chore(deps): Bump the deps group across 1 directory with 18 updates

[dependabot]

Bumps the deps group with 18 updates in the / directory:

Package	From	To
reqwest	0.12.4	0.12.9
shadow-rs	0.35.1	0.35.2
serde	1.0.210	1.0.214
serde_json	1.0.128	1.0.132
anyhow	1.0.89	1.0.93
thiserror	1.0.64	1.0.69
tempfile	3.13.0	3.14.0
pathdiff	0.2.1	0.2.2
regex	1.11.0	1.11.1
ordered-float	4.3.0	4.5.0
uuid	1.10.0	1.11.0
wasmtime	25.0.2	25.0.3
wasmtime-wasi	25.0.2	25.0.3
futures-concurrency	7.6.1	7.6.2
futures-lite	2.3.0	2.5.0
bytes	1.7.2	1.8.0
proto-parser	aa47da5	528448f
insta	1.40.0	1.41.1

Updates reqwest from 0.12.4 to 0.12.9

Release notes

Sourced from reqwest's releases.

v0.12.9

What's Changed

• Add tls::CertificateRevocationLists support (by @​ksenia-vazhdaeva in seanmonstar/reqwest#2433)
• Add crate features to enable webpki roots without selecting a rustls provider (by @​stevefan1999-personal in seanmonstar/reqwest#2447)
• Fix multipart::Part::file() to automatically include content-length (by @​Mr-Pine in seanmonstar/reqwest#2459)
• Fix proxy to internally no longer cache system proxy settings (by @​lanyeeee in seanmonstar/reqwest#2442)
• Fix connection_verbose() to output read logs (by @​seanmonstar in seanmonstar/reqwest#2454)

New Contributors

• @​lanyeeee made their first contribution in seanmonstar/reqwest#2442
• @​ksenia-vazhdaeva made their first contribution in seanmonstar/reqwest#2433
• @​Mr-Pine made their first contribution in seanmonstar/reqwest#2459
• @​stevefan1999-personal made their first contribution in seanmonstar/reqwest#2447

Full Changelog: seanmonstar/reqwest@v0.12.8...v0.12.9

v0.12.8

What's Changed

• Add support for SOCKS4 proxies.
• Add multipart::Form::file() method for adding files easily.
• Add Body::wrap() to wrap any http_body::Body type.
• Fix the pool configuration to use a timer to remove expired connections.

New Contributors

• @​workingjubilee made their first contribution in seanmonstar/reqwest#2402
• @​NaokiM03 made their first contribution in seanmonstar/reqwest#2106
• @​Xuanwo made their first contribution in seanmonstar/reqwest#2255
• @​Jaltaire made their first contribution in seanmonstar/reqwest#2400
• @​Hyask made their first contribution in seanmonstar/reqwest#2418
• @​Jake-Shadle made their first contribution in seanmonstar/reqwest#2427
• @​RobMor made their first contribution in seanmonstar/reqwest#2434

Full Changelog: seanmonstar/reqwest@v0.12.7...v0.12.8

v0.12.7

What's Changed

• Revert adding impl Service<http::Request<_>> for Client.

Full Changelog: seanmonstar/reqwest@v0.12.6...v0.12.7

v0.12.6

What's Changed

• Add support for danger_accept_invalid_hostnames for rustls.
• Add impl Service<http::Request<Body>> for Client and &'_ Client.
• Add support for !Sync bodies in Body::wrap_stream().
• Enable happy eyeballs when hickory-dns is used.

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.12.9

• Add tls::CertificateRevocationLists support.
• Add crate features to enable webpki roots without selecting a rustls provider.
• Fix connection_verbose() to output read logs.
• Fix multipart::Part::file() to automatically include content-length.
• Fix proxy to internally no longer cache system proxy settings.

v0.12.8

• Add support for SOCKS4 proxies.
• Add multipart::Form::file() method for adding files easily.
• Add Body::wrap() to wrap any http_body::Body type.
• Fix the pool configuration to use a timer to remove expired connections.

v0.12.7

• Revert adding impl Service<http::Request<_>> for Client.

v0.12.6

• Add support for danger_accept_invalid_hostnames for rustls.
• Add impl Service<http::Request<Body>> for Client and &'_ Client.
• Add support for !Sync bodies in Body::wrap_stream().
• Enable happy eyeballs when hickory-dns is used.
• Fix Proxy so that HTTP(S)_PROXY values take precendence over ALL_PROXY.
• Fix blocking::RequestBuilder::header() from unsetting sensitive on passed header values.

v0.12.5

• Add blocking::ClientBuilder::dns_resolver() method to change DNS resolver in blocking client.
• Add http3 feature back, still requiring reqwest_unstable.
• Add rustls-tls-no-provider Cargo feature to use rustls without a crypto provider.
• Fix Accept-Encoding header combinations.
• Fix http3 resolving IPv6 addresses.
• Internal: upgrade to rustls 0.23.

Commits

• 797df2b v0.12.9
• 64aa7d1 add webpki roots option for rustls no provider setup (#2447)
• 598f857 Add content length to async_impl::multipart file streams (#2459)
• d99e90d fix: re-enable verbose connection read logs (#2454)
• aba01ff feat: Add support for Certificate Revocation Lists (#2433)
• 3ad6e02 refactor: remove internal proxy sys cache (#2442)
• 95fec09 v0.12.8
• baf9712 fix: pass pool_timer to hyper_util to enable the idle cleanup task (#2434)
• d85f44b Bump rustls-native-certs (#2427)
• c8665be tests: use a documented test network for testing
• Additional commits viewable in compare view

Updates shadow-rs from 0.35.1 to 0.35.2

Release notes

Sourced from shadow-rs's releases.

v0.35.2

What's Changed

• chmod change by @​baoyachi in baoyachi/shadow-rs#188

Full Changelog: baoyachi/shadow-rs@v0.35.1...v0.35.2

Commits

• ec8615d Merge pull request #188 from baoyachi/issue/187
• 53bb03b chmod change
• 8b55788 Update Cargo.toml
• 832994b Update README.md
• 8f0c146 Update README.md
• See full diff in compare view

Updates serde from 1.0.210 to 1.0.214

Release notes

Sourced from serde's releases.

v1.0.214

• Implement IntoDeserializer for all Deserializers in serde::de::value module (#2568, thanks @​Mingun)

v1.0.213

• Fix support for macro-generated with attributes inside a newtype struct (#2847)

v1.0.212

• Fix hygiene of macro-generated local variable accesses in serde(with) wrappers (#2845)

v1.0.211

• Improve error reporting about mismatched signature in with and default attributes (#2558, thanks @​Mingun)
• Show variant aliases in error message when variant deserialization fails (#2566, thanks @​Mingun)
• Improve binary size of untagged enum and internally tagged enum deserialization by about 12% (#2821)

Commits

• 4180621 Release 1.0.214
• 210373b Merge pull request #2568 from Mingun/into_deserializer-for-deserializers
• 9cda015 Implement IntoDeserializer for all Deserializers in serde::de::value module
• 58a8d22 Release 1.0.213
• ef0ed22 Merge pull request #2847 from dtolnay/newtypewith
• 79925ac Ignore dead_code warning in regression test
• b60e409 Hygiene for macro-generated newtype struct deserialization with 'with' attr
• fdc36e5 Add regression test for issue 2846
• 49e11ce Ignore trivially_copy_pass_by_ref pedantic clippy lint in test
• 7ae1b5f Release 1.0.212
• Additional commits viewable in compare view

Updates serde_json from 1.0.128 to 1.0.132

Release notes

Sourced from serde_json's releases.

1.0.132

• Improve binary size and compile time for JSON array and JSON object deserialization by about 50% (#1205)
• Improve performance of JSON array and JSON object deserialization by about 8% (#1206)

1.0.131

• Implement Deserializer and IntoDeserializer for Map<String, Value> and &Map<String, Value> (#1135, thanks @​swlynch99)

1.0.130

• Support converting and deserializing Number from i128 and u128 (#1141, thanks @​druide)

1.0.129

• Add serde_json::Map::sort_keys and serde_json::Value::sort_all_objects (#1199)

Commits

• 86d933c Release 1.0.132
• f45b422 Merge pull request #1206 from dtolnay/hasnext
• f2082d2 Clearer order of comparisons
• 0f54a1a Handle early return sooner on eof in seq or map
• 2a4cb44 Rearrange 'match peek'
• 4cb90ce Merge pull request #1205 from dtolnay/hasnext
• b71ccd2 Reduce duplicative instantiation of logic in SeqAccess and MapAccess
• a810ba9 Release 1.0.131
• 0d084c5 Touch up PR 1135
• b4954a9 Merge pull request #1135 from swlynch99/map-deserializer
• Additional commits viewable in compare view

Updates anyhow from 1.0.89 to 1.0.93

Release notes

Sourced from anyhow's releases.

1.0.93

• Update dev-dependencies to thiserror v2

1.0.92

• Support Rust 1.82's &raw const and &raw mut syntax inside ensure! (#390)

1.0.91

• Ensure OUT_DIR is left with deterministic contents after build script execution (#388)

1.0.90

• Documentation improvements

Commits

• 713bda9 Release 1.0.93
• f91c247 Merge pull request #391 from dtolnay/thiserror
• 2a3901c Isolate old rustc version tests from needing anyhow dev-dependencies in lockfile
• 3ca2cdd Update dev-dependencies to thiserror v2
• fd03a8e Release 1.0.92
• a16252b Merge pull request #390 from dtolnay/rawaddr
• fcf2ef8 Compile &raw test on Rust 1.82+ only
• 1e7e9fe Parse raw address expression syntax
• 7d1a8f9 Add test of raw addr expression syntax
• 6c52daa Release 1.0.91
• Additional commits viewable in compare view

Updates thiserror from 1.0.64 to 1.0.69

Release notes

Sourced from thiserror's releases.

1.0.69

No release notes provided.

1.0.68

• Handle incomplete expressions more robustly in format arguments, such as while code is being typed (#341, #344)

1.0.67

• Improve expression syntax support inside format arguments (#335, #337, #339, #340)

1.0.66

• Improve compile error on malformed format attribute (#327)

1.0.65

• Ensure OUT_DIR is left with deterministic contents after build script execution (#325)

Commits

• 41938bd Release 1.0.69
• 9d6506e Merge pull request #382 from dtolnay/hang
• 591a44d Fix fallback fmt expression parser hang
• 5b36e37 Add ui test of invalid expression syntax in display attribute
• 8d06fb5 Release 1.0.68
• 372fd8a Merge pull request #344 from dtolnay/binop
• 08f8992 Disregard equality binop in fallback parser
• d2a823d Merge pull request #343 from dtolnay/unnamed
• b3bf7a6 Add logic to determine whether unnamed fmt arguments are present
• 490f9c0 Merge pull request #342 from dtolnay/synfull
• Additional commits viewable in compare view

Updates tempfile from 3.13.0 to 3.14.0

Changelog

Sourced from tempfile's changelog.

3.14.0

• Make the wasip2 target work (requires tempfile's "nightly" feature to be enabled). #305.
• Allow older windows-sys versions #304.

Commits

• b232c58 chore: release 3.14.0 (#307)
• a23f396 fix: enable wasip2 feature for wasm32-wasip2 target (#305)
• f162807 ci: switch from cargo-wasi to directly using the wasip1 target (#306)
• fa8ad00 allow older windows-sys (#304)
• 335d91d fix: expose SpooledData enum (#301)
• See full diff in compare view

Updates pathdiff from 0.2.1 to 0.2.2

Commits

• See full diff in compare view

Updates regex from 1.11.0 to 1.11.1

Changelog

Sourced from regex's changelog.

1.11.1 (2024-10-24)

This is a new patch release of regex that fixes compilation on nightly Rust when the unstable pattern crate feature is enabled. Users on nightly Rust without this feature enabled are unaffected.

Bug fixes:

• [BUG #1231](rust-lang/regex#1231): Fix the Pattern trait implementation as a result of nightly API breakage.

Commits

• 9870c06 1.11.1
• 80df54e changelog: 1.11.1
• 991ba88 unstable: fix Pattern trait implementation
• See full diff in compare view

Updates ordered-float from 4.3.0 to 4.5.0

Release notes

Sourced from ordered-float's releases.

v4.5.0

What's Changed

• Implement Add and other binary ops for &OrderedFloat by @​gechelberger in reem/rust-ordered-float#162

New Contributors

• @​gechelberger made their first contribution in reem/rust-ordered-float#162

Full Changelog: reem/rust-ordered-float@v4.4.0...v4.5.0

v4.4.0

What's Changed

• Document that NotNan is repr(transparent). by @​kpreid in reem/rust-ordered-float#158
• Document signed zero hazards. by @​kpreid in reem/rust-ordered-float#159
• feat: integrate with derive-visitor by @​tisonkun in reem/rust-ordered-float#161

Full Changelog: reem/rust-ordered-float@v4.3.0...v4.4.0

Commits

• d722d5f Version 4.5.0
• 49f8f9d Merge pull request #162 from gechelberger/master
• c435cba rustfmt
• 5b86220 feat: &OrderedFloat <op> &OrderedFloat impl workaround
• 324b3e1 Version 4.4.0
• dc0269e Merge pull request #161 from tisonkun/derive-visitor
• 0e7da65 feat: integrate with derive-visitor
• 6c47902 Merge pull request #160 from kpreid/ci
• 88275c3 Merge pull request #159 from kpreid/eq
• d614112 CI: update actions/checkout, remove actions-rs/*
• Additional commits viewable in compare view

Updates uuid from 1.10.0 to 1.11.0

Release notes

Sourced from uuid's releases.

1.11.0

What's Changed

• Upgrade zerocopy to 0.8 by @​yotamofek in uuid-rs/uuid#771
• Prepare for 1.11.0 release by @​KodrAus in uuid-rs/uuid#772

New Contributors

• @​yotamofek made their first contribution in uuid-rs/uuid#771

Full Changelog: uuid-rs/uuid@1.10.0...1.11.0

Commits

• 4473398 Merge pull request #772 from uuid-rs/cargo/1.11.0
• 59fbb1e prepare for 1.11.0 release
• d9b34e7 Merge pull request #771 from yotamofek/zerocopy_0.8
• 14b2420 Upgrade zerocopy to 0.8
• See full diff in compare view

Updates wasmtime from 25.0.2 to 25.0.3

Release notes

Sourced from wasmtime's releases.

v25.0.3

25.0.3

Released 2024-11-05.

Fixed

• Update to cap-std 3.4.1, for #9559, which fixes a wasi-filesystem sandbox escape on Windows. CVE-2024-51745.

Commits

• 94c223f Release Wasmtime 25.0.3 (#9562)
• 51736e3 Update to cap-std 3.4.1. (#9558)
• 63bdc9c Update publish script skipping versions (#9431)
• See full diff in compare view

Updates wasmtime-wasi from 25.0.2 to 25.0.3

Release notes

Sourced from wasmtime-wasi's releases.

v25.0.3

25.0.3

Released 2024-11-05.

Fixed

• Update to cap-std 3.4.1, for #9559, which fixes a wasi-filesystem sandbox escape on Windows. CVE-2024-51745.

Commits

• 94c223f Release Wasmtime 25.0.3 (#9562)
• 51736e3 Update to cap-std 3.4.1. (#9558)
• 63bdc9c Update publish script skipping versions (#9431)
• See full diff in compare view

Updates futures-concurrency from 7.6.1 to 7.6.2

Release notes

Sourced from futures-concurrency's releases.

v7.6.2

What's Changed

• fix: clippy::doc_lazy_continuation by @​crepererum in yoshuawuyts/futures-concurrency#192
• chore: replace bitvec with fixedbitset by @​crepererum in yoshuawuyts/futures-concurrency#191
• Implement FromConcurrentStream for Result<Vec<T>, E> by @​tyilo in yoshuawuyts/futures-concurrency#193
• Reference flush instead of finnish in ConsumerState::Break doc by @​tyilo in yoshuawuyts/futures-concurrency#194
• fix no_std by @​Easyoakland in yoshuawuyts/futures-concurrency#196

New Contributors

• @​crepererum made their first contribution in yoshuawuyts/futures-concurrency#192
• @​tyilo made their first contribution in yoshuawuyts/futures-concurrency#193
• @​Easyoakland made their first contribution in yoshuawuyts/futures-concurrency#196

Full Changelog: yoshuawuyts/futures-concurrency@v7.6.1...v7.6.2

Commits

• 30beb59 chore: Release futures-concurrency version 7.6.2
• f5e0c84 fix clippy in CI
• 9de4079 Merge pull request #196 from Easyoakland/fix-nostd
• 06dd954 Update futures-buffered to fix no-std
• fc9ad5e fix no_std (after futures-buffered accepts https://github.com/conradludgate/f...
• bfbe99c Merge pull request #194 from tyilo/finish-to-flush
• 8b8a565 Merge pull request #193 from tyilo/result-from-costream
• 91cab98 Simplify implementation
• 4bdc8da Implement FromConcurrentStream for Result<Vec, E>
• 4d50331 Reference flush instead of finnish in ConsumerState::Break doc
• Additional commits viewable in compare view

Updates futures-lite from 2.3.0 to 2.5.0

Release notes

Sourced from futures-lite's releases.

v2.5.0

• Remove Unpin bound from the Lines I/O adapter. (#113)

v2.4.0

• Add a "fuse" method that makes it so a Future returns Poll::Pending forever after it returns Poll::Pending once. (#101)
• Add a "stop_after_future" function that allows for running a Stream until a Future completes. (#103)
• Make it so Zip/TryZip drop completed futures. (#106)

Changelog

Sourced from futures-lite's changelog.

Version 2.5.0

• Remove Unpin bound from the Lines I/O adapter. (#113)

Version 2.4.0

• Add a "fuse" method that makes it so a Future returns Poll::Pending forever after it returns Poll::Pending once. (#101)
• Add a "stop_after_future" function that allows for running a Stream until a Future completes. (#103)
• Make it so Zip/TryZip drop completed futures. (#106)

Commits

• 83bcf1e v2.5.0
• bf22c0e Remove Unpin bound from lines (#113)
• 7aa7bd7 v2.4.0
• f966912 ci: Use "v2.0.0" branch for security check
• 24be08c chore: Fix typo (#108)
• 312753d Fix elided_named_lifetimes warning (#109)
• 12509a0 fix: drop completed futures in Zip and TryZip
• 9160e8a m: Silence clippy
• 6f89c8b m: Rename take_until to stop_after_future
• 091964c feat: add StreamExt::take_until
• Additional commits viewable in compare view

Updates bytes from 1.7.2 to 1.8.0

Release notes

Sourced from bytes's releases.

Bytes 1.8.0

1.8.0 (October 21, 2024)

• Guarantee address in split_off/split_to for empty slices (#740)

Changelog

Sourced from bytes's changelog.

1.8.0 (October 21, 2024)

• Guarantee address in split_off/split_to for empty slices (#740)

Commits

• c45697c chore: prepare bytes v1.8.0 (#741)
• 0ac54ca Guarantee address in split_off/split_to for empty slices (#740)
• See full diff in compare view

Updates proto-parser from aa47da5 to 528448f

Commits

• 528448f bump deps
• 091c87f remove un necessary code
• See full diff in compare view

Updates insta from 1.40.0 to 1.41.1

Release notes

Sourced from insta's releases.

1.41.1

Release Notes

• Re-release of 1.41.0 to generate release artifacts correctly.

Install cargo-insta 1.41.1

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.41.1/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -c "irm https://github.com/mitsuhiko/insta/releases/download/1.41.1/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.41.1

File	Platform	Checksum
cargo-insta-aarch64-apple-darwin.tar.xz	Apple Silicon macOS	checksum
cargo-insta-x86_64-apple-darwin.tar.xz	Intel macOS	checksum
cargo-insta-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
cargo-insta-x86_64-unknown-linux-gnu.tar.xz	x64 Linux	checksum
cargo-insta-x86_64-unknown-linux-musl.tar.xz	x64 MUSL Linux	checksum

1.41.0

• Experimental support for binary snapshots. #610 (Florian Plattner)

• --force-update-snapshots now causes cargo-insta to write every snapshot, regardless of whether snapshots fully match, and now implies --accept. This allows for --force-update-snapshots to update inline snapshots' delimiters and indentation.

  For the previous behavior of --force-update-snapshots, which limited writes to snapshots which didn't fully match, use --require-full-match. The main difference between --require-full-match and the existing behavior of --force-update-snapshots is a non-zero exit code on any snapshots which don't fully match.

  Like the previous behavior or --force-update-snapshots, --require-full-match doesn't track inline snapshots' delimiters or indentation, so can't update if those don't match. #644

• Inline snapshots only use # characters as delimiters when required. #603

• Warnings for undiscovered snapshots are more robust, and include files with custom snapshot extensions. #637

• Insta runs correctly on packages which reference rust files in a parent path. #626

• Warnings are printed when any snapshot uses a legacy format. #599

• cargo insta --version now prints a version. #665

... (truncated)

Changelog

Sourced from insta's changelog.

1.41.1

• Re-release of 1.41.1 to generate release artifacts correctly.

1.41.0

• Experimental support for binary snapshots. #610 (Florian Plattner)

• --force-update-snapshots now causes cargo-insta to write every snapshot, regardless of whether snapshots fully match, and now implies --accept. This allows for --force-update-snapshots to update inline snapshots' delimiters and indentation.

  For the previous behavior of --force-update-snapshots, which limited writes to snapshots which didn't fully match, use --require-full-match. The main difference between --require-full-match and the existing behavior of --force-update-snapshots is a non-zero exit code on any snapshots which don't fully match.

  Like the previous behavior of --force-update-snapshots, --require-full-match doesn't track inline snapshots' delimiters or indentation, so can't update if those don't match. #644

• Inline snapshots only use # characters as delimiters when required. #603

• Warnings for undiscovered snapshots are more robust, and include files with custom snapshot extensions. #637

• Insta runs correctly on packages which reference rust files in a parent path. #626

• Warnings are printed when any snapshot uses a legacy format. #599

• cargo insta --version now prints a version. #665

• insta now internally uses INSTA_UPDATE=force rather than INSTA_FORCE_UPDATE=1. (This doesn't affect users of cargo-insta, which handles this internally.) #482

• cargo-insta's integration tests continue to grow over the past couple of versions, and now offer coverage of most of cargo-insta's interface.

Commits

• cb08d92 Bump version to 1.41.1 (#681)
• 6d555d4 Changelog for 1.41.1 (#680)
• 0317928 Refine changelog (#675)
• 0e07a50 Update a couple docstrings (#669)
• 083ce14 Another small simplification of prepare_test_runner (#667)
• b7dea9b Small simplification of prepare_test_runner (#666)
• 5fd34e6 Print a version with --version (#665)
• a8b6cc2 Small refactors (#664)
• 4f16d70 Show hidden files in functional tests (#663)
• 2b8fce7 Consolidate Cargo.toml creation in functional tests (#662)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions