Bump the minor group across 1 directory with 7 updates

[dependabot]

Bumps the minor group with 7 updates in the / directory:

Package	From	To
bigdecimal	0.4.8	0.4.9
clap	4.5.48	4.5.50
getrandom	0.3.3	0.3.4
reqwest	0.12.23	0.12.24
serde	1.0.226	1.0.228
thiserror	2.0.16	2.0.17
tokio	1.47.1	1.48.0

Updates bigdecimal from 0.4.8 to 0.4.9

Release notes

Sourced from bigdecimal's releases.

v0.4.9

Changes

• Add methods BigDecimal::{powi, powi_with_context} for raising a decimal to a i64 power

  • the powi uses Default Context

• Add methods BigDecimal::mul_with_context for efficient multiplication to fixed precision

  • uses precision and rounding-mode in the Context

• Add method BigDecimal::decimal_digit_count, returning number of decimal digits (i.e. precision) of the number

• Add method BigDecimal::order_of_magnitude, returning position of most significant digit of this decimal

• Add method BigDecimal::is_one_quickcheck, returning Option<bool> indicating if the value is 1.0 if it can be calculated without allocating, or None if too large

  • Replaced is_one in multiplication methods when used for optimizations
    • Should test if that actually speeds it up
  • Eg value 1.00000000000000000000000000000000000000000 is stored internally as [4870020673419870208, 16114848830623546549, 293] E -41 and it's hard to tell this is equivalent to 1

• Add optimizations to inverse

  • small powers of ten will simply flip their scale 1/10e-5 -> 10e5
  • convert to f64 to make initial guess when before iterative algorithm

• Add Context::invert(&self, BigDecimalRef), equivalent to BigDecimal::inverse_with_context(&self, &ctx)

  • Still has a bug where rounding ignores sign, affecting floor/ceiling modes

Commits

• 51a1fba v0.4.9
• deff059 Version 0.4.9
• bdab3a7 Remove blanket allow(dead_code)
• f2cf07d Merge implementation of powi into trunk
• 9694c91 Add more pow test cases
• a69eabe Clear tmp vector after use in DigitVec::from_biguint_using_tmp
• a1237bd Invert before calling pow_u64
• 372c094 Add new_truncating constructor for Context
• f9e8435 Split BigDecimalRef conversions into separate function for multiply_decimal_w...
• 555c6f3 Add function get_power_of_ten_u64 to arithmetic::decimal
• Additional commits viewable in compare view

Updates clap from 4.5.48 to 4.5.50

Release notes

Sourced from clap's releases.

v4.5.50

[4.5.50] - 2025-10-20

Features

• Accept Cow where String and &str are accepted

Changelog

Sourced from clap's changelog.

[4.5.50] - 2025-10-20

Features

• Accept Cow where String and &str are accepted

[4.5.49] - 2025-10-13

Fixes

• (help) Correctly wrap when ANSI escape codes are present

Commits

• d8acd47 chore: Release
• 7c2b8d9 docs: Update changelog
• e69a2ea Merge pull request #5987 from mernen/fix-bash-comp-words-loop
• e03cc2e Merge pull request #5988 from cordx56/fix-builder-custom-version-docs
• 5ab2579 fix: Minor fix for builder docs about version
• 2f66432 fix(complete): Only parse arguments before current
• 4d9d210 test(complete): Illustrate current behavior in Bash
• 6abe2f8 chore: Release
• d5c7454 docs: Update changelog
• 5b2e960 Merge pull request #5985 from mernen/bash-cur
• Additional commits viewable in compare view

Updates getrandom from 0.3.3 to 0.3.4

Release notes

Sourced from getrandom's releases.

getrandom v0.3.4

Major change to wasm_js backend

Now, when the wasm_js feature is enabled, the wasm_js backend will be used by default. Users of wasm32-unknown-unknown targeting JavaScript environments like the Web and Node.js will no longer need to specify:

--cfg getrandom_backend="wasm_js"

in RUSTFLAGS for the crate to compile. They can now simple enable a feature.

Note: this should not affect non-JS users of the wasm32-unknown-unknown target. Using --cfg getrandom_backend will still override the source of randomness even if the wasm_js feature is enabled. This includes --cfg getrandom_backend=custom and --cfg getrandom_backend=unsupported.

For more information, see the discussions in #671, #675, and #730.

Added

• unsupported opt-in backend #667
• windows_legacy opt-in backend #724

Changed

• Implement Memory Sanitizer unpoisoning more precisely #678
• Relax MSRV for the linux_raw opt-in backend on ARM targets #688
• Use getrandom syscall on all RISC-V Linux targets #699
• Replaced wasi dependency with wasip2 #721
• Enable wasm_js backend by default if the wasm_js feature is enabled #730

Removed

• Unstable rustc-dep-of-std crate feature #694

#667: rust-random/getrandom#667 #671: rust-random/getrandom#671 #675: rust-random/getrandom#675 #678: rust-random/getrandom#678 #688: rust-random/getrandom#688 #694: rust-random/getrandom#694 #699: rust-random/getrandom#699 #721: rust-random/getrandom#721 #724: rust-random/getrandom#724 #730: rust-random/getrandom#730

Changelog

Sourced from getrandom's changelog.

[0.3.4] - 2025-10-14

Major change to wasm_js backend

Now, when the wasm_js feature is enabled, the wasm_js backend will be used by default. Users of wasm32-unknown-unknown targeting JavaScript environments like the Web and Node.js will no longer need to specify:

--cfg getrandom_backend="wasm_js"

in RUSTFLAGS for the crate to compile. They can now simple enable a feature.

Note: this should not affect non-JS users of the wasm32-unknown-unknown target. Using --cfg getrandom_backend will still override the source of randomness even if the wasm_js feature is enabled. This includes --cfg getrandom_backend=custom and --cfg getrandom_backend=unsupported.

For more information, see the discussions in #671, #675, and #730.

Added

• unsupported opt-in backend #667
• windows_legacy opt-in backend #724

Changed

• Implement Memory Sanitizer unpoisoning more precisely #678
• Relax MSRV for the linux_raw opt-in backend on ARM targets #688
• Use getrandom syscall on all RISC-V Linux targets #699
• Replaced wasi dependency with wasip2 #721
• Enable wasm_js backend by default if the wasm_js feature is enabled #730

Removed

• Unstable rustc-dep-of-std crate feature #694

#667: rust-random/getrandom#667 #671: rust-random/getrandom#671 #675: rust-random/getrandom#675 #678: rust-random/getrandom#678 #688: rust-random/getrandom#688 #694: rust-random/getrandom#694 #699: rust-random/getrandom#699 #721: rust-random/getrandom#721 #724: rust-random/getrandom#724 #730: rust-random/getrandom#730

Commits

• 38e4ad3 Update version number to v0.3.4 (#736)
• 2d033b7 Release Version v0.3.4 (#735)
• ccb0ca9 build(deps): bump the all-deps group across 1 directory with 5 updates (#734)
• 1af2510 Implement #675: let wasm_js enable the backend by default (#730)
• 18d8984 Don't run doctests with -Zsanitizer=memory
• c904801 Change removed doc_auto_cfg feature
• d4cb6a2 Update all nightly toolchains to latest nightly
• 9b78fcc Update Cargo.lock (#731)
• b6ac385 ci: re-enable NetBSD job (#729)
• 3983e0f Add windows_legacy opt-in backend (#724)
• Additional commits viewable in compare view

Updates reqwest from 0.12.23 to 0.12.24

Release notes

Sourced from reqwest's releases.

v0.12.24

Highlights

• Refactor cookie handling to an internal middleware.
• Refactor internal random generator.
• Refactor base64 encoding to reduce a copy.
• Documentation updates.

What's Changed

• build(deps): silence unused deps in WASM build by @​0x676e67 in seanmonstar/reqwest#2799
• perf(util): avoid extra copy when base64 encoding by @​0x676e67 in seanmonstar/reqwest#2805
• docs: fix method name in changelog entry by @​johannespfrang in seanmonstar/reqwest#2807
• chore: Align the name usage of TotalTimeout by @​Xuanwo in seanmonstar/reqwest#2657
• refactor(cookie): add CookieService by @​linyihai in seanmonstar/reqwest#2787
• Fixes typo in retry max_retries_per_request doc comment re 2813 by @​dmackinn in seanmonstar/reqwest#2824
• test(multipart): fix build failure with no-default-features by @​0x676e67 in seanmonstar/reqwest#2801
• refactor(cookie): avoid duplicate cookie insertion by @​0x676e67 in seanmonstar/reqwest#2834

New Contributors

• @​johannespfrang made their first contribution in seanmonstar/reqwest#2807
• @​dmackinn made their first contribution in seanmonstar/reqwest#2824

Full Changelog: seanmonstar/reqwest@v0.12.23...v0.12.24

Changelog

Sourced from reqwest's changelog.

v0.12.24

• Refactor cookie handling to an internal middleware.
• Refactor internal random generator.
• Refactor base64 encoding to reduce a copy.
• Documentation updates.

Commits

• b126ca4 v0.12.24
• 4023493 refactor: change fast_random from xorshift to siphash a counter
• fd61bc9 refactor(cookie): avoid duplicate cookie insertion (#2834)
• 0bfa526 test(multipart): fix build failure with no-default-features (#2801)
• 994b8a0 docs: typo in retry max_retries_per_request (#2824)
• da0702b refactor(cookie): de-duplicate cookie support as CookieService middleware (...
• 7ebddea chore: align internal name usage of TotalTimeout (#2657)
• b540a4e chore(readme): use correct CI status badge
• e4550c4 docs: fix method name in changelog entry (#2807)
• f4694a2 perf(util): avoid extra copy when base64 encoding (#2805)
• Additional commits viewable in compare view

Updates serde from 1.0.226 to 1.0.228

Release notes

Sourced from serde's releases.

v1.0.228

• Allow building documentation with RUSTDOCFLAGS='--cfg=docsrs' set for the whole dependency graph (#2995)

v1.0.227

• Documentation improvements (#2991)

Commits

• a866b33 Release 1.0.228
• 5adc9e8 Merge pull request #2995 from dtolnay/rustdocflags
• ab58178 Workaround for RUSTDOCFLAGS='--cfg=docsrs'
• 415d9fc Release 1.0.227
• 7c58427 Merge pull request #2991 from dtolnay/inlinecoredoc
• 9d3410e Merge pull request #2992 from dtolnay/inplaceseed
• 2fb6748 Remove InPlaceSeed public re-export
• f8137c7 Inline serde_core into serde in docsrs mode
• b7dbf7e Merge pull request #2990 from dtolnay/integer128
• 7c83691 No longer macro_use integer128 module
• Additional commits viewable in compare view

Updates thiserror from 2.0.16 to 2.0.17

Release notes

Sourced from thiserror's releases.

2.0.17

• Use differently named __private module per patch release (#434)

Commits

• 72ae716 Release 2.0.17
• 599fdce Merge pull request #434 from dtolnay/private
• 9ec05f6 Use differently named __private module per patch release
• d2c492b Raise minimum tested compiler to rust 1.76
• fc3ab95 Opt in to generate-macro-expansion when building on docs.rs
• 819fe29 Update ui test suite to nightly-2025-09-12
• 259f48c Enforce trybuild >= 1.0.108
• 470e6a6 Update ui test suite to nightly-2025-08-24
• 544e191 Update actions/checkout@v4 -> v5
• cbc1eba Delete duplicate cap-lints flag from build script
• See full diff in compare view

Updates tokio from 1.47.1 to 1.48.0

Release notes

Sourced from tokio's releases.

Tokio v1.48.0

1.48.0 (October 14th, 2025)

The MSRV is increased to 1.71.

Added

• fs: add File::max_buf_size (#7594)
• io: export Chain of AsyncReadExt::chain (#7599)
• net: add SocketAddr::as_abstract_name (#7491)
• net: add TcpStream::quickack and TcpStream::set_quickack (#7490)
• net: implement AsRef<Self> for TcpStream and UnixStream (#7573)
• task: add LocalKey::try_get (#7666)
• task: implement Ord for task::Id (#7530)

Changed

• deps: bump windows-sys to version 0.61 (#7645)
• fs: preserve max_buf_size when cloning a File (#7593)
• macros: suppress clippy::unwrap_in_result in #[tokio::main] (#7651)
• net: remove PollEvented noise from Debug formats (#7675)
• process: upgrade Command::spawn_with to use FnOnce (#7511)
• sync: remove inner mutex in SetOnce (#7554)
• sync: use UnsafeCell::get_mut in Mutex::get_mut and RwLock::get_mut (#7569)
• time: reduce the generated code size of Timeout<T>::poll (#7535)

Fixed

• macros: fix hygiene issue in join! and try_join! (#7638)
• net: fix copy/paste errors in udp peek methods (#7604)
• process: fix error when runtime is shut down on nightly-2025-10-12 (#7672)
• runtime: use release ordering in wake_by_ref() even if already woken (#7622)
• sync: close the broadcast::Sender in broadcast::Sender::new() (#7629)
• sync: fix implementation of unused RwLock::try_* methods (#7587)

Unstable

• tokio: use cargo features instead of --cfg flags for taskdump and io_uring (#7655, #7621)
• fs: support io_uring in fs::write (#7567)
• fs: support io_uring with File::open() (#7617)
• fs: support io_uring with OpenOptions (#7321)
• macros: add local runtime flavor (#7375, #7597)

Documented

• io: clarify the zero capacity case of AsyncRead::poll_read (#7580)
• io: fix typos in the docs of AsyncFd readiness guards (#7583)
• net: clarify socket gets closed on drop (#7526)
• net: clarify the behavior of UCred::pid() on Cygwin (#7611)
• net: clarify the supported platform of set_reuseport() and reuseport() (#7628)

... (truncated)

Commits

• 556820f chore: prepare Tokio v1.48.0 (#7677)
• fd1659a chore: prepare tokio-macros v2.6.0 (#7676)
• 53e8aca ci: update nightly version to 2025-10-12 (#7670)
• 9e5527d process: fix error when runtime is shut down on nightly-2025-10-12 (#7672)
• 25a24de net: remove PollEvented noise from Debug formats (#7675)
• c1fa25f task: clarify the behavior of several spawn_local methods (#7669)
• e7e02fc fs: use FileOptions inside fs::File to support uring (#7617)
• f7a7f62 ci: remove cargo-deny Unicode-DFS-2016 license exception config (#7619)
• d1f1499 tokio: use cargo feature for taskdump support instead of cfg (#7655)
• ad6f618 runtime: clarify the behavior of Handle::block_on (#7665)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.