chore(dep): bump the deps group with 7 updates

[dependabot]

Bumps the deps group with 7 updates:

Package	From	To
tokio	1.44.2	1.45.1
clap	4.5.37	4.5.39
openssl	0.10.72	0.10.73
pyo3	0.24.2	0.25.0
clap_complete	4.5.48	4.5.52
reqwest	0.12.15	0.12.18
nix	0.30.0	0.30.1

Updates tokio from 1.44.2 to 1.45.1

Release notes

Sourced from tokio's releases.

Tokio v1.45.1

1.45.1 (May 24th, 2025)

This fixes a regression on the wasm32-unknown-unknown target, where code that previously did not panic due to calls to Instant::now() started failing. This is due to the stabilization of the first time-based metric.

Fixed

• Disable time-based metrics on wasm32-unknown-unknown (#7322)

#7322: tokio-rs/tokio#7322

Tokio v1.45.0

Added

• metrics: stabilize worker_total_busy_duration, worker_park_count, and worker_unpark_count (#6899, #7276)
• process: add Command::spawn_with (#7249)

Changed

• io: do not require Unpin for some trait impls (#7204)
• rt: mark runtime::Handle as unwind safe (#7230)
• time: revert internal sharding implementation (#7226)

Unstable

• rt: remove alt multi-threaded runtime (#7275)

#6899: tokio-rs/tokio#6899 #7276: tokio-rs/tokio#7276 #7249: tokio-rs/tokio#7249 #7204: tokio-rs/tokio#7204 #7230: tokio-rs/tokio#7230 #7226: tokio-rs/tokio#7226 #7275: tokio-rs/tokio#7275

Commits

• 3768696 chore: prepare Tokio v1.45.1 (#7359)
• 421a7b0 rt: do not track time-based metrics on wasm32-unknown-unknown (#7322)
• b1bdb3c ci: update macros_type_mismatch for Rust 1.87.0 (#7339)
• 00754c8 chore: prepare Tokio v1.45.0 (#7308)
• 1ae9434 time: revert "use sharding for timer implementation" related changes (#7226)
• 8895bba ci: Test AArch64 Windows (#7288)
• 48ca254 time: update sleep documentation to reflect maximum allowed duration (#7302)
• a0af02a compat: add more documentation to tokio_util::compat (#7279)
• 0ce3a11 metrics: stabilize worker_park_count and worker_unpark_count (#7276)
• 1ea9ce1 ci: fix cfg!(miri) declarations in tests (#7286)
• Additional commits viewable in compare view

Updates clap from 4.5.37 to 4.5.39

Release notes

Sourced from clap's releases.

v4.5.39

[4.5.39] - 2025-05-27

Fixes

• (help) Show short flag aliases before long
• (help) Merge the short and long flag alias lists

v4.5.38

[4.5.38] - 2025-05-11

Fixes

• (help) When showing aliases, include leading -- or -

Changelog

Sourced from clap's changelog.

[4.5.39] - 2025-05-27

Fixes

• (help) Show short flag aliases before long
• (help) Merge the short and long flag alias lists

[4.5.38] - 2025-05-11

Fixes

• (help) When showing aliases, include leading -- or -

Commits

• ed2360f chore: Release
• 196a14b docs: Update changelog
• cd622ab Merge pull request #5846 from ribru17/alias_fn_dedup
• 48ff72b fix(complete): Deduplicate bash subcmd cases
• b1b6f17 Merge pull request #5843 from epage/link
• 5900216 fix(derive): Update link for derive attributes
• fde45f9 chore: Release
• 45d5d7e docs: Update changelog
• 4b82b97 chore: Release
• a982adf docs: Update changelog
• Additional commits viewable in compare view

Updates openssl from 0.10.72 to 0.10.73

Release notes

Sourced from openssl's releases.

openssl-v0.10.73

What's Changed

• test against openssl 3.5.0 by @​alex in sfackler/rust-openssl#2392
• Support Libressl 4.1 by @​botovq in sfackler/rust-openssl#2398
• Release openssl-sys v0.9.108 by @​alex in sfackler/rust-openssl#2399
• Replace ctest2 with ctest by @​botovq in sfackler/rust-openssl#2403
• fixed building on the latest boringssl by @​alex in sfackler/rust-openssl#2414
• Release openssl v0.10.73 and openssl-sys v0.9.109 by @​alex in sfackler/rust-openssl#2415

Full Changelog: sfackler/rust-openssl@openssl-v0.10.72...openssl-v0.10.73

Commits

• e6209d4 Merge pull request #2415 from alex/bump-version
• 9ca6cfe Release openssl v0.10.73 and openssl-sys v0.9.109
• c42d49c Merge pull request #2414 from alex/boringssl-fix
• 5e24219 Attempt to fix with vcpkg
• 93f30ff fixed building on the latest boringssl
• eb88fb0 Merge pull request #2403 from botovq/ctest
• 79a304a Replace ctest2 with ctest
• 132418b Merge pull request #2399 from alex/release-sys
• f7a692b Release openssl-sys v0.9.108
• 2f9b496 Merge pull request #2398 from botovq/libressl-4.1
• Additional commits viewable in compare view

Updates pyo3 from 0.24.2 to 0.25.0

Release notes

Sourced from pyo3's releases.

PyO3 0.25.0

This version extends Python version support to include the new Python 3.14, currently in beta. Please note it is possible that there may yet be changes to 3.14 before stable release which may impact final compatibility.

New optional dependencies on bigdecimal, ordered_float, and time have been added to permit converting types from those crates to Python types (and vice versa).

The experimental-inspect feature now has the capability to autogenerate type stubs. These stubs are still extremely basic and lack much information. Tooling such as setuptools-rust and maturin will also need to be updated to make adoption of these easier. Please follow PyO3/pyo3#5137 to keep abreast of developments of this feature.

The #[pyclass] macro has gained new options #[pyclass(generic)] and #[pyclass(immutable_type)] to offer additional control over the runtime behaviour of the generated Python type object.

The AsPyPointer trait has been removed as PyO3's smart pointer types such as Py<T>, Bound<T> and Borrowed<T> covered this use case with a better API.

As part of the upgrade to support 3.14, there have also been many cleanups to pyo3-ffi. Many definitions which are private implementation details of CPython have been removed; projects downstream of CPython cannot rely on stability of these even across CPython patch releases.

There are also many other incremental improvements, bug fixes and smaller features.

Please consult the migration guide for help upgrading.

Thank you to everyone who contributed code, documentation, design ideas, bug reports, and feedback. The following contributors' commits are included in this release:

@​0x676e67 @​bschoenmaeckers @​clin1234 @​davidbrochart @​davidhewitt @​ddelange @​decathorpe @​dependabot[bot] @​exg @​hgmich @​Icxolu @​IvanIsCoding @​m-ou-se @​n-eq @​ngoldbaum @​Owen-CH-Leung @​prutschman-iv @​superserious-dev @​Tpt @​trim21 @​Vrajs16 @​xhochy

Changelog

Sourced from pyo3's changelog.

[0.25.0] - 2025-05-14

Packaging

• Support Python 3.14.0b1. #4811
• Bump supported GraalPy version to 24.2. #5116
• Add optional bigdecimal dependency to add conversions for bigdecimal::BigDecimal. #5011
• Add optional time dependency to add conversions for time types. #5057
• Remove cfg-if dependency. #5110
• Add optional ordered_float dependency to add conversions for ordered_float::NotNan and ordered_float::OrderedFloat. #5114

Added

• Add initial type stub generation to the experimental-inspect feature. #3977
• Add #[pyclass(generic)] option to support runtime generic typing. #4926
• Implement OnceExt & MutexExt for parking_lot & lock_api. Use the new extension traits by enabling the arc_lock, lock_api, or parking_lot cargo features. #5044
• Implement From/Into for Borrowed<T> -> Py<T>. #5054
• Add PyTzInfo constructors. #5055
• Add FFI definition PY_INVALID_STACK_EFFECT. #5064
• Implement AsRef<Py<PyAny>> for Py<T>, Bound<T> and Borrowed<T>. #5071
• Add FFI definition PyModule_Add and compat::PyModule_Add. #5085
• Add FFI definitions Py_HashBuffer, Py_HashPointer, and PyObject_GenericHash. #5086
• Support #[pymodule_export] on const items in declarative modules. #5096
• Add #[pyclass(immutable_type)] option (on Python 3.14+ with abi3, or 3.10+ otherwise) for immutable type objects. #5101
• Support #[pyo3(rename_all)] support on #[derive(IntoPyObject)]. #5112
• Add PyRange wrapper. #5117

Changed

• Enable use of datetime types with abi3 feature enabled. #4970
• Deprecate timezone_utc in favor of PyTzInfo::utc. #5055
• Reduce visibility of some CPython implementation details: #5064
  • The FFI definition PyCodeObject is now an opaque struct on all Python versions.
  • The FFI definition PyFutureFeatures is now only defined up until Python 3.10 (it was present in CPython headers but unused in 3.11 and 3.12).
• Change PyAnyMethods::is to take other: &Bound<T>. #5071
• Change Py::is to take other: &Py<T>. #5071
• Change PyVisit::call to take T: Into<Option<&Py<T>>>. #5071
• Expose PyDateTime_DATE_GET_TZINFO and PyDateTime_TIME_GET_TZINFO on PyPy 3.10 and later. #5079
• Add #[track_caller] to with_gil and with_gil_unchecked. #5109
• Use std::thread::park() instead of libc::pause() or sleep(9999999). #5115

Removed

• Remove all functionality deprecated in PyO3 0.23. #4982
• Remove deprecated IntoPy and ToPyObject traits. #5010
• Remove private types from pyo3-ffi (i.e. starting with _Py) which are not referenced by public APIs: _PyLocalMonitors, _Py_GlobalMonitors, _PyCoCached, _PyCoLineInstrumentationData, _PyCoMonitoringData, _PyCompilerSrcLocation, _PyErr_StackItem. #5064
• Remove FFI definition PyCode_GetNumFree (PyO3 cannot support it due to knowledge of the code object). #5064
• Remove AsPyPointer trait. #5071
• Remove support for the deprecated string form of from_py_with. #5097
• Remove FFI definitions of private static variables: _PyMethodWrapper_Type, _PyCoroWrapper_Type, _PyImport_FrozenBootstrap, _PyImport_FrozenStdlib, _PyImport_FrozenTest, _PyManagedBuffer_Type, _PySet_Dummy, _PyWeakref_ProxyType, and _PyWeakref_CallableProxyType. #5105

... (truncated)

Commits

• ec1a350 release: 0.25.0 (#5128)
• c4efb16 ci: reduce verbosity & install zoneinfo backport on <3.9 (#5136)
• b61dc7f add rename_all support for #[derive(IntoPyObject)] (#5112)
• d74fadc Implement OnceExt & MutexExt for parking_lot & lock_api (#5044)
• f87b286 Don't expose PyASCIIObjectState on Python3.14 and newer (#5133)
• b36849a more format args inlining (#5135)
• 5807d80 Add #[pyclass(generic)] (#4926)
• 283ba3f Fix clippy errors (#5134)
• 3a39844 Add PyRange wrapper (#5117)
• e613a79 Implement optional feature ordered-float for NotNan/OrderedFloat <-> Python...
• Additional commits viewable in compare view

Updates clap_complete from 4.5.48 to 4.5.52

Commits

• 783b291 chore: Release
• a88013a docs: Update changelog
• a3c6230 Merge pull request #6000 from mernen/fix-zsh-dynamic-completion
• 951536e chore: Release
• 3c527af chore: Update transitive clap
• 8520a7a chore: Release
• 2826eed chore(nushell): Require newer clap_complete
• c17d25f docs: Update changelog
• 493a71a Merge pull request #5999 from cenviity/push-tqqzyttsoktu
• b49dae2 chore: Release
• Additional commits viewable in compare view

Updates reqwest from 0.12.15 to 0.12.18

Release notes

Sourced from reqwest's releases.

v0.12.18

What's Changed

• Fix compilation when socks enabled without TLS.

v0.12.17

What's Changed

• build: Fix compilation issues on macOS by @​0x676e67 in seanmonstar/reqwest#2696

v0.12.16

Highlights

• Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control.
• Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC grease.
• Add ClientBuilder::http3_max_field_section_size() to configure the maximum response headers.
• Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval.
• Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count.
• Add Proxy::headers() to add extra headers that should be sent to a proxy.
• Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more redirect than specified.
• Fix HTTP/3 to support streaming request bodies.
• (wasm) Fix null bodies when calling Response::bytes_stream().

What's Changed

• Clarify that Response::content_length() is not derived from a Content-Length header in docs by @​babolivier in seanmonstar/reqwest#2588
• docs: link to char::REPLACEMENT_CHARACTER by @​marcospb19 in seanmonstar/reqwest#1880
• feat: add H3 client config support by @​smalls0098 in seanmonstar/reqwest#2609
• chore: update brotli to v7 by @​nyurik in seanmonstar/reqwest#2620
• Do not pull in an entirely different DEFLATE implementation just for tests by @​Shnatsel in seanmonstar/reqwest#2625
• chore: fix some typos in comment by @​xixishidibei in seanmonstar/reqwest#2628
• fix(wasm): handle null body in bytes_stream by @​alongubkin in seanmonstar/reqwest#2632
• ClientBuilder::interface on macOS/Solarish OSes by @​hawkw in seanmonstar/reqwest#2623
• ci: use ubuntu-latest in nightly job by @​seanmonstar in seanmonstar/reqwest#2646
• feat: BBR congestion control for http3 by @​threeninesixseven in seanmonstar/reqwest#2642
• feat: Add extentions for Request by @​Xuanwo in seanmonstar/reqwest#2647
• refactor: Store request timeout in request extensions instead by @​Xuanwo in seanmonstar/reqwest#2650
• chore: make ci pass by @​linyihai in seanmonstar/reqwest#2666
• update h3 dependencys by @​Ruben2424 in seanmonstar/reqwest#2670
• Document reqwest can make TLS and cookie requests with Wasm by @​nickbabcock in seanmonstar/reqwest#2661
• fix(redirect): make the number of redirects of policy matches its maximum limit. by @​linyihai in seanmonstar/reqwest#2664
• Exposed hyper tcp keepalive interval and retries parameters by @​mackliet in seanmonstar/reqwest#2675
• refactor: use hyper-util's proxy::Matcher by @​seanmonstar in seanmonstar/reqwest#2681
• Support streaming request body in HTTP/3 by @​ducaale in seanmonstar/reqwest#2673
• refactor: use hyper-util Tunnel by @​seanmonstar in seanmonstar/reqwest#2684
• Upgrade webpki-roots to 1 by @​djc in seanmonstar/reqwest#2688
• refactor: remove futures-util unless using stream/multipart/compression/blocking by @​paolobarbolini in seanmonstar/reqwest#2692
• chore: replace rustls-pemfile with rustls-pki-types by @​tottoto in seanmonstar/reqwest#2541
• Ensure H3ResponseFuture Implements Sync by @​ducaale in seanmonstar/reqwest#2685
• feat(redirect): Using FollowRedirect from tower-http to handle the redirect loop by @​linyihai in seanmonstar/reqwest#2617
• feat: add customizable headers in proxy mode by @​chanbengz in seanmonstar/reqwest#2600

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.12.18

• Fix compilation when socks enabled without TLS.

v0.12.17

• Fix compilation on macOS.

v0.12.16

• Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control.
• Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC grease.
• Add ClientBuilder::http3_max_field_section_size() to configure the maximum response headers.
• Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval.
• Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count.
• Add Proxy::headers() to add extra headers that should be sent to a proxy.
• Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more redirect than specified.
• Fix HTTP/3 to support streaming request bodies.
• (wasm) Fix null bodies when calling Response::bytes_stream().

Commits

• 595c80b v0.12.18
• f279ad1 fix compilation if socks is enabled without tls
• fed6bc6 ci: add a feature powerset check job
• 56ed35b v0.12.17
• f0bf46b build: Fix compilation issues on macOS (#2696)
• 99259cb v0.12.16
• 57670ac feat: add customizable headers for reqwest::Proxy (#2600)
• d9cf60e refactor: Using FollowRedirect from tower-http to handle the redirect l...
• 75f62f2 fix: ensure H3ResponseFuture is sync (#2685)
• 0e1d188 chore: replace rustls-pemfile with rustls-pki-types (#2541)
• Additional commits viewable in compare view

Updates nix from 0.30.0 to 0.30.1

Changelog

Sourced from nix's changelog.

[0.30.1] - 2025-05-04

Fixed

• doc.rs build (#2634)

Commits

• 3cf9007 chore: drop 0.30.1
• 2845ab9 Compile sys::mman on Redox (#2637)
• fccb4ab Fix fuchsia target triple to unbreak docs.rs build (#2634)
• b834171 ci: disable hurd (#2638)
• 9c97e1d Clippy cleanup: dangerous_implicit_autorefs and uninlined_format_args
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions