Bump the cargo group across 1 directory with 10 updates

[dependabot]

Bumps the cargo group with 9 updates in the / directory:

Package	From	To
tracing-forest	0.1.6	0.2.0
sha2	0.10.9	0.11.0
libc	0.2.185	0.2.186
hashbrown	0.15.5	0.17.0
jiff	0.2.23	0.2.24
cc	1.2.60	1.2.61
data-encoding	2.10.0	2.11.0
rustls-ffi	0.15.2	0.15.3
rustls-pki-types	1.14.0	1.14.1

Updates tracing-forest from 0.1.6 to 0.2.0

Commits

• See full diff in compare view

Updates sha2 from 0.10.9 to 0.11.0

Commits

• ffe0939 Release sha2 0.11.0 (#806)
• 8991b65 Use the standard order of the [package] section fields (#807)
• 3d2bc57 sha2: refactor backends (#802)
• faa55fb sha3: bump keccak to v0.2 (#803)
• d3e6489 sha3 v0.11.0-rc.9 (#801)
• bbf6f51 sha2: tweak backend docs (#800)
• 155dbbf sha3: add default value for the DS generic parameter on TurboShake128/256...
• ed514f2 Use published version of keccak v0.2 (#799)
• 702bcd8 Migrate to closure-based keccak (#796)
• 827c043 sha3 v0.11.0-rc.8 (#794)
• Additional commits viewable in compare view

Updates libc from 0.2.185 to 0.2.186

Release notes

Sourced from libc's releases.

0.2.186

Added

• Apple: Add KEVENT_FLAG_* constants (#5070)
• Linux: Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE (#5060)

Changed

• CI: Migrate FreeBSD CI from Cirrus CI to GitHub Actions (#5058)

Changelog

Sourced from libc's changelog.

0.2.186 - 2026-04-24

Added

• Apple: Add KEVENT_FLAG_* constants (#5070)
• Linux: Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE (#5060)

Changed

• CI: Migrate FreeBSD CI from Cirrus CI to GitHub Actions (#5058)

Commits

• 42620ff [0.2] libc: Release 0.2.186
• 9db2eaa apple: add KEVENT_FLAG_* constants
• 3840939 Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE for linux
• f697deb chore: migrate from Cirrus CI to GHA
• See full diff in compare view

Updates hashbrown from 0.15.5 to 0.17.0

Release notes

Sourced from hashbrown's releases.

v0.17.0

Added

• Added hash_table::OccupiedEntry::replace_entry_with (#669)
• Added hash_map::{OccupiedEntry::into_entry, VacantEntryRef::insert_entry_with_key} (#670)
• Added hash_table::UnsafeIter (#667)
• Added iter methods to various HashTable iterators (#667)
• Added HashMap::{replace_key,replace_key_unchecked,insert_with_key_unchecked} (#681)
• Added into_map methods to all HashMap entry types (#686)
• Added into_table methods to all HashTable entry types (#686)
• Added #[must_use] to constructors (#697)
• TryReserveError now implements Error (#698)

Changed

• Changed EntryRef to use ToOwned (#670)
• Bumped MSRV to 1.85 (2024 edition) (#676)

Fixed

• HashTable:clone_from now forwards to RawTable::clone_from instead of using the default implementation (#668)
• Fixed potential UB in RawTableInner::fallible_with_capacity (#692)
• Fixed incorrect length if a hasher panics during rehash (#710)

v0.16.1

Added

• Added HashTable methods related to the raw bucket index (#657)
• Added VacantEntryRef::insert_with_key (#579)

Changed

• Removed specialization for Copy types (#662)
• The get_many_mut family of methods have been renamed to get_disjoint_mut to match the standard library. The old names are still present for now, but deprecated. (#648)
• Recognize and use over-sized allocations when using custom allocators. (#523)
• Depend on serde_core instead of serde. (#649)
• Optimized collect on rayon parallel iterators. (#652)

v0.16.0

Changed

• Bump foldhash, the default hasher, to 0.2.0.
• Replaced DefaultHashBuilder with a newtype wrapper around foldhash instead of re-exporting it directly.

Changelog

Sourced from hashbrown's changelog.

0.17.0 - 2026-04-06

Added

• Added hash_table::OccupiedEntry::replace_entry_with (#669)
• Added hash_map::{OccupiedEntry::into_entry, VacantEntryRef::insert_entry_with_key} (#670)
• Added hash_table::UnsafeIter (#667)
• Added iter methods to various HashTable iterators (#667)
• Added HashMap::{replace_key,replace_key_unchecked,insert_with_key_unchecked} (#681)
• Added into_map methods to all HashMap entry types (#686)
• Added into_table methods to all HashTable entry types (#686)
• Added #[must_use] to constructors (#697)
• TryReserveError now implements Error (#698)

Changed

• Changed EntryRef to use ToOwned (#670)
• Bumped MSRV to 1.85 (2024 edition) (#676)

Fixed

• HashTable:clone_from now forwards to RawTable::clone_from instead of using the default implementation (#668)
• Fixed potential UB in RawTableInner::fallible_with_capacity (#692)
• Fixed incorrect length if a hasher panics during rehash (#710)

0.16.1 - 2025-11-20

Added

• Added HashTable methods related to the raw bucket index (#657)
• Added VacantEntryRef::insert_with_key (#579)

Changed

• Removed specialization for Copy types (#662)
• The get_many_mut family of methods have been renamed to get_disjoint_mut to match the standard library. The old names are still present for now, but deprecated. (#648)
• Recognize and use over-sized allocations when using custom allocators. (#523)
• Depend on serde_core instead of serde. (#649)
• Optimized collect on rayon parallel iterators. (#652)

0.16.0 - 2025-08-28

Changed

• Bump foldhash, the default hasher, to 0.2.0.
• Replaced DefaultHashBuilder with a newtype wrapper around foldhash instead of re-exporting it directly.

Commits

• d290456 Bump version to 0.17.0
• d937c63 Update changelog for version 0.17.0
• 4a6fba6 chore: release v0.16.2
• 3b6489a Merge pull request #710 from Amanieu/fix-rehash-unwind
• 375087f Reduce test runtime on Miri
• b1c4403 Merge pull request #709 from 0xdeafbeef/benches
• e542702 Merge benches; split bench helpers
• 3d1517f Check benches with clippy, don't run ever on CI
• e82981c chore: move to criterion benches from nightly
• 6cb0eb5 Fix incorrect length if a hasher panics during rehash
• Additional commits viewable in compare view

Updates jiff from 0.2.23 to 0.2.24

Changelog

Sourced from jiff's changelog.

0.2.24 (2026-04-23)

This release primarily adds a new memory_usage routine for reporting heap allocation sizes for the TimeZone and Zoned types. This release also acknowledges and updates the timeline expectations for a Jiff 1.0 release in README.md.

Enhancements:

• #520: Add memory_usage to the TimeZone and Zoned types.
• #535: Improve comment in Span::checked_add example.

Bug fixes:

• #541: Update Jiff 1.0 timeline.

Commits

• 2cc55b2 0.2.24
• c6542f1 changelog: 0.2.24
• ec3c2ec api: add TimeZone::memory_usage and Zoned::memory_usage
• bc752b6 docs: improve comment in Span::checked_add example
• f6c8a55 readme: update 1.0 timeline
• 97314c1 docs: fix typo
• bad71d8 docs: typo
• See full diff in compare view

Updates cc from 1.2.60 to 1.2.61

Release notes

Sourced from cc's releases.

cc-v1.2.61

Other

• fix OutputKind::Capture documentation (#1705)

Changelog

Sourced from cc's changelog.

1.2.61 - 2026-04-24

Other

• fix OutputKind::Capture documentation (#1705)

Commits

• 360f691 chore(cc): release v1.2.61 (#1707)
• 17a2788 Bump taiki-e/install-action from 2.75.16 to 2.75.17 (#1706)
• da52db7 command_helpers.rs: fix OutputKind::Capture documentation (#1705)
• ee64d58 Bump taiki-e/install-action from 2.75.4 to 2.75.5 (#1703)
• 78cf7e4 CI: Hash-pin all actions, apply other suggestions from zizmor (#1702)
• See full diff in compare view

Updates data-encoding from 2.10.0 to 2.11.0

Commits

• b4d20e0 Release 2.11.0 (#155)
• d354bb2 Add interpretation function from byte to character (#154)
• See full diff in compare view

Updates jiff-static from 0.2.23 to 0.2.24

Changelog

Sourced from jiff-static's changelog.

0.2.24 (2026-04-23)

This release primarily adds a new memory_usage routine for reporting heap allocation sizes for the TimeZone and Zoned types. This release also acknowledges and updates the timeline expectations for a Jiff 1.0 release in README.md.

Enhancements:

• #520: Add memory_usage to the TimeZone and Zoned types.
• #535: Improve comment in Span::checked_add example.

Bug fixes:

• #541: Update Jiff 1.0 timeline.

Commits

• 2cc55b2 0.2.24
• c6542f1 changelog: 0.2.24
• ec3c2ec api: add TimeZone::memory_usage and Zoned::memory_usage
• bc752b6 docs: improve comment in Span::checked_add example
• f6c8a55 readme: update 1.0 timeline
• 97314c1 docs: fix typo
• bad71d8 docs: typo
• See full diff in compare view

Updates rustls-ffi from 0.15.2 to 0.15.3

Release notes

Sourced from rustls-ffi's releases.

v0.15.3

This is a minor release with one security fix. It also updates rustls to 0.23.39.

Security

This update addresses RUSTSEC-2026-0104; a security issue affecting CRL parsing that could result in a panic prior to the validation of a CRL's signature.

This security issue only affects users of the rustls_web_pki_client_cert_verifier_builder_add_crl() and rustls_web_pki_server_cert_verifier_builder_add_crl() APIs.

What's Changed

• build(deps): bump actions/upload-pages-artifact from 4 to 5 by @​dependabot[bot] in rustls/rustls-ffi#638
• Prepare 0.15.3 by @​cpu in rustls/rustls-ffi#639

Full Changelog: rustls/rustls-ffi@v0.15.2...v0.15.3

Changelog

Sourced from rustls-ffi's changelog.

0.15.3 (2026-04-22)

This is a minor release with one security fix. It also updates rustls to 0.23.39.

Security

This update addresses RUSTSEC-2026-0104; a security issue affecting CRL parsing that could result in a panic prior to the validation of a CRL's signature.

This security issue only affects users of the rustls_web_pki_client_cert_verifier_builder_add_crl() and rustls_web_pki_server_cert_verifier_builder_add_crl() APIs.

Commits

• 3e6eb3f prepare 0.15.3
• 498f679 Cargo: rustls 0.23.38 -> 0.23.39
• 2775011 Cargo: bump semver compatible deps
• bf5aad6 build(deps): bump actions/upload-pages-artifact from 4 to 5
• See full diff in compare view

Updates rustls-pki-types from 1.14.0 to 1.14.1

Release notes

Sourced from rustls-pki-types's releases.

1.14.1

Parsing PEM will now error for PEM sections larger than 256 MB in size, to avoid running out of memory during parsing. The limit was chosen based on historical data from large certificate revocation lists from the web PKI.

What's Changed

• Remove mention of rustls-pemfile from docs by @​ranile in rustls/pki-types#103
• Update ECH reference to RFC9849 by @​ctz in rustls/pki-types#104
• pem: error for sections that are too large by @​djc in rustls/pki-types#106
• Update ECH reference to RFC 9849 by @​ctz in rustls/pki-types#107
• Adjust PEM size limit to account for huge CRLs by @​ctz in rustls/pki-types#108

Commits

• bb3c1da Adjust PEM size limit to account for huge CRLs
• 20bcfe1 Bump version to 1.14.1
• b796d3d pem: error for sections that are too large
• 422d8cf Update ECH reference to RFC 9849
• 14ce65c Remove mention of rustls-pemfile from docs
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4c77f81e19

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "Codex (@codex) review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "Codex (@codex) address that feedback".

[Copilot]

Pull request overview

This Dependabot PR updates several Rust dependencies across the workspace (manifests + Cargo.lock) to newer upstream releases.

Changes:

• Bump libc to 0.2.186 in multiple crates’ Cargo.toml.
• Bump sha2 to 0.11.0 (via gix-hash) and jiff to 0.2.24 (via gix-date).
• Bump hashbrown to 0.17.0 in gix-index and gix-hashtable, and widen the version range in gix-imara-diff; refresh Cargo.lock accordingly.

Reviewed changes

Copilot reviewed 8 out of 9 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
gix-tempfile/Cargo.toml	Bumps libc for non-Windows targets.
gix-sec/Cargo.toml	Bumps libc for non-Windows targets.
gix-index/Cargo.toml	Bumps hashbrown and libc.
gix-imara-diff/Cargo.toml	Widens hashbrown version requirement to include 0.17.
gix-hashtable/Cargo.toml	Bumps hashbrown to 0.17.0.
gix-hash/Cargo.toml	Bumps optional sha2 to 0.11.0.
gix-features/Cargo.toml	Bumps libc for unix targets.
gix-date/Cargo.toml	Bumps jiff to 0.2.24.
Cargo.lock	Updates the resolved dependency graph for the bumped crates.

[Sebastian Thiel (Byron)]

Tasks

• refackiew
• modernise to edition 2024 and remove rust-2018 idioms while at it.
• refackiew