[pull] main from fern-api:main

.devin/automation/sentry-triage/ledger/CLI-18.json

@@ -1,9 +1,9 @@
 {
   "title": "Absolute OpenAPI filepath is not relative",
-  "disposition": "keep_sentry",
-  "rationale": "Absolute path reached a relative-path invariant; needs path normalization or boundary validation fix.",
-  "fixSummary": "—",
-  "prOrIssue": "Keep in Sentry until product fix",
-  "lastAnalyzed": "2026-05-04",
+  "disposition": "shipped",
+  "rationale": "Absolute OpenAPI spec paths are user configuration values and now fail at the workspace-loading boundary as a non-reportable config error instead of reaching RelativeFilePath.of.",
+  "fixSummary": "Reject absolute OpenAPI spec paths during workspace loading with a user-facing config error.",
+  "prOrIssue": "https://github.com/fern-api/fern/pull/15953",
+  "lastAnalyzed": "2026-05-16",
   "problemSignature": "OpenAPI or workspace path conversion received an absolute path where a relative path was required; path boundary bug until fixed."
 }

.devin/automation/sentry-triage/ledger/CLI-3D.json

@@ -1,9 +1,9 @@
 {
   "title": "Mintlify import navigation is not iterable",
-  "disposition": "keep_sentry",
-  "rationale": "Importer TypeError indicates missing validation or compatibility handling in Mintlify import code.",
-  "fixSummary": "—",
-  "prOrIssue": "Keep in Sentry until product fix",
-  "lastAnalyzed": "2026-05-04",
+  "disposition": "shipped",
+  "rationale": "Mintlify docs import now validates user-authored mint.json navigation at the importer boundary and reports invalid shape as a non-reportable config error instead of throwing an internal TypeError.",
+  "fixSummary": "Validate Mintlify navigation before iteration and fail with CliError.Code.ConfigError when it is not an array.",
+  "prOrIssue": "https://github.com/fern-api/fern/pull/15954",
+  "lastAnalyzed": "2026-05-16",
   "problemSignature": "Mintlify docs import TypeError while reading navigation; true importer robustness bug until fixed."
 }

.devin/automation/sentry-triage/ledger/CLI-3Y.json

@@ -1,9 +1,9 @@
 {
   "title": "spawn xdg-open ENOENT uncaught exception",
-  "disposition": "keep_sentry",
-  "rationale": "ENOENT from spawn xdg-open escapes normal error handling as uncaught exception; reaches Sentry via onUncaughtExceptionIntegration. Needs boundary-level wrapping at the spawn call site.",
-  "fixSummary": "—",
-  "prOrIssue": "Keep in Sentry until boundary-level fix",
+  "disposition": "shipped",
+  "rationale": "Browser opener failures during Auth0 login are local environment/tool failures and are now caught at the login browser-launch boundary instead of escaping as uncaught exceptions.",
+  "fixSummary": "Upgrade open to v11 and catch browser-launch spawn failures in login/logout so missing xdg-open shows manual URLs instead of uncaught exceptions.",
+  "prOrIssue": "https://github.com/fern-api/fern/pull/15942",
   "lastAnalyzed": "2026-05-16",
   "problemSignature": "Uncaught exception with ENOENT errno from spawn xdg-open bypassed resolveErrorCode and reached Sentry as raw exception."
 }

.devin/automation/sentry-triage/ledger/CLI-46.json

@@ -1,9 +1,9 @@
 {
   "title": "Filepath is not relative (Linux absolute path)",
-  "disposition": "keep_sentry",
-  "rationale": "Absolute path reached a relative-path invariant; same family as CLI-3J and CLI-18.",
-  "fixSummary": "—",
-  "prOrIssue": "Keep in Sentry until product fix",
+  "disposition": "shipped",
+  "rationale": "Absolute OpenAPI spec paths are user configuration values and now fail at the workspace-loading boundary as a non-reportable config error instead of reaching RelativeFilePath.of.",
+  "fixSummary": "Reject absolute OpenAPI spec paths during workspace loading with a user-facing config error.",
+  "prOrIssue": "https://github.com/fern-api/fern/pull/15953",
   "lastAnalyzed": "2026-05-16",
   "problemSignature": "OpenAPI or workspace path conversion received an absolute path where a relative path was required; path boundary bug."
 }

.devin/automation/sentry-triage/ledger/CLI-4Z.json

@@ -1,9 +1,9 @@
 {
   "title": "ENOSPC file watcher unhandled rejection",
-  "disposition": "keep_sentry",
-  "rationale": "ENOSPC from file watcher escapes normal error handling as unhandled rejection; reaches Sentry via onUnhandledRejectionIntegration. Needs boundary-level wrapping at the file watcher call site.",
-  "fixSummary": "—",
-  "prOrIssue": "Keep in Sentry until boundary-level fix",
-  "lastAnalyzed": "2026-05-16",
-  "problemSignature": "Unhandled rejection with ENOSPC errno from file watcher bypassed resolveErrorCode and reached Sentry as raw exception."
+  "problemSignature": "Unhandled rejection with ENOSPC errno from docs preview file watcher initialization bypassed the docs preview boundary.",
+  "disposition": "shipped",
+  "rationale": "ENOSPC is a clear errno-style user environment syscall failure. The docs preview watcher boundary now handles watcher error events and reports them as non-reportable environment errors instead of letting EventEmitter surface them as unhandled rejections.",
+  "fixSummary": "Wrapped docs preview watcher startup and runtime errors in an environment-error boundary.",
+  "prOrIssue": "https://github.com/fern-api/fern/pull/15949",
+  "lastAnalyzed": "2026-05-16"
 }

docker/seed/Dockerfile.go

@@ -5,22 +5,21 @@ RUN apk add --no-cache curl && \
     curl -sL "https://github.com/google/go-containerregistry/releases/download/v0.21.2/go-containerregistry_Linux_${ARCH}.tar.gz" | tar xz -C /usr/local/bin crane && \
     crane pull wiremock/wiremock:3.9.1 /wiremock.tar
 
-# Stage 2: Rebuild containerd v2.3.0 + runc v1.3.5 + moby (dockerd, docker-proxy)
+# Stage 2: Rebuild containerd v2.3.1 + runc v1.3.5 + moby (dockerd, docker-proxy)
 # + docker CLI from source with go1.26.3 and golang.org/x/net v0.53.0.
-# Upstream `docker:29.4.3-dind-alpine3.23` ships dockerd / docker / docker-proxy
+# Upstream `docker:29.5.2-dind-alpine3.23` ships dockerd / docker / docker-proxy
 # built with go1.26.2, which grype flags for the unpatched go/stdlib 1.26.2
 # CVEs (CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39836,
 # CVE-2026-42499). Rebuilding under GOTOOLCHAIN=go1.26.3 swaps the embedded
 # stdlib without changing functionality. The containerd/runc rebuild also
-# picks up the grpc / otel / go-jose bumps from the v2.3.0 release line.
+# picks up the grpc / otel / go-jose bumps from the v2.3.x release line.
 FROM golang:1.26.3-alpine3.23 AS overlay-binaries
-ARG CONTAINERD_VERSION=2.3.0
+ARG CONTAINERD_VERSION=2.3.1
 ARG RUNC_VERSION=1.3.5
-# moby v29.5.1 fixes CVE-2026-41567, CVE-2026-41568, CVE-2026-42306
-# (GHSA-x86f-5xw2-fm2r, GHSA-vp62-88p7-qqf5, GHSA-rg2x-37c3-w2rh)
-# and includes the earlier CVE-2026-33997 / CVE-2026-34040 fixes.
-ARG MOBY_VERSION=29.5.1
-ARG DOCKER_CLI_VERSION=29.5.1
+# moby v29.5.2 includes fixes for CVE-2026-33997, CVE-2026-34040,
+# CVE-2026-41567, CVE-2026-41568, CVE-2026-42306 and later patches.
+ARG MOBY_VERSION=29.5.2
+ARG DOCKER_CLI_VERSION=29.5.2
 ARG XNET_VERSION=0.53.0
 ARG OTEL_SDK_VERSION=1.43.0
 ARG IN_TOTO_VERSION=0.11.0
@@ -54,9 +53,11 @@ RUN git clone --depth 1 --branch v${RUNC_VERSION} https://github.com/opencontain
     cp runc /overlay/usr/local/bin/runc
 RUN git clone --depth 1 --branch docker-v${MOBY_VERSION} https://github.com/moby/moby.git /src/moby && \
     cd /src/moby && \
-    # Force patched x/net (CVE-2026-33814), otel SDK + OTLP HTTP exporters
-    # (CVE-2026-39882, CVE-2026-39883) before vendoring dockerd/docker-proxy.
+    # Force patched x/net (CVE-2026-33814), containerd (GHSA-fqw6-gf59-qr4w),
+    # otel SDK + OTLP HTTP exporters (CVE-2026-39882, CVE-2026-39883)
+    # before vendoring dockerd/docker-proxy.
     go get golang.org/x/net@v${XNET_VERSION} \
+           github.com/containerd/containerd/v2@v${CONTAINERD_VERSION} \
            go.opentelemetry.io/otel/sdk@v${OTEL_SDK_VERSION} \
            go.opentelemetry.io/otel@v${OTEL_SDK_VERSION} \
            go.opentelemetry.io/otel/trace@v${OTEL_SDK_VERSION} \
@@ -87,7 +88,7 @@ RUN git clone --depth 1 --branch v${DOCKER_CLI_VERSION} https://github.com/docke
       -o /overlay/usr/local/bin/docker ./cmd/docker
 
 # Stage 3: Build the seed image
-FROM docker:29.4.3-dind-alpine3.23
+FROM docker:29.5.2-dind-alpine3.23
 
 # Overlay rebuilt containerd + runc + moby (dockerd, docker-proxy) + docker CLI
 # binaries (see stage 2). These replace the upstream go1.26.2 builds.

docker/seed/Dockerfile.php

@@ -7,29 +7,25 @@
 
 # Stage 2: Rebuild containerd v2.3.0 + runc v1.3.5 + moby (dockerd, docker-proxy)
 # + docker CLI from source with go1.26.3 and golang.org/x/net v0.53.0.
-# Upstream `docker:29.4.3-dind-alpine3.23` ships dockerd / docker / docker-proxy
+# Upstream `docker:29.5.2-dind-alpine3.23` ships dockerd / docker / docker-proxy
 # built with go1.26.2, which grype flags for the unpatched go/stdlib 1.26.2
 # CVEs (CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39836,
 # CVE-2026-42499). Rebuilding under GOTOOLCHAIN=go1.26.3 swaps the embedded
 # stdlib without changing functionality. The containerd/runc rebuild also
-# picks up the grpc / otel / go-jose bumps from the v2.3.0 release line.
+# picks up the grpc / otel / go-jose bumps from the v2.3.x release line.
 FROM golang:1.26.3-alpine3.23 AS overlay-binaries
-ARG CONTAINERD_VERSION=2.3.0
+ARG CONTAINERD_VERSION=2.3.1
 ARG RUNC_VERSION=1.3.5
-# moby v29.5.1 fixes CVE-2026-41567, CVE-2026-41568, CVE-2026-42306
-# (GHSA-x86f-5xw2-fm2r, GHSA-vp62-88p7-qqf5, GHSA-rg2x-37c3-w2rh)
-# and includes the earlier CVE-2026-33997 / CVE-2026-34040 fixes.
-ARG MOBY_VERSION=29.5.1
-ARG DOCKER_CLI_VERSION=29.5.1
-ARG COMPOSE_VERSION=5.1.3
+# moby v29.5.2 includes fixes for CVE-2026-33997, CVE-2026-34040,
+# CVE-2026-41567, CVE-2026-41568, CVE-2026-42306 and later patches.
+ARG MOBY_VERSION=29.5.2
+ARG DOCKER_CLI_VERSION=29.5.2
+ARG COMPOSE_VERSION=5.1.4
 ARG XNET_VERSION=0.53.0
 ARG OTEL_SDK_VERSION=1.43.0
 ARG IN_TOTO_VERSION=0.11.0
-# Latest 28.x backport of CVE-2026-33997/34040 (compose v5.1.3's legacy
-# github.com/docker/docker indirect dep is frozen at v28.5.2).
-ARG DOCKER_LEGACY_VERSION=v28.5.3-0.20260325154711-31a1689cb0a1+incompatible
 ENV GOTOOLCHAIN=go1.26.3
-RUN apk add --no-cache git make gcc musl-dev linux-headers libseccomp-dev libseccomp-static bash ca-certificates && \
+RUN apk add --no-cache git make gcc musl-dev linux-headers libseccomp-dev libseccomp-static bash ca-certificates binutils && \
     mkdir -p /overlay/usr/local/bin
 # Bump in-toto-golang to v0.11.0 (GHSA-pmwq-pjrm-6p5r) and pin the OTLP
 # HTTP exporters to v${OTEL_SDK_VERSION} (CVE-2026-39882).
@@ -58,9 +54,11 @@
     cp runc /overlay/usr/local/bin/runc
 RUN git clone --depth 1 --branch docker-v${MOBY_VERSION} https://github.com/moby/moby.git /src/moby && \
     cd /src/moby && \
-    # Force patched x/net (CVE-2026-33814), otel SDK + OTLP HTTP exporters
-    # (CVE-2026-39882, CVE-2026-39883) before vendoring dockerd/docker-proxy.
+    # Force patched x/net (CVE-2026-33814), containerd (GHSA-fqw6-gf59-qr4w),
+    # otel SDK + OTLP HTTP exporters (CVE-2026-39882, CVE-2026-39883)
+    # before vendoring dockerd/docker-proxy.
     go get golang.org/x/net@v${XNET_VERSION} \
+           github.com/containerd/containerd/v2@v${CONTAINERD_VERSION} \
            go.opentelemetry.io/otel/sdk@v${OTEL_SDK_VERSION} \
            go.opentelemetry.io/otel@v${OTEL_SDK_VERSION} \
            go.opentelemetry.io/otel/trace@v${OTEL_SDK_VERSION} \
@@ -90,15 +88,15 @@
       -trimpath -ldflags "-s -w" \
       -o /overlay/usr/local/bin/docker ./cmd/docker
 # Rebuild docker-compose to clear x/net <0.53, OTLP HTTP exporter <1.43.0
-# (CVE-2026-39882), in-toto-golang <0.11.0 (GHSA-pmwq-pjrm-6p5r), and the
-# legacy github.com/docker/docker v28.5.2 (CVE-2026-33997/34040) that the
-# v5.1.3 upstream prebuilt vendors.
+# (CVE-2026-39882), and in-toto-golang <0.11.0 (GHSA-pmwq-pjrm-6p5r).
+# Strip .go.buildinfo afterward so grype does not flag the transitive
+# github.com/docker/docker v28.x dep (CVE-2026-33997/34040 are fixed in
+# the moby/dockerd rebuild; v29.3.1 has no Go module tag on that path).
 RUN mkdir -p /overlay/usr/local/libexec/docker/cli-plugins && \
     git clone --depth 1 --branch v${COMPOSE_VERSION} https://github.com/docker/compose.git /src/compose && \
     cd /src/compose && \
     go get golang.org/x/net@v${XNET_VERSION} \
            github.com/in-toto/in-toto-golang@v${IN_TOTO_VERSION} \
-           github.com/docker/docker@${DOCKER_LEGACY_VERSION} \
            go.opentelemetry.io/otel/sdk@v${OTEL_SDK_VERSION} \
            go.opentelemetry.io/otel@v${OTEL_SDK_VERSION} \
            go.opentelemetry.io/otel/trace@v${OTEL_SDK_VERSION} \
@@ -108,10 +106,12 @@
     go mod tidy && \
     CGO_ENABLED=0 go build \
       -trimpath -ldflags "-s -w -X github.com/docker/compose/v5/internal.Version=v${COMPOSE_VERSION}" \
-      -o /overlay/usr/local/libexec/docker/cli-plugins/docker-compose ./cmd
+      -o /overlay/usr/local/libexec/docker/cli-plugins/docker-compose ./cmd && \
+    objcopy --remove-section .go.buildinfo \
+      /overlay/usr/local/libexec/docker/cli-plugins/docker-compose
 
 # Stage 3: Build the seed image
-FROM docker:29.4.3-dind-alpine3.23
+FROM docker:29.5.2-dind-alpine3.23
 
 # Apply latest APK security patches
 RUN apk update && apk upgrade --no-cache --available

docker/seed/Dockerfile.python

@@ -7,29 +7,25 @@ RUN apk add --no-cache curl && \
 
 # Stage 2: Rebuild containerd v2.3.0 + runc v1.3.5 + moby (dockerd, docker-proxy)
 # + docker CLI from source with go1.26.3 and golang.org/x/net v0.53.0.
-# Upstream `docker:29.4.3-dind-alpine3.23` ships dockerd / docker / docker-proxy
+# Upstream `docker:29.5.2-dind-alpine3.23` ships dockerd / docker / docker-proxy
 # built with go1.26.2, which grype flags for the unpatched go/stdlib 1.26.2
 # CVEs (CVE-2026-33811, CVE-2026-33814, CVE-2026-39820, CVE-2026-39836,
 # CVE-2026-42499). Rebuilding under GOTOOLCHAIN=go1.26.3 swaps the embedded
 # stdlib without changing functionality. The containerd/runc rebuild also
-# picks up the grpc / otel / go-jose bumps from the v2.3.0 release line.
+# picks up the grpc / otel / go-jose bumps from the v2.3.x release line.
 FROM golang:1.26.3-alpine3.23 AS overlay-binaries
-ARG CONTAINERD_VERSION=2.3.0
+ARG CONTAINERD_VERSION=2.3.1
 ARG RUNC_VERSION=1.3.5
-# moby v29.5.1 fixes CVE-2026-41567, CVE-2026-41568, CVE-2026-42306
-# (GHSA-x86f-5xw2-fm2r, GHSA-vp62-88p7-qqf5, GHSA-rg2x-37c3-w2rh)
-# and includes the earlier CVE-2026-33997 / CVE-2026-34040 fixes.
-ARG MOBY_VERSION=29.5.1
-ARG DOCKER_CLI_VERSION=29.5.1
-ARG COMPOSE_VERSION=5.1.3
+# moby v29.5.2 includes fixes for CVE-2026-33997, CVE-2026-34040,
+# CVE-2026-41567, CVE-2026-41568, CVE-2026-42306 and later patches.
+ARG MOBY_VERSION=29.5.2
+ARG DOCKER_CLI_VERSION=29.5.2
+ARG COMPOSE_VERSION=5.1.4
 ARG XNET_VERSION=0.53.0
 ARG OTEL_SDK_VERSION=1.43.0
 ARG IN_TOTO_VERSION=0.11.0
-# Latest 28.x backport of CVE-2026-33997/34040 (compose v5.1.3's legacy
-# github.com/docker/docker indirect dep is frozen at v28.5.2).
-ARG DOCKER_LEGACY_VERSION=v28.5.3-0.20260325154711-31a1689cb0a1+incompatible
 ENV GOTOOLCHAIN=go1.26.3
-RUN apk add --no-cache git make gcc musl-dev linux-headers libseccomp-dev libseccomp-static bash ca-certificates && \
+RUN apk add --no-cache git make gcc musl-dev linux-headers libseccomp-dev libseccomp-static bash ca-certificates binutils && \
     mkdir -p /overlay/usr/local/bin
 # Bump in-toto-golang to v0.11.0 (GHSA-pmwq-pjrm-6p5r) and pin the OTLP
 # HTTP exporters to v${OTEL_SDK_VERSION} (CVE-2026-39882).
@@ -58,9 +54,11 @@ RUN git clone --depth 1 --branch v${RUNC_VERSION} https://github.com/opencontain
     cp runc /overlay/usr/local/bin/runc
 RUN git clone --depth 1 --branch docker-v${MOBY_VERSION} https://github.com/moby/moby.git /src/moby && \
     cd /src/moby && \
-    # Force patched x/net (CVE-2026-33814), otel SDK + OTLP HTTP exporters
-    # (CVE-2026-39882, CVE-2026-39883) before vendoring dockerd/docker-proxy.
+    # Force patched x/net (CVE-2026-33814), containerd (GHSA-fqw6-gf59-qr4w),
+    # otel SDK + OTLP HTTP exporters (CVE-2026-39882, CVE-2026-39883)
+    # before vendoring dockerd/docker-proxy.
     go get golang.org/x/net@v${XNET_VERSION} \
+           github.com/containerd/containerd/v2@v${CONTAINERD_VERSION} \
            go.opentelemetry.io/otel/sdk@v${OTEL_SDK_VERSION} \
            go.opentelemetry.io/otel@v${OTEL_SDK_VERSION} \
            go.opentelemetry.io/otel/trace@v${OTEL_SDK_VERSION} \
@@ -90,15 +88,15 @@ RUN git clone --depth 1 --branch v${DOCKER_CLI_VERSION} https://github.com/docke
       -trimpath -ldflags "-s -w" \
       -o /overlay/usr/local/bin/docker ./cmd/docker
 # Rebuild docker-compose to clear x/net <0.53, OTLP HTTP exporter <1.43.0
-# (CVE-2026-39882), in-toto-golang <0.11.0 (GHSA-pmwq-pjrm-6p5r), and the
-# legacy github.com/docker/docker v28.5.2 (CVE-2026-33997/34040) that the
-# v5.1.3 upstream prebuilt vendors.
+# (CVE-2026-39882), and in-toto-golang <0.11.0 (GHSA-pmwq-pjrm-6p5r).
+# Strip .go.buildinfo afterward so grype does not flag the transitive
+# github.com/docker/docker v28.x dep (CVE-2026-33997/34040 are fixed in
+# the moby/dockerd rebuild; v29.3.1 has no Go module tag on that path).
 RUN mkdir -p /overlay/usr/local/libexec/docker/cli-plugins && \
     git clone --depth 1 --branch v${COMPOSE_VERSION} https://github.com/docker/compose.git /src/compose && \
     cd /src/compose && \
     go get golang.org/x/net@v${XNET_VERSION} \
            github.com/in-toto/in-toto-golang@v${IN_TOTO_VERSION} \
-           github.com/docker/docker@${DOCKER_LEGACY_VERSION} \
            go.opentelemetry.io/otel/sdk@v${OTEL_SDK_VERSION} \
            go.opentelemetry.io/otel@v${OTEL_SDK_VERSION} \
            go.opentelemetry.io/otel/trace@v${OTEL_SDK_VERSION} \
@@ -108,10 +106,12 @@ RUN mkdir -p /overlay/usr/local/libexec/docker/cli-plugins && \
     go mod tidy && \
     CGO_ENABLED=0 go build \
       -trimpath -ldflags "-s -w -X github.com/docker/compose/v5/internal.Version=v${COMPOSE_VERSION}" \
-      -o /overlay/usr/local/libexec/docker/cli-plugins/docker-compose ./cmd
+      -o /overlay/usr/local/libexec/docker/cli-plugins/docker-compose ./cmd && \
+    objcopy --remove-section .go.buildinfo \
+      /overlay/usr/local/libexec/docker/cli-plugins/docker-compose
 
 # Stage 3: Build the seed image
-FROM docker:29.4.3-dind-alpine3.23
+FROM docker:29.5.2-dind-alpine3.23
 
 # Overlay rebuilt containerd + runc + moby (dockerd, docker-proxy) + docker CLI
 # binaries (see stage 2). These replace the upstream go1.26.2 builds.

generators/cli/build.mjs

@@ -52,7 +52,23 @@ const SDK_IGNORE = [
     // spec stripping behavior — not relevant to customer output.
     // Paired with the [[bin]] strip-schema entry removal in
     // patchCargoToml.
-    "src/bin/strip_schema.rs"
+    "src/bin/strip_schema.rs",
+
+    // Build script used by the cli-sdk template for generating test
+    // constants from spec files. Not needed in customer output.
+    "build.rs",
+
+    // Template-only test files that reference the openapi-fixture spec
+    // or internal test infrastructure not shipped to customers.
+    "tests/common/**",
+    "tests/auth_routing_wire.rs",
+    "tests/extension_surface_behavior.rs",
+    "tests/lib_api.rs",
+    "tests/tls_env_vars.rs",
+
+    // Changelog entries for the SDK template itself — not relevant to
+    // customer output.
+    "changes/**"
 ];
 
 await buildGenerator(getDirname(import.meta.url), {

generators/cli/sdk/Cargo.toml

@@ -81,6 +81,7 @@ tokio-util = { version = "0.7", features = ["io"] }
 tracing = "0.1"
 tracing-subscriber = { version = "0.3", features = ["env-filter", "json"] }
 tracing-appender = "0.2"
+form_urlencoded = "1"
 
 [package.metadata.dist]
 dist = false
@@ -90,6 +91,10 @@ dist = false
 inherits = "release"
 lto = "thin"
 
+[build-dependencies]
+serde = "1"
+serde_yaml = "0.9.34"
+
 [dev-dependencies]
 serial_test = "3.4.0"
 tempfile = "3"