cargo: bump the cargo-dependencies group with 5 updates

[dependabot]

Bumps the cargo-dependencies group with 5 updates:

Package	From	To
clap	4.5.54	4.5.56
home	0.5.11	0.5.12
assert_cmd	2.1.1	2.1.2
insta	1.44.3	1.46.2
serde_json	1.0.148	1.0.149

Updates clap from 4.5.54 to 4.5.56

Release notes

Sourced from clap's releases.

v4.5.56

[4.5.56] - 2026-01-29

Fixes

• On conflict error, don't show conflicting arguments in the usage

v4.5.55

[4.5.55] - 2026-01-27

Fixes

• Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

Changelog

Sourced from clap's changelog.

[4.5.56] - 2026-01-29

Fixes

• On conflict error, don't show conflicting arguments in the usage

[4.5.55] - 2026-01-27

Fixes

• Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

Commits

• 9cec100 chore: Release
• 00e72e0 docs: Update changelog
• c7848ff Merge pull request #6094 from epage/home
• 60184fb feat(complete): Expand ~ in native completions
• 09969d3 chore(deps): Update Rust Stable to v1.89 (#6093)
• 520beb5 chore: Release
• 2bd8ab3 docs: Update changelog
• 220875b Merge pull request #6091 from epage/possible
• e5eb6c9 fix(help): Integrate 'Possible Values:' into 'Arg::help'
• 594a771 refactor(help): Make empty tracking more consistent
• Additional commits viewable in compare view

Updates home from 0.5.11 to 0.5.12

Commits

• 4f15cc8 Make shell completion variables private. (#16144)
• f71caeb More warning conversions (#16143)
• fcd0c86 Make shell completion variables private.
• 1f9d059 Convert RUST_FLAGS and RUSTDOC_FLAGS warnings
• 5e6929f Convert cargo tree warning
• 36bf7f6 Add a test for the cargo tree --all warning.
• b118df4 Bump openssl-src to 300.3.5.4+3.5.4 (#16140)
• 85a3813 Bump openssl-src to 300.3.5.4+3.5.4
• 211aad4 build: remove duplicate dependency, consolidate over unicode-ident (#16137)
• 391c970 Bump unicode-ident to 1.0.20
• Additional commits viewable in compare view

Updates assert_cmd from 2.1.1 to 2.1.2

Changelog

Sourced from assert_cmd's changelog.

[2.1.2] - 2026-01-09

Fixes

• Add #[must_use] to help catch missing assertions

Commits

• edda0b2 chore: Release assert_cmd version 2.1.2
• 891d412 docs: Update changelog
• e39dc36 Merge pull request #267 from epage/must
• d947cb0 fix: Add must_use before assertions are applied
• 7b8fd99 Merge pull request #264 from kemingy/doc_macro_semicolon
• 79f8e57 docs: add the missing semicolon for macro
• 6289384 chore(deps): Update Rust Stable to v1.92 (#262)
• 7b353d8 Merge pull request #260 from assert-rs/renovate/actions-checkout-6.x
• 48cda51 chore(deps): Update actions/checkout action to v6
• ee88946 docs: Clarify cargo_bin_cmd
• Additional commits viewable in compare view

Updates insta from 1.44.3 to 1.46.2

Release notes

Sourced from insta's releases.

1.46.2

Release Notes

• Fix inline snapshot corruption with carriage returns. The leading_space() function incorrectly treated \r as indentation, causing carriage returns to be stripped from snapshot content. #866
• Remove < 0.4.17 upper bound on globset dependency. #864

Install cargo-insta 1.46.2

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.46.2/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.46.2/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.46.2

File	Platform	Checksum
cargo-insta-aarch64-apple-darwin.tar.xz	Apple Silicon macOS	checksum
cargo-insta-x86_64-apple-darwin.tar.xz	Intel macOS	checksum
cargo-insta-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
cargo-insta-x86_64-unknown-linux-gnu.tar.xz	x64 Linux	checksum
cargo-insta-x86_64-unknown-linux-musl.tar.xz	x64 MUSL Linux	checksum

1.46.1

Release Notes

• Fix inline snapshot corruption when multiple snapshots appear inside with_settings! macro. #858

Install cargo-insta 1.46.1

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.46.1/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.46.1/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.46.1

... (truncated)

Changelog

Sourced from insta's changelog.

1.46.2

• Fix inline snapshot corruption with carriage returns. The leading_space() function incorrectly treated \r as indentation, causing carriage returns to be stripped from snapshot content. #866
• Remove < 0.4.17 upper bound on globset dependency. #864

1.46.1

• Fix inline snapshot corruption when multiple snapshots appear inside with_settings! macro. #858

1.46.0

• Add INSTA_PENDING_DIR environment variable for Bazel and other hermetic build systems. When set, pending snapshots are written to a separate directory while keeping the source tree read-only. We are very open to feedback on this feature. #852
• Fix documentation for test.runner_fallback config key. #853

1.45.1

• Fix backward compatibility with TOML format produced by insta < 1.45.0. #849 (@​chitoku-k)

1.45.0

• Add external diff tool support via INSTA_DIFF_TOOL environment variable. When set, insta uses the specified tool (e.g., delta, difftastic) to display snapshot diffs instead of the built-in diff. The tool is invoked as <tool> <old_file> <new_file>. #844
• Add test.disable_nextest_doctest config option to insta.yaml, allowing users to silence the nextest doctest warning via config instead of passing --dnd every time. #842
• Skip non-insta snapshot files in unreferenced detection. Projects using both insta and other snapshot tools (like vitest or jest) can now use --unreferenced=reject without false positives on .snap files from other tools. #846
• Collect warnings from tests for display after run. Ensures deprecation warnings are visible even when nextest suppresses stdout/stderr from passing tests. #840
• Update TOML serialization to be up-to-date and backwards-compatible. #834 (@​spoutn1k)
• Support clippy::needless_raw_strings lint by only using raw strings when content contains backslashes or quotes. #828

Commits

• 2ab00cc Release 1.46.2 (#867)
• 97c6f57 Fix inline snapshot corruption with carriage returns (#866)
• 2a9f7ad Remove globset version cap (#864)
• 8a5b775 Release 1.46.1 (#859)
• 822f404 Fix inline snapshot corruption with multiple snapshots in with_settings! (#858)
• 7d27e3a Release 1.46.0 (#855)
• 3aa59d6 Add INSTA_PENDING_DIR environment variable for hermetic builds (#852)
• fd40cf7 Fix docs for test.runner_fallback config key (#853)
• ac191ba Add test for multiline snapshots without special characters (#848)
• 55f6999 Release 1.45.1 (#850)
• Additional commits viewable in compare view

Updates serde_json from 1.0.148 to 1.0.149

Release notes

Sourced from serde_json's releases.

v1.0.149

• Align arbitrary_precision number strings with zmij's formatting (#1306, thanks @​b41sh)

Commits

• 4f6dbfa Release 1.0.149
• f3df680 Touch up PR 1306
• e16730f Merge pull request #1306 from b41sh/fix-float-number-display
• eeb2bcd Align arbitrary_precision number strings with zmij’s formatting
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.