Bump the minor group across 1 directory with 9 updates

[dependabot]

Bumps the minor group with 9 updates in the / directory:

Package	From	To
clap	4.5.58	4.6.1
semver	1.0.27	1.0.28
bon	3.8.2	3.9.1
data-encoding	2.10.0	2.11.0
uuid	1.20.0	1.23.1
tokio	1.49.0	1.52.3
insta	1.46.3	1.47.2
futures	0.3.31	0.3.32
image	0.25.9	0.25.10

Updates clap from 4.5.58 to 4.6.1

Release notes

Sourced from clap's releases.

v4.6.1

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

v4.5.60

[4.5.60] - 2026-02-19

Fixes

• (help) Quote empty default values, possible values

v4.5.59

[4.5.59] - 2026-02-16

Fixes

• Command::ignore_errors no longer masks help/version on subcommands

Changelog

Sourced from clap's changelog.

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

[4.6.0] - 2026-03-12

Compatibility

• Update MSRV to 1.85

[4.5.61] - 2026-03-12

Internal

• Update dependencies

[4.5.60] - 2026-02-19

Fixes

• (help) Quote empty default values, possible values

[4.5.59] - 2026-02-16

Fixes

• Command::ignore_errors no longer masks help/version on subcommands

Commits

• 1420275 chore: Release
• d2c817d docs: Update changelog
• f88c94e Merge pull request #6341 from epage/sep
• acbb822 fix(complete): Reduce risk of conflict with actual subcommands
• a49fadb refactor(complete): Pull out subcommand separator
• ddc008b Merge pull request #6332 from epage/update
• 497dc50 chore: Update compatible dependencies
• dca2326 Merge pull request #6331 from clap-rs/renovate/j178-prek-action-2.x
• 54bdaa3 chore(deps): Update j178/prek-action action to v2
• f0d30d9 chore: Release
• Additional commits viewable in compare view

Updates semver from 1.0.27 to 1.0.28

Release notes

Sourced from semver's releases.

1.0.28

• Documentation improvements

Commits

• 7625c7a Release 1.0.28
• fd404d0 Merge pull request 351 from czy-29/master
• f75f26e The doc_auto_cfg and doc_cfg features have been merged
• 9e2bfa2 Enable serde on docs.rs and automatically add serde flag to the docs
• 8591f23 Unpin CI miri toolchain
• 66bdd2c Pin CI miri to nightly-2026-02-11
• 324ffce Switch from cargo bench to criterion
• 34133a5 Update actions/upload-artifact@v5 -> v6
• 7f935ff Update actions/upload-artifact@v4 -> v5
• c07fb91 Switch from test::black_box to std::hint::black_box
• Additional commits viewable in compare view

Updates bon from 3.8.2 to 3.9.1

Release notes

Sourced from bon's releases.

v3.9.1

This is purely a minutiae update with zero changes to the Rust API. Enjoy the stability 🍸.

Fixed

• Redistribute license files with the crates sources (#376)

Internal

• Regular maintenance (#377)

v3.9.0

Added

• Introduce a new experimental attribute builder(generics(setters)) for overwriting generic types on the builder. (#364, #368, #370). Thanks @​dflemstr for the contribution!
• Support builder(overwritable) with builder(getter) (#369)

Internal

• Regular maintenance (#365)

Commits

• 1f427d0 chore: release v3.9.1 (#378)
• 814078a Maintenance tests and dependencies update (#377)
• e82f087 Redistribute license files with the crates sources (#376)
• d87637c chore: release v3.9.0 (#371)
• 66d503d Improve docs for generics(setters) (#370)
• 7a7b3cc Support builder(overwritable) with builder(getter) (#369)
• 007a5ee Actualize readme (#365)
• 32e1838 Veetaha's followup for #[builder(generics(setters))] (#368)
• d6cb79d Add support for setters that change the builder type (#364)
• See full diff in compare view

Updates data-encoding from 2.10.0 to 2.11.0

Commits

• b4d20e0 Release 2.11.0 (#155)
• d354bb2 Add interpretation function from byte to character (#154)
• See full diff in compare view

Updates uuid from 1.20.0 to 1.23.1

Release notes

Sourced from uuid's releases.

v1.23.1

What's Changed

• Remove deprecated msrv feature from wasm-bindgen dependency by @​guybedford in uuid-rs/uuid#877
• fix: Timestamp::from_gregorian deprecation note by @​aznashwan in uuid-rs/uuid#878
• Prepare for 1.23.1 release by @​KodrAus in uuid-rs/uuid#879

New Contributors

• @​guybedford made their first contribution in uuid-rs/uuid#877
• @​aznashwan made their first contribution in uuid-rs/uuid#878

Full Changelog: uuid-rs/uuid@v1.23.0...v1.23.1

v1.23.0

What's Changed

• feat: add support for 'hyphenated' format in the serde module by @​FrenchDilettante in uuid-rs/uuid#865
• Fix a number of bugs in time-related code by @​KodrAus in uuid-rs/uuid#872
• Reword invalid char error message by @​KodrAus in uuid-rs/uuid#873
• Impl cleanups by @​KodrAus in uuid-rs/uuid#874
• Use LazyLock to synchronize v1/v6 context initialization by @​KodrAus in uuid-rs/uuid#875
• Prepare for 1.23.0 release by @​KodrAus in uuid-rs/uuid#876

New Contributors

• @​FrenchDilettante made their first contribution in uuid-rs/uuid#865

Special thanks

@​meng-xu-cs raised a series of bugs against the timestamp logic in uuid using automated tooling. The issues themselves were reasonably and responsibly presented and the end result is a better uuid library for everyone. Thanks!

Deprecations

This release includes the following deprecations:

• Context: Renamed to ContextV1
• Timestamp::from_gregorian: Renamed to Timestamp::from_gregorian_time

Change to Version::Max

Version::Max's u8 representation has changed from 0xff to 0x0f to match the value returned by Uuid::get_version_num.

Change to Uuid::get_version for the max UUID

Uuid::get_version will only return Some(Version::Max) if the UUID is actually the max UUID (all bytes are 0xff). Previously it would return Some if only the version field was 0x0f. This change matches the behaviour of the nil UUID, which only returns Some(Version::Nil) if the UUID is the nil UUID (all bytes are 0x00).

Full Changelog: uuid-rs/uuid@v1.22.0...v1.23.0

v1.22.0

What's Changed

• Default to rand 0.10 by @​haxtibal in uuid-rs/uuid#863
• Prepare for 1.22.0 release by @​KodrAus in uuid-rs/uuid#864

... (truncated)

Commits

• ca0c85f Merge pull request #879 from uuid-rs/cargo/v1.23.1
• b4db015 prepare for 1.23.1 release
• 771069d Merge pull request #878 from aznashwan/fix-from-gregorian-deprecation-note
• 80994a2 fix: Timestamp::from_gregorian deprecation note
• 90c5be8 Merge pull request #877 from guybedford/remove-wasm-bindgen-msrv
• 8b8c4f4 Remove deprecated feature from wasm-bindgen dependency
• 00ab922 Merge pull request #876 from uuid-rs/cargo/v1.23.0
• 726ba45 prepare for 1.23.0 release
• 996dade Merge pull request #875 from uuid-rs/fix/context-ordering
• e140479 simplify a use stmt
• Additional commits viewable in compare view

Updates tokio from 1.49.0 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

• runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

• io: AioSource::register_borrowed for I/O safety support (#7992)
• net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

• runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)
• taskdump: add trace_with() for customized task dumps (#8025)
• taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)
• fs: support io_uring in AsyncRead for File (#7907)

... (truncated)

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• Additional commits viewable in compare view

Updates insta from 1.46.3 to 1.47.2

Release notes

Sourced from insta's releases.

1.47.2

Release Notes

• Restore Send + Sync on Settings, Redactions, and Redaction by reverting the Arc to Rc change from 1.47.0, which was semver-breaking. #873 #874
• Add Send + Sync bounds to Comparator trait for consistency with Arc-based storage. #872
• Add compile-time assertion to prevent future auto-trait regressions.

Install cargo-insta 1.47.2

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.47.2/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.47.2/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.47.2

File	Platform	Checksum
cargo-insta-aarch64-apple-darwin.tar.xz	Apple Silicon macOS	checksum
cargo-insta-x86_64-apple-darwin.tar.xz	Intel macOS	checksum
cargo-insta-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
cargo-insta-x86_64-unknown-linux-gnu.tar.xz	x64 Linux	checksum
cargo-insta-x86_64-unknown-linux-musl.tar.xz	x64 MUSL Linux	checksum

1.47.1

Release Notes

• Revert sorting of sequences in sort_maps. The change in 1.47.0 sorted all Seq values (including Vec), not just non-deterministic collections like HashSet, which was a breaking change. #876

Install cargo-insta 1.47.1

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.47.1/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

... (truncated)

Changelog

Sourced from insta's changelog.

1.47.2

• Restore Send + Sync on Settings, Redactions, and Redaction by reverting the Arc to Rc change from 1.47.0, which was semver-breaking. #873 #874
• Add Send + Sync bounds to Comparator trait for consistency with Arc-based storage. #872
• Add compile-time assertion to prevent future auto-trait regressions.

1.47.1

• Revert sorting of sequences in sort_maps. The change in 1.47.0 sorted all Seq values (including Vec), not just non-deterministic collections like HashSet, which was a breaking change. #876

1.47.0

• Add Comparator trait for customizing how snapshot values are compared. #872 (@​dstu)
• Sort sequences in sort_maps to fix non-deterministic HashSet snapshots. #876
• Improve TOML serialization error message for unsupported types, suggesting assert_json_snapshot! or assert_yaml_snapshot! as alternatives. #880
• Remove unnecessary Send + Sync bounds from Redaction, allowing non-Send closures in dynamic redactions. #874
• Don't use Arc in Settings unnecessarily. #873 (@​dstu)
• Upgrade console to 0.16 and MSRV to 1.66. #885
• Upgrade toml-edit to 0.25. #882 (@​alexanderkjall)

Commits

• 0ddf1e8 Release 1.47.2 (#894)
• 094b1cf Revert Arc→Rc change, restore Send + Sync on Settings (#893)
• 65a5233 Add regression test for sort_maps not sorting Vecs (#892)
• fdbfc15 Revert sort_maps sequence sorting, release 1.47.1 (#891)
• 46b6f2a Release 1.47.0 (#889)
• aa12933 Upgrade console to 0.16, bump MSRV to 1.66 (#885)
• 98c084c upgrade toml-edit to 0.25 (#882)
• 4e889b0 the test_glob test depends on both glob and json (#883)
• 4d738e5 Bump @​tootallnate/once and @​vscode/test-electron in /vscode-insta (#881)
• 09f2b8b Improve TOML serialization error message for unsupported types (#880)
• Additional commits viewable in compare view

Updates futures from 0.3.31 to 0.3.32

Release notes

Sourced from futures's releases.

0.3.32

• Bump MSRV of utility crates to 1.71. (#2989)
• Soft-deprecate ready! macro in favor of std::task::ready! added in Rust 1.64 (#2925)
• Soft-deprecate pin_mut! macro in favor of std::pin::pin! added in Rust 1.68 (#2929)
• Add FuturesOrdered::clear (#2927)
• Add mpsc::*Receiver::recv (#2947)
• Add mpsc::*Receiver::try_recv and deprecate mpsc::*Receiver::::try_next (#2944)
• Implement FusedStream for sink::With (#2948)
• Add no_std support for shared (#2868)
• Make Mutex::new() const (#2956)
• Add #[clippy::has_significant_drop] to guards (#2967)
• Remove dependency to pin-utils (#2929)
• Remove dependency on num_cpus (#2946)
• Performance improvements (#2983)
• Documentation improvements (#2925, #2926, #2940, #2971)

Changelog

Sourced from futures's changelog.

0.3.32 - 2026-02-15

• Bump MSRV of utility crates to 1.71. (#2989)
• Soft-deprecate ready! macro in favor of std::task::ready! added in Rust 1.64 (#2925)
• Soft-deprecate pin_mut! macro in favor of std::pin::pin! added in Rust 1.68 (#2929)
• Add FuturesOrdered::clear (#2927)
• Add mpsc::*Receiver::recv (#2947)
• Add mpsc::*Receiver::try_recv and deprecate mpsc::*Receiver::::try_next (#2944)
• Implement FusedStream for sink::With (#2948)
• Add no_std support for shared (#2868)
• Make Mutex::new() const (#2956)
• Add #[clippy::has_significant_drop] to guards (#2967)
• Remove dependency to pin-utils (#2929)
• Remove dependency on num_cpus (#2946)
• Performance improvements (#2983)
• Documentation improvements (#2925, #2926, #2940, #2971)

Commits

• d9bba94 Release 0.3.32
• 151e0b9 Add comments on rust-version field in Cargo.toml
• 4aaf00c Bump MSRV of utility crates to 1.71
• a4cce12 perf: improve AtomicWaker::wake performance (#2983)
• ba9d102 Add #[clippy::has_significant_drop] to guards (#2967)
• 20396a8 Fix rustdoc::broken_intra_doc_links warning
• 815f6eb Fix documentation of BiLock::lock (#2971)
• 0f0db04 futures-util: make Mutex::new() const (#2956)
• 5d6fc5e ci: Test big-endian target (s390x Linux)
• 9f739fe Ignore dead_code lint on Fn1 trait
• Additional commits viewable in compare view

Updates image from 0.25.9 to 0.25.10

Changelog

Sourced from image's changelog.

Version 0.25.10

Features:

• Added GenericImage::copy_from_samples that can be implemented for images that can be efficiently filled from a matrix-layout of samples. Its default implementation will not defer to copy_from, consider implementing this if you specialized the latter.
• Added GenericImageView::to_pixel_view that can be implemented to describe the buffer in terms our FlatSamples matrix layout, if applicable. This allows algorithms over generic images to run a specialized version where they can be more efficient over an raw input slice.
• Added ImageBuffer::from_raw_bgr{,a} to efficiently byte-swap images into the RGBA layout of the buffer (#2596).
• Added ExtendedColorType::Rgb5x1 to represent 5-bit colors as from TGA (#2609).
• Added metadata::LoopCount and AnimationDecoder::loop_count to query if animations should repeat in a uniform manner (gif, webp, avif) (#2719, #2786).
• load_from_memory now utilizes format detection hooks if any are applicable.

Structural changes:

• Various changes that reduce the compile time of image on codegen by reducing the number of monomorphizations (#2804, #2800, #2807).
• GenericImage::copy_from's default implementation tries copy_from_samples first if the source can be successfully cast with to_pixel_view.
• <ImageBuffer as GenericImage>::copy_from is now must faster for ImageBuffer when the source implements GenericImageView::to_pixel_view.
• <SubImage<_> as GenericImage>::copy_from inherits the previously mentioned optimizations for pixel sources when the inner type provides them. It also provides to_pixel_view based on the inner type.
• ImageBuffer::as_flat_samples no longer requires AsRef<[P::Subpixel]> for the underlying container, just Deref (#2777).

Bug fixes:

• Fixed a panic in TGA where indices have more bits than mapped colors (#2673).

Notable decoder changes:

• Bump tiff to 0.11, supporting planar layout images (#2743).
• ICC profiles can now be written for TIFF files (#2746)
• Update ravif to 0.13, supporting EXIF (#2733).
• Update jpeg-encoder to 0.7 bringing SIMD acceleration (#2736).
• The pnm decoder decodes binary data quicker with fewer allocations (#2797).
• The tga decoder handles 5-bit data and colormaps correctly (#2608, #2609).

Compatibility notes (new section):

• Bump rust-version to 1.88.
• Registered hooks now normalize the file extension they are registered against to ascii-lowercase. It is no longer necessary to register all such variants. This may conflate two hooks that previously hooked the same format with different casing.

Commits

• 76e5718 Merge pull request #2836 from image-rs/version-0.25.10
• 38b81dc Change notes for 0.25.10
• 2fb9e61 Merge pull request #2835 from image-rs/ravif-tiff-integration
• 4263471 Bump ravif/dav1d versions
• a7781b3 Merge pull request #2833 from image-rs/backport-from-bgra
• 6ea7369 Adjust bounds on from_raw_rgb
• dd60a60 Add utility from_raw_bgr{,a} for ImageBuffer
• 933251a Merge pull request #2832 from image-rs/backport-moxcms
• 02c039e Update to moxcms 0.8.0 per reviewer feedback
• 6ac2dd6 Allow moxcms 0.8.x versions
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
⚠️ Please upload report for BASE (main@3090e0e). Learn more about missing BASE report.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1206   +/-   ##
=======================================
  Coverage        ?   29.71%           
=======================================
  Files           ?       34           
  Lines           ?     1656           
  Branches        ?        0           
=======================================
  Hits            ?      492           
  Misses          ?     1164           
  Partials        ?        0           

Flag	Coverage Δ
unittests	29.71% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.