Rust 1.96.0 Release Notes: Maintenance & Security Fixes

Rust 1.96.0 release notes arrive with a quiet thud. This maintenance release packs backend improvements and bug fixes. No flashy features steal the spotlight. Instead, the team focused on stability and security. Two CVEs got patched. One affects Cargo. The other targets the compiler. If you value a clean, secure toolchain, this update matters. The rust 1.96.0 release notes list 11 stabilized APIs, including assert_matches! and debug_assert_matches!. That alone justifies the upgrade.

This maintenance release is recommended for all Rust users. Rust 1.96.0 addresses two security vulnerabilities, stabilizes 11 APIs, and fixes several edge cases in the compiler and libraries. Upgrade to keep your projects safe and your code modern.

What Changed

• Language: Allow passing expr metavariable to cfg. Always coerce never types in tuple expressions. Avoid incorrect inference guidance of function arguments in rare cases. Support s390x vector registers in inline assembly.
• Compiler: Enable link relaxation for LoongArch Linux targets. Update riscv64gc-unknown-fuchsia baseline to RVA22 + vector.
• Libraries: Support iterating over ranges of NonZero integers. Refactor ‘valid for read/write’ definition to exclude null. Fix SGX delayed host lookup via ToSocketAddr.
• Stabilized APIs: assert_matches!, debug_assert_matches!, From<T> for AssertUnwindSafe<T>, From<T> for LazyCell<T, F>, From<T> for LazyLock<T, F>, core::range::RangeToInclusive, core::range::RangeToInclusiveIter, core::range::RangeFrom, core::range::RangeFromIter, core::range::Range, core::range::RangeIter.
• Cargo: Allow a dependency to specify both a git repository and an alternate registry. Added target.’cfg(..)’.rustdocflags support in configuration. Fixed CVE-2026-5222 and CVE-2026-5223.
• Rustdoc: Deprecation notes now render like any other documentation. Don’t emit missing_doc_code_examples lint on impl items. Separate methods and associated functions in sidebar.
• Compatibility Notes: Fix layout of #[repr(Int)] enums with uninhabited ZST fields. Prevent unsize-coercing into Pin<Foo> where Foo doesn’t implement Deref. Stop passing –allow-undefined on wasm targets. Gate accidentally stabilized #![reexport_test_harness_main] attribute. Error on return-position-impl-trait-in-traits with too private types. Report uninhabited_static lint in dependencies. Distributed builds now contain non-split debuginfo for windows-gnu. Check const generic arguments in more positions. Remove -Csoft-float. Importing structs with ::{self [as name]} no longer permitted. For duplicate export_name, link_name, link_section attributes, first takes precedence. Update minimum external LLVM to 21. On avr targets, c_double changes to f32.

Why It Matters

• Maintenance release: No specific features or changes documented in release notes beyond the listed items. This keeps the compiler reliable.

Who Should Upgrade

All Rust developers benefit from this release. The security fixes make it critical for teams using Cargo with external registries. Library authors gain 11 new stable APIs. Embedded developers on LoongArch, RISC-V, or AVR targets get targeted improvements. If you maintain open-source projects, upgrade to stay compatible with the latest toolchain.

How to Upgrade

1. Check your current version: rustc --version
2. Install the new version using rustup: rustup update stable
3. Verify the upgrade: rustc --version should show 1.96.0
4. Update your project’s rust-toolchain file if you pin a specific version.
5. Run cargo check on your projects to confirm no breaking changes affect you.

Usage Examples

• assert_matches!: Use this macro to assert that a pattern matches an expression. It provides clear failure messages.
• NonZero integer ranges: Iterate over ranges of NonZero integers directly. This eliminates manual filtering of zero values.
• Git + alternate registry: In your Cargo.toml, specify both a git source and an alternate registry for a dependency. Cargo uses the git source locally and falls back to the registry for publishing.
• cfg-based rustdocflags: Add target-specific Rustdoc flags for conditional documentation builds.

Breaking Changes

• AVR c_double: On AVR targets, c_double now maps to f32 (32-bit) instead of f64 to match C’s double. This may break FFI code that assumed 64-bit doubles.
• Remove -Csoft-float: The compiler option -Csoft-float no longer exists. Use target features instead.
• Struct self-imports: use S::{self as Other} is no longer allowed. This only affects unusual import patterns.
• Duplicate attributes: If you have multiple export_name, link_name, or link_section attributes on the same item, only the first one applies now.
• Minimum LLVM 21: You must use LLVM 21 or later to build the compiler. This affects custom toolchain builders.
• Uninhabited static lint: The uninhabited_static lint is now deny-by-default and applies to dependencies. You may need to suppress it in legacy code.

Known Issues

• No known issues reported in official notes. The release maintains high stability.

Feature Flow

Official Release Notes

View full release notes on GitHub →

🛠️ Try These Free Tools

See all free tools →