chore(deps): bump the rust-deps group across 1 directory with 11 updates

[dependabot]

Bumps the rust-deps group with 11 updates in the / directory:

Package	From	To
tokio	1.51.1	1.52.3
clap	4.6.0	4.6.1
clap_complete	4.6.2	4.6.5
fs4	0.13.1	1.1.0
docker_credential	1.3.2	1.3.3
sysinfo	0.38.4	0.39.1
zip	8.5.1	8.6.0
libc	0.2.183	0.2.186
junction	1.4.2	2.0.0
octocrab	0.49.7	0.50.0
rustls	0.23.38	0.23.40

Updates tokio from 1.51.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

• runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

• io: AioSource::register_borrowed for I/O safety support (#7992)
• net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

• runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)
• taskdump: add trace_with() for customized task dumps (#8025)
• taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)
• fs: support io_uring in AsyncRead for File (#7907)

... (truncated)

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• Additional commits viewable in compare view

Updates clap from 4.6.0 to 4.6.1

Release notes

Sourced from clap's releases.

v4.6.1

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Changelog

Sourced from clap's changelog.

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Commits

• 1420275 chore: Release
• d2c817d docs: Update changelog
• f88c94e Merge pull request #6341 from epage/sep
• acbb822 fix(complete): Reduce risk of conflict with actual subcommands
• a49fadb refactor(complete): Pull out subcommand separator
• ddc008b Merge pull request #6332 from epage/update
• 497dc50 chore: Update compatible dependencies
• dca2326 Merge pull request #6331 from clap-rs/renovate/j178-prek-action-2.x
• 54bdaa3 chore(deps): Update j178/prek-action action to v2
• f0d30d9 chore: Release
• Additional commits viewable in compare view

Updates clap_complete from 4.6.2 to 4.6.5

Commits

• c8c9355 chore: Release
• af74def docs: Update changelog
• c96f222 Merge pull request #6368 from truffle-dev/fix/fish-env-escaping
• 49a05cd fix(complete): Two-pass quote fish env-completer
• e791004 test(complete): Snapshot fish env quoting cases
• 87ec1ad chore: Release
• 78f2529 docs: Update changelog
• b61f270 Merge pull request #6369 from Metbcy/fix/zsh-completion-ordering
• 74c6666 fix(complete): Keep zsh candidate order
• d142d8f Merge pull request #6360 from epage/string
• Additional commits viewable in compare view

Updates fs4 from 0.13.1 to 1.1.0

Release notes

Sourced from fs4's releases.

v1.1.0

Changes

• Consolidate FileExt and AsyncFileExt into single crate-root traits (fs4::FileExt, fs4::AsyncFileExt) instead of generating a distinct trait per backend module. The per-backend modules (fs4::tokio, fs4::async_std, fs4::smol, fs4::fs_err2, fs4::fs_err3, fs4::fs_err2_tokio, fs4::fs_err3_tokio) now re-export the unified crate-root trait. Method-call sites that import the trait via use continue to compile unchanged; code that named two backend traits as distinct types will see them unify.
• Add blanket impls impl<F: FileExt + ?Sized> FileExt for &F and impl<F: AsyncFileExt + ?Sized> AsyncFileExt for &F, so the extension methods are now callable through shared references.
• Seal FileExt and AsyncFileExt via a private sealed::Sealed supertrait, so the set of implementing types is closed to the concrete file types fs4 already supports (and references to them). This locks in the freedom to add methods to either trait in future minor releases without breaking downstream impls.
• Add DynAsyncFileExt, an object-safe mirror of AsyncFileExt whose async methods return BoxFuture<'_, T> (alias for Pin<Box<dyn Future<Output = T> + Send + '_>>). Use it whenever type erasure is needed (Box<dyn DynAsyncFileExt>, &dyn DynAsyncFileExt); prefer the static AsyncFileExt for generic code since it has no allocation or dynamic-dispatch overhead. Every type implementing AsyncFileExt also implements DynAsyncFileExt, and the trait is sealed.
• Mark the delegating methods #[inline(always)] (skipped under tarpaulin coverage builds).

v1.0.0

1.0.0

Breakage

• Renamed FileExt::lock_exclusive / AsyncFileExt::lock_exclusive to lock, matching the stabilized [std::fs::File::lock] API.
• Renamed FileExt::try_lock_exclusive / AsyncFileExt::try_lock_exclusive to try_lock, matching [std::fs::File::try_lock].
• Changed the return type of try_lock and try_lock_shared from std::io::Result<bool> to Result<(), TryLockError>. Ok(()) still indicates the lock was acquired; Err(TryLockError::WouldBlock) now indicates the lock is held by another handle. This matches the stable [std::fs::File::try_lock] signature (Ok(false) was the nightly shape prior to 1.89).
• Removed the top-level lock_contended_error() helper. Use TryLockError::WouldBlock instead.
• Flattened the fs_std module: the FileExt trait for std::fs::File now lives at the crate root. Update imports from

... (truncated)

Changelog

Sourced from fs4's changelog.

1.1.0

Changes

• Consolidate FileExt and AsyncFileExt into single crate-root traits (fs4::FileExt, fs4::AsyncFileExt) instead of generating a distinct trait per backend module. The per-backend modules (fs4::tokio, fs4::async_std, fs4::smol, fs4::fs_err2, fs4::fs_err3, fs4::fs_err2_tokio, fs4::fs_err3_tokio) now re-export the unified crate-root trait. Method-call sites that import the trait via use continue to compile unchanged; code that named two backend traits as distinct types will see them unify.
• Add blanket impls impl<F: FileExt + ?Sized> FileExt for &F and impl<F: AsyncFileExt + ?Sized> AsyncFileExt for &F, so the extension methods are now callable through shared references.
• Seal FileExt and AsyncFileExt via a private sealed::Sealed supertrait, so the set of implementing types is closed to the concrete file types fs4 already supports (and references to them). This locks in the freedom to add methods to either trait in future minor releases without breaking downstream impls.
• Add DynAsyncFileExt, an object-safe mirror of AsyncFileExt whose async methods return BoxFuture<'_, T> (alias for Pin<Box<dyn Future<Output = T> + Send + '_>>). Use it whenever type erasure is needed (Box<dyn DynAsyncFileExt>, &dyn DynAsyncFileExt); prefer the static AsyncFileExt for generic code since it has no allocation or dynamic-dispatch overhead. Every type implementing AsyncFileExt also implements DynAsyncFileExt, and the trait is sealed.
• Mark the delegating methods #[inline(always)] (skipped under tarpaulin coverage builds).

1.0.1

Fixes

• Unix allocate: short-circuit on allocated blocks (metadata().blocks() * 512 >= len) instead of logical EOF. The previous metadata().len() >= len check silently turned allocate into a no-op on sparse files (logical length large, zero blocks reserved), violating the documented preallocation guarantee. The new check still skips the macOS F_PREALLOCATE re-allocate-ENOSPC path from #15, since it asks the right question: "are the blocks already reserved?" Applies to both the sync and async implementations.
• Windows statvfs: route the three GetDiskFreeSpaceExW outputs correctly. free_space now comes from lpTotalNumberOfFreeBytes (volume-wide, quota-independent), available_space from lpFreeBytesAvailable (caller-scoped, honours per-user quotas), and total_space is computed from cluster math (sectors_per_cluster * bytes_per_sector * total_number_of_clusters)

... (truncated)

Commits

• See full diff in compare view

Updates docker_credential from 1.3.2 to 1.3.3

Release notes

Sourced from docker_credential's releases.

v1.3.3

What's Changed

• Update rstest to 0.26.1, the current version by @​musicinmybrain in keirlawson/docker_credential#20
• Bump base64 crate to 0.22.1 by @​brandonweeks in keirlawson/docker_credential#21

New Contributors

• @​brandonweeks made their first contribution in keirlawson/docker_credential#21

Full Changelog: keirlawson/docker_credential@v1.3.2...v1.3.3

Commits

• 8979237 1.3.3
• 6e785c9 Bump base64 crate to 0.22.1 (#21)
• ab06747 Update rstest to 0.26.1, the current version (#20)
• See full diff in compare view

Updates sysinfo from 0.38.4 to 0.39.1

Changelog

Sourced from sysinfo's changelog.

0.39.1

• Linux: Fix wrong network numbers computation.

0.39.0

• Update minimum supported rust version to 1.95.
• Add new NetworkData::operational_state API.
• Add new Process::cgroup_limits API (only returning data on Linux).
• All supported systems other than Windows: Improve performance of Networks::refresh*.
• All supported systems other than Windows: Fix soundness issue when retrieving users.
• Linux: Take into account parent cgroup memory limits.
• Linux: Fix panic when retrieving process information on ESXi.
• FreeBSD: Use the name of dataset as name for zfs disks.

Commits

• 6e883a3 Update CHANGELOG and crate version to 0.39.1
• a45d38a Merge pull request #1659 from isaidsari/fix/linux-network-buffer-truncation
• ee9cd3b Merge pull request #1655 from GuillaumeGomez/update
• 3ada0c4 Update crate version to 0.39.0 version
• e05d7c9 Update CHANGELOG for 0.39.0 version
• b62b067 Merge pull request #1654 from GuillaumeGomez/improve-network
• 03c0da0 Improve performance of network interfaces refresh by removing one call of `ge...
• 560ba18 Try to reduce test_tasks flakyness
• f9832e6 Merge pull request #1653 from GuillaumeGomez/fix-soundness
• c2d1bf3 Fix new clippy lint
• Additional commits viewable in compare view

Updates zip from 8.5.1 to 8.6.0

Release notes

Sourced from zip's releases.

v8.6.0

🚀 Features

• add compression not supported as enum error (#774)

🐛 Bug Fixes

• allow for [u8] as filename (#775)

🚜 Refactor

• mark ZipFlags as non-exhaustive and add test for HasZipMetadata (#777)
• use and simplify is_dir (#776)

Changelog

Sourced from zip's changelog.

8.6.0 - 2026-04-25

🚀 Features

• add compression not supported as enum error (#774)

🐛 Bug Fixes

• allow for [u8] as filename (#775)

🚜 Refactor

• mark ZipFlags as non-exhaustive and add test for HasZipMetadata (#777)
• use and simplify is_dir (#776)

Commits

• 771dfc5 chore: release v8.6.0 (#781)
• 8e480cc chore(deps): update sha1 requirement from 0.10 to 0.11 (#767)
• 2513bbe chore(deps): update aes requirement from 0.8 to 0.9 (#787)
• 957e240 ci(deps): bump actions/cache from 5.0.4 to 5.0.5 (#786)
• 0329d9d fix: allow for [u8] as filename (#775)
• ddcf854 ci(deps): bump github/codeql-action from 4.35.1 to 4.35.2 (#788)
• 42323a8 ci(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#785)
• 901014a ci(deps): bump crate-ci/typos from 1.45.0 to 1.45.1 (#784)
• 07702d4 feat: add compression not supported as enum error (#774)
• 2d0c46b ci(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#783)
• Additional commits viewable in compare view

Updates libc from 0.2.183 to 0.2.186

Release notes

Sourced from libc's releases.

0.2.186

Added

• Apple: Add KEVENT_FLAG_* constants (#5070)
• Linux: Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE (#5060)

Changed

• CI: Migrate FreeBSD CI from Cirrus CI to GitHub Actions (#5058)

0.2.185

Added

• EspIDF: Add espidf_picolibc cfg for picolibc O_* flag values (#5035)
• Hexagon: add missing constants and fix types for linux-musl (#5042)
• Redox: Add semaphore functions (#5051)
• Windows: Add sprintf, snprintf, and the scanf family (#5024)

Fixed

• Hexagon: Decouple time64 types from musl symbol redirects (#5040)
• Horizon: Change POLL constants from c_short to c_int (#5045)

0.2.184

MSRV

This release increases the MSRV of libc to 1.65. With this update, you can now always use the core::ffi::c_* types with libc definitions, since libc has been changed to reexport from core rather than redefining them. (This usually worked before but had edge cases.) (#4972)

Added

• BSD: Add IP_MINTTL to bsd (#5026)
• Cygwin: Add TIOCM_DSR (#5031)
• FreeBSD: Added xfile structe and file descriptor types (#5002)
• Linux: Add CAN netlink bindings (#5011)
• Linux: Add struct ethhdr (#4239)
• Linux: Add struct ifinfomsg (#5012)
• Linux: Define max_align_t for riscv64 (#5029)
• NetBSD: Add missing CLOCK_ constants (#5020)
• NuttX: Add _SC_HOST_NAME_MAX (#5004)
• VxWorks: Add flock and F_*LCK constants (#4043)
• WASI: Add all _SC_* sysconf constants (#5023)

Deprecated

The remaining fixed-width integer aliases, __uint128_t, __uint128, __int128_t, and __int128, have been deprecated. Use i128 and u128 instead. (#4343)

... (truncated)

Changelog

Sourced from libc's changelog.

0.2.186 - 2026-04-24

Added

• Apple: Add KEVENT_FLAG_* constants (#5070)
• Linux: Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE (#5060)

Changed

• CI: Migrate FreeBSD CI from Cirrus CI to GitHub Actions (#5058)

0.2.185 - 2026-04-13

Added

• EspIDF: Add espidf_picolibc cfg for picolibc O_* flag values (#5035)
• Hexagon: add missing constants and fix types for linux-musl (#5042)
• Redox: Add semaphore functions (#5051)
• Windows: Add sprintf, snprintf, and the scanf family (#5024)

Fixed

• Hexagon: Decouple time64 types from musl symbol redirects (#5040)
• Horizon: Change POLL constants from c_short to c_int (#5045)

0.2.184 - 2026-04-01

MSRV

This release increases the MSRV of libc to 1.65. With this update, you can now always use the core::ffi::c_* types with libc definitions, since libc has been changed to reexport from core rather than redefining them. (This usually worked before but had edge cases.) (#4972)

Added

• BSD: Add IP_MINTTL to bsd (#5026)
• Cygwin: Add TIOCM_DSR (#5031)
• FreeBSD: Added xfile structe and file descriptor types (#5002)
• Linux: Add CAN netlink bindings (#5011)
• Linux: Add struct ethhdr (#4239)
• Linux: Add struct ifinfomsg (#5012)
• Linux: Define max_align_t for riscv64 (#5029)
• NetBSD: Add missing CLOCK_ constants (#5020)
• NuttX: Add _SC_HOST_NAME_MAX (#5004)
• VxWorks: Add flock and F_*LCK constants (#4043)
• WASI: Add all _SC_* sysconf constants (#5023)

Deprecated

... (truncated)

Commits

• 42620ff [0.2] libc: Release 0.2.186
• 9db2eaa apple: add KEVENT_FLAG_* constants
• 3840939 Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE for linux
• f697deb chore: migrate from Cirrus CI to GHA
• 71d5bfc libc: Release 0.2.185
• 1027d1c Revert "ci: Pin nightly to 2026-04-01"
• 0e9c6e5 redox: Add semaphore functions
• 24ef457 feat: add back support for gnu windows x86 in ci
• aa75caf horizon: Change POLL constants from c_short to c_int
• b7eda5a hexagon: add missing constants and fix types for linux-musl
• Additional commits viewable in compare view

Updates junction from 1.4.2 to 2.0.0

Release notes

Sourced from junction's releases.

v2.0.0

What's Changed

• CI: Ratchet down permissions, hash-pin actions by @​woodruffw in tesuji/junction#35
• Don't perform an existence check in get_target by @​woodruffw in tesuji/junction#36

New Contributors

• @​woodruffw made their first contribution in tesuji/junction#35

Full Changelog: tesuji/junction@v1.4.2...v2.0.0

Changelog

Sourced from junction's changelog.

[v2.0.0] - 2026-05-01

Changed

• junction::get_target now doesn't check whether the junction's destination directory exists. See #34 for more information.

Commits

• 8120513 bump v2
• e3d2a22 Merge pull request #36 from woodruffw-forks/ww/rm-exists-check
• 2069014 Add a testcase for the changed behavior
• 92c7864 Don't perform an existence check in get_target
• 6542166 Merge pull request #35 from woodruffw-forks/ww/ci
• bda04c4 CI: Ratchet down permissions, hash-pin actions
• See full diff in compare view

Updates octocrab from 0.49.7 to 0.50.0

Release notes

Sourced from octocrab's releases.

v0.50.0

Added

• add create_comment to PullRequestHandler (#880)
• Add support for exchanging oauth code for access token (#780)
• add get_app (#757)
• Add ability to update an existing label (#786)
• Added converted_from_draft to Event (#859)

Fixed

• Use PUT not PATCH for pull request reviews (#879)
• cargo fmt, cargo test, Set MSRV to 1.85.0 (#878)
• deser generate repo as respository (#812)
• use new search model on search function
• revert commit back to correct structure

Other

• [breaking] remove the either dependency (#883)
• added issue_field_added to Event enum (#882)
• update MSRV to 1.95.0
• don't include unconditional backtrace in Display impl (#824)
• add a simple test for compare commits
• remove duplicated GitUser
• create search models submodule
• move repository model from commits module
• move maybe_empty to models module
• remove Option<> for some fields of PullRequest (#873)

v0.49.9

Other

• Add 'tokio' dependency to retry configuration (#875)

v0.49.8

Added

• add structured GraphQL response and error (#874)

Fixed

• Expose OctoBody (#870)

Changelog

Sourced from octocrab's changelog.

0.50.0 - 2026-05-05

Added

• add create_comment to PullRequestHandler (#880)
• Add support for exchanging oauth code for access token (#780)
• add get_app (#757)
• Add ability to update an existing label (#786)
• Added converted_from_draft to Event (#859)

Fixed

• Use PUT not PATCH for pull request reviews (#879)
• cargo fmt, cargo test, Set MSRV to 1.85.0 (#878)
• deser generate repo as respository (#812)
• use new search model on search function
• revert commit back to correct structure

Other

• [breaking] remove the either dependency (#883)
• added issue_field_added to Event enum (#882)
• update MSRV to 1.95.0
• don't include unconditional backtrace in Display impl (#824)
• add a simple test for compare commits
• remove duplicated GitUser
• create search models submodule
• move repository model from commits module
• move maybe_empty to models module
• remove Option<> for some fields of PullRequest (#873)

0.49.9 - 2026-04-26

Other

• Add 'tokio' dependency to retry configuration (#875)

0.49.8 - 2026-04-24

Added

• add structured GraphQL response and error (#874)

Fixed

• Expose OctoBody (#870)

Commits

• af4a52e chore: release v0.50.0 (#877)
• 40b967b chore!: remove the either dependency (#883)
• ce8cc89 added issue_field_added to Event enum (#882)
• 21b13ed feat: add create_comment to PullRequestHandler (#880)
• 6e66bda fix: Use PUT not PATCH for pull request reviews (#879)
• 174950f fix: cargo fmt, cargo test, Set MSRV to 1.85.0 (#878)
• 43f2ef0 chore: update MSRV to 1.95.0
• e10d801 feat: Add support for exchanging oauth code for access token (#780)
• d4fcc18 fix: deser generate repo as respository (#812)
• 675f1fb feat: add get_app (#757)
• Additional commits viewable in compare view

Updates rustls from 0.23.38 to 0.23.40

Commits

• b44c09f Prepare 0.23.40
• e7a555f Prefer Ord::max to core::cmp
• c0005be ech: base inner name padding on actual extension
• 4e49529 ech: test inner name padding
• 3e06ef1 ech: add both name and "gross" padding
• c574ffd ech: avoid short-lived allocation for padding
• 8bf935c ech: pop comment from match arm
• 9088004 ech: expand maximum_name_length to usize ASAP
• a612901 Default require_ems based on CryptoProvider FIPS status
• 0541605 Cargo: version 0.23.38 -> 0.23.39
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Unit Test Results

1 627 tests  ±0   1 627 ✅ ±0   14s ⏱️ ±0s
    4 suites ±0       0 💤 ±0 
    1 files   ±0       0 ❌ ±0 

Results for commit 910831f. ± Comparison against base commit ee072ff.

♻️ This comment has been updated with latest results.

[github-actions]

Acceptance Test Results

587 tests  ±0   572 ✅ ±0   4m 23s ⏱️ -1s
  1 suites ±0    15 💤 ±0 
  1 files   ±0     0 ❌ ±0 

Results for commit 910831f. ± Comparison against base commit ee072ff.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.