chore: dep updates

[shikhar]

address cargo deny check advisory about aws-lc-sys

[greptile-apps]

Greptile Summary

This PR performs routine dependency updates to address a cargo deny check advisory on aws-lc-sys, upgrading it from 0.38.0 to 0.39.0 (via aws-lc-rs 1.16.1 → 1.16.2). Several other crates receive minor version bumps as part of the same sweep.

Key changes across the lockfile and manifest files:

• Security fix: aws-lc-sys 0.38.0 → 0.39.0, aws-lc-rs 1.16.1 → 1.16.2
• TOML ecosystem consolidation: duplicate toml 0.9.12 (used by config) is removed; all consumers now share toml 1.0.7. This also pulls in winnow 1.0.0 (replacing 0.7.15) as its parsing backend.
• clap 4.5 → 4.6 (workspace) and its sub-crates (anstream, anstyle-parse, clap_lex each hit their own 1.0 milestones as transitive deps).
• uuid 1.21 → 1.22: now uses rand 0.10.0, aligning with the workspace's own rand = "0.10" constraint and eliminating the prior duplicate rand 0.9.2 in the lockfile.
• Dev-dependency bumps in cli/Cargo.toml: assert_cmd 2.1 → 2.2, tempfile 3.26 → 3.27.

No logic or structural code changes are introduced; this is a pure dependency maintenance update.

Confidence Score: 5/5

• This PR is safe to merge — it is a pure dependency maintenance update with no logic changes.
• All changes are version bumps in Cargo.toml/Cargo.lock. The primary goal (resolving the aws-lc-sys security advisory) is correctly addressed. The toml ecosystem consolidation and rand deduplication are beneficial side effects. No application code is modified, and all updated crates follow semver, making regressions very unlikely.
• No files require special attention.

Important Files Changed

Filename	Overview
Cargo.lock	Lockfile updated to reflect version bumps across many crates; key fix is aws-lc-sys 0.38.0 → 0.39.0 to address a cargo-deny advisory. Also consolidates duplicate toml versions (0.9 dropped, only 1.0.7 remains), and upgrades winnow from 0.7.15 to 1.0.0 as a transitive dep of the updated toml ecosystem.
Cargo.toml	Workspace dependency constraints updated: clap 4.5 → 4.6, uuid 1.21 → 1.22. Straightforward minor version bumps with no structural changes.
cli/Cargo.toml	Dev-dependency updates only: assert_cmd 2.1 → 2.2 and tempfile 3.26 → 3.27. No production dependency changes.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["cargo deny check advisory\n(aws-lc-sys RUSTSEC)"] --> B["Bump aws-lc-rs\n1.16.1 → 1.16.2"]
    B --> C["Bump aws-lc-sys\n0.38.0 → 0.39.0\n✅ Advisory resolved"]

    D["config 0.15.19 → 0.15.22"] --> E["toml consolidated\n0.9.12 dropped\n→ 1.0.7 only"]
    E --> F["winnow\n0.7.15 → 1.0.0"]
    E --> G["toml_datetime 1.0.0 → 1.0.1\ntoml_edit 0.25.4 → 0.25.5\ntoml_parser 1.0.9 → 1.0.10\ntoml_writer 1.0.6 → 1.0.7"]

    H["clap 4.5 → 4.6"] --> I["anstream 0.6 → 1.0\nanstyle-parse 0.2 → 1.0\nclap_lex 1.0 → 1.1"]

    J["uuid 1.21 → 1.22"] --> K["rand 0.9.2 removed\n→ rand 0.10.0 (shared)"]

    L["Other minor bumps\nzerocopy, libc, tempfile,\ntracing-subscriber, quinn-proto,\ncc, socket2, …"] --> M["No breaking changes\nPatch/minor only"]

Loading

_{Last reviewed commit: "d"}