Bump the minor-changes group across 1 directory with 9 updates

[dependabot]

Bumps the minor-changes group with 9 updates in the / directory:

Package	From	To
elliptic-curve	0.14.0-rc.16	0.14.0-rc.17
base64ct	1.8.0	1.8.1
hashbrown	0.16.0	0.16.1
sha2	0.11.0-rc.2	0.11.0-rc.3
curve25519-dalek	5.0.0-pre.1	5.0.0-pre.3
insta	1.43.2	1.45.0
k256	0.14.0-rc.0	0.14.0-rc.1
serde_json	1.0.145	1.0.146
clap	4.5.51	4.5.53

Updates elliptic-curve from 0.14.0-rc.16 to 0.14.0-rc.17

Commits

• ae425e9 elliptic-curve v0.14.0-rc.17 (#2094)
• 8a04f9d elliptic-curve: use rustcrypto-ff/rustcrypto-group (#2093)
• cd6747b build(deps): bump bytes from 1.10.1 to 1.11.0 in the all-deps group (#2090)
• f28c9b2 ci: bump crate-ci/typos from 1.39.0 to 1.39.2 (#2091)
• 661a2d7 crypto-common: add changelog entry for v0.1.7 (#2089)
• 868402c build(deps): bump the all-deps group with 2 updates (#2087)
• a8701a4 elliptic-curve: add back SecretKey::random with deprecation (#2086)
• e122175 elliptic-curve: getrandom feature (#2085)
• 2cf79f8 cipher: add changelog entry for #2052 (#2084)
• 0f89497 Migrate to the released version of block-buffer v0.11 (#2082)
• Additional commits viewable in compare view

Updates base64ct from 1.8.0 to 1.8.1

Commits

• fe76359 base64ct v1.8.1 (#2108)
• 06a6183 chore(deps): bump the all-deps group with 4 updates (#2106)
• 44a459a chore(deps): bump crate-ci/typos from 1.39.2 to 1.40.0 (#2107)
• 6df42a5 Bump p256 to v0.14.0-rc.1 (#2105)
• cf9e3ad chore(deps): bump actions/checkout from 5 to 6 (#2103)
• 193c185 chore(deps): bump the all-deps group with 4 updates (#2104)
• 4b67fb1 chore(deps): bump the all-deps group with 2 updates (#2102)
• 33f8ac1 chore(deps): bump crate-ci/typos from 1.39.0 to 1.39.2 (#2101)
• 4f00845 cms: fixup support for upcoming elliptic-curve release (#2100)
• cd86385 chore(deps): bump the all-deps group with 3 updates (#2099)
• Additional commits viewable in compare view

Updates hashbrown from 0.16.0 to 0.16.1

Release notes

Sourced from hashbrown's releases.

v0.16.1

Added

• Added HashTable methods related to the raw bucket index (#657)
• Added VacantEntryRef::insert_with_key (#579)

Changed

• Removed specialization for Copy types (#662)
• The get_many_mut family of methods have been renamed to get_disjoint_mut to match the standard library. The old names are still present for now, but deprecated. (#648)
• Recognize and use over-sized allocations when using custom allocators. (#523)
• Depend on serde_core instead of serde. (#649)
• Optimized collect on rayon parallel iterators. (#652)

Changelog

Sourced from hashbrown's changelog.

0.16.1 - 2025-11-20

Added

• Added HashTable methods related to the raw bucket index (#657)
• Added VacantEntryRef::insert_with_key (#579)

Changed

• Removed specialization for Copy types (#662)
• The get_many_mut family of methods have been renamed to get_disjoint_mut to match the standard library. The old names are still present for now, but deprecated. (#648)
• Recognize and use over-sized allocations when using custom allocators. (#523)
• Depend on serde_core instead of serde. (#649)
• Optimized collect on rayon parallel iterators. (#652)

Commits

• 1876e4f Add PR link for get_disjoint_mut rename
• 2e363b6 Update CHANGELOG for version 0.16.1
• 88d54a5 chore: release v0.16.1
• 21be06c Merge pull request #657 from cuviper/table-bucket
• af971f3 Add T to bucket iterators and inline their methods
• 7ccb6d6 Add HashTable::iter_buckets and iter_hash_buckets
• aeb7996 Add HashTable::get_bucket_entry_unchecked
• e885a4e get_bucket_entry -> Result\<OccupiedEntry, AbsentEntry>
• dabfbef Add get_bucket_unchecked and get_bucket_unchecked_mut
• 42d9377 Make HashTable entries use Tag instead of a full hash
• Additional commits viewable in compare view

Updates sha2 from 0.11.0-rc.2 to 0.11.0-rc.3

Commits

• 8af25ee Cut rc.3 prereleases (#753)
• ea20cf5 build(deps): bump hex-literal from 1.0.0 to 1.1.0 (#750)
• 90a4289 Bump digest dependency to v0.11.0-rc.4 (#752)
• a05d080 Fix bash-hash entry in the supported algorithms table (#748)
• 21384b5 Remove implementations of the VariableOutput trait (#744)
• e048918 bash-hash: minor refactor (#746)
• 65f8551 bash-hash: initial implementation (#745)
• be84ff7 Migrate from doc_auto_cfg to doc_cfg (#740)
• 72b956c gost94: fix typo (#741)
• c73bd68 build(deps): bump digest from 0.11.0-rc.2 to 0.11.0-rc.3 (#738)
• Additional commits viewable in compare view

Updates curve25519-dalek from 5.0.0-pre.1 to 5.0.0-pre.3

Commits

• 3d76df7 Fix docs build and prep prerelease (#855)
• f8481d9 x25519: add RFC7748 Diffie-Hellman Curve25519 tests (#721)
• 81c642d Prep pre.2 prereleases (#849)
• 23d0d2c Bump rand_core from v0.9 to v0.10.0-rc-2 (#842)
• 9e04a58 curve: fully migrate to 2018 module conventions (#844)
• b76b924 Implement Lizard encoding/decoding (#826)
• c3a82a8 ed25519: update signature to v3.0.0-rc.4 (#828)
• adb6a12 ed,x: Cut pre.1 prereleases (#820)
• 65a9efe chore(deps): bump toml to 0.9 (#818)
• 84dc372 ed: bump keccak to v0.2.0-rc.0 (#823)
• See full diff in compare view

Updates insta from 1.43.2 to 1.45.0

Release notes

Sourced from insta's releases.

1.45.0

Release Notes

• Add external diff tool support via INSTA_DIFF_TOOL environment variable. When set, insta uses the specified tool (e.g., delta, difftastic) to display snapshot diffs instead of the built-in diff. The tool is invoked as <tool> <old_file> <new_file>. #844
• Add test.disable_nextest_doctest config option to insta.yaml, allowing users to silence the nextest doctest warning via config instead of passing --dnd every time. #842
• Skip non-insta snapshot files in unreferenced detection. Projects using both insta and other snapshot tools (like vitest or jest) can now use --unreferenced=reject without false positives on .snap files from other tools. #846
• Collect warnings from tests for display after run. Ensures deprecation warnings are visible even when nextest suppresses stdout/stderr from passing tests. #840
• Update TOML serialization to be up-to-date and backwards-compatible. #834
• Support clippy::needless_raw_strings lint by only using raw strings when content contains backslashes or quotes. #828

Install cargo-insta 1.45.0

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.45.0/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.45.0/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.45.0

File	Platform	Checksum
cargo-insta-aarch64-apple-darwin.tar.xz	Apple Silicon macOS	checksum
cargo-insta-x86_64-apple-darwin.tar.xz	Intel macOS	checksum
cargo-insta-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
cargo-insta-x86_64-unknown-linux-gnu.tar.xz	x64 Linux	checksum
cargo-insta-x86_64-unknown-linux-musl.tar.xz	x64 MUSL Linux	checksum

1.44.3

Release Notes

• Fix a regression in 1.44.2 where merge conflict detection was too aggressive, incorrectly flagging snapshot content containing ====== or similar patterns as conflicts. #832
• Fix a regression in 1.42.2 where inline snapshot updates would corrupt the file when code preceded the macro (e.g., let output = assert_snapshot!(...)). #833

Install cargo-insta 1.44.3

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

... (truncated)

Changelog

Sourced from insta's changelog.

1.45.0

• Add external diff tool support via INSTA_DIFF_TOOL environment variable. When set, insta uses the specified tool (e.g., delta, difftastic) to display snapshot diffs instead of the built-in diff. The tool is invoked as <tool> <old_file> <new_file>. #844
• Add test.disable_nextest_doctest config option to insta.yaml, allowing users to silence the nextest doctest warning via config instead of passing --dnd every time. #842
• Skip non-insta snapshot files in unreferenced detection. Projects using both insta and other snapshot tools (like vitest or jest) can now use --unreferenced=reject without false positives on .snap files from other tools. #846
• Collect warnings from tests for display after run. Ensures deprecation warnings are visible even when nextest suppresses stdout/stderr from passing tests. #840
• Update TOML serialization to be up-to-date and backwards-compatible. #834
• Support clippy::needless_raw_strings lint by only using raw strings when content contains backslashes or quotes. #828

1.44.3

• Fix a regression in 1.44.2 where merge conflict detection was too aggressive, incorrectly flagging snapshot content containing ====== or similar patterns as conflicts. #832
• Fix a regression in 1.42.2 where inline snapshot updates would corrupt the file when code preceded the macro (e.g., let output = assert_snapshot!(...)). #833

1.44.2

• Fix a rare backward compatibility issue where inline snapshots using an uncommon legacy format (single-line content stored in multiline raw strings) could fail to match after 1.44.0. #830
• Handle merge conflicts in snapshot files gracefully. When a snapshot file contains git merge conflict markers, insta now detects them and treats the snapshot as missing, allowing tests to continue and create a new pending snapshot for review. #829
• Skip nextest_doctest tests when cargo-nextest is not installed. #826
• Fix functional tests failing under nextest due to inherited NEXTEST_RUN_ID environment variable. #824

1.44.1

• Add --dnd alias for --disable-nextest-doctest flag to make it easier to silence the deprecation warning. #822
• Update cargo-dist to 0.30.2 and fix Windows runner to use windows-2022. #821

1.44.0

• Added non-interactive snapshot review and reject modes for use in non-TTY environments (LLMs, CI pipelines, scripts). cargo insta review --snapshot <path> and cargo insta reject --snapshot <path> now work without a terminal. Enhanced pending-snapshots output with usage instructions and workspace-relative paths. #815
• Add --disable-nextest-doctest flag to cargo insta test to disable running doctests with nextest. Shows a deprecation warning when nextest is used with doctests without this flag, to prepare cargo insta to no longer run a separate doctest process when using nextest in the future. #803
• Add ergonomic --test-runner-fallback / --no-test-runner-fallback flags to cargo insta test. #811
• Apply redactions to snapshot metadata. #813
• Remove confusing 'previously unseen snapshot' message. #812
• Speed up JSON float rendering. #806 (@​nyurik)
• Allow globset version up to 0.4.16. #810 (@​g0hl1n)
• Improve documentation. #814 (@​tshepang)
• We no longer trim starting newlines during assertions, which allows asserting the number of leading newlines match. Existing assertions with different leading newlines will pass and print a warning suggesting running with --force-update-snapshots. They may fail in the future. (Note that we still currently allow differing trailing newlines, though may adjust this in the future). #563

Commits

• 681a026 Release 1.45.0 (#847)
• ad233cd Skip non-insta snapshot files in unreferenced detection (#846)
• d8e8dfe Collect warnings from tests for display after run (#840)
• 521812c Support clippy::needless_raw_strings lint (#828)
• 5822a95 Add external diff tool support via INSTA_DIFF_TOOL (#844)
• e50388f Add config file support for disable_nextest_doctest (#842)
• 5aadfe4 Up-to-date, backwards-compatible TOML (#834)
• dcbb11f Prepare release 1.44.3 (#838)
• 3b9ec12 Refine test name & description (#837)
• ee4e1ea Handle unparsable snapshot files gracefully (#836)
• Additional commits viewable in compare view

Updates k256 from 0.14.0-rc.0 to 0.14.0-rc.1

Commits

• f5f0b88 Cut v0.14.0-rc.1 releases (#1535)
• 3297622 build(deps): bump actions/checkout from 5 to 6 (#1532)
• c1c29e9 x448: clamp StaticSecret on serde deserialization (#1534)
• 0ddb218 hash2curve v0.14.0-rc.4 (#1531)
• 073e856 hash2curve: remove unused dependencies (#1530)
• 3f5416f Bump elliptic-curve dependency to v0.14.0-rc.17 (#1529)
• f0cf38f sm2: avoid Vec reallocations in decrypt and decrypt_der_digest (#1527)
• 90888b6 p521: remove allow(dead_code) from Scalar::from_hex_unchecked (#1526)
• 42fe048 build(deps): bump ed448 from 0.5.0-rc.1 to 0.5.0-rc.2 (#1525)
• df186db build(deps): bump der from 0.8.0-rc.9 to 0.8.0-rc.10 (#1524)
• Additional commits viewable in compare view

Updates serde_json from 1.0.145 to 1.0.146

Release notes

Sourced from serde_json's releases.

v1.0.146

• Set fast_arithmetic=64 for riscv64 (#1305, thanks @​Xeonacid)

Commits

• 75ad7e6 Release 1.0.146
• bc6c827 Merge pull request #1305 from Xeonacid/patch-1
• a09210a Set fast_arithmetic=64 for riscv64
• 01182e5 Update actions/upload-artifact@v5 -> v6
• 383b13a Update actions/upload-artifact@v4 -> v5
• 04dd357 Raise required compiler to Rust 1.68
• e047dfb Resolve manual_let_else pedantic clippy lint
• a525d9c Raise required compiler to Rust 1.65
• f815793 Remove rustc version badge from readme
• 3f17d2c Update actions/checkout@v5 -> v6
• Additional commits viewable in compare view

Updates clap from 4.5.51 to 4.5.53

Release notes

Sourced from clap's releases.

v4.5.53

[4.5.53] - 2025-11-19

Features

• Add default_values_if, default_values_ifs

v4.5.52

[4.5.52] - 2025-11-17

Fixes

• Don't panic when args_conflicts_with_subcommands conflicts with an ArgGroup

Changelog

Sourced from clap's changelog.

[4.5.53] - 2025-11-19

Features

• Add default_values_if, default_values_ifs

[4.5.52] - 2025-11-17

Fixes

• Don't panic when args_conflicts_with_subcommands conflicts with an ArgGroup

Commits

• 3716f9f chore: Release
• 613b69a docs: Update changelog
• d117f7a Merge pull request #6028 from epage/arg
• cb8255d feat(builder): Allow quoted id's for arg macro
• 1036060 Merge pull request #6025 from AldaronLau/typos-in-faq
• 2fcafc0 docs: Fix minor grammar issues in FAQ
• a380b65 Merge pull request #6023 from epage/template
• 4d7ab14 chore: Update from _rust/main template
• b8a7ea4 chore(deps): Update Rust Stable to v1.87 (#18)
• f9842b3 chore: Avoid MSRV problems out of the box
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions