chore(deps): bump the rust-minor-patch group across 1 directory with 10 updates

[dependabot]

Bumps the rust-minor-patch group with 10 updates in the / directory:

Package	From	To
russh	0.61.1	0.61.2
regex	1.12.3	1.12.4
chrono	0.4.44	0.4.45
zeroize	1.8.2	1.9.0
uuid	1.23.2	1.23.3
aws-config	1.8.17	1.8.18
jaq-core	3.0.0	3.1.0
jaq-std	3.0.0	3.0.1
jaq-json	2.0.0	2.0.1
insta	1.47.2	1.48.0

Updates russh from 0.61.1 to 0.61.2

Release notes

Sourced from russh's releases.

v0.61.2

Changes

• f1a0f18: fixed #716 - ensure dynamic AgentClient refs are generally Send (#717) (Eugene) #717
• 6dc4919: expose channel number from ChannelId (Eugene)

Fixes

• support SEC1 EC keys with full domain parameters (#719) #719 (Moder Steven)
• aa48fa7: make DhGroup fields public (Eugene)
• ca8ae67: update auth_publickey_offered doc (Eugene)
• 761483a: fixed #720 - bump deps (#721) (Eugene) #721

Commits

• ff74d73 v0.61.2
• e7f9f06 fix: support SEC1 EC keys with full domain parameters (#719)
• 761483a fixed #720 - bump deps (#721)
• f1a0f18 fixed #716 - ensure dynamic AgentClient refs are generally Send (#717)
• 5cac7f3 doc fix
• 3f009e8 fmt
• 88348ec docs cleanup
• ca8ae67 update auth_publickey_offered doc
• 9422a5d fmt
• aa48fa7 make DhGroup fields public
• Additional commits viewable in compare view

Updates regex from 1.12.3 to 1.12.4

Changelog

Sourced from regex's changelog.

1.12.4 (2025-06-09)

This release includes a performance optimization for compilation of regexes with very large character classes.

Improvements:

• #1308: Avoid re-canonicalizing the entire interval set when pushing new class ranges.

Commits

• 7b96fdc 1.12.4
• 7b89cf0 deps: update to regex-syntax 0.8.11
• 1401679 regex-syntax-0.8.11
• d709000 changelog: 1.12.4
• 9825c74 syntax: avoid re-canonicalizing the entire IntervalSet on push (#1308)
• a7f2ff6 docs: clarify regex-lite word boundaries
• 2c7b172 docs: clarify unsupported Anchored::Pattern searches
• 839d16b regex-syntax-0.8.10
• c4865a0 syntax: fix negation handling in HIR translation
• d8761c0 cargo: also include benches
• Additional commits viewable in compare view

Updates chrono from 0.4.44 to 0.4.45

Release notes

Sourced from chrono's releases.

0.4.45

What's Changed

• fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow by @​SAY-5 in chronotope/chrono#1787
• tz_data: fix tzdata locations on Android by @​caruschalalamove in chronotope/chrono#1789

Commits

• 1703382 Prepare 0.4.45 release
• 881f9ab tz_data: fix tzdata locations on Android
• f14ead4 fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow
• c6063e6 Update similar-asserts requirement from 1.6.1 to 2.0.0
• 120686c Bump codecov/codecov-action from 5 to 6
• See full diff in compare view

Updates zeroize from 1.8.2 to 1.9.0

Commits

• 0b71573 zeroize v1.9.0 (#1494)
• 3e3f18c zeroize: always enable AVX-512 support (#1493)
• 1ea42bb zeroize_derive v1.5.0 (#1492)
• 8d785d1 zeroize: rustdoc improvements (#1491)
• d844f36 zeroize: incorporate README.md into rustdoc (#1490)
• c65c09d ctutils: use reason instead of comment in forbid attribute (#1489)
• cbd0963 Release block-buffer v0.12.1 (#1488)
• 9aa541d block-buffer: fix exception safety (#1487)
• 5c7e4f9 cmov v0.5.4 (#1485)
• 87cadbc cmov: fix clippy (#1484)
• Additional commits viewable in compare view

Updates uuid from 1.23.2 to 1.23.3

Release notes

Sourced from uuid's releases.

v1.23.3

What's Changed

• Fix up parser panic on empty input by @​KodrAus in uuid-rs/uuid#886
• Prepare for 1.23.3 release by @​KodrAus in uuid-rs/uuid#887

Full Changelog: uuid-rs/uuid@v1.23.2...v1.23.3

Commits

• 20da78b Merge pull request #887 from uuid-rs/cargo/v1.23.3
• 62232ca prepare for 1.23.3 release
• 2320c6a Merge pull request #886 from uuid-rs/fix/parser-panics
• 2d034d4 fix some invalid indexers on error reporting
• a8b9f14 update fuzz infra and run in CI
• See full diff in compare view

Updates aws-config from 1.8.17 to 1.8.18

Commits

• See full diff in compare view

Updates jaq-core from 3.0.0 to 3.1.0

Release notes

Sourced from jaq-core's releases.

3.1

This release adds support for jq's input_filename filter --- thanks to @​a-n-d-r-e-w-l 01mf02/jaq#432! Furthermore, at places where jaq accepted filters like .a["b"], it now also accepts (equivalent) filters such as .a.["b"] (note the added dot after .a). 01mf02/jaq#423 Finally, this release corrects the indexing of arrays with an empty array, which previously panicked 01mf02/jaq#439. Thanks to @​leeewee for spotting this!

API

The biggest change in this release is that calls to halt in jq filters can now be handled by users of the jaq API, instead of forcing a termination of the process. Thanks to @​a-n-d-r-e-w-l 01mf02/jaq#433! This has a few implications:

• The signature of jaq_all::data::run had to be changed, resulting in a new major version of jaq-all.
• To preserve semantic versioning stability guarantees, the jaq_core::unwrap_valr function still terminates the current process if halt is called, but only if the std feature is enabled --- otherwise, unwrap_valr panics! You need to take action to prevent panics if all of the following conditions hold:
  1. you use jaq_core::unwrap_valr,
  2. you have disabled the std feature in jaq_core, and
  3. you run filters that may call halt.

Furthermore, this version makes it possible to clone definitions, which can speed up compiling many different jq filters. 01mf02/jaq#430

Full Changelog: 01mf02/jaq@v3.0.0...v3.1.0

Commits

• ebd9d94 Prepare 3.1 release.
• 6bb20d8 Merge pull request #420 from 01mf02/actions-update
• 6d05e0b Merge pull request #439 from 01mf02/index-empty-array
• d7329cd Add another test by @​leeewee.
• 07793e0 Correct indexing with empty array (addresses #437).
• 8402d71 Merge pull request #430 from 01mf02/def-clone
• 65db208 Merge pull request #432 from a-n-d-r-e-w-l/add-input_filename-filter
• fc6de8a Document input_filename compatibility.
• dfab196 Merge pull request #433 from a-n-d-r-e-w-l/halt-no-process-exit
• 10af673 Documentation.
• Additional commits viewable in compare view

Updates jaq-std from 3.0.0 to 3.0.1

Commits

• See full diff in compare view

Updates jaq-json from 2.0.0 to 2.0.1

Release notes

Sourced from jaq-json's releases.

2.0.1

This release corrects the behaviour of several command-line flags.

What's Changed

• Fix --null-input flag by @​null-dev in 01mf02/jaq#241
• Fix --slurpfile flag by @​null-dev in 01mf02/jaq#242
• Implement --from-file flag 01mf02/jaq@0bad031

New Contributors

• @​null-dev made their first contribution in 01mf02/jaq#241

Full Changelog: 01mf02/jaq@v2.0.0...v2.0.1

Commits

• b7f9268 Clippy.
• b9317bd Bump version to 2.0.1.
• d5e481c Merge branch 'main' of github.com:01mf02/jaq
• ef8b082 Address compiler warning.
• 0bad031 Actually implement --from-file (closes #244).
• b50f483 Merge pull request #242 from null-dev/patch-2
• 5fb671b Merge pull request #241 from null-dev/patch-1
• ea4e5e1 Fix --slurpfile flag
• 390f37e Fix --null-input flag
• 1ac39f8 Update MSRV in README.
• Additional commits viewable in compare view

Updates insta from 1.47.2 to 1.48.0

Release notes

Sourced from insta's releases.

1.48.0

Release Notes

• Add strip_ansi_escape_codes setting which removes ANSI escape sequences (color codes, cursor movement, etc.) from snapshot content before comparison. Requires the filters feature. #899 (@​pierluigilenoci)
• Add opt-in support for YAML literal blocks for multiline strings in snapshot metadata fields such as description and expression. Set INSTA_YAML_BLOCK_STYLE=1 to enable. #851 (@​ivov)
• Setting CI=true normally makes cargo insta test behave as though --check was passed. Explicit snapshot handling options such as --accept now take precedence over this environment variable, allowing users to override this behavior if they want to. #924
• Fix cargo insta test --profile being forwarded to nextest as the nextest profile instead of the cargo build profile; it now translates to --cargo-profile for the nextest runner. Add --nextest-profile to select the nextest profile. #910
• Fix cargo insta pending-snapshots printing unusable \\?\-prefixed paths on Windows. The --snapshot filter now also accepts partial paths: any trailing path suffix of the snapshot file matches, so a bare --snapshot my_test.snap works. #904
• Accepting a binary snapshot no longer fails with os error 2 when its data file is missing (e.g. gitignored and not committed). #914

Install cargo-insta 1.48.0

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.48.0/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.48.0/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.48.0

File	Platform	Checksum
cargo-insta-aarch64-apple-darwin.tar.xz	Apple Silicon macOS	checksum
cargo-insta-x86_64-apple-darwin.tar.xz	Intel macOS	checksum
cargo-insta-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
cargo-insta-x86_64-unknown-linux-gnu.tar.xz	x64 Linux	checksum
cargo-insta-x86_64-unknown-linux-musl.tar.xz	x64 MUSL Linux	checksum

Changelog

Sourced from insta's changelog.

1.48.0

• Add strip_ansi_escape_codes setting which removes ANSI escape sequences (color codes, cursor movement, etc.) from snapshot content before comparison. Requires the filters feature. #899 (@​pierluigilenoci)
• Add opt-in support for YAML literal blocks for multiline strings in snapshot metadata fields such as description and expression. Set INSTA_YAML_BLOCK_STYLE=1 to enable. #851 (@​ivov)
• Setting CI=true normally makes cargo insta test behave as though --check was passed. Explicit snapshot handling options such as --accept now take precedence over this environment variable, allowing users to override this behavior if they want to. #924
• Fix cargo insta test --profile being forwarded to nextest as the nextest profile instead of the cargo build profile; it now translates to --cargo-profile for the nextest runner. Add --nextest-profile to select the nextest profile. #910
• Fix cargo insta pending-snapshots printing unusable \\?\-prefixed paths on Windows. The --snapshot filter now also accepts partial paths: any trailing path suffix of the snapshot file matches, so a bare --snapshot my_test.snap works. #904
• Accepting a binary snapshot no longer fails with os error 2 when its data file is missing (e.g. gitignored and not committed). #914

Commits

• 7f23d2e Release 1.48.0 (#925)
• ee9cae1 Allow CI=true to be overridden by an explicitly passed --accept CLI flag ...
• 043cf82 fix: translate --profile to --cargo-profile for nextest (#913)
• 9c77f13 test: cover deep-wildcard redaction through arrays (#915)
• 362f432 Fix --snapshot filter on Windows; allow partial paths (#904)
• a436836 fix: tolerate a missing binary snapshot data file (#914)
• bf5fcdf fix: regenerate Cargo.lock and guard it with --locked in CI (#912)
• a761a9c feat: Support YAML literal blocks for multiline strings (#851)
• f9633f3 ci: pin check-minver to nightly-2026-04-25 (#905)
• c7b98b8 feat: add strip_ansi_escape_codes setting (#899)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.