build(deps): bump the cargo group across 1 directory with 11 updates

[dependabot]

Bumps the cargo group with 11 updates in the / directory:

Package	From	To
anyhow	1.0.100	1.0.101
chrono	0.4.42	0.4.43
clap	4.5.54	4.5.57
colored	3.0.0	3.1.1
quick-xml	0.38.4	0.39.0
regex	1.12.2	1.12.3
reqwest	0.13.1	0.13.2
mockito	1.7.1	1.7.2
pyo3	0.27.2	0.28.0
napi	3.8.1	3.8.2
napi-derive	3.5.0	3.5.1

Updates anyhow from 1.0.100 to 1.0.101

Release notes

Sourced from anyhow's releases.

1.0.101

• Add #[inline] to anyhow::Ok helper (#437, thanks @​Ibitier)

Commits

• 80bfe29 Release 1.0.101
• dff8c43 Merge pull request #437 from Ibitier/inline-ok-helper
• 85d9ea9 Add #[inline] to anyhow::Ok helper
• 54036cc Update ui test suite to nightly-2026-01-21
• cce0579 Update actions/upload-artifact@v5 -> v6
• f2c598c Update actions/upload-artifact@v4 -> v5
• 2c0bda4 Update to 2021 edition
• 0d82268 Remove rustc version requirement from readme
• 67df012 Merge pull request #436 from dtolnay/up
• c898488 Raise required compiler to Rust 1.68
• Additional commits viewable in compare view

Updates chrono from 0.4.42 to 0.4.43

Release notes

Sourced from chrono's releases.

0.4.43

What's Changed

• Install extra components for lint workflow by @​djc in chronotope/chrono#1741
• Upgrade windows-bindgen to 0.64 by @​djc in chronotope/chrono#1742
• Improve windows-bindgen setup by @​djc in chronotope/chrono#1744
• Drop stabilized feature doc_auto_cfg by @​djc in chronotope/chrono#1745
• Faster RFC 3339 parsing by @​djc in chronotope/chrono#1748
• Update windows-bindgen requirement from 0.64 to 0.65 by @​dependabot[bot] in chronotope/chrono#1751
• add NaiveDate::abs_diff by @​Kinrany in chronotope/chrono#1752
• Add feature gated defmt support. by @​pebender in chronotope/chrono#1747
• Drop deny lints, eager Debug impls are a mixed blessing by @​djc in chronotope/chrono#1753
• chore: minor improvement for docs by @​spuradage in chronotope/chrono#1756
• Added doctest for the NaiveDate years_since function by @​LucasBou in chronotope/chrono#1755
• Prepare 0.4.43 by @​djc in chronotope/chrono#1765
• Update copyright year to 2026 in LICENSE.txt by @​taozui472 in chronotope/chrono#1767

Commits

• 45caaa9 Update copyright year to 2026 in LICENSE.txt
• 1c0b8f0 Bump version to 0.4.43
• a03e43b Upgrade windows-bindgen to 0.66
• 4fedaba Ignore bincode advisory
• f4b7bbd Bump actions/checkout from 5 to 6
• db12973 Added doctest for the NaiveDate years_since function (#1755)
• 34b5f49 chore: minor improvement for docs
• 8c82711 Bump actions/setup-node from 5 to 6
• ea1f11b Drop deny lints, eager Debug impls are a mixed blessing
• 35f9f2d Add feature gated defmt support.
• Additional commits viewable in compare view

Updates clap from 4.5.54 to 4.5.57

Release notes

Sourced from clap's releases.

v4.5.57

[4.5.57] - 2026-02-03

Fixes

• Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

v4.5.56

[4.5.56] - 2026-01-29

Fixes

• On conflict error, don't show conflicting arguments in the usage

v4.5.55

[4.5.55] - 2026-01-27

Fixes

• Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

Changelog

Sourced from clap's changelog.

[4.5.57] - 2026-02-03

Fixes

• Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

[4.5.56] - 2026-01-29

Fixes

• On conflict error, don't show conflicting arguments in the usage

[4.5.55] - 2026-01-27

Fixes

• Fix inconsistency in precedence between positionals with a value_terminator("--") and escapes (--) where ./foo -- bar means the first arg is empty, rather than escaping future args

Commits

• 69c0ddb chore: Release
• 8206bba docs: Update changelog
• c109d67 Merge pull request #6104 from epage/hide
• 9d7f212 fix(complete): Hide dot files on dynamic completer
• 77b3fdb test(complete): Show dot file behavior
• f89b9b8 test(derive): Make stable across upgrade
• 58eb8a9 chore: Release
• 10a2a75 docs: Update changelog
• a42eebf Merge pull request #6103 from epage/mut_subcommands
• 5335f54 feat: Add Command::mut_subcommands
• Additional commits viewable in compare view

Updates colored from 3.0.0 to 3.1.1

Changelog

Sourced from colored's changelog.

Unreleased

• Added methods ansi_color and on_ansi_color to Colorize.

Commits

• 5204a26 3.1.1
• 49392a3 Limit to 5 keywords
• b791685 3.1.0
• 9a83121 Allow windows-sys 0.61 to be used (#218)
• 192598d Clean up Colorize trait
• ec013ae chore: minor improvement for docs (#212)
• 5bc198b Replace 'ansi_term' dev-dependency with 'ansiterm' (#209)
• a21367d Allow windows-sys 0.60 to be used (#206)
• 9450fea Fix clippy warning (#207)
• 68761c1 README: use the latest v3.0 version for example (#204)
• Additional commits viewable in compare view

Updates quick-xml from 0.38.4 to 0.39.0

Release notes

Sourced from quick-xml's releases.

v0.39.0 - Config for Writer

What's Changed

Added a way to configure Writer. Now all configuration is contained in the writer::Config struct and can be applied at once. When serde-types feature is enabled, configuration is serializable.

New Features

• #846: Add methods config() and config_mut() to inspect and change the writer configuration.
• #846: Add ability to write space before /> in self-closed tags for maximum compatibility with XHTML.
• #846: Add method empty_element_handling() as a more powerful alternative to expand_empty_elements() in Serializer.
• #929: Allow to pass list of field names to impl_deserialize_for_internally_tagged_enum! macro which is required if you enum variants contains $value fields.

Bug Fixes

• #923: Implement correct skipping of well-formed DTD.

Misc Changes

• #908: Increase minimal supported serde version from 1.0.139 to 1.0.180.
• #913: Deprecate .prefixes(), .resolve(), .resolve_attribute(), and .resolve_element() of NsReader. Use .resolver().bindings() and .resolver().resolve() methods instead.
• #913: Attributes::has_nil now accepts NamespaceResolver instead of Reader<R>.
• #924: (breaking change) Split SyntaxError::UnclosedPIOrXmlDecl into UnclosedPI and UnclosedXmlDecl for more precise error reporting.
• #924: (breaking change) Parser::eof_error now takes &self and content &[u8] parameters.
• #926: (breaking change) Split SyntaxError::UnclosedTag into UnclosedTag, UnclosedSingleQuotedAttributeValue and UnclosedDoubleQuotedAttributeValue for more precise error reporting.

#846: tafia/quick-xml#846 #908: tafia/quick-xml#908 #913: tafia/quick-xml#913 #923: tafia/quick-xml#923 #924: tafia/quick-xml#924 #926: tafia/quick-xml#926 #929: tafia/quick-xml#929

New Contributors

• @​rzmk made their first contribution in tafia/quick-xml#920
• @​zrneely made their first contribution in tafia/quick-xml#922
• @​SuchAFuriousDeath made their first contribution in tafia/quick-xml#924
• @​tayu0110 made their first contribution in tafia/quick-xml#925

Full Changelog: tafia/quick-xml@v0.38.4...v0.39.0

Changelog

Sourced from quick-xml's changelog.

0.39.0 -- 2026-01-11

Added a way to configure Writer. Now all configuration is contained in the writer::Config struct and can be applied at once. When serde-types feature is enabled, configuration is serializable.

New Features

• #846: Add methods config() and config_mut() to inspect and change the writer configuration.
• #846: Add ability to write space before /> in self-closed tags for maximum compatibility with XHTML.
• #846: Add method empty_element_handling() as a more powerful alternative to expand_empty_elements() in Serializer.
• #929: Allow to pass list of field names to impl_deserialize_for_internally_tagged_enum! macro which is required if you enum variants contains $value fields.

Bug Fixes

• #923: Implement correct skipping of well-formed DTD.

Misc Changes

• #908: Increase minimal supported serde version from 1.0.139 to 1.0.180.
• #913: Deprecate .prefixes(), .resolve(), .resolve_attribute(), and .resolve_element() of NsReader. Use .resolver().bindings() and .resolver().resolve() methods instead.
• #913: Attributes::has_nil now accepts NamespaceResolver instead of Reader<R>.
• #924: (breaking change) Split SyntaxError::UnclosedPIOrXmlDecl into UnclosedPI and UnclosedXmlDecl for more precise error reporting.
• #924: (breaking change) Parser::eof_error now takes &self and content &[u8] parameters.
• #926: (breaking change) Split SyntaxError::UnclosedTag into UnclosedTag, UnclosedSingleQuotedAttributeValue and UnclosedDoubleQuotedAttributeValue for more precise error reporting.

#846: tafia/quick-xml#846 #908: tafia/quick-xml#908 #913: tafia/quick-xml#913 #923: tafia/quick-xml#923 #924: tafia/quick-xml#924 #926: tafia/quick-xml#926 #929: tafia/quick-xml#929

Commits

• 6242da0 Release 0.39.0
• 549bb09 Disable tests for documents that are not supported by rxml
• 2c19dfd Run cargo fmt in compare project
• 5fc5a16 Fix misprint in benchmark name
• ba6b9c5 Update xml5ever & markup5even: 0.36 -> 0.37
• 70208da Fix not updated internal documentation link after #922
• 0bfface Fix misprint in error message
• 9f6babb Merge pull request #932 from Mingun/unclosed-attr-error
• 229d84c Split SyntaxError::UnclosedTag into UnclosedTag, `UnclosedSingleQuotedAtt...
• f869d0e Merge pull request #931 from Mingun/benches
• Additional commits viewable in compare view

Updates regex from 1.12.2 to 1.12.3

Changelog

Sourced from regex's changelog.

1.12.3 (2025-02-03)

This release excludes some unnecessary things from the archive published to crates.io. Specifically, fuzzing data and various shell scripts are now excluded. If you run into problems, please file an issue.

Improvements:

• #1319: Switch from a Cargo exclude list to an include list, and exclude some unnecessary stuff.

Commits

• b028e4f 1.12.3
• 5e195de regex-automata-0.4.14
• a3433f6 regex-syntax-0.8.9
• 0c07fae regex-lite-0.1.9
• 6a81006 cargo: exclude development scripts and fuzzing data
• 4733e28 automata: fix onepass::DFA::try_search_slots panic when too many slots are ...
• See full diff in compare view

Updates reqwest from 0.13.1 to 0.13.2

Changelog

Sourced from reqwest's changelog.

v0.13.2

• Fix HTTP/2 and native-tls ALPN feature combinations.
• Fix HTTP/3 to send h3 ALPN.
• (wasm) fix RequestBuilder::json() from override previously set content-type.

Commits

• ad83b63 v0.13.2
• c25f3db chore: Add Windows and Linux arm64 to CI (#2960)
• 761b89e chore: upgrade wasm-streams to v0.5 (#2958)
• fd2d507 fix(wasm): custom content-type overidden by json method for wasm (#2908)
• 23eb7d4 chore: update copyright year to 2026 (#2943)
• 10c31c2 fix(http3): specify h3 alpn for http3 connector (#2929)
• 8530ec3 docs: native-tls-alpn has changed to native-tls-no-alpn (#2940)
• 04a216f chore(deps): remove unused webpki-roots and rustls-native-certs (#2932)
• 406b59e fix http2 feature is not enabled for native-tls ALPN (#2927)
• 325a020 Update readme for 0.13 (#2926)
• Additional commits viewable in compare view

Updates mockito from 1.7.1 to 1.7.2

Release notes

Sourced from mockito's releases.

1.7.2

• Update to reqwest 0.13 by @​tottoto in lipanski/mockito#223
• Allow returning a different status code based on a request by @​songokas in lipanski/mockito#224

Commits

• 2e16acf Bump to 1.7.2
• e404bdf Update docs
• e2c1692 Merge pull request #224 from songokas/status-code-from-request
• 86596b7 Allow returning a different status code based on a request
• 4a70878 Merge pull request #223 from tottoto/update-to-reqwest-0.13
• 35fccfb Update to reqwest 0.13
• See full diff in compare view

Updates pyo3 from 0.27.2 to 0.28.0

Release notes

Sourced from pyo3's releases.

PyO3 0.28.0

This release contains many improvements across PyO3's feature set:

• Proper support for __init__ methods for #[pyclass] types
• Support for #[deleter]s to complement the existing #[getter] and #[setter] attributes when implementing class "properties".
• Support for subclassing many Python types with the abi3 feature (requires Python 3.12+).
• A new #[pyclass(new = "from_fields")] option to automatically define the constructor from the class fields.
• Many corrections to FFI definitions (including removal of many private CPython methods)
• Many improvements to the experimental-inspect feature's functionality.

The minimum supported Rust version has been increased to Rust 1.83.

This release also switches #[pymodule] to use PEP 489 multi-phase initialization internally. This should have no immediate functional impact other than preparing PyO3 to support newer technologies such as Python subinterpreters.

There are also many other incremental improvements, bug fixes and smaller features; full detail can be found in the CHANGELOG.

Please consult the migration guide for help upgrading.

Thank you to everyone who contributed code, documentation, design ideas, bug reports, and feedback. The following contributors' commits are included in this release:

@​ABorgna @​ahlinc @​alex @​altendky @​bazaah @​bschoenmaeckers @​chirizxc @​clin1234 @​davidhewitt @​dependabot[bot] @​freakboy3742 @​henryp3278 @​Icxolu @​lazka @​LilyFirefly @​linkmauve @​lmmx @​lukaslueg @​MatthieuDartiailh @​MusicalNinjaDad @​ngoldbaum @​pkalivas @​reaperhulk @​RedKinda @​SilasMarvin @​SoroushMoosapour @​stijndcl @​tpoliaw @​Tpt

Changelog

Sourced from pyo3's changelog.

[0.28.0] - 2026-02-01

Packaging

• Bump MSRV to Rust 1.83. #5531
• Bump minimum supported quote version to 1.0.37. #5531
• Bump supported GraalPy version to 25.0. #5542
• Drop memoffset dependency. #5545
• Support for free-threaded Python is now opt-out rather than opt-in. #5564
• Bump target-lexicon dependency to 0.13.3. #5571
• Drop indoc and unindent dependencies. #5608

Added

• Add __init__ support in #[pymethods]. #4951
• Expose PySuper on PyPy, GraalPy and ABI3 #4951
• Add PyString::from_fmt and py_format! macro. #5199
• Add #[pyclass(new = "from_fields")] option. #5421
• Add pyo3::buffer::PyUntypedBuffer, a type-erased form of PyBuffer<T>. #5458
• Add PyBytes::new_with_writer #5517
• Add PyClass::NAME. #5579
• Add pyo3_build_config::add_libpython_rpath_link_args. #5624
• Add PyBackedStr::clone_ref and PyBackedBytes::clone_ref methods. #5654
• Add PyCapsule::new_with_pointer and PyCapsule::new_with_pointer_and_destructor for creating capsules with raw pointers. #5689
• Add #[deleter] attribute to implement property deleters in #[methods]. #5699
• Add IntoPyObject and FromPyObject implementations for uuid::NonNilUuid. #5707
• Add PyBackedStr::as_str and PyBackedStr::as_py_str methods. #5723
• Add support for subclassing native types (PyDict, exceptions, ...) when building for abi3 on Python 3.12+. #5733
• Add support for subclassing PyList when building for Python 3.12+. #5734
• FFI definitions:
  • Add FFI definitions PyEval_GetFrameBuiltins, PyEval_GetFrameGlobals and PyEval_GetFrameLocals on Python 3.13 and up. #5590
  • Add FFI definitions PyObject_New, PyObject_NewVar, PyObject_GC_Resize, PyObject_GC_New, and PyObject_GC_NewVar. #5591
  • Added FFI definitions and an unsafe Rust API wrapping Py_BEGIN_CRITICAL_SECTION_MUTEX and Py_BEGIN_CRITICAL_SECTION_MUTEX2. #5642
  • Add FFI definition PyDict_GetItemStringRef on Python 3.13 and up. #5659
  • Add FFI definition PyIter_NextItem on Python 3.14 and up, and compat::PyIter_NextItem for older versions. #5661
  • Add FFI definitions PyThreadState_GetInterpreter and PyThreadState_GetID on Python 3.9+, PyThreadState_EnterTracing and PyThreadState_LeaveTracing on Python 3.11+, PyThreadState_GetUnchecked on Python 3.13+, and compat::PyThreadState_GetUnchecked. #5711
  • Add FFI definitions PyImport_ImportModuleAttr and PyImport_ImportModuleAttrString on Python 3.14+. #5737
  • Add FFI definitions for the PyABIInfo and PyModExport APIs available in Python 3.15. #5746
• experimental-inspect:
  • Emit base classes. #5331
  • Emit @typing.final on final classes. #5552
  • Generate nested classes for complex enums. #5708
  • Emit async keyword for async functions. #5731

Changed

• Call sys.unraisablehook instead of PyErr_Print if panicking on null FFI pointer in Bound, Borrowed and Py constructors. #5496
• Use PEP-489 multi-phase initialization for #[pymodule]. #5525
• Deprecate implicit by-value implementation of FromPyObject for #[pyclass]. #5550
• Deprecate PyTypeInfo::NAME and PyTypeInfo::MODULE. #5579

... (truncated)

Commits

• f0c1523 release: 0.28.0 (#5762)
• 278b54d ci: fix nightly warning of PyClassObjectContents privacy (#5767)
• f622301 add PyUntypedBuffer (#5458)
• aeeaf68 Implement auto_new attribute for #[pyclass] (#5421)
• 5578141 clean up error messages for Send / Sync requirements on #[pyclass] (#5750)
• 18aa0c2 docs: fix some sections in the migration guide (#5763)
• 8848c76 ci: run benchmarks on free-threaded build (#5760)
• d7c050c Fix missing return types in PyModExport API wrappers (#5764)
• 45f9f62 macros: rename PythonTypeHint into PyExpr (#5756)
• ae44f85 netlify: try marking canonical URLs for all files (#5761)
• Additional commits viewable in compare view

Updates napi from 3.8.1 to 3.8.2

Release notes

Sourced from napi's releases.

napi-v3.8.2

Fixed

• (napi) memory leak in async fn (#3089)
• (napi) implement TypeName for ArrayBuffer (#3087)

Commits

• 73cfbdb chore: release (#3088)
• e5423b3 chore(cli): add --version command (#3090)
• e51f320 fix(napi): memory leak in async fn (#3089)
• aa4ffb2 fix(napi): implement TypeName for ArrayBuffer (#3087)
• 87f3831 build(deps): bump qs from 6.14.0 to 6.14.1 (#3084)
• See full diff in compare view

Updates napi-derive from 3.5.0 to 3.5.1

Release notes

Sourced from napi-derive's releases.

napi-derive-v3.5.1

Other

• updated the following local packages: napi-derive-backend

Commits

• 73cfbdb chore: release (#3088)
• e5423b3 chore(cli): add --version command (#3090)
• e51f320 fix(napi): memory leak in async fn (#3089)
• aa4ffb2 fix(napi): implement TypeName for ArrayBuffer (#3087)
• 87f3831 build(deps): bump qs from 6.14.0 to 6.14.1 (#3084)
• e51ce82 chore(napi): release v3.8.1 (#3082)
• 42cb47a fix(napi): wasi debug compile error (#3081)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 96.90%. Comparing base (af0328a) to head (23d806c).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #262   +/-   ##
=======================================
  Coverage   96.90%   96.90%           
=======================================
  Files          14       14           
  Lines        3167     3167           
=======================================
  Hits         3069     3069           
  Misses         98       98           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.