Build(deps): bump the minor-and-patch group across 1 directory with 13 updates

[dependabot]

Bumps the minor-and-patch group with 13 updates in the / directory:

Package	From	To
bitcoin	0.32.8	0.32.9
tokio	1.52.1	1.52.3
clap	4.6.0	4.6.1
redb	4.0.0	4.1.0
bitflags	2.11.0	2.11.1
uuid	1.23.0	1.23.1
rand_core	0.10.0	0.10.1
aws-nitro-enclaves-nsm-api	0.5.0	0.5.1
rustls	0.23.37	0.23.40
rustls-pki-types	1.14.0	1.14.1
webpki-roots	1.0.6	1.0.7
uniffi	0.31.0	0.31.1
notify-rust	4.14.0	4.17.0

Updates bitcoin from 0.32.8 to 0.32.9

Commits

• 6cea8c9 Merge rust-bitcoin/rust-bitcoin#5900: Release tracking PR: bitcoin 0.32.9
• 54bcc5d Merge rust-bitcoin/rust-bitcoin#6106: backport: Fix Unknown NetworkMessage en...
• 2d5bc7f bitcoin: Bump version to 0.32.9
• be1dc05 backport: Fix Unknown NetworkMessage encoding
• 370d130 Merge rust-bitcoin/rust-bitcoin#6036: Release tracking PR: bitcoin-units 0.1.3
• e89dae3 units: Bump version to 0.1.3
• 9f2bb9c Merge rust-bitcoin/rust-bitcoin#6037: Fix docs and lint jobs
• 308fb97 Set DO_SCHEMARS_TEST default false
• 5b59719 CI: Use run_task script with --no-deps
• d88949e bitcoin: Remove unnecessary call to into
• Additional commits viewable in compare view

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• Additional commits viewable in compare view

Updates clap from 4.6.0 to 4.6.1

Release notes

Sourced from clap's releases.

v4.6.1

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Changelog

Sourced from clap's changelog.

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Commits

• 1420275 chore: Release
• d2c817d docs: Update changelog
• f88c94e Merge pull request #6341 from epage/sep
• acbb822 fix(complete): Reduce risk of conflict with actual subcommands
• a49fadb refactor(complete): Pull out subcommand separator
• ddc008b Merge pull request #6332 from epage/update
• 497dc50 chore: Update compatible dependencies
• dca2326 Merge pull request #6331 from clap-rs/renovate/j178-prek-action-2.x
• 54bdaa3 chore(deps): Update j178/prek-action action to v2
• f0d30d9 chore: Release
• Additional commits viewable in compare view

Updates redb from 4.0.0 to 4.1.0

Release notes

Sourced from redb's releases.

4.1.0

This release contains a large number of bug fixes discovered by AI coding agents

• Fix a bug where MultimapValue::len() and is_empty() returned stale counts after consuming entries via next_back().
• Fix a bug where restore_savepoint() used in a non-Immediate durability transaction and when there are persistent savepoints newer than the one being restored, could fail with SavepointError::InvalidSavepoint, but the savepoint would actually be partially applied. The call now fails up front with SavepointError::ImmediateDurabilityRequired.
• Fix a bug in restore_savepoint() where modifications made earlier in the transaction might not be reverted.
• Fix a bug where renaming a table that was already modified in the same transaction could cause the database to become corrupted.
• Fix a bug where calling restore_savepoint() after modifying a table in the same transaction could cause the table to become corrupted in a future transaction.
• Fix a panic when delete_table() was called on a table that had been modified in the same transaction.
• Fix a panic in restore_savepoint() when passed a Savepoint from a different Database. SavepointError::InvalidSavepoint is now returned instead.
• Fix a bug where a transaction that created a persistent savepoint and was then aborted could cause the database file to grow excessively, until the Database was dropped.
• Fix a panic in check_integrity() when called while another transaction is still alive. DatabaseError::TransactionInProgress is now returned instead.
• Fix a bug where aborting a transaction that called restore_savepoint() with a savepoint when a newer savepoint existed could cause database space to be leaked.
• Fix a bug where aborting a transaction that called restore_savepoint() would leave more recent savepoints invalid.
• Improve performance when reading concurrently from multiple threads. Around 15% speedup on some benchmarks.
• Optimize cache usage, and general write performance. Around 1.5x speedup on some benchmarks.
• Optimize memory usage.
• Other performance optimizations.

Changelog

Sourced from redb's changelog.

4.1.0 - 2026-04-19

This release contains a large number of bug fixes discovered by AI coding agents

• Fix a bug where MultimapValue::len() and is_empty() returned stale counts after consuming entries via next_back().
• Fix a bug where restore_savepoint() used in a non-Immediate durability transaction and when there are persistent savepoints newer than the one being restored, could fail with SavepointError::InvalidSavepoint, but the savepoint would actually be partially applied. The call now fails up front with SavepointError::ImmediateDurabilityRequired.
• Fix a bug in restore_savepoint() where modifications made earlier in the transaction might not be reverted.
• Fix a bug where renaming a table that was already modified in the same transaction could cause the database to become corrupted.
• Fix a bug where calling restore_savepoint() after modifying a table in the same transaction could cause the table to become corrupted in a future transaction.
• Fix a panic when delete_table() was called on a table that had been modified in the same transaction.
• Fix a panic in restore_savepoint() when passed a Savepoint from a different Database. SavepointError::InvalidSavepoint is now returned instead.
• Fix a bug where a transaction that created a persistent savepoint and was then aborted could cause the database file to grow excessively, until the Database was dropped.
• Fix a panic in check_integrity() when called while another transaction is still alive. DatabaseError::TransactionInProgress is now returned instead.
• Fix a bug where aborting a transaction that called restore_savepoint() with a savepoint when a newer savepoint existed could cause database space to be leaked.
• Fix a bug where aborting a transaction that called restore_savepoint() would leave more recent savepoints invalid.
• Improve performance when reading concurrently from multiple threads. Around 15% speedup on some benchmarks.
• Optimize cache usage, and general write performance. Around 1.5x speedup on some benchmarks.
• Optimize memory usage.
• Other performance optimizations.

Commits

• 6ed1f98 Bump version to 4.1.0
• 0a87cb7 Update changelog
• 03966a5 Require callers of get_page to provide a PageHint
• a75927f Remove some TODO comments
• a39779b Avoid allocating a page for a branch that will be immediately merged
• 6374134 Document that Table{,Multimap}Definition::new panic on empty names
• ba043e3 Avoid copying keys in leaf overwrite paths
• f42c468 Fix MultimapValue::next_back() not decrementing remaining counter
• 3756148 Clarify API contract for Key and Value traits
• 4552372 Consolidate WriteTransaction savepoint lifecycle state
• Additional commits viewable in compare view

Updates bitflags from 2.11.0 to 2.11.1

Release notes

Sourced from bitflags's releases.

2.11.1

What's Changed

• Bless compile-fail tests for current beta by @​DanielEScherzer in bitflags/bitflags#478
• example_generated.rs: add missing third slash for doc comment by @​DanielEScherzer in bitflags/bitflags#477
• Clarify self and other in method docs by @​KodrAus in bitflags/bitflags#481
• Prepare for 2.11.1 release by @​KodrAus in bitflags/bitflags#482

New Contributors

• @​DanielEScherzer made their first contribution in bitflags/bitflags#478

Full Changelog: bitflags/bitflags@2.11.0...2.11.1

Changelog

Sourced from bitflags's changelog.

2.11.1

What's Changed

• Bless compile-fail tests for current beta by @​DanielEScherzer in bitflags/bitflags#478
• example_generated.rs: add missing third slash for doc comment by @​DanielEScherzer in bitflags/bitflags#477
• Clarify self and other in method docs by @​KodrAus in bitflags/bitflags#481

New Contributors

• @​DanielEScherzer made their first contribution in bitflags/bitflags#478

Full Changelog: bitflags/bitflags@2.11.0...2.11.1

Commits

• 4ed9ffa Merge pull request #482 from KodrAus/cargo/2.11.1
• c53cd57 prepare for 2.11.1 release
• a44410a Merge pull request #481 from KodrAus/docs/clarifications
• 3d671b9 update more compile error messages
• 5f3adad fix up compile error messages
• 780765d fix up contains and intersection docs
• 97b7607 clarify self and other in method docs
• 88a7a18 Merge pull request #477 from DanielEScherzer/patch-1
• f0e4646 example_generated.rs: add missing third slash for doc comment
• a31c96f Merge pull request #478 from DanielEScherzer/beta-bless
• Additional commits viewable in compare view

Updates uuid from 1.23.0 to 1.23.1

Release notes

Sourced from uuid's releases.

v1.23.1

What's Changed

• Remove deprecated msrv feature from wasm-bindgen dependency by @​guybedford in uuid-rs/uuid#877
• fix: Timestamp::from_gregorian deprecation note by @​aznashwan in uuid-rs/uuid#878
• Prepare for 1.23.1 release by @​KodrAus in uuid-rs/uuid#879

New Contributors

• @​guybedford made their first contribution in uuid-rs/uuid#877
• @​aznashwan made their first contribution in uuid-rs/uuid#878

Full Changelog: uuid-rs/uuid@v1.23.0...v1.23.1

Commits

• ca0c85f Merge pull request #879 from uuid-rs/cargo/v1.23.1
• b4db015 prepare for 1.23.1 release
• 771069d Merge pull request #878 from aznashwan/fix-from-gregorian-deprecation-note
• 80994a2 fix: Timestamp::from_gregorian deprecation note
• 90c5be8 Merge pull request #877 from guybedford/remove-wasm-bindgen-msrv
• 8b8c4f4 Remove deprecated feature from wasm-bindgen dependency
• See full diff in compare view

Updates rand_core from 0.10.0 to 0.10.1

Release notes

Sourced from rand_core's releases.

v0.10.1

Fixed

• Reference to the rand crate in TryRng docs (#75)

#75: rust-random/rand_core#75

New Contributors

• @​jtojnar made their first contribution in rust-random/rand_core#75

Full Changelog: rust-random/rand_core@v0.10.0...v0.10.1

Changelog

Sourced from rand_core's changelog.

0.10.1 - 2026-04-13

Fixed

• Reference to the rand crate in TryRng docs (#75)

#75: rust-random/rand_core#75

Commits

• 5cd7df4 Release v0.10.1 (#76)
• a2a15a9 Fix rand::Rng reference (#75)
• See full diff in compare view

Updates aws-nitro-enclaves-nsm-api from 0.5.0 to 0.5.1

Release notes

Sourced from aws-nitro-enclaves-nsm-api's releases.

v0.5.1

What's Changed

• Cargo.toml: Update nix dependency by @​tylerfanelli in aws/aws-nitro-enclaves-nsm-api#67
• Add ABI compatibile version naming, update to 0.5.1 by @​tylerfanelli in aws/aws-nitro-enclaves-nsm-api#68

Full Changelog: aws/aws-nitro-enclaves-nsm-api@v0.5.0...v0.5.1

Changelog

Sourced from aws-nitro-enclaves-nsm-api's changelog.

0.5.1

• Bump nix dependency to 0.31
• Add ABI compatibility version naming to libnsm soname install process

Commits

• 8785071 Update to 0.5.1
• 24409fd install: Add ABI version naming to libnsm soname
• 91d3ef8 nsm-test: Update nix dependency
• 0187319 Cargo.toml: Update nix dependency
• See full diff in compare view

Updates rustls from 0.23.37 to 0.23.40

Commits

• b44c09f Prepare 0.23.40
• e7a555f Prefer Ord::max to core::cmp
• c0005be ech: base inner name padding on actual extension
• 4e49529 ech: test inner name padding
• 3e06ef1 ech: add both name and "gross" padding
• c574ffd ech: avoid short-lived allocation for padding
• 8bf935c ech: pop comment from match arm
• 9088004 ech: expand maximum_name_length to usize ASAP
• a612901 Default require_ems based on CryptoProvider FIPS status
• 0541605 Cargo: version 0.23.38 -> 0.23.39
• Additional commits viewable in compare view

Updates rustls-pki-types from 1.14.0 to 1.14.1

Release notes

Sourced from rustls-pki-types's releases.

1.14.1

Parsing PEM will now error for PEM sections larger than 256 MB in size, to avoid running out of memory during parsing. The limit was chosen based on historical data from large certificate revocation lists from the web PKI.

What's Changed

• Remove mention of rustls-pemfile from docs by @​ranile in rustls/pki-types#103
• Update ECH reference to RFC9849 by @​ctz in rustls/pki-types#104
• pem: error for sections that are too large by @​djc in rustls/pki-types#106
• Update ECH reference to RFC 9849 by @​ctz in rustls/pki-types#107
• Adjust PEM size limit to account for huge CRLs by @​ctz in rustls/pki-types#108

Commits

• bb3c1da Adjust PEM size limit to account for huge CRLs
• 20bcfe1 Bump version to 1.14.1
• b796d3d pem: error for sections that are too large
• 422d8cf Update ECH reference to RFC 9849
• 14ce65c Remove mention of rustls-pemfile from docs
• See full diff in compare view

Updates webpki-roots from 1.0.6 to 1.0.7

Release notes

Sourced from webpki-roots's releases.

1.0.7

For their April 2026 root store changes, Mozilla has made more changes than usual:

These changes are part of Mozilla’s ongoing root store maintenance under the Mozilla Root Store Policy (MRSP), including §7.4 (Root CA Lifecycles) and §7.5.3 (Transition Plans). They reflect a combination of lifecycle-based transitions, CA operator requests, and alignment with intended certificate usage, including retiring older or less suitable root certificates, enforcing clear separation of trust purposes (e.g., TLS vs. S/MIME), and reducing unnecessary trust surface in the Web PKI ecosystem. Collectively, these actions help to ensure that root certificates are relied upon only for their intended and actively maintained use cases, or are retired in accordance with established distrust timelines.

This removes:

• CN=Certigna O=Dhimyotis
• CN=COMODO Certification Authority O=COMODO CA Limited
• CN=DigiCert Assured ID Root CA O=DigiCert Inc OU=www.digicert.com
• CN=DigiCert Global Root CA O=DigiCert Inc OU=www.digicert.com
• CN=DigiCert High Assurance EV Root CA O=DigiCert Inc OU=www.digicert.com
• CN=FIRMAPROFESIONAL CA ROOT-A WEB O=Firmaprofesional SA
• CN=GTS Root R2 O=Google Trust Services LLC
• CN=QuoVadis Root CA 2 O=QuoVadis Limited
• CN=QuoVadis Root CA 3 O=QuoVadis Limited
• CN=Secure Global CA O=SecureTrust Corporation
• CN=SecureTrust CA O=SecureTrust Corporation
• CN=SwissSign Gold CA - G2 O=SwissSign AG
• CN=TeliaSonera Root CA v1 O=TeliaSonera
• CN=Trustwave Global Certification Authority O=Trustwave Holdings, Inc.
• CN=Trustwave Global ECC P256 Certification Authority O=Trustwave Holdings, Inc.
• CN=Trustwave Global ECC P384 Certification Authority O=Trustwave Holdings, Inc.
• O=certSIGN OU=certSIGN ROOT CA

See their announcement for more details.

What's Changed

• Take semver-compatible dependency updates by @​djc in rustls/webpki-roots#116
• Take semver-compatible dependency updates by @​djc in rustls/webpki-roots#117
• Take semver-compatible updates by @​ctz in rustls/webpki-roots#118
• Prepare 1.0.7 by @​djc in rustls/webpki-roots#120
• Update dependencies by @​djc in rustls/webpki-roots#119

Full Changelog: rustls/webpki-roots@v/1.0.6...v/1.0.7

Commits

• be94846 Update dependencies (#119)
• 76476f9 Prepare 1.0.7 (#120)
• ed392f4 Take semver-compatible updates (#118)
• ec8b744 Take semver-compatible dependency updates (#117)
• 84a0c23 Take semver-compatible dependency updates (#116)
• See full diff in compare view

Updates uniffi from 0.31.0 to 0.31.1

Changelog

Sourced from uniffi's changelog.

v0.31.1 (backend crates: v0.31.1) - (2026-04-10)

What's Fixed

• Swift: Fixed iOS crash when address sanitizer is enabled #2821
• Swift: Fixed memory link in async code #2854

All changes in v0.31.1.

Commits

• ec08cf9 Changelog update for 0.31.1
• bf3350f chore: Release
• 8b3b75c chore: Release
• 75104e4 Refactor rust_future_free to use Handle::into_arc instead of `Handle::int...
• 105a6cc fix vtable
• 1c3bb28 Fix list in async-overview.md
• 08301a7 Update CHANGELOG links to point to v0.27 documentation
• d729f29 Fix broken ext_types_wrapped links in CHANGELOG.md
• afe8f3f Fix broken documentation links in current docs
• See full diff in compare view

Updates notify-rust from 4.14.0 to 4.17.0

Release notes

Sourced from notify-rust's releases.

v4.16.0

Full Changelog: hoodie/notify-rust@v4.15.0...v4.16.0

v4.15.0

What's Changed

• feat: Add non-blocking wait_for_action_async by @​VAWVAW in hoodie/notify-rust#262

New Contributors

• @​VAWVAW made their first contribution in hoodie/notify-rust#262

Full Changelog: hoodie/notify-rust@v4.14.0...v4.15.0

Changelog

Sourced from notify-rust's changelog.

Changelog

v4.16.1 (2026-04-29)

Fixes

• return Result from handle_action instead of panicking on D-Bus errors (dbd4fd6), closes #54

v4.16.0 (2026-04-19)

Features

• add images_no_default_features crate feature for downstream users wishing to manually specify image sub-features. (6a42dd0)

v4.15.0 (2026-04-14)

Features

• add non-blocking wait_for_action_async (9f3613c)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions