chore(deps): bump the rust-minor-patch group across 1 directory with 8 updates

[dependabot]

Bumps the rust-minor-patch group with 8 updates in the / directory:

Package	From	To
tokio	1.52.1	1.52.3
russh	0.60.1	0.60.2
russh-sftp	2.1.1	2.1.2
clap_complete	4.6.2	4.6.4
const-hex	1.18.1	1.19.0
tower-http	0.6.8	0.6.10
reqwest	0.13.1	0.13.3
filetime	0.2.27	0.2.28

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• Additional commits viewable in compare view

Updates russh from 0.60.1 to 0.60.2

Commits

• c4ba20d v0.60.2
• 2a49916 fixed #697 - pin all pre-release dependencies
• c31cbc9 Fix channel write ordering with pending data (#693)
• 343a4ba Fix CI failures on main (#694)
• 5cceacf fix(negotiation): exclude SHA-1 MACs from Preferred::DEFAULT (#690)
• See full diff in compare view

Updates russh-sftp from 2.1.1 to 2.1.2

Commits

• See full diff in compare view

Updates clap_complete from 4.6.2 to 4.6.4

Commits

• 87ec1ad chore: Release
• 78f2529 docs: Update changelog
• b61f270 Merge pull request #6369 from Metbcy/fix/zsh-completion-ordering
• 74c6666 fix(complete): Keep zsh candidate order
• d142d8f Merge pull request #6360 from epage/string
• ba89563 style: Prefer explicit string operations
• bea966e Merge pull request #6359 from epage/man
• b811986 chore(man):Remove unused required-features
• 0010bf2 Merge pull request #6358 from clap-rs/renovate/crate-ci-typos-1.x
• bab9b24 chore(deps): Update compatible (dev) (#6357)
• Additional commits viewable in compare view

Updates const-hex from 1.18.1 to 1.19.0

Commits

• 5f2a3cb chore: Release const-hex version 1.19.0
• 9ec02cf chore: allow unused portable_simd
• 8b0eb94 feat: allow upper case prefix 0X (#49)
• See full diff in compare view

Updates tower-http from 0.6.8 to 0.6.10

Release notes

Sourced from tower-http's releases.

tower-http-0.6.10

Added

• follow-redirect: expose Attempt::method() and Attempt::previous_method() so redirect policies can react to method changes across redirects (e.g. POST to GET on 301/303) (#559)

Fixed

• Restore tokio and async-compression as no-op features. These will be removed next breaking release (#667)

#559: tower-rs/tower-http#559 #667: tower-rs/tower-http#667

What's Changed

• fix: restore tokio and async-compression as no-op features by @​jlizen in tower-rs/tower-http#667
• fix gate-ing of atomic64 in tests by @​alexanderkjall in tower-rs/tower-http#607
• follow_redirect: expose previous and next request methods by @​lucab in tower-rs/tower-http#559
• chore: release tower-http 0.6.10 by @​jlizen in tower-rs/tower-http#669

New Contributors

• @​lucab made their first contribution in tower-rs/tower-http#559

Full Changelog: tower-rs/tower-http@tower-http-0.6.9...tower-http-0.6.10

tower-http-0.6.9

Added:

• on-early-drop: middleware that detects when a response future or response body is dropped before completion (#636)

  Two events get hooks: the response future being dropped before the inner service produces a response, and the response body being dropped before reaching end-of-stream.

  Install custom callbacks with OnEarlyDropLayer::builder():

  use http::Request;
  use tower_http::on_early_drop::{OnBodyDropFn, OnEarlyDropLayer};
  let layer = OnEarlyDropLayer::builder()
  .on_future_drop(|req: &Request<()>| {
  let uri = req.uri().clone();
  move || eprintln!("future dropped for {}", uri)
  })
  .on_body_drop(OnBodyDropFn::new(|req: &Request<()>| {

... (truncated)

Commits

• 4532fc2 v0.6.10
• 8508cb2 follow_redirect: expose previous and next request methods (#559)
• 890f66a fix gate-ing of atomic64 in tests (#607)
• 578c2b2 fix: restore tokio and async-compression as no-op features (#667)
• eab7cbf v0.6.9
• 9c64770 feat(on-early-drop): Add middleware for client early drop detection (#636)
• 67786ff ci: Remove unnecessary protoc setup (#665)
• e442e2b examples: Use axum::body::to_bytes (#650)
• 218fe6b Make AsyncReadBody::with_capacity public (#415)
• ffd4d7c trace: adds back call to classify_eos on trailers (#483)
• Additional commits viewable in compare view

Updates reqwest from 0.13.1 to 0.13.3

Release notes

Sourced from reqwest's releases.

v0.13.3

tl;dr

• Fix CertificateRevocationList parsing of PEM values.
• Fix logging in resolver to only show host, not full URL.
• Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
• Fix HTTP/3 to handle STOP_SENDING as not an error.
• Fix HTTP/3 pool to remove timed out QUIC connections.
• Fix HTTP/3 connection establishment picking IPv4 and IPv6.
• Upgrade rustls-platform-verifier.
• (wasm) Only use wasm-bindgen on unknown-* targets.

What's Changed

• Update docs.rs Features by @​JamesWiresmith in seanmonstar/reqwest#2961
• fix: fallback to hickory_resolver's default config if reading /etc/resolv.conf fails by @​monosans in seanmonstar/reqwest#2797
• fix: remove timeout con by @​cuiweixie in seanmonstar/reqwest#2967
• http3: handle stop_sending without error by @​anuraaga in seanmonstar/reqwest#2978
• resolve: debug log to change only host by @​lms0806 in seanmonstar/reqwest#2992
• Edit reference link by @​lms0806 in seanmonstar/reqwest#2996
• docs: more accurate about default HTTP2 window sizes by @​seanmonstar in seanmonstar/reqwest#3007
• [HTTP/3] Optimize IPv6 fallback and enforce HTTPS scheme #2911 by @​lyuzichong in seanmonstar/reqwest#3006
• Upgrade rustls-platform-verifier by @​jplatte in seanmonstar/reqwest#3010
• use wasm-bindgen ecosystem only for wasm32-unknown-* target by @​Ludea in seanmonstar/reqwest#3000
• fix rustls crl pem parsing by @​Threated in seanmonstar/reqwest#3013
• docs(retry): include ReqRep in docsrs by @​seanmonstar in seanmonstar/reqwest#3020

New Contributors

• @​JamesWiresmith made their first contribution in seanmonstar/reqwest#2961
• @​monosans made their first contribution in seanmonstar/reqwest#2797
• @​cuiweixie made their first contribution in seanmonstar/reqwest#2967
• @​anuraaga made their first contribution in seanmonstar/reqwest#2978
• @​lms0806 made their first contribution in seanmonstar/reqwest#2992
• @​lyuzichong made their first contribution in seanmonstar/reqwest#3006
• @​Ludea made their first contribution in seanmonstar/reqwest#3000

Full Changelog: seanmonstar/reqwest@v0.13.2...v0.13.3

v0.13.2

tl;dr

• Fix HTTP/2 and native-tls ALPN feature combinations.
• Fix HTTP/3 to send h3 ALPN.
• (wasm) fix RequestBuilder::json() from override previously set content-type.

What's Changed

• chore(deps): bump actions/checkout from 5 to 6 by @​dependabot[bot] in seanmonstar/reqwest#2921
• Update readme for 0.13 by @​VojtaStanek in seanmonstar/reqwest#2926
• fix http2 feature is not enabled for "native-tls" by @​fox0 in seanmonstar/reqwest#2927
• chore(deps): remove unused webpki-roots and rustls-native-certs by @​seanmonstar in seanmonstar/reqwest#2932
• docs: native-tls-alpn has changed to native-tls-no-alpn by @​seanmonstar in seanmonstar/reqwest#2940

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.13.3

• Fix CertificateRevocationList parsing of PEM values.
• Fix logging in resolver to only show host, not full URL.
• Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
• Fix HTTP/3 to handle STOP_SENDING as not an error.
• Fix HTTP/3 pool to remove timed out QUIC connections.
• Fix HTTP/3 connection establishment picking IPv4 and IPv6.
• Upgrade rustls-platform-verifier.
• (wasm) Only use wasm-bindgen on unknown-* targets.

v0.13.2

• Fix HTTP/2 and native-tls ALPN feature combinations.
• Fix HTTP/3 to send h3 ALPN.
• (wasm) fix RequestBuilder::json() from override previously set content-type.

Commits

• a9a88c4 v0.13.3
• f3f6d9d docs(retry): include ReqRep in docsrs (#3020)
• 5f9c231 fix rustls CRL PEM parsing (#3013)
• 11d835d use wasm-bindgen ecosystem only for wasm32-unknown-* target (#3000)
• 1f72916 Upgrade rustls-platform-verifier (#3010)
• 5d5bf35 [HTTP/3] Optimize IPv6 fallback and enforce HTTPS scheme #2911 (#3006)
• 93dc1b2 docs: more accurate about default HTTP2 window sizes (#3007)
• c5e50f0 docs: update outdated link in comments
• b25611f resolve: debug log to change only host (#2992)
• ca1f479 http3: handle stop_sending without error (#2978)
• Additional commits viewable in compare view

Updates filetime from 0.2.27 to 0.2.28

Commits

• b10e535 Bump to 0.2.28
• 646bce9 Update README
• 190eafe Add QNX Neutrino (nto) to utimensat platform list (#120)
• 13d4570 Use the standard library for most of the crate (#121)
• 75abafa impl From<FileTime> for SystemTime (#119)
• 06a6f24 use libc::UTIME_OMIT (#117)
• See full diff in compare view

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.