build(deps): bump the patch group with 12 updates

[dependabot]

Bumps the patch group with 12 updates:

Package	From	To
serde	1.0.226	1.0.228
thiserror	2.0.16	2.0.17
axum	0.8.4	0.8.6
parking_lot	0.12.4	0.12.5
libsql	0.9.23	0.9.24
tokio-postgres	0.7.13	0.7.14
regex	1.11.2	1.11.3
libc	0.2.175	0.2.176
tokio-rustls	0.26.3	0.26.4
aws-lc-rs	1.14.0	1.14.1
multibase	0.9.1	0.9.2
axum-extra	0.10.1	0.10.3

Updates serde from 1.0.226 to 1.0.228

Release notes

Sourced from serde's releases.

v1.0.228

• Allow building documentation with RUSTDOCFLAGS='--cfg=docsrs' set for the whole dependency graph (#2995)

v1.0.227

• Documentation improvements (#2991)

Commits

• a866b33 Release 1.0.228
• 5adc9e8 Merge pull request #2995 from dtolnay/rustdocflags
• ab58178 Workaround for RUSTDOCFLAGS='--cfg=docsrs'
• 415d9fc Release 1.0.227
• 7c58427 Merge pull request #2991 from dtolnay/inlinecoredoc
• 9d3410e Merge pull request #2992 from dtolnay/inplaceseed
• 2fb6748 Remove InPlaceSeed public re-export
• f8137c7 Inline serde_core into serde in docsrs mode
• b7dbf7e Merge pull request #2990 from dtolnay/integer128
• 7c83691 No longer macro_use integer128 module
• Additional commits viewable in compare view

Updates thiserror from 2.0.16 to 2.0.17

Release notes

Sourced from thiserror's releases.

2.0.17

• Use differently named __private module per patch release (#434)

Commits

• 72ae716 Release 2.0.17
• 599fdce Merge pull request #434 from dtolnay/private
• 9ec05f6 Use differently named __private module per patch release
• d2c492b Raise minimum tested compiler to rust 1.76
• fc3ab95 Opt in to generate-macro-expansion when building on docs.rs
• 819fe29 Update ui test suite to nightly-2025-09-12
• 259f48c Enforce trybuild >= 1.0.108
• 470e6a6 Update ui test suite to nightly-2025-08-24
• 544e191 Update actions/checkout@v4 -> v5
• cbc1eba Delete duplicate cap-lints flag from build script
• See full diff in compare view

Updates axum from 0.8.4 to 0.8.6

Release notes

Sourced from axum's releases.

axum v0.8.5

• fixed: Reject JSON request bodies with trailing characters after the JSON document (#3453)
• added: Implement OptionalFromRequest for Multipart (#3220)
• added: Getter methods Location::{status_code, location}
• added: Support for writing arbitrary binary data into server-sent events (#3425)]
• added: middleware::ResponseAxumBodyLayer for mapping response body to axum::body::Body (#3469)
• added: impl FusedStream for WebSocket (#3443)
• changed: The sse module and Sse type no longer depend on the tokio feature (#3154)
• changed: If the location given to one of Redirects constructors is not a valid header value, instead of panicking on construction, the IntoResponse impl now returns an HTTP 500, just like Json does when serialization fails (#3377)
• changed: Update minimum rust version to 1.78 (#3412)

#3154: tokio-rs/axum#3154 #3220: tokio-rs/axum#3220 #3377: tokio-rs/axum#3377 #3412: tokio-rs/axum#3412 #3425: tokio-rs/axum#3425 #3443: tokio-rs/axum#3443 #3453: tokio-rs/axum#3453 #3469: tokio-rs/axum#3469

Commits

• c1bb9c3 Release axum 0.8.6 and related crates
• 4a50581 Update changelogs
• 5c76cfd Remove usage of the doc_auto_cfg feature (#3505)
• c720f56 Release axum-core v0.5.4
• 0c96ead Remove unused rustversion dependency of axum-core (#3502)
• a1d22f6 Release axum 0.8.5 and related crates
• ad2fd5b Update changelogs
• a0692f9 Reject JSON bodies with trailing chars (#3453)
• ae80850 Update to cargo-deny api version 2 (#3475)
• 651cc1e Remove unused link def
• Additional commits viewable in compare view

Updates parking_lot from 0.12.4 to 0.12.5

Changelog

Sourced from parking_lot's changelog.

parking_lot - 0.12.5 - 2025-09-30

• Bumped MSRV to 1.71
• Fixed Miri when the hardware-lock-elision feature is enabled (#491)
• Added missing into_arc(_fair) methods (#472)
• Fixed RawRwLock::bump_*() not releasing lock when there are multiple readers (#471)

parking_lot_core - 0.9.12 - 2025-09-30

• Bumped MSRV to 1.71
• Switched from windows-targets to windows-link. (#493)
• Replaced thread-id dependency with std::thread::ThreadId (#483)
• Added SGX implementation for ThreadParker.park_until (#481)

lock_api - 0.4.14 - 2025-09-30

• Fixed use of doc_cfg when building on docs.rs.
• Bumped MSRV to 1.71
• Added #[track_caller] where locking implementations could feasibly need to panic
• Added try_map_or_err to various mutex guards (#480)
• Removed unnecessary build script and autocfg dependency (#474)
• Added missing into_arc(_fair) methods (#472)

Commits

• d7828ff chore: release
• 73365ad Merge pull request #495 from mbrobbel/doc_auto_cfg
• 0b5585a Replace doc_auto_cfg with doc_cfg
• c7b7dc7 Merge pull request #493 from a1phyr/windows_link
• 07c2d40 Update MSRV to 1.71
• 345cf7a Switch from windows-targets to windows-link
• eeb186c Merge pull request #491 from AaronKutch/fix_assembly_on_miri
• a7d328e do not use elision on Miri even if feature is enabled
• 739d370 Merge pull request #487 from sola-contrib/replace-winapi
• ed4ae93 Replace winapi with windows-sys in benchmark crate
• Additional commits viewable in compare view

Updates libsql from 0.9.23 to 0.9.24

Commits

• 268d169 0.9.23
• 5843ee5 bindings/c: Fix Android build (#2163)
• 0f54825 bindings/c: Fix Android build
• 76e5772 bindings/c: Don't forward empty encryption key string (#2162)
• 161c0af bindings/c: Don't forward empty encryption key string
• a57ad4a Bundle regexp (#2160)
• c6adb65 Merge branch 'main' into bundle-regexp
• b16577a rollback unnecessary changes
• a35fd1a add pcre2 header
• f37d0b0 add pcre2 sources
• Additional commits viewable in compare view

Updates tokio-postgres from 0.7.13 to 0.7.14

Release notes

Sourced from tokio-postgres's releases.

tokio-postgres v0.7.14

Added

• Added support for jiff v0.2.
• Added support for bit-vec versions v0.7 and v0.8.
• Re-exported fallible-iterator
• Expose sync rollback as a private API method

Fixes

• Changed set_tcp_user_timeout to only be called when enabled

Changed

• Updated repository links to use rust-postgres organization.
• Upgraded to Rust 2021 edition.
• Upgraded phf to v0.13
• Upgraded socket2 to v0.6
• Disabled default features of futures-util

Commits

• 53a929e Release tokio-postgres v0.7.14
• 683a306 Release postgres-types v0.2.10
• cb2ba1c Release postgres-protocol v0.6.9
• a6a0d53 Release postgres-derive v0.4.7
• 429b76b Merge pull request #1275 from rust-postgres/paolobarbolini/switch-to-dtolnay-...
• 6add4c2 chore(ci): switch to dtolnay/rust-toolchain
• 8364bb2 Merge pull request #1274 from rust-postgres/paolobarbolini/regen-sql-state-map
• 6811c01 chore(tokio-postgres): regenerate SQLSTATE_MAP
• dfcb6af Merge pull request #1248 from duarten/duarte/fallible-rexport
• 4c3390f Re-export FallibleIterator from tokio-postgres
• Additional commits viewable in compare view

Updates regex from 1.11.2 to 1.11.3

Changelog

Sourced from regex's changelog.

1.11.3 (2025-09-25)

This is a small patch release with an improvement in memory usage in some cases.

Improvements:

• [BUG #1297](rust-lang/regex#1297): Improve memory usage by trimming excess memory capacity in some spots.

Commits

• ef1c2c3 1.11.3
• ad5cd6c deps: bump regex-automata
• ee69d9e changelog: 1.11.3
• 159fa3e regex-automata-0.4.11
• 02a62ba automata: call Vec::shrink_to_fit in a few strategic places
• a76e0a0 cargo: exclude tests/fuzz from the package
• 19172cc style: inline formatting arguments
• 2695e29 ci: fix cross testing
• See full diff in compare view

Updates libc from 0.2.175 to 0.2.176

Release notes

Sourced from libc's releases.

0.2.176

Support

• The default FreeBSD version has been raised from 11 to 12. This matches rustc since 1.78. (#2406)
• Debug is now always implemented, rather than being gated behind the extra_traits feature. (#4624)

Added

• AIX: Restore some non-POSIX functions guarded by the _KERNEL macro. (#4607)
• FreeBSD 14: Add st_fileref to struct stat (#4642)
• Haiku: Add the accept4 POSIX call (#4586)
• Introduce a wrapper for representing padding (#4632)
• Linux: Add EM_RISCV (#4659)
• Linux: Add MS_NOSYMFOLLOW (#4389)
• Linux: Add backtrace_symbols(_fd) (#4668)
• Linux: Add missing SOL_PACKET optnames (#4669)
• Musl s390x: Add SYS_mseal (#4549)
• NuttX: Add __errno (#4687)
• Redox: Add dirfd, VDISABLE, and resource consts (#4660)
• Redox: Add more resource.h, fcntl.h constants (#4666)
• Redox: Enable strftime and mkostemp[s] (#4629)
• Unix, Windows: Add qsort_r (Unix), and qsort(_s) (Windows) (#4677)
• Unix: Add dlvsym for Linux-gnu, FreeBSD, and NetBSD (#4671)
• Unix: Add sigqueue (#4620)

Changed

• FreeBSD 15: Mark kinfo_proc as non-exhaustive (#4553)
• FreeBSD: Set the ELF symbol version for readdir_r (#4694)
• Linux: Correct the config for whether or not epoll_event is packed (#4639)
• Tests: Replace the old ctest with the much more reliable new implementation (#4655 and many related PRs)

Fixed

• AIX: Fix the type of the 4th arguement of getgrnam_r ([#4656](rust-lang/libc#4656
• FreeBSD: Limit P_IDLEPROC to FreeBSD 15 (#4640)
• FreeBSD: Limit mcontext_t::mc_tlsbase to FreeBSD 15 (#4640)
• FreeBSD: Update gating of mcontext_t.mc_tlsbase (#4703)
• Musl s390x: Correct the definition of statfs[64] (#4549)
• Musl s390x: Make fpreg_t a union (#4549)
• Redox: Fix the types of gid_t and uid_t (#4689)
• Redox: Fix the value of MAP_FIXED (#4684)

Deprecated

• Apple: Correct the deprecated attribute for iconv (a97a0b53)
• FreeBSD: Deprecate TIOCMGDTRWAIT and TIOCMSDTRWAIT (#4685)

Removed

... (truncated)

Changelog

Sourced from libc's changelog.

0.2.176 - 2025-09-23

Support

• The default FreeBSD version has been raised from 11 to 12. This matches rustc since 1.78. (#2406)
• Debug is now always implemented, rather than being gated behind the extra_traits feature. (#4624)

Added

• AIX: Restore some non-POSIX functions guarded by the _KERNEL macro. (#4607)
• FreeBSD 14: Add st_fileref to struct stat (#4642)
• Haiku: Add the accept4 POSIX call (#4586)
• Introduce a wrapper for representing padding (#4632)
• Linux: Add EM_RISCV (#4659)
• Linux: Add MS_NOSYMFOLLOW (#4389)
• Linux: Add backtrace_symbols(_fd) (#4668)
• Linux: Add missing SOL_PACKET optnames (#4669)
• Musl s390x: Add SYS_mseal (#4549)
• NuttX: Add __errno (#4687)
• Redox: Add dirfd, VDISABLE, and resource consts (#4660)
• Redox: Add more resource.h, fcntl.h constants (#4666)
• Redox: Enable strftime and mkostemp[s] (#4629)
• Unix, Windows: Add qsort_r (Unix), and qsort(_s) (Windows) (#4677)
• Unix: Add dlvsym for Linux-gnu, FreeBSD, and NetBSD (#4671)
• Unix: Add sigqueue (#4620)

Changed

• FreeBSD 15: Mark kinfo_proc as non-exhaustive (#4553)
• FreeBSD: Set the ELF symbol version for readdir_r (#4694)
• Linux: Correct the config for whether or not epoll_event is packed (#4639)
• Tests: Replace the old ctest with the much more reliable new implementation (#4655 and many related PRs)

Fixed

• AIX: Fix the type of the 4th arguement of getgrnam_r ([#4656](rust-lang/libc#4656
• FreeBSD: Limit P_IDLEPROC to FreeBSD 15 (#4640)
• FreeBSD: Limit mcontext_t::mc_tlsbase to FreeBSD 15 (#4640)
• FreeBSD: Update gating of mcontext_t.mc_tlsbase (#4703)
• Musl s390x: Correct the definition of statfs[64] (#4549)
• Musl s390x: Make fpreg_t a union (#4549)
• Redox: Fix the types of gid_t and uid_t (#4689)
• Redox: Fix the value of MAP_FIXED (#4684)

Deprecated

• Apple: Correct the deprecated attribute for iconv (a97a0b53)
• FreeBSD: Deprecate TIOCMGDTRWAIT and TIOCMSDTRWAIT (#4685)

Removed

... (truncated)

Commits

• 15e1389 chore: Release libc 0.2.176
• 6ca5571 Warn on missing debug implementations
• e653c54 cleanup: Remove the const_fn! macro
• e447441 cleanup: Simplify the syntax of f! and similar macros
• 776a614 cleanup: Use target_vendor = "apple"
• d32f60d doc: Remove an unneeded link to the old ctest repo
• 8c8584b Resolve a ctest FIXME regarding use of size_of in array lengths
• 09c8436 Remove the libc_ctest feature
• fd3ffe4 Remove libc_const_extern_fn
• 9b77a49 Add a note about why Padding requires T: Copy
• Additional commits viewable in compare view

Updates tokio-rustls from 0.26.3 to 0.26.4

Release notes

Sourced from tokio-rustls's releases.

0.26.4

What's Changed

• Add TLS certificate compression features by @​manifest in rustls/tokio-rustls#130

Commits

• 0c14e14 Bump version to 0.26.4
• 9074308 Add TLS certificate compression features
• 7ee318d build(deps): bump seanmiddleditch/gha-setup-ninja from 4 to 6
• 6f740df build(deps): bump rcgen from 0.14.4 to 0.14.5
• dc01fcd build(deps): bump actions/checkout from 3 to 5
• fb76ce3 Add Dependabot configuration
• See full diff in compare view

Updates aws-lc-rs from 1.14.0 to 1.14.1

Release notes

Sourced from aws-lc-rs's releases.

aws-lc-rs v1.14.1

What's Changed

• Align aws-lc-sys v0.32.0 w/ AWS-LC v1.61.2 by @​justsmth in aws/aws-lc-rs#884
  • New aarch64 SHA3 now enabled w/ build fix by @​justsmth in aws/aws-lc-rs#878
  • CPU Jitter entropy is now used for non-FIPS builds. This can add a few milliseconds of latency when a process forks, but otherwise should have minimal effect on latency.
• Impl of common traits for ParsedPublicKey by @​justsmth in aws/aws-lc-rs#879
• impl AsDer<PublicKeyX509Der<'static>> for ParsedPublicKey by @​justsmth in aws/aws-lc-rs#885

Issues Being Resolved

• "Cross" cross compiler fails in GitHub action building aws-lc-sys for aarch64-unknown-linux-gnu (ARMv8) -- #889
• iOS Simulator build fails: 'arm64-apple-ios-sim' target invalid -- #761
• Add way to pre-parse signature keys (i.e. turn signature::UnparsedPublicKey to PublicKey) -- #849

Other Merged PRs

• Update to aws-lc-fips-sys v0.13.8 by @​justsmth in aws/aws-lc-rs#883
• Fix MSRV CI - libloading by @​justsmth in aws/aws-lc-rs#888
• Bump version to v1.14.1 by @​justsmth in aws/aws-lc-rs#893
• Fix CI - prebuilt NASM by @​justsmth in aws/aws-lc-rs#886
• Fix publish script by @​justsmth in aws/aws-lc-rs#880
• More arm64 targets in CI by @​justsmth in aws/aws-lc-rs#877

Full Changelog: aws/aws-lc-rs@v1.14.0...v1.14.1

Commits

• ee368e0 Bump version to v1.14.1 (#893)
• 4f45d3d impl AsDer<PublicKeyX509Der<'static>> for ParsedPublicKey (#885)
• 4895a79 Fix MSRV CI - libloading (#888)
• d120394 Align aws-lc-sys v0.32.0 w/ AWS-LC v1.61.2 (#884)
• 5153ad3 Fix CI - prebuilt NASM (#886)
• 4464454 Update to aws-lc-fips-sys v0.13.8 (#883)
• ab1ab3d Common traits for ParsedPublicKey (#879)
• 520bb36 Fix publish script (#880)
• fcd2ba0 Guard NEON+SHA3 s2n-bignum assembly (#878)
• 88c7f50 More arm64 targets in CI (#877)
• See full diff in compare view

Updates multibase from 0.9.1 to 0.9.2

Commits

• eba2f98 chore: Release
• 5a07de3 Include Cargo.lock for reproducible builds (#107)
• 75f29a0 feat: allow cli/ tool to read data from stdin (#108)
• ea6c3a9 chore: update criterion
• 9199a08 chore(deps): bump actions/checkout from 4 to 5
• 7886e1c ci: uci/copy-templates (#105)
• 40cc58b Merge pull request #104 from multiformats/dependabot/cargo/rand-0.9
• 365315d cargo clippy
• 87b1d40 Merge pull request #103 from multiformats/dependabot/github_actions/codecov/c...
• 238c86f chore(deps): update rand requirement from 0.8 to 0.9
• Additional commits viewable in compare view

Updates axum-extra from 0.10.1 to 0.10.3

Release notes

Sourced from axum-extra's releases.

axum-extra v0.10.2

• added: Implement OptionalFromRequest for Host (#3177)

#3177: tokio-rs/axum#3177

Commits

• c1bb9c3 Release axum 0.8.6 and related crates
• 4a50581 Update changelogs
• 5c76cfd Remove usage of the doc_auto_cfg feature (#3505)
• c720f56 Release axum-core v0.5.4
• 0c96ead Remove unused rustversion dependency of axum-core (#3502)
• a1d22f6 Release axum 0.8.5 and related crates
• ad2fd5b Update changelogs
• a0692f9 Reject JSON bodies with trailing chars (#3453)
• ae80850 Update to cargo-deny api version 2 (#3475)
• 651cc1e Remove unused link def
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions