Bump the cargo group across 1 directory with 8 updates

[dependabot]

Bumps the cargo group with 8 updates in the / directory:

Package	From	To
clap	4.5.32	4.5.35
git2	0.20.0	0.20.1
log	0.4.26	0.4.27
quick-xml	0.37.2	0.37.4
reqwest	0.12.12	0.12.15
tempfile	3.18.0	3.19.1
napi	2.16.16	2.16.17
napi-build	2.1.5	2.1.6

Updates clap from 4.5.32 to 4.5.35

Release notes

Sourced from clap's releases.

v4.5.35

[4.5.35] - 2025-04-01

Fixes

• (help) Align positionals and flags when put in the same help_heading
• (help) Don't leave space for shorts if there are none

v4.5.34

[4.5.34] - 2025-03-27

Fixes

• (help) Don't add extra blank lines with flatten_help(true) and subcommands without arguments

v4.5.33

[4.5.33] - 2025-03-26

Fixes

• (error) When showing the usage of a suggestion for an unknown argument, don't show the group

Changelog

Sourced from clap's changelog.

[4.5.35] - 2025-04-01

Fixes

• (help) Align positionals and flags when put in the same help_heading
• (help) Don't leave space for shorts if there are none

[4.5.34] - 2025-03-27

Fixes

• (help) Don't add extra blank lines with flatten_help(true) and subcommands without arguments

[4.5.33] - 2025-03-26

Fixes

• (error) When showing the usage of a suggestion for an unknown argument, don't show the group

Commits

• 55a18f5 chore: Release
• 3b05635 fix(complete): Ensure new enough clap is used
• 5d2cdac chore: Release
• f1c10eb docs: Update changelog
• a4d1a7f chore(ci): Take a break from template updates
• e95ed39 Merge pull request #5775 from vivienm/master
• 18f8d4c chore(deps): Update Rust Stable to v1.82 (#5788)
• f35d8e0 Merge pull request #5787 from epage/template
• 1389d7d chore: Update from '_rust/main' template
• dbc9faa chore(ci): Initialize git for template update
• Additional commits viewable in compare view

Updates git2 from 0.20.0 to 0.20.1

Changelog

Sourced from git2's changelog.

0.20.1 - 2025-03-17

0.20.0...0.20.1

Added

• Added Repository::branch_upstream_merge() #1131
• Added Index::conflict_get() #1134
• Added Index::conflict_remove() #1133
• Added opts::set_cache_object_limit() #1118
• Added Repo::merge_file_from_index() and associated MergeFileOptions and MergeFileResult. #1062

Changed

• The url dependency minimum raised to 2.5.4 #1128
• Changed the tracing callback to abort the process if the callback panics instead of randomly detecting the panic in some other function. #1121
• Credential helper config (loaded with CredentialHelper::config) now checks for helpers that start with something that looks like an absolute path, rather than checking for a / or \ anywhere in the helper string (which resolves an issue if the helper had arguments with / or \). #1137

Fixed

• Fixed panic in Remote::url_bytes if the url is empty. #1120
• Fixed incorrect lifetimes on Patch::delta, Patch::hunk, and Patch::line_in_hunk. The return values must not outlive the Patch. #1141
• Bumped requirement to libgit2-sys 0.18.1, which fixes linking of advapi32 on Windows. #1143

Commits

• 62d353e Merge pull request #1144 from ehuss/bump-version
• 8980c61 Bump versions of git2 and libgit2-sys
• 1e1687e Merge pull request #1137 from aibaars/fix-credential-helper
• 258d3b6 Merge pull request #1062 from MikeJerred/master
• d1b40aa Drop lifetime for MergeFileResult
• 197106b Drop Copy/Clone from git_merge_file_result
• 8381b72 Make MergeFileOptions::raw pub(crate)
• 3cc3e25 fix: type mismatch error
• e1e933b fix: mark to_raw as unsafe
• b76c8be fix: use correct typings for git_merge_file_flag_t
• Additional commits viewable in compare view

Updates log from 0.4.26 to 0.4.27

Release notes

Sourced from log's releases.

0.4.27

What's Changed

• A few minor lint fixes by @​nyurik in rust-lang/log#671
• Enable clippy support for format-like macros by @​nyurik in rust-lang/log#665
• Add an optional logger param by @​tisonkun in rust-lang/log#664
• Pass global logger by value, supplied logger by ref by @​KodrAus in rust-lang/log#673
• Prepare for 0.4.27 release by @​KodrAus in rust-lang/log#674

Full Changelog: rust-lang/log@0.4.26...0.4.27

Changelog

Sourced from log's changelog.

[0.4.27] - 2025-03-24

What's Changed

• A few minor lint fixes by @​nyurik in rust-lang/log#671
• Enable clippy support for format-like macros by @​nyurik in rust-lang/log#665
• Add an optional logger param by @​tisonkun in rust-lang/log#664
• Pass global logger by value, supplied logger by ref by @​KodrAus in rust-lang/log#673

Full Changelog: rust-lang/log@0.4.26...0.4.27

Commits

• 35161d0 Merge pull request #674 from rust-lang/cargo/0.4.27
• cc131ef prepare for 0.4.27 release
• ea6f54d Merge pull request #673 from rust-lang/feat/logger-by-ref
• d229c73 fix unclosed code block
• 02486e4 fill in more tests for logger argument
• 71e034f expand logger tests
• dfa067e fix up kv passing
• 39d4c3a run fmt
• 7aacc8f pass global logger by value, supplied logger by ref
• a438c6e Merge pull request #664 from tisonkun/logger-field
• Additional commits viewable in compare view

Updates quick-xml from 0.37.2 to 0.37.4

Release notes

Sourced from quick-xml's releases.

v0.37.4 - Derive more traits for readers

What's Changed

Misc Changes

• #852: Add Debug impl for NsReader and Reader and Clone impl for NsReader

#852: tafia/quick-xml#852

New Contributors

• @​lukasfri made their first contribution in tafia/quick-xml#852

Full Changelog: tafia/quick-xml@v0.37.3...v0.37.4

v0.37.3 - support for xsi:nil in Deserializer

What's Changed

New Features

• #850: Add Attribute::as_bool() method to get an attribute value as a boolean.
• #850: Add Attributes::has_nil() method to check if attributes has xsi:nil attribute set to true.
• #497: Handle xsi:nil attribute in serde Deserializer to better process optional fields.

Full Changelog: tafia/quick-xml@v0.37.2...v0.37.3

Changelog

Sourced from quick-xml's changelog.

0.37.4 -- 2025-04-01

Misc Changes

• #852: Add Debug impl for NsReader and Reader and Clone impl for NsReader

#852: tafia/quick-xml#852

0.37.3 -- 2025-03-25

New Features

• #850: Add Attribute::as_bool() method to get an attribute value as a boolean.
• #850: Add Attributes::has_nil() method to check if attributes has xsi:nil attribute set to true.
• #497: Handle xsi:nil attribute in serde Deserializer to better process optional fields.

#497: tafia/quick-xml#497 #850: tafia/quick-xml#850

Commits

• a81bac7 Release 0.37.4
• cbcf835 Add some standard derives for Debug and Clone on Reader and NsReader.
• 2cedfe1 Release 0.37.3
• 44644b3 Merge pull request #850 from Mingun/fix/honor_xsi_nil
• 3c4de88 Migrate to actions/upload-artifact@v4 in fuzzer sub-project
• 6176c33 Properly use xsi:nil to deserialize null values via serde
• 10b37f7 Add tests for xsi:nil handling
• 521707c Add regression tests for #497
• b8ce862 Use namespace-aware reader in serde deserializer
• 341db46 Add helper method to check if xsi:nil value is set in attributes
• Additional commits viewable in compare view

Updates reqwest from 0.12.12 to 0.12.15

Release notes

Sourced from reqwest's releases.

v0.12.15

What's Changed

• Fix http3 to support streaming response bodies by @​ducaale in seanmonstar/reqwest#2517
• Fix Windows to support both ProxyOverride and NO_PROXY by @​drewkett in seanmonstar/reqwest#2601
• Fix http3 dependency from public API misuse by @​seanmonstar in seanmonstar/reqwest#2605

New Contributors

• @​drewkett made their first contribution in seanmonstar/reqwest#2601

Full Changelog: seanmonstar/reqwest@v0.12.14...v0.12.15

v0.12.14

What's Changed

• re-add fetch_mode_no_cors shim when not in wasm, but deprecated by @​seanmonstar in seanmonstar/reqwest#2598

Full Changelog: seanmonstar/reqwest@v0.12.13...v0.12.14

v0.12.13

What's Changed

• Add Form::into_reader() for blocking multipart forms.
• Add Form::into_stream() for async multipart forms.
• Add support for SOCKS4a proxies.
• Fix decoding responses with multiple zstd frames.
• Fix RequestBuilder::form() from overwriting a previously set Content-Type header, like the other builder methods.
• Fix cloning of request timeout in blocking::Request.
• Fix http3 synchronization of connection creation, reducing unneccesary extra connections.
• Fix Windows system proxy to use ProxyOverride as a NO_PROXY value.
• Fix blocking read to correctly reserve and zero read buffer.
• (wasm) Add support for request timeouts.
• (wasm) Fix Error::is_timeout() to return true when from a request timeout.

New Contributors

• @​obi1kenobi made their first contribution in seanmonstar/reqwest#2524
• @​decathorpe made their first contribution in seanmonstar/reqwest#2529
• @​flisky made their first contribution in seanmonstar/reqwest#1760
• @​0x676e67 made their first contribution in seanmonstar/reqwest#2527
• @​maximevtush made their first contribution in seanmonstar/reqwest#2534
• @​Property404 made their first contribution in seanmonstar/reqwest#2554
• @​G1gg1L3s made their first contribution in seanmonstar/reqwest#2544
• @​coastalwhite made their first contribution in seanmonstar/reqwest#2562
• @​Fizcko made their first contribution in seanmonstar/reqwest#2559
• @​markussilvan made their first contribution in seanmonstar/reqwest#2573
• @​aunovis-heidrich made their first contribution in seanmonstar/reqwest#2593

Thanks!

• @​seanmonstar
• @​paolobarbolini
• @​Nuhvi

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.12.15

• Fix Windows to support both ProxyOverride and NO_PROXY.
• Fix http3 to support streaming response bodies.
• Fix http3 dependency from public API misuse.

v0.12.14

• Fix missing fetch_mode_no_cors(), marking as deprecated when not on WASM.

v0.12.13

• Add Form::into_reader() for blocking multipart forms.
• Add Form::into_stream() for async multipart forms.
• Add support for SOCKS4a proxies.
• Fix decoding responses with multiple zstd frames.
• Fix RequestBuilder::form() from overwriting a previously set Content-Type header, like the other builder methods.
• Fix cloning of request timeout in blocking::Request.
• Fix http3 synchronization of connection creation, reducing unneccesary extra connections.
• Fix Windows system proxy to use ProxyOverride as a NO_PROXY value.
• Fix blocking read to correctly reserve and zero read buffer.
• (wasm) Add support for request timeouts.
• (wasm) Fix Error::is_timeout() to return true when from a request timeout.

Commits

• 54376c3 v0.12.15
• e4bb3e6 upgrade h3-quinn (#2605)
• 96a4fea Merge tag 'v0.12.14'
• 5fd3d5b Re-enable NO_PROXY envs on Windows (#2601)
• e9215fd Support streaming response body in HTTP/3 (#2517)
• cf50f11 v0.12.14
• f63c631 re-add fetch_mode_no_cors shim when not in wasm, but deprecated (#2598)
• e44e371 v0.12.13
• e83e138 Added osv-scanner.toml file to ignore npm packages in wasm examples during vu...
• 7e85d2f ci: pin once-cell in msrv job (#2594)
• Additional commits viewable in compare view

Updates tempfile from 3.18.0 to 3.19.1

Changelog

Sourced from tempfile's changelog.

3.19.1

• Don't unlink temporary files immediately on Windows (fixes #339). Unfortunately, this seemed to corrupt the file object (possibly a Windows kernel bug) in rare cases and isn't strictly speaking necessary.

3.19.0

• Remove direct dependency on cfg-if. It's still in the tree, but we didn't really need to use it in this crate.
• Add an unstable feature (unstable-windows-keep-open-tempfile) to test a potential fix to #339.

Commits

• 95540ed chore: release v3.19.1
• b60aae4 fix(windows): don't automatically delete files on open (#344)
• 167f544 ci(cargo-deny): remove windows-sys exception (#343)
• 42fff68 chore: release v3.19.0
• 61b4283 feat(windows): add a feature to immediate tempfile deletion (#340)
• c2d16b3 ci: downgrade once-cell on old rustc versions (#342)
• 35c204d chore: remove cfg-if dependency (#338)
• See full diff in compare view

Updates napi from 2.16.16 to 2.16.17

Release notes

Sourced from napi's releases.

[email protected]

What's Changed

• fix: backport BigInt changes from #2028 & #2356 by @​Wodann in napi-rs/napi-rs#2524

Full Changelog: https://github.com/napi-rs/napi-rs/compare/[email protected]@2.16.17

Commits

• f217831 Release independent packages
• f3cf862 fix(napi): backport BigInt changes from #2028 & #2356 (#2524)
• See full diff in compare view

Updates napi-build from 2.1.5 to 2.1.6

Release notes

Sourced from napi-build's releases.

[email protected]

What's Changed

• perf(build): remove --export-dynamic flag in wasi compilation by @​CPunisher in napi-rs/napi-rs#2523

Full Changelog: https://github.com/napi-rs/napi-rs/compare/[email protected]@2.1.6

Commits

• c1b840e Release independent packages
• 2fb1a52 chore(release): publish
• 6f6c110 perf(build): remove --export-dynamic flag in wasi compilation (#2523)
• 9873fb3 feat(cli): add wasm.browser.asyncInit for large wasm file (#2514)
• 69d1c41 Release independent packages
• 3dd9143 fix(napi): re-create async runtime (#2519)
• 574e7e4 chore(deps): update dependency shx to ^0.4.0 (#2518)
• 2b27a42 Release independent packages
• c62acd2 chore: upgrade npm dependencies (#2516)
• c57ac0c chore(deps): update dependency @​oxc-node/core to ^0.0.21 (#2515)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 97.58%. Comparing base (57cd33a) to head (7d157ff).
Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #129   +/-   ##
=======================================
  Coverage   97.58%   97.58%           
=======================================
  Files          14       14           
  Lines        3430     3430           
=======================================
  Hits         3347     3347           
  Misses         83       83           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[codspeed-hq]

CodSpeed Performance Report

Merging #129 will not alter performance

_{Comparing dependabot/cargo/cargo-2d3b962098 (7d157ff) with main (57cd33a)}

Summary

✅ 1 untouched benchmarks