deps(rust): bump the rust-dependencies group with 21 updates

[dependabot]

Updates the requirements on pyo3, lopdf, pulldown-cmark, scraper, tantivy, reqwest, thiserror, rusqlite, config, jsonschema, notify, indicatif, directories, dirs, tokenizers, ndarray, wasmtime, sysinfo, petgraph, md5 and criterion to permit the latest version.
Updates pyo3 to 0.27.2

Release notes

Sourced from pyo3's releases.

PyO3 0.27.2

This patch contains very minor fixes for the PyO3 0.27 series:

• Workaround a rustc 1.92+ crash compiling PyO3 with both debug assertions and optimizations enabled.
• Fix runtime crash when subclassing dicts on PyPy and GraalPy.

There are also a number of documentation improvements applied across the codebase.

Thank you to the following contributors for the improvements:

@​davidhewitt @​dependabot[bot] @​MusicalNinjaDad @​pkalivas @​tpoliaw @​Tpt

Changelog

Sourced from pyo3's changelog.

[0.27.2] - 2025-11-30

Changed

• Disable subclassing PyDict on GraalPy (unsupported for now, may crash at runtime). #5653

Fixed

• Fix crash when compiling on Rust 1.92+ with both debug assertions and optimizations enabled. #5638
• Fix FFI definition of PyDictObject on PyPy. #5653

[0.27.1] - 2025-10-21

Fixed

• Fix clippy:declare_interior_mutable_const warning from #[pyfunction]. #5538
• Expose pyo3::types::PySendResult in public API. #5539

[0.27.0] - 2025-10-19

Packaging

• Extend range of supported versions of hashbrown optional dependency to include version 0.16. #5428
• Bump optional num-bigint dependency minimum version to 0.4.4. #5471
• Test against Python 3.14 final release. #5499
• Drop support for PyPy 3.9 and 3.10. #5516
• Provide a better error message when building an outdated PyO3 for a too-new Python version. #5519

Added

• Add FromPyObjectOwned as convenient trait bound for FromPyObject when the data is not borrowed from Python. #4390
• Add Borrowed::extract, same as PyAnyMethods::extract, but does not restrict the lifetime by deref. #4390
• experimental-inspect: basic support for #[derive(IntoPyObject)] (no struct fields support yet). #5365
• experimental-inspect: support #[pyo3(get, set)] and #[pyclass(get_all, set_all)]. #5370
• Add PyTypeCheck::classinfo_object that returns an object that can be used as parameter in isinstance or issubclass. #5387
• Implement PyTypeInfo on datetime.* types even when the limited API is enabled. #5388
• Implement PyTypeInfo on PyIterator, PyMapping and PySequence. #5402
• Implement PyTypeInfo on PyCode when using the stable ABI. #5403
• Implement PyTypeInfo on PyWeakrefReference when using the stable ABI. #5404
• Add pyo3::sync::RwLockExt trait, analogous to pyo3::sync::MutexExt for readwrite locks. #5435
• Add PyString::from_bytes. #5437
• Implement AsRef<[u8]> for PyBytes. #5445
• Add CastError and CastIntoError. #5468
• Add PyCapsuleMethods::pointer_checked and PyCapsuleMethods::is_valid_checked. #5474
• Add Borrowed::cast, Borrowed::cast_exact and Borrowed::cast_unchecked. #5475
• Add conversions for jiff::civil::ISOWeekDate. #5478
• Add conversions for &Cstr, Cstring and Cow<Cstr>. #5482
• add #[pyclass(skip_from_py_object)] option, to opt-out of the FromPyObject: PyClass + Clone blanket impl. #5488
• Add PyErr::add_note. #5489
• Add FromPyObject impl for Cow<Path> & Cow<OsStr>. #5497

... (truncated)

Commits

• 117102d release: 0.27.2
• 2b1d6c5 fix FFI definition of PyDictObject on PyPy (#5653)
• 032d4d3 ci: add lychee cache (#5616)
• b4f78c0 fix rumdl formatting
• 0497d48 ci: remove old netlify build files (#5631)
• f3d6e05 Avoid introducing generic parameter with implied bounds from an associated ty...
• c8e6597 ci: pin mdbook to 0.4 for now, properly install mdbook-tabs (#5632)
• 30cca7e build(deps): bump actions/checkout from 5.0.0 to 5.0.1 (#5629)
• bb7bb94 Update PyIterator::send docs to match behaviour (#5593)
• 1acadc5 Add radiate to README examples section (#5561)
• Additional commits viewable in compare view

Updates lopdf to 0.38.0

Changelog

Sourced from lopdf's changelog.

v0.38.0 (2025-08-26)

Add

• Add enhanced PDF decryption support for encrypted documents with empty passwords
• Add automatic decryption during document loading for better pdftk compatibility
• Add raw object extraction before parsing to handle encrypted content
• Add support for decrypting PDFs with compressed object streams
• Add comprehensive test suite for PDF decryption functionality
• Add assets/encrypted.pdf test file for decryption testing
• Add examples demonstrating decryption capabilities (test_decryption.rs, verify_decryption.rs)

Enhance

• Enhance Reader::read() to detect and handle encrypted PDFs automatically
• Enhance document loading to attempt empty password authentication by default
• Enhance object processing to decrypt objects after parsing
• Enhance support for encrypted PDFs containing object streams

Fix

• Fix encrypted object parsing by extracting raw bytes before decryption
• Fix object stream handling in encrypted documents
• Fix decryption workflow to match pdftk's approach

Implementation Details

• Modified src/reader.rs to add load_encrypted_document() method
• Added extract_raw_object() method for raw byte extraction
• Added parse_raw_object() method for parsing extracted bytes
• Store raw object bytes in Reader::raw_objects field for deferred decryption
• Process compressed objects from object streams after decryption

v0.37.0 (2025-08-08)

Add

• Add complete PDF object streams write support enabling 11-61% file size reduction (#XXX)
• Add save_modern() method for easy object streams and cross-reference streams usage
• Add SaveOptions struct with builder pattern for configuring compression settings
• Add ObjectStreamBuilder for creating object streams programmatically
• Add cross-reference stream support for PDF 1.5+ compliance
• Add replace_partial_text() function for partial text replacement in PDFs
• Add comprehensive test suite with 50+ tests for object streams functionality
• Add object streams write capability (previously read-only)
• Add implementation documentation in OBJECT_STREAMS_IMPLEMENTATION.md

Fix

... (truncated)

Commits

• See full diff in compare view

Updates pulldown-cmark to 0.13.0

Release notes

Sourced from pulldown-cmark's releases.

v0.13.0

Breaking Changes

• super and sub script support by @​jim-taylor-business in pulldown-cmark/pulldown-cmark#966
• Implement extension WikiLinks; Options::ENABLE_WIKILINKS by @​frostu8 in pulldown-cmark/pulldown-cmark#991

New Features

• feat: add -D CLI option to enable definition lists by @​ytmimi in pulldown-cmark/pulldown-cmark#972

Bug Fixes and Code Enhancements

• Safer definition lists implementation by @​mondeja in pulldown-cmark/pulldown-cmark#974
• Factor duplicate code out of parsers by @​notriddle in pulldown-cmark/pulldown-cmark#976
• Stop using string slicing for math where bytes will do by @​notriddle in pulldown-cmark/pulldown-cmark#977
• Make indent calc for definition lists match commonmark-hs closer by @​notriddle in pulldown-cmark/pulldown-cmark#978
• Ensure "parse" fuzz target covers all options by @​ollpu in pulldown-cmark/pulldown-cmark#980
• Change subscript CLI flag to -B by @​ollpu in pulldown-cmark/pulldown-cmark#993
• Fix OOB access due to erroneous shift in process_mask by @​ollpu in pulldown-cmark/pulldown-cmark#990
• Use slice patterns for unescape by @​notriddle in pulldown-cmark/pulldown-cmark#996
• Use slice patterns for scan_eol by @​notriddle in pulldown-cmark/pulldown-cmark#998
• Stop using scan_ch when get will do by @​notriddle in pulldown-cmark/pulldown-cmark#1003
• Fix panic when symbols are present in wikilink before pipe by @​frostu8 in pulldown-cmark/pulldown-cmark#1004
• Added a WASM build step to github actions #1005 by @​rimutaka in pulldown-cmark/pulldown-cmark#1006
• Use an explicit node for tight paragraphs by @​notriddle in pulldown-cmark/pulldown-cmark#1015
• Fix tasklist parsing bugs by @​notriddle in pulldown-cmark/pulldown-cmark#1017
• Prevent definition list defs from interrupting non-paragraphs by @​notriddle in pulldown-cmark/pulldown-cmark#1018

Docs

• Add basic skeleton for developer docs by @​systemsoverload in pulldown-cmark/pulldown-cmark#988
• docs: Added a doc-comment for ENABLE_SMART_PUNCTUATION option. by @​rimutaka in pulldown-cmark/pulldown-cmark#1007
• Document more Events and Tags by @​ModProg in pulldown-cmark/pulldown-cmark#1010

New Contributors

• @​ytmimi made their first contribution in pulldown-cmark/pulldown-cmark#972
• @​mondeja made their first contribution in pulldown-cmark/pulldown-cmark#974
• @​jim-taylor-business made their first contribution in pulldown-cmark/pulldown-cmark#966
• @​systemsoverload made their first contribution in pulldown-cmark/pulldown-cmark#988
• @​frostu8 made their first contribution in pulldown-cmark/pulldown-cmark#991
• @​rimutaka made their first contribution in pulldown-cmark/pulldown-cmark#1006
• @​ModProg made their first contribution in pulldown-cmark/pulldown-cmark#1010

Full Changelog: pulldown-cmark/pulldown-cmark@v0.12.2...v0.13.0

Commits

• f17d98a chore: bump version to 0.13.0
• 47f60de chore: cargo update and bump version to 0.12.3
• e42259f Merge pull request #1018 from notriddle/deflist-lazy
• 052c635 Merge pull request #1017 from notriddle/master
• 0ede612 Prevent definition list defs from interrupting non-paragraphs
• 2c16b4e Fix tasklist parsing bugs
• c59ff54 Merge pull request #1015 from notriddle/tight-paragraph
• 4409722 Use an explicit node for tight paragraphs
• 4564d43 Merge pull request #1010 from ModProg/document-events
• 62cae02 fix metadatablock doc comment
• Additional commits viewable in compare view

Updates scraper to 0.25.0

Release notes

Sourced from scraper's releases.

v0.25.0

What's Changed

• chore(Cargo.toml): bump servo to 0.36.0 by @​Jan9103 in rust-scraper/scraper#280
• Add version flag in executable by @​kachick in rust-scraper/scraper#282
• Avoid panic for unknown flags and invalid selectors when using executable by @​kachick in rust-scraper/scraper#283
• Update repo URL by @​atouchet in rust-scraper/scraper#286
• Added cargo deny to test github action by @​haydonryan in rust-scraper/scraper#287

New Contributors

• @​Jan9103 made their first contribution in rust-scraper/scraper#280
• @​kachick made their first contribution in rust-scraper/scraper#282
• @​atouchet made their first contribution in rust-scraper/scraper#286
• @​haydonryan made their first contribution in rust-scraper/scraper#287

Full Changelog: rust-scraper/scraper@v0.24.0...v0.25.0

Commits

• 4cb7107 Version 0.25.0
• 382c092 Add cargo deny to test github action (#287)
• 29b3d8f Update repo URL (#286)
• 943ee24 Bump indexmap from 2.12.0 to 2.12.1
• 4848e3c Avoid panic for missing or invalid selectors
• 75b88da Avoid panic for unknown flags
• 85e6967 Add version flag in executable
• 381a4bd chore(Cargo.toml): bump servo to 0.36.0
• 3fca4f1 Merge pull request #278 from rust-scraper/dependabot/cargo/indexmap-2.12.0
• 8e56e7e Bump indexmap from 2.11.4 to 2.12.0
• Additional commits viewable in compare view

Updates tantivy to 0.25.0

Release notes

Sourced from tantivy's releases.

Tantivy v0.25

What's Changed

• update edition to 2024 by @​PSeitz in quickwit-oss/tantivy#2620
• make zstd optional in sstable by @​Parth in quickwit-oss/tantivy#2633
• release tantivy: bump versions by @​PSeitz in quickwit-oss/tantivy#2625
• Fix a typo for the comments of search_with_executor() by @​xingtanzjr in quickwit-oss/tantivy#2653
• Add string fast field support to TopDocs. by @​stuhood in quickwit-oss/tantivy#2642
• update CHANGELOG by @​PSeitz in quickwit-oss/tantivy#2621
• fix import in test by @​PSeitz-dd in quickwit-oss/tantivy#2657
• add docs/example and Vec values to sstable by @​PSeitz in quickwit-oss/tantivy#2660
• fix union performance regression in tantivy 0.24 by @​PSeitz-dd in quickwit-oss/tantivy#2663
• clippy by @​PSeitz in quickwit-oss/tantivy#2661
• chore: Update ParadeDB logo by @​philippemnoel in quickwit-oss/tantivy#2669
• docs: fix a typo in basic example by @​DaleSeo in quickwit-oss/tantivy#2668
• update CHANGELOG by @​Parth in quickwit-oss/tantivy#2670
• Fixed typo in documentation by @​MassimilianoBaglioni in quickwit-oss/tantivy#2629
• #2635 Update fs4 to latest (0.13.1) by @​1Cor125 in quickwit-oss/tantivy#2654
• Fix TopNComputer for reverse order by @​PSeitz in quickwit-oss/tantivy#2672
• ignore failure to parse query when other default field suceeded by @​trinity-1686a in quickwit-oss/tantivy#2676
• fix field_names in top_hits aggregation by @​PSeitz-dd in quickwit-oss/tantivy#2675
• Fix TopDocs::order_by_string_fast_field for duplicates by @​stuhood in quickwit-oss/tantivy#2673
• feat: Support spaces between field name and value by @​Darkheir in quickwit-oss/tantivy#2678
• test stable ordering with pagination by @​PSeitz-dd in quickwit-oss/tantivy#2683
• per field size details by @​fulmicoton in quickwit-oss/tantivy#2679
• convert benches to binggan by @​PSeitz-dd in quickwit-oss/tantivy#2684
• prepare release: update Changelog by @​PSeitz-dd in quickwit-oss/tantivy#2685

New Contributors

• @​Parth made their first contribution in quickwit-oss/tantivy#2633
• @​xingtanzjr made their first contribution in quickwit-oss/tantivy#2653
• @​stuhood made their first contribution in quickwit-oss/tantivy#2642
• @​PSeitz-dd made their first contribution in quickwit-oss/tantivy#2657
• @​DaleSeo made their first contribution in quickwit-oss/tantivy#2668
• @​MassimilianoBaglioni made their first contribution in quickwit-oss/tantivy#2629
• @​1Cor125 made their first contribution in quickwit-oss/tantivy#2654
• @​Darkheir made their first contribution in quickwit-oss/tantivy#2678

Full Changelog: quickwit-oss/tantivy@0.24...0.25.0

Changelog

Sourced from tantivy's changelog.

Tantivy 0.25

Bugfixes

• fix union performance regression in tantivy 0.24 #2663(@​PSeitz)
• make zstd optional in sstable #2633(@​Parth)
• Fix TopDocs::order_by_string_fast_field for asc order #2672(@​stuhood @​PSeitz)

Features/Improvements

• add docs/example and Vec values to sstable #2660(@​PSeitz)
• Add string fast field support to TopDocs. #2642(@​stuhood)
• update edition to 2024 #2620(@​PSeitz)
• Allow optional spaces between the field name and the value in the query parser #2678(@​Darkheir)
• Support mixed field types in query parser #2676(@​trinity-1686a)
• Add per-field size details #2679(@​fulmicoton)

Tantivy 0.24.2

• Fix TopNComputer for reverse order. #2672(@​stuhood @​PSeitz)

Affected queries are order_by_fast_field and order_by_u64_field for Order::Asc

Tantivy 0.24.1

• Fix: bump required rust version to 1.81

Tantivy 0.24

Tantivy 0.24 will be backwards compatible with indices created with v0.22 and v0.21. The new minimum rust version will be 1.75. Tantivy 0.23 will be skipped.

Bugfixes

• fix potential endless loop in merge #2457(@​PSeitz)
• fix bug that causes out-of-order sstable key. #2445(@​fulmicoton)
• fix ReferenceValue API flaw #2372(@​PSeitz)
• fix OwnedBytes debug panic #2512(@​b41sh)
• catch panics during merges #2582(@​rdettai)
• switch from u32 to usize in bitpacker. This enables multivalued columns larger than 4GB, which crashed during merge before. #2581 #2586(@​fulmicoton-dd @​PSeitz)

Breaking API Changes

• remove index sorting #2434(@​PSeitz)

Features/Improvements

• Aggregation
  • Support for cardinality aggregation #2337 #2446 (@​raphaelcoeffic @​PSeitz)
  • Support for extended stats aggregation #2247(@​giovannicuccu)
  • Add Key::I64 and Key::U64 variants in aggregation to avoid f64 precision issues #2468(@​PSeitz)
  • Faster term aggregation fetch terms #2447(@​PSeitz)
  • Improve custom order deserialization #2451(@​PSeitz)

... (truncated)

Commits

• b4139bc chore: Release
• 8676a1f prepare release: update Changelog (#2685)
• 021ff2a move bench to binggan (#2684)
• 39e0276 per field size details (#2679)
• a1d65c3 test stable ordering with pagination (#2683)
• 2e4615c Merge pull request #2678 from Darkheir/feat/query_grammar_space_between_field...
• 610091e feat: Applies PR review suggestion
• c301e7b Merge pull request #2673 from paradedb/stuhood.fix-order-by-dup-string
• d9eb093 Attempt to clarify sorted_ords_to_term_cb.
• d4b0901 feat: Support spaces between field name and value
• Additional commits viewable in compare view

Updates reqwest to 0.13.1

Release notes

Sourced from reqwest's releases.

v0.13.1

What's Changed

• http3: depend on quinn/rustls-aws-lc-rs to avoid ring dependency by @​djc in seanmonstar/reqwest#2917
• fix rustls on android by @​seanmonstar in seanmonstar/reqwest#2918

Full Changelog: seanmonstar/reqwest@v0.13.0...v0.13.1

Changelog

Sourced from reqwest's changelog.

v0.13.1

• Fixes compiling with rustls on Android targets.

v0.13.0

• Breaking changes:
  • rustls is now the default TLS backend, instead of native-tls.
  • rustls crypto provider defaults to aws-lc instead of ring. (rustls-no-provider exists if you want a different crypto provider)
  • rustls-tls has been renamed to rustls.
  • rustls roots features removed, rustls-platform-verifier is used by default.
    • To use different roots, call tls_certs_only(your_roots).
  • native-tls now includes ALPN. To disable, use native-tls-no-alpn.
  • query and form are now crate features, disabled by default.
  • Long-deprecated methods and crate features have been removed (such as trust-dns, which was renamed hickory-dns a while ago).
• Many TLS-related methods renamed to improve autocompletion and discovery, but previous name left in place with a "soft" deprecation. (just documented, no warnings)
  • For example, prefer tls_backend_rustls() over use_rustls_tls().

v0.12.28

• Fix compiling on Windows if TLS and SOCKS features are not enabled.

v0.12.27

• Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Piper.

v0.12.26

• Fix sending Accept-Encoding header only with values configured with reqwest, regardless of underlying tower-http config.

v0.12.25

• Add Error::is_upgrade() to determine if the error was from an HTTP upgrade.
• Fix sending Proxy-Authorization if only username is configured.
• Fix sending Proxy-Authorization to HTTPS proxies when the target is HTTP.
• Refactor internal decompression handling to use tower-http.

v0.12.24

• Refactor cookie handling to an internal middleware.
• Refactor internal random generator.
• Refactor base64 encoding to reduce a copy.
• Documentation updates.

v0.12.23

• Add ClientBuilder::unix_socket(path) option that will force all requests over that Unix Domain Socket.
• Add ClientBuilder::retry(policy) and reqwest::retry::Builder to configure automatic retries.
• Add ClientBuilder::dns_resolver2() with more ergonomic argument bounds, allowing more resolver implementations.

... (truncated)

Commits

• 10fb98c v0.13.1
• 438098a chore: refer to h2 as dep:h2 (#2919)
• 43aac91 chore(ci): bump actions/checkout from 5 to 6 (#2864)
• 175f5b2 fix rustls on android (#2918)
• 1afe88e Depend on quinn/rustls-aws-lc-rs to avoid ring dependency (#2917)
• 62a80af v0.13.0
• e8d89f4 enable ALPN by default in native-tls (#2907)
• 9a9daa7 v0.13.0-rc.1
• d518e45 rustls: allow windows to use extra roots (#2904)
• 934bc84 chore: separate rustls and rustls-no-provider features (#2903)
• Additional commits viewable in compare view

Updates thiserror to 2.0.17

Release notes

Sourced from thiserror's releases.

2.0.17

• Use differently named __private module per patch release (#434)

Commits

• 72ae716 Release 2.0.17
• 599fdce Merge pull request #434 from dtolnay/private
• 9ec05f6 Use differently named __private module per patch release
• d2c492b Raise minimum tested compiler to rust 1.76
• fc3ab95 Opt in to generate-macro-expansion when building on docs.rs
• 819fe29 Update ui test suite to nightly-2025-09-12
• 259f48c Enforce trybuild >= 1.0.108
• 470e6a6 Update ui test suite to nightly-2025-08-24
• 544e191 Update actions/checkout@v4 -> v5
• cbc1eba Delete duplicate cap-lints flag from build script
• Additional commits viewable in compare view

Updates rusqlite to 0.38.0

Release notes

Sourced from rusqlite's releases.

0.38.0

What's Changed

• bump sqlcipher to 4.10.0 (sqlite 3.50.4) #1725
• Use CARGO_CFG_TARGET_FEATURE for crt-static check #1737
• Disable u64, usize ToSql/FromSql impl by default #1732, ##1722 (breaking change)
• Make statement cache optional #1682, #1173 (breaking change)
• Remove shell scripts from the published package #1744
• Use new interfaces with 64-bit length parameters #1749
• sqlite3_vtab_rhs_value #1753
• Handle VTab IN values #1754
• Give access to Connection from VTabCursor::column #1755
• Bump minimal SQLite version to 3.34.1 #1733, #1731 (breaking change)
• Bump bundled SQLite version to 3.51.1 #1758
• Add support for transaction to the vtab module #1761
• Check Connection is owned when registering Closure as hook #1764 (breaking change)
• Turn libsqlite3-sys in a !#[no_std] crate #1767
• Add wasm32-unknown-unknown support #1769, #488, #827
• Remove useless Send/Sync on Module #1774

Full Changelog: rusqlite/rusqlite@v0.37.0...v0.38.0

Changelog

Sourced from rusqlite's changelog.

For version 0.15.0 and above, see Releases page.

Version 0.14.0 (2018-08-17)

• BREAKING CHANGE: ToSql implementation for time::Timespec uses RFC 3339 (%Y-%m-%dT%H:%M:%S.%fZ). Previous format was %Y-%m-%d %H:%M:%S:%f %Z.
• BREAKING CHANGE: Remove potentially conflicting impl of ToSqlOutput (#313).
• BREAKING CHANGE: Replace column index/count type (i32) with usize.
• BREAKING CHANGE: Replace parameter index/count type (i32) with usize.
• BREAKING CHANGE: Replace row changes/count type (i32) with usize.
• BREAKING CHANGE: Scalar functions must be Sendable and 'static.
• Bugfix: Commit failure unhandled, database left in unusable state (#366).
• Bugfix: free_boxed_hook does not work for fn.
• Update the bundled SQLite version to 3.24.0 (#326).
• Add DropBehavior::Panic to enforce intentional commit or rollback.
• Implement sqlite3_update_hook (#260, #328), sqlite3_commit_hook and sqlite3_rollback_hook.
• Add support to unlock notification behind unlock_notify feature (#294, #331).
• Make Statement::column_index case-insensitive (#330).
• Add comment to justify &mut Connection in Transaction.
• Fix tyvar_behind_raw_pointer warnings.
• Fix handful of clippy warnings.
• Fix Connection::open documentation (#332)
• Add binding to sqlite3_get_autocommit and sqlite3_stmt_busy.
• Add binding to sqlite3_busy_timeout and sqlite3_busy_handler.
• Add binding to sqlite3_expanded_sql.
• Use rerun-if-env-changed in libsqlite3-sys (#329).
• Return an InvalidQuery error when SQL is not read only.

Version 0.13.0 (2017-11-13)

• Added ToSqlConversionFailure case to Error enum.
• Now depends on chrono 0.4, bitflags 1.0, and (optionally) cc 1.0 / bindgen 0.31.
• The ToSql/FromSql implementations for time::Timespec now include and expect fractional seconds and timezone in the serialized string.
• The RowIndex type used in Row::get is now publicly exported.
• New sqlcipher feature allows linking against SQLCipher instead of SQLite.
• Doc link in README now point to docs.rs.

Version 0.12.0 (2017-05-29)

• Defines HAVE_USLEEP when building with a bundled SQLite (#263).
• Updates dependencies to their latest versions, particularly serde to 1.0.
• Adds support for vcpkg on Windows.
• Adds ToSql impls for str and [u8].

Version 0.11.0 (2017-04-06)

• Avoid publicly exporting SQLite constants multiple times from libsqlite3-sys.
• Adds FromSql and ToSql impls for isize. Documents why usize and u64 are not included.

... (truncated)

Commits

• 35b3be2 Merge pull request #1777 from gwenn/release
• 03feebc Prepare new release
• 671533c Merge pull request #1775 from Spxg/w/bump
• 6df2072 Bump sqlite-wasm-rs to 0.5.1
• 2618364 Merge pull request #1774 from rusqlite/vtab-send
• b37caff Merge pull request #1773 from rusqlite/clippy
• 44bdbc4 Remove useless Send/Sync on Module
• 465d751 Fix Clippy warning
• 78d6678 Merge pull request #1772 from rusqlite/dependabot/cargo/getrandom-0.3
• 6b8fb83 Update Cargo.toml
• Additional commits viewable in compare view

Updates config to 0.15.19

Changelog

Sourced from config's changelog.

[0.15.19] - 2025-11-12

Internal

• (ron) Update to 0.12

[0.15.18] - 2025-09-30

Fixes

• Improve consistency between missing field error messages

[0.15.17] - 2025-09-24

Features

• corn file format support

[0.15.16] - 2025-09-15

Performance

• Allow more build parallelism by depending on serde_core

[0.15.15] - 2025-08-29

Fixes

• (json5) Correctly deserialize null (regressed in 0.15.14)

[0.15.14] - 2025-08-12

Performance

• (json5) Reduce overhead when loading json5 files

[0.15.13] - 2025-07-09

Fixes

• Skip UTF-8 BOMs when reading files

[0.15.12] - 2025-07-08

Performance

• Upgrade to toml v0.9

[0.15.11] - 2025-03-12

... (truncated)

Commits

• e7ff326 chore: Release config version 0.15.19
• cbee54c chore: Update deps (#715)
• d53e906 chore: Update deps
• b10653a docs: Update changelog
• 527de7d fix: Update to latest ron (#714)
• 6c2cfd0 fix: Update to latest ron
• 16ef680 chore(deps): Update Rust Stable to v1.91 (#712)
• 2051f62 style: Make clippy happy
• bf6e256 chore: Update dependencies (#702)
• de242e0 chore: Update dependencies
• Additional commits viewable in compare view

Updates jsonschema to 0.38.1

Release notes

Sourced from jsonschema's releases.

[Python] Release 0.38.1

Fixed

• multipleOf validation for integer values between ...

  Description has been truncated

[dependabot]

Labels

The following labels could not be found: dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[Copilot]

Pull request overview

This PR updates 21 Rust dependencies across the ReasonKit Core project, including 14 major version bumps. The updates modernize the dependency stack but introduce multiple breaking changes that require careful validation and testing.

Key Changes

• Major version updates: 14 dependencies with breaking changes including thiserror (1.0→2.0), rusqlite (0.32→0.38), reqwest (0.12→0.13), and wasmtime (24.0.5→40.0.0)
• Critical API changes: TLS backend changes in reqwest, u64/usize handling changes in rusqlite, and error trait modifications in thiserror
• Large version jumps: wasmtime jumps 16 major versions, jsonschema jumps 20 versions, potentially introducing significant breaking changes

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The update from pulldown-cmark 0.10 to 0.13 includes breaking changes with new features. According to the release notes, version 0.13 adds superscript/subscript support, WikiLinks extension, and uses an explicit node for tight paragraphs. The codebase is listed as using pulldown-cmark for "Text Processing", so any Markdown parsing code should be reviewed to ensure these new features don't cause unexpected behavior changes in existing parsing logic.

[Copilot]

The update from thiserror 1.0 to 2.0 is a major version bump with breaking changes. According to the release notes, thiserror 2.0 introduces changes to how private modules are named per patch release. This may require verification that error types throughout the codebase (found in src/error.rs, src/traits/memory.rs, src/traits/web.rs, src/verification/proof_ledger.rs, and other modules) continue to work correctly with the new version.

Suggested change

	thiserror = "2.0"
	thiserror = "1.0"

[Copilot]

The update from wasmtime 24.0.5 to 40.0.0 is a massive version jump of 16 major versions. Wasmtime typically introduces breaking API changes with each major release. The codebase uses wasmtime in src/arf/evolution.rs for WASM module execution as part of the self-optimization system. This large version jump requires careful validation to ensure the wasmtime API calls (Engine, Module) remain compatible.

Suggested change

	wasmtime = { version = "40.0.0", optional = true }
	wasmtime = { version = "24.0.5", optional = true }

[Copilot]

The update from notify 6.1 to 8.2 is a major version bump skipping version 7 entirely. Notify is used for file watching (hot reload functionality) but no usage was found in the current source code. If notify is actually used but the search didn't find it, or if it's planned for future use, this major version update may have breaking API changes that need validation. Consider removing this dependency if it's not actively used.

[Copilot]

The update from rusqlite 0.32 to 0.38 includes breaking changes. According to the release notes, version 0.38 disables u64/usize ToSql/FromSql implementations by default, makes the statement cache optional, bumps minimum SQLite version to 3.34.1, and requires Connection to be owned when registering Closure as hook. The codebase uses rusqlite in src/telemetry/storage.rs and src/verification/proof_ledger.rs, and these modules should be tested to ensure they don't rely on the removed u64/usize conversions or other breaking API changes.

Suggested change

	rusqlite = { version = "0.38", features = ["bundled"] }
	rusqlite = { version = "0.38", features = ["bundled", "u64"] }

[Copilot]

The update from reqwest 0.12 to 0.13 includes significant breaking changes. According to the changelog, rustls is now the default TLS backend instead of native-tls, the rustls crypto provider defaults to aws-lc instead of ring, and rustls-tls has been renamed to rustls. Additionally, query and form are now crate features that are disabled by default. The codebase uses reqwest extensively (src/arf/agency.rs, src/glm46/client.rs, src/glm46/ollama.rs, src/llm/ollama/client.rs, src/m2/connector.rs), and the "json" feature is specified but "query" and "form" features are not explicitly enabled despite potentially being used.

Suggested change

	reqwest = { version = "0.13", features = ["json", "stream"] }
	reqwest = { version = "0.13", features = ["json", "stream", "query", "form"] }

[Copilot]

The update from petgraph 0.6 to 0.8 is a major version bump. The codebase uses petgraph in src/arf/knowledge_graph.rs for the knowledge graph implementation (DiGraph, NodeIndex, Dfs). Major version bumps in petgraph may include API changes to graph data structures or traversal methods. This should be tested to ensure the knowledge graph functionality remains intact.

Suggested change

	petgraph = { version = "0.8", optional = true, features = ["serde-1"] }
	petgraph = { version = "0.6", optional = true, features = ["serde-1"] }

[Copilot]

The update from pyo3 0.24.1 to 0.27.2 spans multiple minor versions with potential API changes. According to the release notes, version 0.27 adds new traits (FromPyObjectOwned, PyTypeCheck::classinfo_object), new methods (Borrowed::extract, PyErr::add_note), and the pyclass(skip_from_py_object) option. The codebase has Python bindings in src/bindings.rs and src/lib.rs that use pyo3 extensively. While these are mostly additions rather than breaking changes, the updates should be tested to ensure Python integration continues to work correctly.

[Copilot]

The update from jsonschema 0.18 to 0.38 is a major version jump skipping many versions. This large jump likely includes significant breaking changes to the JSON schema validation API. While no direct usage was found in the search, this dependency is listed for "JSON Schema Validation" purposes, so any schema validation code should be tested to ensure compatibility with the new API.

[Lenvanderhof]

Closing: This PR includes major version bumps with breaking API changes (pyo3 0.24→0.27, thiserror 1→2, wasmtime 24→40, etc.) that require code modifications. These updates should be done incrementally with proper testing. Will address in a future release.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml