack Pauley June 29, 2026 6 min read
rust 1.96.0 release notes

rust 1.96.0 release notes landed on May 28. This is a maintenance release focused on backend improvements and bug fixes. The team shipped seven stabilized APIs including assert_matches! and debug_assert_matches!. Cargo received two security fixes for CVEs. No front-facing features headline this update.

This maintenance release is recommended for all Rust developers. It provides critical security patches for Cargo and stabilizes several useful macros and type conversions. Upgrade now to keep your toolchain current and secure.

What Changed

  • Language: Allow passing expr metavariable to cfg. Support s390x vector registers in inline assembly. Allow using constants of type ManuallyDrop as patterns (fixing a regression from 1.94.0).
  • Compiler: Enable link relaxation for LoongArch Linux targets. Update riscv64gc-unknown-fuchsia baseline to RVA22 + vector.
  • Libraries: Support iterating over ranges of NonZero integers. Refactor valid-for-read/write definition to exclude null. Fix SGX delayed host lookup via ToSocketAddr.
  • Stabilized APIs: assert_matches!, debug_assert_matches!, From for AssertUnwindSafe, LazyCell, LazyLock, and several core::range types.
  • Cargo: Allow dependency to specify both git and alternate registry. Added target.’cfg(..)’.rustdocflags support. Fixed CVE-2026-5222 and CVE-2026-5223.
  • Rustdoc: Deprecation notes render like other documentation. Separate methods and associated functions in sidebar.
  • Compatibility Notes: Fix layout of #[repr(Int)] enums with uninhabited ZSTs. Prevent unsize-coercing into Pin without Deref. Stop passing –allow-undefined on wasm targets. Remove -Csoft-float. Update minimum external LLVM to 21. Change c_double to f32 on avr targets (breaking). BTreeMap::append() optimized (may panic for bad Ord impls).

Why It Matters

  • Security: Two Cargo CVEs patched. Users on older versions face potential supply chain attacks. Upgrade eliminates these risks.
  • Fresh APIs: assert_matches! and debug_assert_matches! let you write concise pattern-based assertions. No more manual panic! calls.
  • Better ergonomics: New From implementations reduce boilerplate when wrapping types in LazyCell or LazyLock.
  • Platform polish: LoongArch and s390x get inline assembly and linking improvements. Embedded and Fuchsia targets see baseline bumps.

Who Should Upgrade

This release is particularly relevant for all Rust developers, especially those managing Cargo dependencies, using embedded targets (avr, LoongArch, s390x), or writing pattern-heavy code that benefits from assert_matches!. Teams on older toolchains should upgrade to receive the CVE fixes and LLVM 21 compatibility.

How to Upgrade

  1. Run rustup update stable to fetch the latest stable toolchain (1.96.0).
  2. Verify the installed version with rustc --version. You should see rustc 1.96.0.
  3. Update your project’s edition if needed. No edition change for this release.
  4. Review the compatibility notes for any code that uses unsize-coercions into Pin, #[repr(Int)] enums with ZSTs, or avr c_double.
  5. Run cargo update to refresh dependency lockfiles with the new Cargo.

Usage Examples

  • Pattern assertion with assert_matches!: Replace match val { Pattern => {}, _ => panic!() } with the new macro for shorter, clearer tests.
  • Iterating over NonZero ranges: Use for n in NonZeroU8::range(1..=10) instead of manually filtering zero.
  • Lazy initialization: Use let cache: LazyLock<HashMap<_,_>> = LazyLock::new(|| expensive_setup()); with the new From conversion for simpler construction.
  • Fuchsia baseline update: Developers targeting riscv64gc-unknown-fuchsia no longer need manual vector support flags.

Breaking Changes

  • avr c_double changed to f32: On AVR targets, c_double now matches C’s 32-bit double. Update any FFI code that assumes 64-bit.
  • BTreeMap::append optimization: The faster append may panic for types with incorrect Ord implementations. Fix any broken Ord impls.
  • Export attribute precedence: When multiple export_name, link_name, or link_section attributes exist, the first now wins. Review your attribute order.
  • Importing structs with ::{self}: use S::{self as Other}; is no longer allowed. Use a normal alias instead.
  • unsize-coercing into Pin: Coercions into Pin<Foo> where Foo: !Deref now error. Refactor to avoid this pattern.

Known Issues

  • No known issues reported in official notes.

Feature Flow

Official Release Notes

View full release notes on GitHub β†’

πŸ› οΈ Try These Free Tools

πŸ“¦ Dependency EOL Scanner

Paste your dependency file to check for end-of-life packages.

πŸ—ΊοΈ Upgrade Path Planner

Plan your upgrade path with breaking change warnings and step-by-step guidance.

πŸ”’ CVE Dashboard

Real-time CVE feed filtered by technology and severity.

See all free tools β†’

Stay Updated

Get the best releases delivered monthly. No spam, unsubscribe anytime.

By subscribing you agree to our Privacy Policy.