bump the cargo group across 1 directory with 11 updates

[dependabot]

Bumps the cargo group with 6 updates in the / directory:

Package	From	To
gix	0.71.0	0.72.1
toml_edit	0.22.24	0.22.25
insta	1.42.2	1.43.0
cc	1.2.19	1.2.20
syn	2.0.100	2.0.101
toml	0.8.20	0.8.21

Updates gix from 0.71.0 to 0.72.1

Release notes

Sourced from gix's releases.

gix v0.72.1

Commit Statistics

• 1 commit contributed to the release.
• 0 commits were understood as conventional.
• 0 issues like '(#ID)' were seen in commit messages

Commit Details

• Uncategorized
  • Bump all prior pratch levels to majors (5f7f805)

gix v0.72.0

Bug Fixes

• Adapt to changes in gix-actor Use the committer date and author date that are now backed by bytes and interpret these bytes into a gix_date::Time on demand.

• correctly handle safe.directory for worktrees

• safe.directory now applies to configuration as well This means that repo-local configuration that is considered safe, ideally with safe.directory=safe/dir/* notation, will be usable for sensitive operations.

• make fs::walkdir_sorted_new() sort entries by paths literally This follows up 7b1b5bf864e74706aefeb1213e8bdb0545d5464a. Since packed-refs appears to be sorted by full ref name, loose-refs should also be emitted in that order.

  The comparison function is copied from gix::diff::object::tree::EntryRef. Non-utf8 file names are simply mapped to "" on Windows. We could add some fallback, but callers can't handle such file names anyway.

New Features (BREAKING)

• use RelativePath for prefixed ref iteration. Its type captures the requirements better.

Commit Statistics

• 40 commits contributed to the release.
• 5 commits were understood as conventional.
• 3 unique issues were worked on: #1788, #1912, #1928

Thanks Clippy

Clippy helped 1 time to make code idiomatic.

... (truncated)

Commits

• e104545 Release gix-date v0.10.1, gix-utils v0.3.0, gix-actor v0.35.1, gix-validate v...
• 5f7f805 bump all prior pratch levels to majors
• cc5b696 Release gix-path v0.10.16, gix-features v0.42.0, gix-hash v0.17.1, gix-object...
• 614b389 update more changelogs
• 49fa9f3 Adjusting changelogs prior to release of gix-path v0.10.16, gix-features v0.4...
• db0b095 Release gix-date v0.10.0, gix-utils v0.2.1, gix-actor v0.35.0, gix-validate v...
• 0bf84db update changelogs prior to release
• 3b1bef7 Merge pull request #1935 from pierrechevalier83/fix_1923
• c3c6504 j fmt
• 6f009d7 thanks clippy
• Additional commits viewable in compare view

Updates toml_edit from 0.22.24 to 0.22.25

Commits

• 4021081 chore: Release
• 3312698 chore: Release
• b25da32 docs: Update changelog
• 8844949 docs(write): Update base commit
• 5406815 Merge pull request #875 from epage/w
• c6479a2 refactor(toml): Pull out ValueSerializer for easier comparison
• 8c43cf8 refactor(toml): Remove redundant non_exhaustive
• 268a1f8 Merge pull request #874 from epage/w
• e406f94 refactor(toml): Split ser module
• 4d782f8 refactor(edit): Rely on type alias in ser
• Additional commits viewable in compare view

Updates winnow from 0.7.6 to 0.7.7

Changelog

Sourced from winnow's changelog.

[0.7.7] - 2025-04-24

Fixes

• Ensure LocatedSlice and Statefuls Stream::raw gets the inner input

Commits

• bb0cea3 chore: Release
• c887eee docs: Update changelog
• 296323d Merge pull request #774 from tianyuanhao/inner-most
• 491ebfc fix(stream): Make raw() inner-most
• 3752daf Merge pull request #767 from dqkqd/fix-ndjson-link
• 358080d docs(topic): Fixed link ndjson
• 2566343 Merge pull request #766 from epage/clippy
• 886a29d style: Help catch 'alloc' mistakes
• 03e4fc3 style: Make clippy happy
• See full diff in compare view

Updates jiff from 0.2.9 to 0.2.10

Changelog

Sourced from jiff's changelog.

0.2.10 (2025-04-21)

This release includes a bug fix for parsing Tuesday when using %A via Jiff's strptime APIs. Specifically, it would recognize Tueday instead of Tuesday.

Bug fixes:

• #333: Fix typo in strptime parsing from Tueday to Tuesday.

Commits

• 75ed28e 0.2.10
• ad13537 strtime: fix parsing for Tuesday
• 13bd8ab doc: fix typo
• See full diff in compare view

Updates insta from 1.42.2 to 1.43.0

Changelog

Sourced from insta's changelog.

1.43.0

• Add uppercase keyboard shortcuts for bulk operations in cargo insta review: A to accept all, R to reject all, and S to skip all remaining snapshots. #745
• --unreferenced=auto (or other relevant values) no longer cleans up pending snapshots. A bug where cargo insta test --unreferenced=auto would incorrectly pass on new pending snapshots has been fixed.
• Support specifying cargo-nextest bin with INSTA_CARGO_NEXTEST_BIN. #721 (Louis Fruleux)
• Allow setting INSTA_WORKSPACE_ROOT at compile time. This is useful for reproducible binaries so they don't contain references to CARGO_MANIFEST_DIR. #726 (Pascal Bach)
• Qualify all references in macros to avoid name clashes. #729 (Austin Schey)
• Remove linked-hash-map and pin-project dependencies. #742, #741, #738
• cargo insta review fails with a helpful error message when run in a non-TTY environment.

Commits

• 34196da bump version to 1.43.0 (#763)
• fd8ec9f fix --unreferenced=auto clearing new pending snapshots (#762)
• f781958 Rename process_snapshots function to review_snapshots for clarity (#761)
• 93b12c6 Add pre-commit hook for Rust code formatting (#760)
• e91a7ac fix unreferenced not being read from config file (#759)
• 7aa23e0 small simplification of macros (#758)
• 2c30a7f Run with --force-update-snapshots (#749)
• 25cedbc Add support for named snapshots with redactions and debug expr (#756)
• d18390d upgrade github actions checkout (#753)
• 9c2c885 use fixed tag for typos (#755)
• Additional commits viewable in compare view

Updates cc from 1.2.19 to 1.2.20

Release notes

Sourced from cc's releases.

cc-v1.2.20

Other

• Regenerate target info (#1461)
• Fix parser.rs on latest rustc nightly (#1459)

Changelog

Sourced from cc's changelog.

1.2.20 - 2025-04-25

Other

• Regenerate target info (#1461)
• Fix parser.rs on latest rustc nightly (#1459)

Commits

• 1dd0989 chore: release v1.2.20 (#1462)
• 828dd19 Regenerate target info (#1461)
• 5da0787 Update rusqlite requirement from 0.34.0 to 0.35.0 (#1460)
• 9fb0d0b Fix parser.rs on latest rustc nightly (#1459)
• See full diff in compare view

Updates gix-path from 0.10.15 to 0.10.17

Release notes

Sourced from gix-path's releases.

gix-path v0.10.17

Commit Statistics

• 1 commit contributed to the release.
• 0 commits were understood as conventional.
• 0 issues like '(#ID)' were seen in commit messages

Commit Details

• Uncategorized
  • Bump all prior pratch levels to majors (5f7f805)

gix-path v0.10.16

New Features

• Add &gix_path::RelativePath. It's a utility to assure functions get the right input, i.e. a type-safe version of what previously was &BStr

Commit Statistics

• 12 commits contributed to the release.
• 1 commit was understood as conventional.
• 0 issues like '(#ID)' were seen in commit messages

Commit Details

• Uncategorized
  • Adjusting changelogs prior to release of gix-path v0.10.16, gix-features v0.42.0, gix-hash v0.17.1, gix-object v0.49.0, gix-glob v0.19.1, gix-quote v0.5.1, gix-attributes v0.25.1, gix-command v0.5.1, gix-packetline-blocking v0.18.4, gix-filter v0.19.0, gix-fs v0.14.1, gix-commitgraph v0.27.1, gix-revwalk v0.20.0, gix-traverse v0.46.0, gix-worktree-stream v0.21.0, gix-archive v0.21.0, gix-tempfile v17.0.1, gix-lock v17.0.1, gix-index v0.39.1, gix-config-value v0.14.13, gix-pathspec v0.10.1, gix-ignore v0.14.1, gix-worktree v0.40.1, gix-diff v0.52.0, gix-blame v0.2.0, gix-ref v0.52.0, gix-sec v0.10.13, gix-config v0.45.0, gix-prompt v0.10.1, gix-url v0.30.1, gix-credentials v0.28.1, gix-discover v0.40.0, gix-dir v0.14.0, gix-mailmap v0.27.0, gix-revision v0.34.0, gix-merge v0.5.0, gix-negotiate v0.20.0, gix-pack v0.59.0, gix-odb v0.69.0, gix-refspec v0.30.0, gix-shallow v0.3.1, gix-packetline v0.18.5, gix-transport v0.46.1, gix-protocol v0.50.0, gix-status v0.19.0, gix-submodule v0.19.0, gix-worktree-state v0.18.1, gix v0.72.0, gix-fsck v0.11.0, gitoxide-core v0.47.0, gitoxide v0.43.0, safety bump 7 crates (49fa9f3)
  • Release gix-date v0.10.0, gix-utils v0.2.1, gix-actor v0.35.0, gix-validate v0.9.5, gix-path v0.10.15, gix-features v0.42.0, gix-hash v0.17.1, gix-object v0.49.0, gix-glob v0.19.1, gix-quote v0.5.1, gix-attributes v0.25.0, gix-command v0.5.1, gix-packetline-blocking v0.18.4, gix-filter v0.19.0, gix-fs v0.14.0, gix-commitgraph v0.27.1, gix-revwalk v0.20.0, gix-traverse v0.46.0, gix-worktree-stream v0.21.0, gix-archive v0.21.0, gix-tempfile v17.0.1, gix-lock v17.0.1, gix-index v0.39.0, gix-config-value v0.14.13, gix-pathspec v0.10.1, gix-ignore v0.14.1, gix-worktree v0.40.0, gix-diff v0.52.0, gix-blame v0.2.0, gix-ref v0.51.0, gix-sec v0.10.13, gix-config v0.45.0, gix-prompt v0.10.1, gix-url v0.30.1, gix-credentials v0.28.1, gix-discover v0.40.0, gix-dir v0.14.0, gix-mailmap v0.27.0, gix-revision v0.34.0, gix-merge v0.5.0, gix-negotiate v0.20.0, gix-pack v0.59.0, gix-odb v0.69.0, gix-refspec v0.30.0, gix-shallow v0.3.1, gix-packetline v0.18.5, gix-transport v0.46.0, gix-protocol v0.50.0, gix-status v0.19.0, gix-submodule v0.19.0, gix-worktree-state v0.18.0, gix v0.72.0, gix-fsck v0.11.0, gitoxide-core v0.46.0, gitoxide v0.43.0, safety bump 30 crates (db0b095)
  • Update changelogs prior to release (0bf84db)
  • Merge pull request #1935 from pierrechevalier83/fix_1923 (3b1bef7)
  • J fmt (c3c6504)
  • Merge pull request #1921 from cruessler/introduce-repository-path (fdc06b1)
  • Refactor (294902e)
  • Add &gix_path::RelativePath. (9f8a468)
  • Merge pull request #1949 from GitoxideLabs/dependabot/cargo/cargo-6893e2988a (b5e9059)
  • Adapt gix-path tests to changes in windows (2fc48a1)
  • Bump the cargo group with 21 updates (68e6b2e)
  • Merge pull request #1919 from GitoxideLabs/release (420e730)

Commits

• e104545 Release gix-date v0.10.1, gix-utils v0.3.0, gix-actor v0.35.1, gix-validate v...
• 5f7f805 bump all prior pratch levels to majors
• cc5b696 Release gix-path v0.10.16, gix-features v0.42.0, gix-hash v0.17.1, gix-object...
• 614b389 update more changelogs
• 49fa9f3 Adjusting changelogs prior to release of gix-path v0.10.16, gix-features v0.4...
• db0b095 Release gix-date v0.10.0, gix-utils v0.2.1, gix-actor v0.35.0, gix-validate v...
• 0bf84db update changelogs prior to release
• 3b1bef7 Merge pull request #1935 from pierrechevalier83/fix_1923
• c3c6504 j fmt
• 6f009d7 thanks clippy
• Additional commits viewable in compare view

Updates jiff-static from 0.2.9 to 0.2.10

Changelog

Sourced from jiff-static's changelog.

0.2.10 (2025-04-21)

This release includes a bug fix for parsing Tuesday when using %A via Jiff's strptime APIs. Specifically, it would recognize Tueday instead of Tuesday.

Bug fixes:

• #333: Fix typo in strptime parsing from Tueday to Tuesday.

Commits

• 75ed28e 0.2.10
• ad13537 strtime: fix parsing for Tuesday
• 13bd8ab doc: fix typo
• See full diff in compare view

Updates syn from 2.0.100 to 2.0.101

Release notes

Sourced from syn's releases.

2.0.101

• Improve TypeGenerics::as_turbofish to return longer-lived return value (#1861)

Commits

• 58336a3 Release 2.0.101
• f1612cc Merge pull request #1861 from JakobDegen/turbofish
• d04eea1 Fix lifetime on as_turbofish
• 432b303 Resolve renamed_and_removed_lints warning about match_on_vec_items
• 1353d60 Update test suite to nightly-2025-04-08
• 3980ff2 Improve wording of comment in advance_to implementation
• 8328b52 Update test suite to nightly-2025-04-05
• 1d2e2be Update test suite to nightly-2025-04-03
• 2400946 Update test suite to nightly-2025-04-02
• 114a629 Update test suite to nightly-2025-03-27
• Additional commits viewable in compare view

Updates toml from 0.8.20 to 0.8.21

Commits

• 4021081 chore: Release
• 3312698 chore: Release
• b25da32 docs: Update changelog
• 8844949 docs(write): Update base commit
• 5406815 Merge pull request #875 from epage/w
• c6479a2 refactor(toml): Pull out ValueSerializer for easier comparison
• 8c43cf8 refactor(toml): Remove redundant non_exhaustive
• 268a1f8 Merge pull request #874 from epage/w
• e406f94 refactor(toml): Split ser module
• 4d782f8 refactor(edit): Rely on type alias in ser
• Additional commits viewable in compare view

Updates toml_datetime from 0.6.8 to 0.6.9

Commits

• 4021081 chore: Release
• 3312698 chore: Release
• b25da32 docs: Update changelog
• 8844949 docs(write): Update base commit
• 5406815 Merge pull request #875 from epage/w
• c6479a2 refactor(toml): Pull out ValueSerializer for easier comparison
• 8c43cf8 refactor(toml): Remove redundant non_exhaustive
• 268a1f8 Merge pull request #874 from epage/w
• e406f94 refactor(toml): Split ser module
• 4d782f8 refactor(edit): Rely on type alias in ser
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[EliahKagan]

The "Security audit" failure is due to the usual gix-testtools issue where it uses old versions of gix-* crates. gix-testtools is not one of the crates that was updated recently along with gitoxide 0.43.0 or gitoxide 0.44.0. So these changes do not affect dependencies through gix-testtools, which thus still include a version of gix-features that is affected by RUSTSEC-2025-0021.

However, while that is not a reason to delay merging this, there are two other possible concerns:

• Should this wait until a new version of crates-index that can use gix 0.72.1 is released? Currently, gix 0.71.0 is still in the dependency tree here, because cargo-smart-release depends on crates-index which depends on gix at that version. Due to this, there is more to build with the changes here, and Cargo.lock has significantly more entries.
• I am pretty sure that the changes I made in 698bb7a to adapt this to breaking changes in gix are okay. But I did not follow GitoxideLabs/gitoxide#1921 and GitoxideLabs/gitoxide#1935 closely, and I am not confident that my changes here the most elegant way possible, nor that they are necessarily the preferred approach. So you may want to review that second commit here.

[Byron]

Thanks a lot for inviting me!

I did follow up on your suggestions, and also decided to crack down on gix-testtools, hoping to find better workflows that can assure there is no duplication of dependencies anymore while allowing to have a gix-testtools release to always match the latest gix release.