Bump the cargo-deps group across 1 directory with 12 updates

[dependabot]

Bumps the cargo-deps group with 11 updates in the / directory:

Package	From	To
thiserror	2.0.16	2.0.17
serde	1.0.225	1.0.228
wasm-bindgen-test	0.3.53	0.3.54
quote	1.0.40	1.0.41
clap	4.5.47	4.5.48
regex	1.11.2	1.11.3
toml	0.9.5	0.9.7
anyhow	1.0.99	1.0.100
time	0.3.43	0.3.44
warp	0.3.7	0.4.2
axum	0.8.4	0.8.6

Updates thiserror from 2.0.16 to 2.0.17

Release notes

Sourced from thiserror's releases.

2.0.17

• Use differently named __private module per patch release (#434)

Commits

• 72ae716 Release 2.0.17
• 599fdce Merge pull request #434 from dtolnay/private
• 9ec05f6 Use differently named __private module per patch release
• d2c492b Raise minimum tested compiler to rust 1.76
• fc3ab95 Opt in to generate-macro-expansion when building on docs.rs
• 819fe29 Update ui test suite to nightly-2025-09-12
• 259f48c Enforce trybuild >= 1.0.108
• 470e6a6 Update ui test suite to nightly-2025-08-24
• 544e191 Update actions/checkout@v4 -> v5
• cbc1eba Delete duplicate cap-lints flag from build script
• See full diff in compare view

Updates serde from 1.0.225 to 1.0.228

Release notes

Sourced from serde's releases.

v1.0.228

• Allow building documentation with RUSTDOCFLAGS='--cfg=docsrs' set for the whole dependency graph (#2995)

v1.0.227

• Documentation improvements (#2991)

v1.0.226

• Deduplicate variant matching logic inside generated Deserialize impl for adjacently tagged enums (#2935, thanks @​Mingun)

Commits

• a866b33 Release 1.0.228
• 5adc9e8 Merge pull request #2995 from dtolnay/rustdocflags
• ab58178 Workaround for RUSTDOCFLAGS='--cfg=docsrs'
• 415d9fc Release 1.0.227
• 7c58427 Merge pull request #2991 from dtolnay/inlinecoredoc
• 9d3410e Merge pull request #2992 from dtolnay/inplaceseed
• 2fb6748 Remove InPlaceSeed public re-export
• f8137c7 Inline serde_core into serde in docsrs mode
• b7dbf7e Merge pull request #2990 from dtolnay/integer128
• 7c83691 No longer macro_use integer128 module
• Additional commits viewable in compare view

Updates wasm-bindgen-test from 0.3.53 to 0.3.54

Commits

• See full diff in compare view

Updates quote from 1.0.40 to 1.0.41

Release notes

Sourced from quote's releases.

1.0.41

• Improve compile error when repetition contains no interpolated value that is an iterator (#302)

Commits

• 594c865 Release 1.0.41
• 68956e6 Merge pull request #302 from dtolnay/hasiter
• 6a69784 Make diagnostic attribute conditional on compiler version
• 5f1924b Tweak CheckHasIterator error message
• c0adb26 Add diagnostic::on_unimplemented for no iterator in repetition
• a1ddcab Combine HasIterator and ThereIsNoIteratorInRepetition to one type
• bf48c85 Switch to trait for checking iterator in repetition
• d3b4777 Update ui test suite to nightly-2025-09-27
• 3e6b04d Raise minimum tested compiler to rust 1.76
• 07deaaf Opt in to generate-macro-expansion when building on docs.rs
• Additional commits viewable in compare view

Updates clap from 4.5.47 to 4.5.48

Release notes

Sourced from clap's releases.

v4.5.48

[4.5.48] - 2025-09-19

Documentation

• Add a new CLI Concepts document as another way of framing clap
• Expand the typed_derive cookbook entry

Changelog

Sourced from clap's changelog.

[4.5.48] - 2025-09-19

Documentation

• Add a new CLI Concepts document as another way of framing clap
• Expand the typed_derive cookbook entry

Commits

• c3a1ddc chore: Release
• 4460ff4 docs: Update changelog
• 54947a1 Merge pull request #5981 from mernen/fix-bash-clap-complete-space
• fd3f6d2 fix(complete): Restore nospace in bash
• 2f6a108 test(complete): Demonstrate current behavior
• f88be57 style: Ensure consistent newlines
• f209bce chore: Release
• f33ff7f docs: Update changelog
• bf06e6f Merge pull request #5974 from kryvashek/support-clearing-args-matches
• 5d357ad feat(parser): Added ArgMatches::try_clear_id()
• Additional commits viewable in compare view

Updates regex from 1.11.2 to 1.11.3

Changelog

Sourced from regex's changelog.

1.11.3 (2025-09-25)

This is a small patch release with an improvement in memory usage in some cases.

Improvements:

• [BUG #1297](rust-lang/regex#1297): Improve memory usage by trimming excess memory capacity in some spots.

Commits

• ef1c2c3 1.11.3
• ad5cd6c deps: bump regex-automata
• ee69d9e changelog: 1.11.3
• 159fa3e regex-automata-0.4.11
• 02a62ba automata: call Vec::shrink_to_fit in a few strategic places
• a76e0a0 cargo: exclude tests/fuzz from the package
• 19172cc style: inline formatting arguments
• 2695e29 ci: fix cross testing
• See full diff in compare view

Updates toml from 0.9.5 to 0.9.7

Commits

• 669b4a6 chore: Release
• a3153be docs: Update changelog
• 8105f25 chore: Update dependencies (#1039)
• 53768e7 chore: Update from '_rust/main' template (#1040)
• 82d738b chore: Update from '_rust/main' template
• 3bfcdc2 chore: Add license for libfuzzer
• 68dec6e chore: Upgrade foldhash
• 0df630d chore: Bump dependencies
• eb51e86 chore: Bump MSRV to 1.76
• 56774e7 chore: Update dependencies
• Additional commits viewable in compare view

Updates anyhow from 1.0.99 to 1.0.100

Release notes

Sourced from anyhow's releases.

1.0.100

• Teach clippy to lint formatting arguments in bail!, ensure!, anyhow! (#426)

Commits

• 18c2598 Release 1.0.100
• f271988 Merge pull request #426 from dtolnay/clippyfmt
• 52f2115 Mark macros with clippy::format_args
• da5fd9d Raise minimum tested compiler to rust 1.76
• 211e409 Opt in to generate-macro-expansion when building on docs.rs
• b48fc02 Enforce trybuild >= 1.0.108
• d5f59fb Update ui test suite to nightly-2025-09-07
• 238415d Update ui test suite to nightly-2025-08-24
• 3bab070 Update actions/checkout@v4 -> v5
• 4249254 Order cap-lints flag in the same order as thiserror build script
• See full diff in compare view

Updates time from 0.3.43 to 0.3.44

Release notes

Sourced from time's releases.

v0.3.44

See the changelog for details.

Changelog

Sourced from time's changelog.

0.3.44 [2025-09-19]

Fixed

• Comparisons of PrimitiveDateTime, UtcDateTime, and OffsetDateTime with differing signs (i.e. one negative and one positive year) would return the inverse result of what was expected. This was introduced in v0.3.42 and has been fixed.
• Type inference would fail due to feature unification when wasm-bindgen enabled serde_json. This has been fixed by explicitly specifying the type in the relevant locations.

Commits

• 04c0ef2 v0.3.44 release
• b942063 Compare datetimes with signed integers
• dcdfbf6 Add explicit type to avoid inference errors
• f203852 Revert "Remove dependency on itoa"
• See full diff in compare view

Updates warp from 0.3.7 to 0.4.2

Release notes

Sourced from warp's releases.

v0.4.1

Fixes:

• Fix Server::graceful() bounds incorrect requiring the filter to be a future.
• Enable tokio/net when the server feature is enabled.
• Render cfgs in the docs.

Full Changelog: seanmonstar/warp@v0.4.0...v0.4.1

v0.4.0

Changes:

• Upgrade to hyper, http, and http-body to v1.
• Remove multipart and websocket features from being enabled by default.
• Put warp::serve() behind a server feature, not enabled by default.
• Put warp::test behind a test feature, not enabled by default.
• Remove tls feature and types.
• Remove warp::addr filters.

Full Changelog: seanmonstar/warp@v0.3.7...v0.4.0

Changelog

Sourced from warp's changelog.

v0.4.2 (August 19, 2025)

• Features:
  • Add support for passing UnixListener to incoming(listener).
• Fixes:
  • Reduce some dependencies when server is not enabled.

v0.4.1 (August 6, 2025)

• Fixes:
  • Fix Server::graceful() bounds incorrect requiring the filter to be a future.
  • Enable tokio/net when the server feature is enabled.
  • Render cfgs in the docs.

v0.4.0 (August 5, 2025)

• Changes:
  • Upgrade to hyper, http, and http-body to v1.
  • Remove multipart and websocket features from being enabled by default.
  • Put warp::serve() behind a server feature, not enabled by default.
  • Put warp::test behind a test feature, not enabled by default.
  • Remove tls feature and types.
  • Remove warp::addr filters.

Commits

• c29f293 v0.4.2
• 3867d41 feat: implement Accept for tokio::net::UnixListener (#1135)
• d120a0e deps: make futures-channel optional dependency (#1134)
• 3641ea7 deps: make hyper optional dependency (#1133)
• f4d8e08 ci: update to actions/checkout v4 (#1131)
• 4f3f653 Bump http-body-util min version to 0.1.2 (#1129)
• e5001e2 Move to minimum working hyper util (#1128)
• eea3a28 v0.4.1
• 53bc811 docs: ensure Server methods have docs (#1125)
• 8673081 fix: server.graceful() had wrong trait bounds
• Additional commits viewable in compare view

Updates axum from 0.8.4 to 0.8.6

Release notes

Sourced from axum's releases.

axum v0.8.5

• fixed: Reject JSON request bodies with trailing characters after the JSON document (#3453)
• added: Implement OptionalFromRequest for Multipart (#3220)
• added: Getter methods Location::{status_code, location}
• added: Support for writing arbitrary binary data into server-sent events (#3425)]
• added: middleware::ResponseAxumBodyLayer for mapping response body to axum::body::Body (#3469)
• added: impl FusedStream for WebSocket (#3443)
• changed: The sse module and Sse type no longer depend on the tokio feature (#3154)
• changed: If the location given to one of Redirects constructors is not a valid header value, instead of panicking on construction, the IntoResponse impl now returns an HTTP 500, just like Json does when serialization fails (#3377)
• changed: Update minimum rust version to 1.78 (#3412)

#3154: tokio-rs/axum#3154 #3220: tokio-rs/axum#3220 #3377: tokio-rs/axum#3377 #3412: tokio-rs/axum#3412 #3425: tokio-rs/axum#3425 #3443: tokio-rs/axum#3443 #3453: tokio-rs/axum#3453 #3469: tokio-rs/axum#3469

Commits

• c1bb9c3 Release axum 0.8.6 and related crates
• 4a50581 Update changelogs
• 5c76cfd Remove usage of the doc_auto_cfg feature (#3505)
• c720f56 Release axum-core v0.5.4
• 0c96ead Remove unused rustversion dependency of axum-core (#3502)
• a1d22f6 Release axum 0.8.5 and related crates
• ad2fd5b Update changelogs
• a0692f9 Reject JSON bodies with trailing chars (#3453)
• ae80850 Update to cargo-deny api version 2 (#3475)
• 651cc1e Remove unused link def
• Additional commits viewable in compare view

Updates serde_derive from 1.0.225 to 1.0.228

Release notes

Sourced from serde_derive's releases.

v1.0.228

• Allow building documentation with RUSTDOCFLAGS='--cfg=docsrs' set for the whole dependency graph (#2995)

v1.0.227

• Documentation improvements (#2991)

v1.0.226

• Deduplicate variant matching logic inside generated Deserialize impl for adjacently tagged enums (#2935, thanks @​Mingun)

Commits

• a866b33 Release 1.0.228
• 5adc9e8 Merge pull request #2995 from dtolnay/rustdocflags
• ab58178 Workaround for RUSTDOCFLAGS='--cfg=docsrs'
• 415d9fc Release 1.0.227
• 7c58427 Merge pull request #2991 from dtolnay/inlinecoredoc
• 9d3410e Merge pull request #2992 from dtolnay/inplaceseed
• 2fb6748 Remove InPlaceSeed public re-export
• f8137c7 Inline serde_core into serde in docsrs mode
• b7dbf7e Merge pull request #2990 from dtolnay/integer128
• 7c83691 No longer macro_use integer128 module
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Benchmark - SSR

Yew Master

Details

Benchmark	Round	Min (ms)	Max (ms)	Mean (ms)	Standard Deviation
Baseline	10	290.869	303.343	292.458	3.865
Hello World	10	490.838	525.170	495.401	10.521
Function Router	10	1616.695	1641.405	1628.365	7.286
Concurrent Task	10	1005.890	1007.571	1006.738	0.571
Many Providers	10	1100.354	1157.648	1115.606	16.363

Pull Request

Details

Benchmark	Round	Min (ms)	Max (ms)	Mean (ms)	Standard Deviation
Baseline	10	310.477	317.781	311.291	2.281
Hello World	10	492.517	500.577	495.285	3.051
Function Router	10	1600.956	1610.441	1606.399	3.158
Concurrent Task	10	1005.909	1008.942	1006.685	0.873
Many Providers	10	1075.441	1116.193	1100.987	12.896

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.