deps: bump the rust-minor group with 13 updates

[dependabot]

Bumps the rust-minor group with 13 updates:

Package	From	To
clap	4.4.18	4.6.1
tokio	1.51.1	1.52.3
serde_json	1.0.149	1.0.150
aws-sdk-sts	1.101.0	1.102.0
comfy-table	7.1.4	7.2.2
chrono	0.4.44	0.4.45
uuid	1.13.1	1.23.3
regex	1.12.3	1.12.4
tar	0.4.45	0.4.46
mockito	1.6.1	1.7.2
tempfile	3.14.0	3.27.0
assert_cmd	2.0.14	2.2.2
predicates	3.0.4	3.1.4

Updates clap from 4.4.18 to 4.6.1

Release notes

Sourced from clap's releases.

v4.6.1

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

v4.5.60

[4.5.60] - 2026-02-19

Fixes

• (help) Quote empty default values, possible values

v4.5.59

[4.5.59] - 2026-02-16

Fixes

• Command::ignore_errors no longer masks help/version on subcommands

v4.5.58

[4.5.58] - 2026-02-11

v4.5.57

[4.5.57] - 2026-02-03

Fixes

• Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

v4.5.56

[4.5.56] - 2026-01-29

Fixes

• On conflict error, don't show conflicting arguments in the usage

v4.5.55

[4.5.55] - 2026-01-27

Fixes

• Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

v4.5.54

[4.5.54] - 2026-01-02

Fixes

... (truncated)

Changelog

Sourced from clap's changelog.

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

[4.6.0] - 2026-03-12

Compatibility

• Update MSRV to 1.85

[4.5.61] - 2026-03-12

Internal

• Update dependencies

[4.5.60] - 2026-02-19

Fixes

• (help) Quote empty default values, possible values

[4.5.59] - 2026-02-16

Fixes

• Command::ignore_errors no longer masks help/version on subcommands

[4.5.58] - 2026-02-11

[4.5.57] - 2026-02-03

Fixes

• Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

[4.5.56] - 2026-01-29

Fixes

• On conflict error, don't show conflicting arguments in the usage

[4.5.55] - 2026-01-27

Fixes

• Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

... (truncated)

Commits

• 1420275 chore: Release
• d2c817d docs: Update changelog
• f88c94e Merge pull request #6341 from epage/sep
• acbb822 fix(complete): Reduce risk of conflict with actual subcommands
• a49fadb refactor(complete): Pull out subcommand separator
• ddc008b Merge pull request #6332 from epage/update
• 497dc50 chore: Update compatible dependencies
• dca2326 Merge pull request #6331 from clap-rs/renovate/j178-prek-action-2.x
• 54bdaa3 chore(deps): Update j178/prek-action action to v2
• f0d30d9 chore: Release
• Additional commits viewable in compare view

Updates tokio from 1.51.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

• runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

• io: AioSource::register_borrowed for I/O safety support (#7992)
• net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

• runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)
• taskdump: add trace_with() for customized task dumps (#8025)
• taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)
• fs: support io_uring in AsyncRead for File (#7907)

... (truncated)

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Updates aws-sdk-sts from 1.101.0 to 1.102.0

Commits

• See full diff in compare view

Updates comfy-table from 7.1.4 to 7.2.2

Release notes

Sourced from comfy-table's releases.

v7.2.2

[7.2.2] - 2026-01-13

Fix

• Minor performance improvements
• Fixed an edge-case, where multiple LowerBoundary constraints weren't uphold.
• Fixed an issue where tables were misformatted when no vertical border styling was specified. #198

[7.2.1] - 2025-09-11

Misc

• Adjust a single test case to not fail in 0x0 sized tty-environments. !186

v7.2.0

[7.2.0] - 2025-08-25

Chore

• Switch to Rust 2024 edition. This bumps the MSRV to 1.85 and thereby no longer supports the wasm32-wasi target.

Fix

• Also update the crossterm dependency to 0.29 for windows !181.

Changelog

Sourced from comfy-table's changelog.

[7.2.2] - 2026-01-13

Fix

• Minor performance improvements
• Fixed an edge-case, where multiple LowerBoundary constraints weren't uphold.
• Fixed an issue where tables were misformatted when no vertical border styling was specified. #198

[7.2.1] - 2025-09-11

Misc

• Adjust a single test case to not fail in 0x0 sized tty-environments. !186

[7.2.0] - 2025-08-25

Chore

• Switch to Rust 2024 edition. This bumps the MSRV to 1.85 and thereby no longer supports the wasm32-wasi target.

Fix

• Also update the crossterm dependency to 0.29 for windows !181.

Commits

• 9040cd2 chore: Release comfy-table version 7.2.2
• 51f69f6 docs: Prepare changelog for release
• 2c697e1 Merge pull request #201 from Nukesor/fix-cell-verticl-styling
• 4bc64ad fix: Cell formatting without any vertical styling
• dda03a0 meta: LLM contribution guidelines
• f1aa156 meta: Add AGENTS.md
• d01e3d5 Merge pull request #200 from Nukesor/tests
• 053f7c9 chore: Format codebase with nightly rules
• 78e8f46 fix: Split doesn't result in violation of lower boundary
• 68c307c fix: Successive lower boundary constraints
• Additional commits viewable in compare view

Updates chrono from 0.4.44 to 0.4.45

Release notes

Sourced from chrono's releases.

0.4.45

What's Changed

• fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow by @​SAY-5 in chronotope/chrono#1787
• tz_data: fix tzdata locations on Android by @​caruschalalamove in chronotope/chrono#1789

Commits

• 1703382 Prepare 0.4.45 release
• 881f9ab tz_data: fix tzdata locations on Android
• f14ead4 fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow
• c6063e6 Update similar-asserts requirement from 1.6.1 to 2.0.0
• 120686c Bump codecov/codecov-action from 5 to 6
• See full diff in compare view

Updates uuid from 1.13.1 to 1.23.3

Release notes

Sourced from uuid's releases.

v1.23.3

What's Changed

• Fix up parser panic on empty input by @​KodrAus in uuid-rs/uuid#886
• Prepare for 1.23.3 release by @​KodrAus in uuid-rs/uuid#887

Full Changelog: uuid-rs/uuid@v1.23.2...v1.23.3

v1.23.2

What's Changed

• Improve error messages for ambiguous formats by @​KodrAus in uuid-rs/uuid#882
• Prepare for 1.23.2 release by @​KodrAus in uuid-rs/uuid#883

Full Changelog: uuid-rs/uuid@v1.23.1...v1.23.2

v1.23.1

What's Changed

• Remove deprecated msrv feature from wasm-bindgen dependency by @​guybedford in uuid-rs/uuid#877
• fix: Timestamp::from_gregorian deprecation note by @​aznashwan in uuid-rs/uuid#878
• Prepare for 1.23.1 release by @​KodrAus in uuid-rs/uuid#879

New Contributors

• @​guybedford made their first contribution in uuid-rs/uuid#877
• @​aznashwan made their first contribution in uuid-rs/uuid#878

Full Changelog: uuid-rs/uuid@v1.23.0...v1.23.1

v1.23.0

What's Changed

• feat: add support for 'hyphenated' format in the serde module by @​FrenchDilettante in uuid-rs/uuid#865
• Fix a number of bugs in time-related code by @​KodrAus in uuid-rs/uuid#872
• Reword invalid char error message by @​KodrAus in uuid-rs/uuid#873
• Impl cleanups by @​KodrAus in uuid-rs/uuid#874
• Use LazyLock to synchronize v1/v6 context initialization by @​KodrAus in uuid-rs/uuid#875
• Prepare for 1.23.0 release by @​KodrAus in uuid-rs/uuid#876

New Contributors

• @​FrenchDilettante made their first contribution in uuid-rs/uuid#865

Special thanks

@​meng-xu-cs raised a series of bugs against the timestamp logic in uuid using automated tooling. The issues themselves were reasonably and responsibly presented and the end result is a better uuid library for everyone. Thanks!

Deprecations

This release includes the following deprecations:

• Context: Renamed to ContextV1
• Timestamp::from_gregorian: Renamed to Timestamp::from_gregorian_time

... (truncated)

Commits

• 20da78b Merge pull request #887 from uuid-rs/cargo/v1.23.3
• 62232ca prepare for 1.23.3 release
• 2320c6a Merge pull request #886 from uuid-rs/fix/parser-panics
• 2d034d4 fix some invalid indexers on error reporting
• a8b9f14 update fuzz infra and run in CI
• d119657 Merge pull request #883 from uuid-rs/cargo/v1.23.2
• 0651cfc prepare for 1.23.2 release
• e8dea0c Merge pull request #882 from uuid-rs/fix/error-msgs
• bdc429a fix up serde messages
• d4342e4 make indexes 0 based and fix up more error messages
• Additional commits viewable in compare view

Updates regex from 1.12.3 to 1.12.4

Changelog

Sourced from regex's changelog.

1.12.4 (2025-06-09)

This release includes a performance optimization for compilation of regexes with very large character classes.

Improvements:

• #1308: Avoid re-canonicalizing the entire interval set when pushing new class ranges.

Commits

• 7b96fdc 1.12.4
• 7b89cf0 deps: update to regex-syntax 0.8.11
• 1401679 regex-syntax-0.8.11
• d709000 changelog: 1.12.4
• 9825c74 syntax: avoid re-canonicalizing the entire IntervalSet on push (#1308)
• a7f2ff6 docs: clarify regex-lite word boundaries
• 2c7b172 docs: clarify unsupported Anchored::Pattern searches
• 839d16b regex-syntax-0.8.10
• c4865a0 syntax: fix negation handling in HIR translation
• d8761c0 cargo: also include benches
• Additional commits viewable in compare view

Updates tar from 0.4.45 to 0.4.46

Release notes

Sourced from tar's releases.

0.4.46

Security

• archive: Fix another PAX header desync (GHSA-3cv2-h65g-fgmm) by @​cgwalters in composefs/tar-rs#454

See also GHSA-3cv2-h65g-fgmm

Other changes

• ci: Fix and re-enable reverse dependency testing by @​cgwalters in composefs/tar-rs#444
• Update astral-tokio-tar requirement from 0.5 to 0.6 by @​dependabot[bot] in composefs/tar-rs#446
• Update some links by @​atouchet in composefs/tar-rs#445
• Add support of absolute paths by @​zxvfc in composefs/tar-rs#426
• docs: Expand notes on concurrent mutations and following symlinks by @​cgwalters in composefs/tar-rs#453
• Update repo links by @​cgwalters in composefs/tar-rs#451
• ci: Add crates.io trusted publishing workflow by @​cgwalters in composefs/tar-rs#456
• Release 0.4.46 by @​cgwalters in composefs/tar-rs#455

New Contributors

• @​dependabot[bot] made their first contribution in composefs/tar-rs#446
• @​atouchet made their first contribution in composefs/tar-rs#445
• @​zxvfc made their first contribution in composefs/tar-rs#426

Full Changelog: composefs/tar-rs@0.4.45...0.4.46

Commits

• fc459c1 Release 0.4.46
• 43e05a8 ci: Add crates.io trusted publishing workflow
• bba5666 Update repo links
• cd94c46 docs: Document TOCTOU / concurrent-mutation threat model
• 1b4997c builder: Expand docs for follow_symlinks and append_dir_all
• bab14dd archive: Fix another PAX header desync (GHSA-3cv2-h65g-fgmm)
• 2349b49 Add support of absolute paths
• 39d0311 Update some links
• 59d803e Update astral-tokio-tar requirement from 0.5 to 0.6
• 8296b9a ci: Fix and re-enable reverse dependency testing (#444)
• See full diff in compare view

Updates mockito from 1.6.1 to 1.7.2

Release notes

Sourced from mockito's releases.

1.7.2

• Update to reqwest 0.13 by @​tottoto in lipanski/mockito#223
• Allow returning a different status code based on a request by @​songokas in lipanski/mockito#224

1.7.1

• Add headers method to Request struct by @​gustavomedeiross in lipanski/mockito#220
• Optimize body matching by checking binary match before UTF-8 conversion by @​Abimael10 in lipanski/mockito#221
• Refactor response body by @​tottoto in lipanski/mockito#222

1.7.0

• Make parking_lot optional
• Update rand crate to v0.9
• Allow colored crate v3

Thanks to @​tottoto @​nerodono

Commits

• 2e16acf Bump to 1.7.2
• e404bdf Update docs
• e2c1692 Merge pull request #224 from songokas/status-code-from-request
• 86596b7 Allow returning a different status code based on a request
• 4a70878 Merge pull request #223 from tottoto/update-to-reqwest-0.13
• 35fccfb Update to reqwest 0.13
• 7f00a9c Bump to 1.7.1
• dff2b36 Bump to 1.7.0
• 9f776f9 Merge pull request #222 from tottoto/refactor-response-body
• 89c0121 Refactor response body
• Additional commits viewable in compare view

Updates tempfile from 3.14.0 to 3.27.0

Changelog

Sourced from tempfile's changelog.

3.27.0

This release adds TempPath::try_from_path and deprecates TempPath::from_path.

Prior to this release, TempPath::from_path made no attempts to convert relative paths into absolute paths. The following code would have deleted the wrong file:

let tmp_path = TempPath::from_path("foo")
std::env::set_current_dir("/some/other/path").unwrap();
drop(tmp_path);

Now:

1. TempPath::from_path will attempt to convert relative paths into absolute paths. However, this isn't always possible as we need to call std::env::current_dir, which can fail. If we fail to convert the relative path to an absolute path, we simply keep the relative path.
2. The TempPath::try_from_path behaves exactly like TempPath::from_path, except that it returns an error if we fail to convert a relative path into an absolute path (or if the passed path is empty).

Neither function attempt to verify the existence of the file in question.

Thanks to @​meng-xu-cs for reporting this issue.

3.26.0

• Support NamedTempFile::persist on RedoxOS (#393) (thanks to @​Andy-Python-Programmer).

3.25.0

• Allow getrandom 0.4.x while retaining support for getrandom 0.3.x.

3.24.0

• Actually support WASIp2 without the nightly feature. This library is now feature complete on WASIp2 without any additional feature flags.
• Exclude CI scripts from the published crate.

3.23.0

• Remove need for the "nightly" feature to compile with "wasip2".

3.22.0

• Updated windows-sys requirement to allow version 0.61.x
• Remove unstable-windows-keep-open-tempfile feature.

3.21.0

• Updated windows-sys requirement to allow version 0.60.x

3.20.0

This release mostly unifies the behavior/capabilities around "keeping" temporary files:

... (truncated)

Commits

• 5c8fa12 chore: release 3.27.0
• e34e574 test: disable uds conflict test on redox
• 772c795 test: add CWD guards
• 2632fb9 fix: resolve relative paths when constructing TempPath
• 929a112 chore: release 3.26.0
• 29d6ac5 Add Redox OS CI (#394)
• 375067f doc(README): document supported platforms
• d353717 feat(redox): implement persist() (#393)
• 64114d7 Fix typos in documentation (#392)
• 9a38b8d chore: release 3.25.0
• Additional commits viewable in compare view

Updates assert_cmd from 2.0.14 to 2.2.2

Changelog

Sourced from assert_cmd's changelog.

[2.2.2] - 2026-05-11

Fixes

• Ensure #[track_caller] works for better panic messages

[2.2.1] - 2026-04-17

Internal

• Dependency update

[2.2.0] - 2026-03-10

Compatibility

• Change cargo_bin bad paths to panics

[2.1.3] - 2026-03-10

Fixes

• Un-deprecate cargo_bin

[2.1.2] - 2026-01-09

Fixes

• Add #[must_use] to help catch missing assertions

[2.1.1] - 2025-10-29

[2.1.0] - 2025-10-28

Compatibility

• Deprecated crate_name!() in favor of pkg_name!()
• Deprecated Command::cargo_bin, CommandCargoExt::cargo_bin, cargo_bin in favor of cargo_bin!, cargo_bin_cmd!

Features

• Provide cargo_bin_cmd!()
• Use pkg_name!() as a default parameter to cargo_bin!()

[2.0.17] - 2025-04-16

Features

• Add cargo::cargo_bin! which will work with Cargo's build-dir

... (truncated)

Commits

• feece89 chore: Release assert_cmd version 2.2.2
• 367cdf7 docs: Update changelog
• a98cc85 Merge pull request #289 from marcospb19/track_caller
• cd2e167 fix: .success() not reporting panic location
• 45a1c74 chore(deps): Update Prek to v0.3.13 (#293)
• f1d9b5b chore(deps): Update Prek to v0.3.12 (#292)
• 1d34bab Merge pull request #291 from epage/template
• d9a70ad style: Make clippy happy
• 4f5b5af chore: Update from _rust template
• 1e1d586 chore(renovate): Fix the tag
• Additional commits viewable in compare view

Updates predicates from 3.0.4 to 3.1.4

Changelog

Sourced from predicates's changelog.

[3.1.4] - 2026-02-11

• Make BoxPredicate::find_case use the inner find_case implementation

[3.1.3] - 2024-12-19

Features

• The boxed function is now available for predicates with an Item type that is not Sized.

[3.1.2] - 2024-07-25

[3.1.1] - 2024-07-25

Compatibility

• Update MSRV to 1.74

[3.1.0] - 2024-01-15

Compatibility

• Update MSRV to 1.70.0

Internals

• Remove itertools

Commits

• f54f2cd chore: Release
• ce8099e Merge pull request #200 from rynoV/master
• 34d11de docs: Update changelog
• a03ae99 feat: Make BoxPredicate::find_case use the inner find_case
• 9b59897 test: Add test for BoxPredicate::find_case
• 45f4333 Merge pull request #201 from assert-rs/renovate/crate-ci-typos-1.x
• b9c965b chore(deps): Update pre-commit hook crate-ci/typos to v1.42.3
• 0d9cf08 Merge pull request #199 from epage/template
• 9968b8a chore: Update from _rust template
• e4f2b35 chore(ci): Update action
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions