cargo: bump the cargo-minor-and-patch group with 4 updates

[dependabot]

Bumps the cargo-minor-and-patch group with 4 updates: serde_json, regex, imgref and vergen-gitcl.

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Updates regex from 1.12.3 to 1.12.4

Changelog

Sourced from regex's changelog.

1.12.4 (2025-06-09)

This release includes a performance optimization for compilation of regexes with very large character classes.

Improvements:

• #1308: Avoid re-canonicalizing the entire interval set when pushing new class ranges.

Commits

• 7b96fdc 1.12.4
• 7b89cf0 deps: update to regex-syntax 0.8.11
• 1401679 regex-syntax-0.8.11
• d709000 changelog: 1.12.4
• 9825c74 syntax: avoid re-canonicalizing the entire IntervalSet on push (#1308)
• a7f2ff6 docs: clarify regex-lite word boundaries
• 2c7b172 docs: clarify unsupported Anchored::Pattern searches
• 839d16b regex-syntax-0.8.10
• c4865a0 syntax: fix negation handling in HIR translation
• d8761c0 cargo: also include benches
• Additional commits viewable in compare view

Updates imgref from 1.12.1 to 1.12.2

Commits

• 5264931 Bump
• ad4101f Fix UB
• baed04b Add UB PoC tests
• See full diff in compare view

Updates vergen-gitcl from 10.0.0-beta.8 to 10.0.0

Release notes

Sourced from vergen-gitcl's releases.

vergen 10.0.0

Major release of the vergen suite (vergen, vergen-lib, vergen-git2, vergen-gitcl, vergen-gix, vergen-pretty).

Highlights

• MSRV raised to 1.95.0 (#496, prior bumps via #487, #440).
• Raw Unix-seconds timestamps — emit build timestamps as raw Unix seconds (#444).
• SOURCE_DATE_EPOCH decoupling plus a .cargo_vcs_info.json fallback for reproducible builds when building from a published crate without a git repo (#452, #448).
• Remote URL support for git functionality (#459).
• GIT_DIRTY instruction documented and dirty-output fixes for vergen-gix (#465, #423).

Internal / maintenance

• Replaced getset with hand-written getters in vergen-lib (#491).
• Removed bincode from vergen-pretty (#481).
• Added a cargo-semver-checks CI job (#478).
• Numerous dependency updates, including gix bumps to address RUSTSEC advisories (#473, #488, #490).
• CI: skip coverage jobs for forked PRs (#492), pinning + parallelization (#496).
• Lint and doc fixes across the workspace.

Full Changelog: rustyhorde/vergen@vergen_9.0.6...v10.0.0

Commits

• dd65157 (chore): version bump for next release (#501)
• d4e27ed (ci): add cargo-semver-checks job (#478) (#500)
• 0bb1029 (feat): raw Unix-seconds timestamps (#444) (#499)
• 45b7990 (feat/fix): SOURCE_DATE_EPOCH decoupling (#452) + .cargo_vcs_info.json fallba...
• 5ef8b0d (chore): prepare release 10 — depsup, MSRV 1.95.0, CI pinning + parallelizati...
• 0ac583d (fix): correct doc versions (#483) and make hash test arch-independent (#494)...
• 13a1492 Prepare release 10 (#495)
• b47d364 Replace getset with hand-written getters in vergen-lib (#491)
• dd3c356 Skip coverage jobs for forked pull requests (#492)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: ci, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.