build(deps): bump the patch-and-minor group across 1 directory with 7 updates

[dependabot]

Bumps the patch-and-minor group with 7 updates in the / directory:

Package	From	To
serde_json	1.0.149	1.0.150
zeroize	1.8.2	1.9.0
ctap-hid-fido2	3.5.9	3.5.11
ratatui	0.30.0	0.30.2
regex	1.12.3	1.12.4
rmcp	1.6.0	1.8.0
tokio	1.52.1	1.52.3

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Updates zeroize from 1.8.2 to 1.9.0

Commits

• 0b71573 zeroize v1.9.0 (#1494)
• 3e3f18c zeroize: always enable AVX-512 support (#1493)
• 1ea42bb zeroize_derive v1.5.0 (#1492)
• 8d785d1 zeroize: rustdoc improvements (#1491)
• d844f36 zeroize: incorporate README.md into rustdoc (#1490)
• c65c09d ctutils: use reason instead of comment in forbid attribute (#1489)
• cbd0963 Release block-buffer v0.12.1 (#1488)
• 9aa541d block-buffer: fix exception safety (#1487)
• 5c7e4f9 cmov v0.5.4 (#1485)
• 87cadbc cmov: fix clippy (#1484)
• Additional commits viewable in compare view

Updates ctap-hid-fido2 from 3.5.9 to 3.5.11

Release notes

Sourced from ctap-hid-fido2's releases.

v3.5.11

What's Changed

• Master by @​gebogebogebo in gebogebogebo/ctap-hid-fido2#125
• ctaphid: gate error prints behind enable_log by @​amaanq in gebogebogebo/ctap-hid-fido2#130
• Add keep_alive_msg_to_stderr option by @​gebogebogebo in gebogebogebo/ctap-hid-fido2#128
• Version 3.5.11 by @​gebogebogebo in gebogebogebo/ctap-hid-fido2#131

New Contributors

• @​amaanq made their first contribution in gebogebogebo/ctap-hid-fido2#130

Full Changelog: gebogebogebo/ctap-hid-fido2@ctap-hid-fido2-v3.5.10...ctap-hid-fido2-v3.5.11

v3.5.10

What's Changed

• add GetAssertionArgsBuilder::without_up() method by @​xedakini in gebogebogebo/ctap-hid-fido2#117
• Fix default handling, and associated DRY clean-up for GetAssertionArgs* by @​xedakini in gebogebogebo/ctap-hid-fido2#119
• Feature/#118 release v3510 by @​gebogebogebo in gebogebogebo/ctap-hid-fido2#120
• Feature/#118 release v3510 2 by @​gebogebogebo in gebogebogebo/ctap-hid-fido2#122
• Release v.3.5.10 by @​gebogebogebo in gebogebogebo/ctap-hid-fido2#123
• Release v.3.5.10-2 by @​gebogebogebo in gebogebogebo/ctap-hid-fido2#124

New Contributors

• @​xedakini made their first contribution in gebogebogebo/ctap-hid-fido2#117

Full Changelog: gebogebogebo/ctap-hid-fido2@ctap-hid-fido2-v3.5.9...ctap-hid-fido2-v3.5.10

Commits

• 6b5d582 Merge pull request #131 from gebogebogebo/develop
• db8ef09 Update README_Version.md
• 5e30d85 Bump version to 3.5.11 and update README link
• c2d23ee Update lib.rs
• 13d2f4f Bump several dependency versions
• 6ddb242 Merge pull request #128 from gebogebogebo/127-send-text-to-stderr-instead-of-...
• a69ae75 Merge pull request #130 from amaanq/gate-error-prints
• bab4b4a ctaphid: gate error prints behind enable_log
• 8d5f9cd Update main.rs
• c1e4bc0 Add keep-alive stderr option and tests
• Additional commits viewable in compare view

Updates ratatui from 0.30.0 to 0.30.2

Release notes

Sourced from ratatui's releases.

ratatui-v0.30.2

We are excited to announce the new version of ratatui - a Rust library that's all about cooking up TUIs 👨‍🍳🐀

✨ Release highlights: https://ratatui.rs/highlights/v0302/

⚠️ List of breaking changes can be found here.

Features

• 90639c1 (uncategorized) Add Termina backend by @joshka in #2561

  Summary

  • add the ratatui-termina backend crate using the published termina crate
  • expose the backend through the termina feature and Ratatui prelude/backend re-exports
  • add a small Termina event-loop example and wire the backend into CI, xtask, README generation, and docs

  Refs #1784

  Validation

  • cargo +nightly fmt
  • cargo check -p ratatui-termina --all-features --all-targets
  • cargo check -p ratatui --no-default-features --features termina
  • cargo check -p xtask
  • cargo check -p release-header
  • cargo xtask check-backend termina
  • cargo xtask test-backend termina
  • cargo xtask rdme --check
  • markdownlint-cli2 ARCHITECTURE.md ratatui-termina/README.md .github/ISSUE_TEMPLATE/bug_report.md

  ---

Bug Fixes

• fce3c80 (widgets) Require thread-safe shadow effects by @joshka in #2584

  Summary

  • require custom shadow effects to preserve the auto traits expected by Block-backed widgets
  • document the CellEffect auto-trait contract
  • add a public widget regression test for the affected ratatui::widgets re-exports

... (truncated)

Changelog

Sourced from ratatui's changelog.

0.30.2 - 2026-06-19

We are excited to announce the new version of ratatui - a Rust library that's all about cooking up TUIs 👨‍🍳🐀

✨ Release highlights: https://ratatui.rs/highlights/v0302/

⚠️ List of breaking changes can be found here.

Features

• 90639c1 (uncategorized) Add Termina backend by @joshka in #2561

  Summary

  • add the ratatui-termina backend crate using the published termina crate
  • expose the backend through the termina feature and Ratatui prelude/backend re-exports
  • add a small Termina event-loop example and wire the backend into CI, xtask, README generation, and docs

  Refs #1784

  Validation

  • cargo +nightly fmt
  • cargo check -p ratatui-termina --all-features --all-targets
  • cargo check -p ratatui --no-default-features --features termina
  • cargo check -p xtask
  • cargo check -p release-header
  • cargo xtask check-backend termina
  • cargo xtask test-backend termina
  • cargo xtask rdme --check
  • markdownlint-cli2 ARCHITECTURE.md ratatui-termina/README.md .github/ISSUE_TEMPLATE/bug_report.md

  ---

Bug Fixes

• fce3c80 (widgets) Require thread-safe shadow effects by @joshka in #2584

  Summary

  • require custom shadow effects to preserve the auto traits expected by Block-backed widgets
  • document the CellEffect auto-trait contract
  • add a public widget regression test for the affected ratatui::widgets

... (truncated)

Commits

• e665c36 chore(ratatui): unleash the rats v0.30.2 (#2581)
• 2700b16 docs(changelog): update changelog for 0.30.2 (#2608)
• e306ce6 fix(buffer): create updates for "uncovered" cells (#2587)
• 81e667f fix(scrollbar): keep a large thumb within the track at the end (#2594)
• c75d778 chore(ci): add cargo-udeps dependency check (#2599)
• 25314d8 build(deps): bump release-plz/action from 0.5.129 to 0.5.130 (#2600)
• 3534070 build(deps): bump taiki-e/install-action from 2.81.8 to 2.81.10 (#2601)
• a798a13 build(deps): bump tombi-toml/setup-tombi from 1.1.2 to 1.1.3 (#2602)
• 3ac8850 build(deps): bump octocrab from 0.52.0 to 0.53.1 (#2603)
• 9c79633 build(deps): bump time from 0.3.47 to 0.3.49 (#2604)
• Additional commits viewable in compare view

Updates regex from 1.12.3 to 1.12.4

Changelog

Sourced from regex's changelog.

1.12.4 (2025-06-09)

This release includes a performance optimization for compilation of regexes with very large character classes.

Improvements:

• #1308: Avoid re-canonicalizing the entire interval set when pushing new class ranges.

Commits

• 7b96fdc 1.12.4
• 7b89cf0 deps: update to regex-syntax 0.8.11
• 1401679 regex-syntax-0.8.11
• d709000 changelog: 1.12.4
• 9825c74 syntax: avoid re-canonicalizing the entire IntervalSet on push (#1308)
• a7f2ff6 docs: clarify regex-lite word boundaries
• 2c7b172 docs: clarify unsupported Anchored::Pattern searches
• 839d16b regex-syntax-0.8.10
• c4865a0 syntax: fix negation handling in HIR translation
• d8761c0 cargo: also include benches
• Additional commits viewable in compare view

Updates rmcp from 1.6.0 to 1.8.0

Release notes

Sourced from rmcp's releases.

rmcp-macros-v1.8.0

Added

• deprecate roots, sampling, and logging (SEP-2577) (#884)

Fixed

• strip and validate tool outputSchema and inputSchema (#860)
• remove unnecessary fields from tools' inputSchema (#856)

Other

• refine mcpmate listing copy (#885)
• added jilebi-mcp to the list of built with rmcp (#861)

rmcp-v1.8.0

[!WARNING]

⚠️ Breaking Changes

Despite being a minor version bump, this release contains a source-breaking API change (it should have been 2.0.0). If you depend on rmcp = "1.7", Cargo will resolve to 1.8.0 automatically and your build may fail. Pin to =1.7.x if you are not ready to migrate.

Peer::peer_info() return type changed (#862):

- pub fn peer_info(&self) -> Option<&R::PeerInfo>
+ pub fn peer_info(&self) -> Option<Arc<R::PeerInfo>>

This was needed so peer info can be re-set on a duplicate initialize (it now lives behind an RwLock), which is why a borrow can no longer be returned.

Migration: field access still works through Arc's Deref. If you need the old &InitializeResult (e.g. you bound the type explicitly), use .as_deref():

// Before (1.7.x): info is &InitializeResult
let info: Option<&InitializeResult> = client.peer_info();
// After (1.8.0): info is Arc<InitializeResult>
let info: Option<Arc<InitializeResult>> = client.peer_info();
// To recover the old reference type:
let info: Option<&InitializeResult> = client.peer_info().as_deref();

Added

• standardize resource-not-found error code (SEP-2164) (#899)
• validate OAuth authorization response issuer (#896)
• specify OIDC application_type during dynamic client registration (SEP-837) (#883)
• deprecate roots, sampling, and logging (SEP-2577) (#884)

... (truncated)

Commits

• 2522036 chore: release v1.8.0 (#850)
• 6d020c9 fix(auth): preserve configured reqwest client (#917)
• de898dd Allow custom HTTP clients for OAuth (#908)
• 3c5ce2b fix(auth): align OAuth metadata discovery ordering (#887)
• 443677c fix: align progress timeout token (#909)
• 4fd4986 fix(elicitation): preserve enumNames through ElicitationSchema serde round-tr...
• bf71eb8 chore(deps): bump actions/checkout from 6 to 7 (#911)
• 5d00e20 Add progress-aware request timeout reset (#858)
• 4b82e41 docs(server): document Err vs Ok(CallToolResult::error) visibility contract o...
• 95a8e96 feat: standardize resource-not-found error code (SEP-2164) (#899)
• Additional commits viewable in compare view

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.