chore(dep): bump the deps group across 1 directory with 10 updates

[dependabot]

Bumps the deps group with 10 updates in the / directory:

Package	From	To
clap	4.5.51	4.5.53
log	0.4.28	0.4.29
openssl	0.10.74	0.10.75
pyo3	0.27.1	0.27.2
serde_json	1.0.145	1.0.147
toml	0.9.8	0.9.10+spec-1.1.0
scraper	0.24.0	0.25.0
clap_complete	4.5.60	4.5.62
notify	6.1.1	8.2.0
reqwest	0.12.24	0.12.28

Updates clap from 4.5.51 to 4.5.53

Release notes

Sourced from clap's releases.

v4.5.53

[4.5.53] - 2025-11-19

Features

• Add default_values_if, default_values_ifs

v4.5.52

[4.5.52] - 2025-11-17

Fixes

• Don't panic when args_conflicts_with_subcommands conflicts with an ArgGroup

Changelog

Sourced from clap's changelog.

[4.5.53] - 2025-11-19

Features

• Add default_values_if, default_values_ifs

[4.5.52] - 2025-11-17

Fixes

• Don't panic when args_conflicts_with_subcommands conflicts with an ArgGroup

Commits

• 3716f9f chore: Release
• 613b69a docs: Update changelog
• d117f7a Merge pull request #6028 from epage/arg
• cb8255d feat(builder): Allow quoted id's for arg macro
• 1036060 Merge pull request #6025 from AldaronLau/typos-in-faq
• 2fcafc0 docs: Fix minor grammar issues in FAQ
• a380b65 Merge pull request #6023 from epage/template
• 4d7ab14 chore: Update from _rust/main template
• b8a7ea4 chore(deps): Update Rust Stable to v1.87 (#18)
• f9842b3 chore: Avoid MSRV problems out of the box
• Additional commits viewable in compare view

Updates log from 0.4.28 to 0.4.29

Release notes

Sourced from log's releases.

0.4.29

MSRV

This release increases log's MSRV from 1.61.0 to 1.68.0.

What's Changed

• docs: Add missing impls from README.md by @​AldaronLau in rust-lang/log#703
• Point to new URLs for favicon and logo by @​AldaronLau in rust-lang/log#704
• perf: reduce llvm-lines of FromStr for Level and LevelFilter by @​dishmaker in rust-lang/log#709
• Replace serde with serde_core by @​Thomasdezeeuw in rust-lang/log#712
• Fix clippy lints by @​Thomasdezeeuw in rust-lang/log#713
• Use GitHub Actions to install Rust and cargo-hack by @​Thomasdezeeuw in rust-lang/log#715
• Exclude old unstable_kv features from testing matrix by @​Thomasdezeeuw in rust-lang/log#716
• Fix up CI by @​KodrAus in rust-lang/log#718
• Prepare for 0.4.29 release by @​KodrAus in rust-lang/log#719

New Contributors

• @​AldaronLau made their first contribution in rust-lang/log#703
• @​dishmaker made their first contribution in rust-lang/log#709

Full Changelog: rust-lang/log@0.4.28...0.4.29

Changelog

Sourced from log's changelog.

[0.4.29] - 2025-12-02

What's Changed

• perf: reduce llvm-lines of FromStr for Level and LevelFilter by @​dishmaker in rust-lang/log#709
• Replace serde with serde_core by @​Thomasdezeeuw in rust-lang/log#712

New Contributors

• @​AldaronLau made their first contribution in rust-lang/log#703
• @​dishmaker made their first contribution in rust-lang/log#709

Full Changelog: rust-lang/log@0.4.28...0.4.29

Commits

• b1e2df7 Merge pull request #719 from rust-lang/cargo/0.4.29
• 3fe1a54 prepare for 0.4.29 release
• 7a432d9 Merge pull request #718 from rust-lang/ci/msrv
• 0689d56 rebump msrv to 1.68.0
• 46b448e try drop msrv back to 1.61.0
• 929ab38 fix up doc test feature gate
• 957cece bump serde-dependent crates
• bea40c8 bump msrv to 1.68.0
• c540184 Merge pull request #716 from rust-lang/ci-smaller-matrix2
• c971e63 Merge branch 'master' into ci-smaller-matrix2
• Additional commits viewable in compare view

Updates openssl from 0.10.74 to 0.10.75

Release notes

Sourced from openssl's releases.

openssl-v0.10.75

What's Changed

• Fix a few typos (most of them found with codespell) by @​botovq in rust-openssl/rust-openssl#2502
• Use SHA256 test variant instead of SHA1 by @​abbra in rust-openssl/rust-openssl#2504
• pin home to an older version on MSRV CI by @​alex in rust-openssl/rust-openssl#2509
• Implement set_rsa_oaep_label for AWS-LC/BoringSSL by @​goffrie in rust-openssl/rust-openssl#2508
• sys/evp: add EVP_MAC symbols by @​huwcbjones in rust-openssl/rust-openssl#2510
• CI: bump LibreSSL 4.x branches to latest releases by @​botovq in rust-openssl/rust-openssl#2513
• Fix unsound OCSP find_status handling of optional next_update field by @​alex in rust-openssl/rust-openssl#2517
• Release openssl v0.10.75 and openssl-sys v0.9.111 by @​alex in rust-openssl/rust-openssl#2518

New Contributors

• @​abbra made their first contribution in rust-openssl/rust-openssl#2504
• @​goffrie made their first contribution in rust-openssl/rust-openssl#2508

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.74...openssl-v0.10.75

Commits

• 09b90d0 Merge pull request #2518 from alex/bump-for-release
• 26533f3 Release openssl v0.10.75 and openssl-sys v0.9.111
• 395ecca Merge pull request #2517 from alex/claude/fix-ocsp-find-status-011CUqcGFNKeKJ...
• cc26867 Fix unsound OCSP find_status handling of optional next_update field
• 95aa8e8 Merge pull request #2513 from botovq/libressl-stable
• e735a32 CI: bump LibreSSL 4.x branches to latest releases
• 21ab91d Merge pull request #2510 from huwcbjones/huw/sys/evp-mac
• d9161dc sys/evp: add EVP_MAC symbols
• 3fd4bf2 Merge pull request #2508 from goffrie/oaep-label
• 52022fd Implement set_rsa_oaep_label for AWS-LC/BoringSSL
• Additional commits viewable in compare view

Updates pyo3 from 0.27.1 to 0.27.2

Release notes

Sourced from pyo3's releases.

PyO3 0.27.2

This patch contains very minor fixes for the PyO3 0.27 series:

• Workaround a rustc 1.92+ crash compiling PyO3 with both debug assertions and optimizations enabled.
• Fix runtime crash when subclassing dicts on PyPy and GraalPy.

There are also a number of documentation improvements applied across the codebase.

Thank you to the following contributors for the improvements:

@​davidhewitt @​dependabot[bot] @​MusicalNinjaDad @​pkalivas @​tpoliaw @​Tpt

Changelog

Sourced from pyo3's changelog.

[0.27.2] - 2025-11-30

Changed

• Disable subclassing PyDict on GraalPy (unsupported for now, may crash at runtime). #5653

Fixed

• Fix crash when compiling on Rust 1.92+ with both debug assertions and optimizations enabled. #5638
• Fix FFI definition of PyDictObject on PyPy. #5653

Commits

• 117102d release: 0.27.2
• 2b1d6c5 fix FFI definition of PyDictObject on PyPy (#5653)
• 032d4d3 ci: add lychee cache (#5616)
• b4f78c0 fix rumdl formatting
• 0497d48 ci: remove old netlify build files (#5631)
• f3d6e05 Avoid introducing generic parameter with implied bounds from an associated ty...
• c8e6597 ci: pin mdbook to 0.4 for now, properly install mdbook-tabs (#5632)
• 30cca7e build(deps): bump actions/checkout from 5.0.0 to 5.0.1 (#5629)
• bb7bb94 Update PyIterator::send docs to match behaviour (#5593)
• 1acadc5 Add radiate to README examples section (#5561)
• Additional commits viewable in compare view

Updates serde_json from 1.0.145 to 1.0.147

Release notes

Sourced from serde_json's releases.

v1.0.147

• Switch float-to-string algorithm from Ryū to Żmij for better f32 and f64 serialization performance (#1304)

v1.0.146

• Set fast_arithmetic=64 for riscv64 (#1305, thanks @​Xeonacid)

Commits

• 62d6e8d Release 1.0.147
• fd829a6 Merge pull request #1304 from dtolnay/zmij
• e757a3d Switch from ryu -> zmij for float formatting
• 75ad7e6 Release 1.0.146
• bc6c827 Merge pull request #1305 from Xeonacid/patch-1
• a09210a Set fast_arithmetic=64 for riscv64
• 01182e5 Update actions/upload-artifact@v5 -> v6
• 383b13a Update actions/upload-artifact@v4 -> v5
• 04dd357 Raise required compiler to Rust 1.68
• e047dfb Resolve manual_let_else pedantic clippy lint
• Additional commits viewable in compare view

Updates toml from 0.9.8 to 0.9.10+spec-1.1.0

Commits

• e32c7a2 chore: Release
• df1c328 docs: Update changelog
• b826cf4 feat(edit)!: Allow set_position(None) (#1080)
• 8043f20 feat(edit)!: Allow set_position(None)
• a02c0db feat: Support TOML 1.1 (#1079)
• 5cfb838 feat(edit): Support TOML 1.1
• 1eb4d60 feat(toml): Support TOML 1.1
• 695d788 feat(edit)!: Multi-line inline tables with trailing commas
• cc4f7ac feat(toml): Multi-line inline tables with trailing commas
• 539f8c1 feat(datetime): Make seconds optional
• Additional commits viewable in compare view

Updates scraper from 0.24.0 to 0.25.0

Release notes

Sourced from scraper's releases.

v0.25.0

What's Changed

• chore(Cargo.toml): bump servo to 0.36.0 by @​Jan9103 in rust-scraper/scraper#280
• Add version flag in executable by @​kachick in rust-scraper/scraper#282
• Avoid panic for unknown flags and invalid selectors when using executable by @​kachick in rust-scraper/scraper#283
• Update repo URL by @​atouchet in rust-scraper/scraper#286
• Added cargo deny to test github action by @​haydonryan in rust-scraper/scraper#287

New Contributors

• @​Jan9103 made their first contribution in rust-scraper/scraper#280
• @​kachick made their first contribution in rust-scraper/scraper#282
• @​atouchet made their first contribution in rust-scraper/scraper#286
• @​haydonryan made their first contribution in rust-scraper/scraper#287

Full Changelog: rust-scraper/scraper@v0.24.0...v0.25.0

Commits

• 4cb7107 Version 0.25.0
• 382c092 Add cargo deny to test github action (#287)
• 29b3d8f Update repo URL (#286)
• 943ee24 Bump indexmap from 2.12.0 to 2.12.1
• 4848e3c Avoid panic for missing or invalid selectors
• 75b88da Avoid panic for unknown flags
• 85e6967 Add version flag in executable
• 381a4bd chore(Cargo.toml): bump servo to 0.36.0
• 3fca4f1 Merge pull request #278 from rust-scraper/dependabot/cargo/indexmap-2.12.0
• 8e56e7e Bump indexmap from 2.11.4 to 2.12.0
• Additional commits viewable in compare view

Updates clap_complete from 4.5.60 to 4.5.62

Commits

• ca0aeba chore: Release
• 44cdcc1 docs: Update changelog
• 2dc500c Merge pull request #6198 from devjgm/greg/fix-clap-completer-issue-with-fish
• 2280d48 fix: fix path quoting with dynamic env completer
• ac1006c Merge pull request #6197 from devjgm/greg/fix-clap-completer-issue-with-fish
• d495145 clap_complete: add unit test for fish env completer
• 1a6c0de chore(deps): Update Rust Stable to v1.92 (#6194)
• 53a6921 Merge pull request #6189 from clap-rs/renovate/actions-checkout-6.x
• 7cbec58 chore(deps): Update actions/checkout action to v6
• 8d87e70 chore: Release
• Additional commits viewable in compare view

Updates notify from 6.1.1 to 8.2.0

Release notes

Sourced from notify's releases.

notify-8.2.0

notify 8.2.0 (2025-08-03)

• FEATURE: notify user if inotify's max_user_watches has been reached #698
• FIX: INotifyWatcher ignore events with unknown watch descriptors (instead of EventMask::Q_OVERFLOW) #700

#698: notify-rs/notify#698 #700: notify-rs/notify#700

debouncer-full 0.6.0 (2025-08-03)

• FEATURE: allow FileIdCache trait implementations to choose ownership of the returned file-ids #664
• FEATURE: added support for the flume crate #680
• FIX: skip all Modify events right after a Create event, unless it's a rename event #701

#664: notify-rs/notify#664 #680: notify-rs/notify#680 #701: notify-rs/notify#701

debouncer-mini 0.7.0 (2025-08-03)

• FEATURE: added support for the flume crate #680

file-id 0.2.3 (2025-08-03)

• CHANGE: implement AsRef<FileId> for FileId #664

Full Changelog: notify-rs/notify@notify-8.1.0...notify-8.2.0

notify v8.1.0

What's Changed

• Fix typo by @​mo8it in notify-rs/notify#667
• remove unused imports from documentation by @​20jasper in notify-rs/notify#669
• FileIdCache: Allow flexible handle instead of direct borrow for file ids by @​florian-g2 in notify-rs/notify#664
• Replace github ci workflow by @​dfaust in notify-rs/notify#675
• Add support for flume by @​RenDiego in notify-rs/notify#680
• docs: fix link for file id by @​ckaznable in notify-rs/notify#682
• Do not remove a filename twice by @​worr in notify-rs/notify#683
• Bump kqueue to 1.1.1 by @​worr in notify-rs/notify#684
• chore(ci): Use stable toolchain for rustfmt/clippy by @​JohnTitor in notify-rs/notify#689
• Make INotifyWatcher return the native PathNotFound error when watchin… by @​JanzenJohn in notify-rs/notify#686
• windows: Fix server hangs under some circumstance by @​JunkuiZhang in notify-rs/notify#674
• Remove filetime dependency by @​a1phyr in notify-rs/notify#690
• Update windows-sys to v0.60 by @​a1phyr in notify-rs/notify#691
• chore: Use MSRV for Clippy and rustfmt by @​JohnTitor in notify-rs/notify#694
• Do not clone paths while walking dirs by @​riberk in notify-rs/notify#693
• feat: introduce Watcher::paths_mut for adding/removing paths in batch by @​branchseer in notify-rs/notify#692
• fix: make PathsMut::commit consuming by @​branchseer in notify-rs/notify#695
• chore: Prepare 8.1.0 release by @​JohnTitor in notify-rs/notify#697

New Contributors

• @​mo8it made their first contribution in notify-rs/notify#667
• @​20jasper made their first contribution in notify-rs/notify#669
• @​florian-g2 made their first contribution in notify-rs/notify#664

... (truncated)

Changelog

Sourced from notify's changelog.

notify 8.2.0 (2025-08-03)

• FEATURE: notify user if inotify's max_user_watches has been reached #698
• FIX: INotifyWatcher ignore events with unknown watch descriptors (instead of EventMask::Q_OVERFLOW) #700

#698: notify-rs/notify#698 #700: notify-rs/notify#700

debouncer-full 0.6.0 (2025-08-03)

• FEATURE: allow FileIdCache trait implementations to choose ownership of the returned file-ids #664
• FEATURE: added support for the flume crate #680
• FIX: skip all Modify events right after a Create event, unless it's a rename event #701

#664: notify-rs/notify#664 #680: notify-rs/notify#680 #701: notify-rs/notify#701

debouncer-mini 0.7.0 (2025-08-03)

• FEATURE: added support for the flume crate #680

file-id 0.2.3 (2025-08-03)

• CHANGE: implement AsRef<FileId> for FileId #664

notify 8.1.0 (2025-07-03)

• FEATURE: added support for the flume crate
• FIX: kqueue-backend: do not double unwatch top-level directory when recursively unwatching #683
• FIX: Return the crate error PathNotFound instead bubbling up the std::io error #685
• FIX: fix server hangs when trashing folders on Windows #674

notify 8.0.0 (2025-01-10)

• CHANGE: update notify-types to version 2.0.0
• CHANGE: raise MSRV to 1.77 breaking
• FEATURE: add config option to disable following symbolic links #635
• FIX: unaligned access to FILE_NOTIFY_INFORMATION #647 breaking

#635: notify-rs/notify#635 #647: notify-rs/notify#647

notify-types 2.0.0 (2025-01-10)

• CHANGE: replace instant crate with web-time #652 breaking
• CHANGE: the web-time dependency is now behind the web-time feature breaking

#652: notify-rs/notify#652

debouncer-mini 0.6.0 (2025-01-10)

• CHANGE: update notify to version 8.0.0

debouncer-full 0.5.0 (2025-01-10)

... (truncated)

Commits

• a1d7c2d Prepare release (#706)
• c685ea7 Skip all Modify events right after a Create event, unless it's a rename e...
• e36d54e fix: INotifyWatcher may raise events with no paths (#700)
• 394ef18 feat(inotify): notify a user if the max_user_watches has been reached impli...
• 04473de chore: Prepare 8.1.0 release (#697)
• 12a026d fix: make PathsMut::commit consuming (#695)
• d824023 feat: introduce Watcher::paths_mut for adding/removing paths in batch (#692)
• b984134 Do not clone paths while walking dirs (#693)
• 416ba82 chore: Use MSRV for Clippy and rustfmt (#694)
• 10ce3ef Update windows-sys to v0.60 (#691)
• Additional commits viewable in compare view

Updates reqwest from 0.12.24 to 0.12.28

Release notes

Sourced from reqwest's releases.

v0.12.28

What's Changed

• fix: correctly import TokioIo on Windows by @​seanmonstar in seanmonstar/reqwest#2896

Full Changelog: seanmonstar/reqwest@v0.12.27...v0.12.28

v0.12.27

tl;dr

• Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Pipe.

What's Changed

• chore: Disable unused tokio-util codec feature by @​tottoto in seanmonstar/reqwest#2893
• chore: Use http_body_util::BodyDataStream by @​tottoto in seanmonstar/reqwest#2892
• feat: add windows_named_pipe() option to client builder by @​seanmonstar in seanmonstar/reqwest#2789

Full Changelog: seanmonstar/reqwest@v0.12.26...v0.12.27

v0.12.26

tl;dr

• Fix sending Accept-Encoding header only with values configured with reqwest, regardless of underlying tower-http config.

What's Changed

• deps: update cookie_store by @​seanmonstar in seanmonstar/reqwest#2886
• fix: disable default compression from tower-http if not enabled in reqwest by @​seanmonstar in seanmonstar/reqwest#2889
• fix(http3): correct compression defaults by @​seanmonstar in seanmonstar/reqwest#2890

Full Changelog: seanmonstar/reqwest@v0.12.25...v0.12.26

v0.12.25

Highlights

• Add Error::is_upgrade() to determine if the error was from an HTTP upgrade.
• Fix sending Proxy-Authorization if only username is configured.
• Fix sending Proxy-Authorization to HTTPS proxies when the target is HTTP.
• Refactor internal decompression handling to use tower-http.

What's Changed

• tests: fix wasm timeout test with uncached response by @​seanmonstar in seanmonstar/reqwest#2853
• docs: document connection pooling behavior by @​vinzmyko in seanmonstar/reqwest#2851
• docs: document WASM client by @​vinzmyko in seanmonstar/reqwest#2859
• chore: minor improvement for docs by @​black5box in seanmonstar/reqwest#2862
• fix: send proxy-authorization even with empty password by @​barjin in seanmonstar/reqwest#2868
• feat(error): add is_upgrade method to detect protocol upgrade errors by @​0x676e67 in seanmonstar/reqwest#2822
• Use decompression from tower-http by @​ducaale in seanmonstar/reqwest#2840

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.12.28

• Fix compiling on Windows if TLS and SOCKS features are not enabled.

v0.12.27

• Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Piper.

v0.12.26

• Fix sending Accept-Encoding header only with values configured with reqwest, regardless of underlying tower-http config.

v0.12.25

• Add Error::is_upgrade() to determine if the error was from an HTTP upgrade.
• Fix sending Proxy-Authorization if only username is configured.
• Fix sending Proxy-Authorization to HTTPS proxies when the target is HTTP.
• Refactor internal decompression handling to use tower-http.

Commits

• d978599 v0.12.28
• ef2768a fix: correctly import TokioIo on Windows (#2896)
• 1bf6441 v0.12.27
• 4967b1b feat: add windows_named_pipe() option to client builder (#2789)
• ef5b239 chore: Use http_body_util::BodyDataStream (#2892)
• a810004 chore: Disable unused tokio-util codec feature (#2893)
• 01f03a4 v0.12.26
• e908f57 fix(http3): correct compression defaults (#2890)
• 509c904 fix: disable default compression from tower-http if not enabled in reqwest (#...
• 896aaea deps: update cookie_store to 0.22 (#2886)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml