chore(deps): bump the cargo-minor-patch group with 12 updates

[dependabot]

Bumps the cargo-minor-patch group with 12 updates:

Package	From	To
axum	0.8.8	0.8.9
tower-http	0.6.8	0.6.11
serde_json	1.0.149	1.0.150
zip	8.2.0	8.6.0
duckdb	1.10500.0	1.10503.1
axum-extra	0.12.5	0.12.6
bcrypt	0.19.0	0.19.1
uuid	1.22.0	1.23.2
moka	0.12.14	0.12.15
clap	4.6.0	4.6.1
tokio-postgres	0.7.16	0.7.17
embed-resource	3.0.7	3.0.9

Updates axum from 0.8.8 to 0.8.9

Release notes

Sourced from axum's releases.

axum-v0.8.9

• added: WebSocketUpgrade::{requested_protocols, set_selected_protocol} for more flexible subprotocol selection (#3597)
• changed: Update minimum rust version to 1.80 (#3620)
• fixed: Set connect endpoint on correct field in MethodRouter (#3656)
• fixed: Return specific error message when multipart body limit is exceeded (#3611)

#3597: tokio-rs/axum#3597 #3620: tokio-rs/axum#3620 #3656: tokio-rs/axum#3656 #3611: tokio-rs/axum#3611

Commits

• c59208c revert axum-core changelog changes
• 99068f5 Revert "Fix IntoResponse for tuples overriding error response codes (#3603)"
• 23d7098 Revert "axum-core 0.5.6"
• e8a39ad axum-macros 0.5.1
• 6e9a249 axum-extra 0.12.6
• 0ec9041 axum 0.8.9
• c3fcebb axum-core 0.5.6
• a8790fc update release notes
• 26ba7bb docs: consolidate state management docs in crate root (#3683)
• 9fc59ef Update to tokio-tungstenite 0.29 (#3689)
• Additional commits viewable in compare view

Updates tower-http from 0.6.8 to 0.6.11

Release notes

Sourced from tower-http's releases.

tower-http-0.6.11

Added

• set-header: add SetMultipleResponseHeadersLayer and SetMultipleResponseHeader for setting multiple response headers at once. Supports overriding, appending, and if_not_present modes. Header values can be fixed or computed dynamically via closures (#672)

  use http::{Response, header::{self, HeaderValue}};
  use http_body::Body as _;
  use tower_http::set_header::response::SetMultipleResponseHeadersLayer;
  let layer = SetMultipleResponseHeadersLayer::overriding(vec![
  (header::X_FRAME_OPTIONS, HeaderValue::from_static("DENY")).into(),
  (header::CONTENT_LENGTH, |res: &Response<MyBody>| {
  res.body().size_hint().exact()
  .map(|size| HeaderValue::from_str(&size.to_string()).unwrap())
  }).into(),
  ]);

• set-header: add SetMultipleRequestHeadersLayer and SetMultipleRequestHeaders for setting multiple request headers at once, mirroring the response-side API (#677)

• classify: add From<i32> and From<NonZeroI32> impls for GrpcCode. Unrecognized status codes map to GrpcCode::Unknown (#506)

Changed

• compression: compress application/grpc-web responses. Previously all application/grpc* content types were excluded from compression; now only application/grpc (non-web) is excluded (#408)

Fixed

• fs: fix ServeDir returning 500 instead of 405 for non-GET/HEAD requests when call_fallback_on_method_not_allowed is enabled but no fallback service is configured (#587)
• fs: remove duplicate cfg attribute on is_reserved_dos_name (#675)

#408: tower-rs/tower-http#408 #506: tower-rs/tower-http#506 #587: tower-rs/tower-http#587 #672: tower-rs/tower-http#672 #675: tower-rs/tower-http#675 #677: tower-rs/tower-http#677

All PRs

• ci: fix flaky encoding test, add nightly stress test job by @​jlizen in tower-rs/tower-http#670

... (truncated)

Commits

• 1d082ef v0.6.11
• 9c3117d feat: set multiple request header (#677)
• 667e7c7 Remove duplicate cfg attribute for is_reserved_dos_name (#675)
• 7551a9b feat(set_header): refactor and improve multiple header middleware (#672)
• 991e9ee add From<i32> impl for GrpcCode (#506)
• 3962dba Do compress grpc-web responses (#408)
• f0b3bb6 Fix serve_dir method not allowed handling when no fallback is configured (#587)
• d1a571b ci: use static timeout in stress-test workflow (#671)
• 309555a ci: fix flaky encoding test, add nightly stress test job (#670)
• 4532fc2 v0.6.10
• Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Updates zip from 8.2.0 to 8.6.0

Release notes

Sourced from zip's releases.

v8.6.0

🚀 Features

• add compression not supported as enum error (#774)

🐛 Bug Fixes

• allow for [u8] as filename (#775)

🚜 Refactor

• mark ZipFlags as non-exhaustive and add test for HasZipMetadata (#777)
• use and simplify is_dir (#776)

v8.5.1

🚜 Refactor

• change magic finder to stack buffer (#763)
• simplify extra field parsing (#764)

v8.5.0

🐛 Bug Fixes

• remove zip64 comment and add zip64 extensible data sector (#747)

🚜 Refactor

• remove useless magic in struct (#730)
• change extra_field from Arc<Vec> to Arc<[u8]> (#741)

⚙️ Miscellaneous Tasks

• cleanup README (#758)

v8.4.0

🚀 Features

• add a check for building benches (#748)

🚜 Refactor

• split part of read.rs for code readability (#744)
• remove unused allow (#745)

⚡ Performance

• skip BufReader for Stored files in make_reader (#739)

⚙️ Miscellaneous Tasks

... (truncated)

Changelog

Sourced from zip's changelog.

8.6.0 - 2026-04-25

🚀 Features

• add compression not supported as enum error (#774)

🐛 Bug Fixes

• allow for [u8] as filename (#775)

🚜 Refactor

• mark ZipFlags as non-exhaustive and add test for HasZipMetadata (#777)
• use and simplify is_dir (#776)

8.5.1 - 2026-04-06

🚜 Refactor

• change magic finder to stack buffer (#763)
• simplify extra field parsing (#764)

8.5.0 - 2026-04-01

🐛 Bug Fixes

• remove zip64 comment and add zip64 extensible data sector (#747)

🚜 Refactor

• remove useless magic in struct (#730)
• change extra_field from Arc<Vec> to Arc<[u8]> (#741)

⚙️ Miscellaneous Tasks

• cleanup README (#758)

8.4.0 - 2026-03-23

🚀 Features

• add a check for building benches (#748)

🚜 Refactor

• split part of read.rs for code readability (#744)
• remove unused allow (#745)

⚡ Performance

... (truncated)

Commits

• 771dfc5 chore: release v8.6.0 (#781)
• 8e480cc chore(deps): update sha1 requirement from 0.10 to 0.11 (#767)
• 2513bbe chore(deps): update aes requirement from 0.8 to 0.9 (#787)
• 957e240 ci(deps): bump actions/cache from 5.0.4 to 5.0.5 (#786)
• 0329d9d fix: allow for [u8] as filename (#775)
• ddcf854 ci(deps): bump github/codeql-action from 4.35.1 to 4.35.2 (#788)
• 42323a8 ci(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 (#785)
• 901014a ci(deps): bump crate-ci/typos from 1.45.0 to 1.45.1 (#784)
• 07702d4 feat: add compression not supported as enum error (#774)
• 2d0c46b ci(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#783)
• Additional commits viewable in compare view

Updates duckdb from 1.10500.0 to 1.10503.1

Release notes

Sourced from duckdb's releases.

v1.10503.1

What's Changed

• Avoid Windows mtime restore in bundled builds by @​mlafeldt in duckdb/duckdb-rs#766
• Add patch-release mode to upgrade script by @​mlafeldt in duckdb/duckdb-rs#767
• Crate patch release v1.10503.1 by @​mlafeldt in duckdb/duckdb-rs#768

Full Changelog: duckdb/duckdb-rs@v1.10503.0...v1.10503.1

v1.10503.0

Highlights

• New ergonomic named parameter binding: named_params! macro, &[(&str, &dyn ToSql)] slices, and a generic HashMap Params impl.
• New build env vars: DUCKDB_DISABLE_EXTENSION_LOAD=1 disables extension install/load, and DUCKDB_DISABLE_JEMALLOC=1 opts bundled-cmake builds out of jemalloc (now re-enabled by default on supported targets).
• FFI soundness: typed vector slice/set_child APIs are now unsafe; DuckDB-owned C strings use RAII; binding unsupported Value variants errors instead of panicking.
• ArrowVTab view rebinds no longer dereference freed Arrow FFI memory.
• vtab::Value gains typed primitive getters and to_list() -> Option<Vec<Value>>.
• Bundled DuckDB upgraded to v1.5.3 (adds VARIANT metadata).

What's Changed

• Fix unsound vector slice API by @​mlafeldt in duckdb/duckdb-rs#745
• Refine vtab::Value API from #676 by @​mlafeldt in duckdb/duckdb-rs#747
• Build out vtab::Value to enable more diverse parameters to Table Functions by @​marksomething in duckdb/duckdb-rs#676
• Bump rustls-webpki from 0.103.11 to 0.103.13 by @​dependabot[bot] in duckdb/duckdb-rs#744
• Add ergonomic named parameter binding by @​mlafeldt in duckdb/duckdb-rs#748
• Implement Params for HashMap and serde_json::Value by @​ryanschneider in duckdb/duckdb-rs#615
• Harden DuckDB-owned string handling at FFI boundaries by @​mlafeldt in duckdb/duckdb-rs#750
• Update Rust to 1.95 by @​mlafeldt in duckdb/duckdb-rs#751
• Stop panicking when binding/appending unsupported Value variants by @​mlafeldt in duckdb/duckdb-rs#749
• Fix ArrowVTab view rebind lifetime by @​mlafeldt in duckdb/duckdb-rs#754
• Retain ArrowVTab batches for sanitizer visibility by @​mlafeldt in duckdb/duckdb-rs#755
• Pass Rust edition to rust.vim for proper formatting by @​mlafeldt in duckdb/duckdb-rs#756
• Make DuckDB source archive reproducible by @​mlafeldt in duckdb/duckdb-rs#759
• Change LogicalTypeHandle::set_alias to take &mut self by @​vergenzt in duckdb/duckdb-rs#758
• libduckdb-sys: expose DEP_DUCKDB_INCLUDE for downstream C/C++ shims by @​frhack in duckdb/duckdb-rs#753
• Update DuckDB to v1.5.3 by @​mlafeldt in duckdb/duckdb-rs#760
• Allow to disable extension install/load support by @​mlafeldt in duckdb/duckdb-rs#738
• Use improved upstream extension loader by @​mlafeldt in duckdb/duckdb-rs#746
• Stop disabling jemalloc in bundled-cmake builds by @​mlafeldt in duckdb/duckdb-rs#762
• Add bundled-cmake jemalloc escape hatch by @​mlafeldt in duckdb/duckdb-rs#763

New Contributors

• @​marksomething made their first contribution in duckdb/duckdb-rs#676
• @​ryanschneider made their first contribution in duckdb/duckdb-rs#615
• @​vergenzt made their first contribution in duckdb/duckdb-rs#758
• @​frhack made their first contribution in duckdb/duckdb-rs#753

Full Changelog: duckdb/duckdb-rs@v1.10502.0...v1.10503.0

v1.10502.0

... (truncated)

Commits

• 3191caa Crate patch release v1.10503.1 (#768)
• c67fcab Tighten bundled-cmake docs
• b274f16 Crate patch release v1.10503.1
• 22bf6ce Add patch-release mode to upgrade script (#767)
• e5c6785 Harden upgrade script validation
• 7e5749f Document patch-compatible version requirements
• 310fb00 Add patch-release mode to upgrade script
• 2f11774 Avoid Windows mtime restore in bundled builds (#766)
• ee8c88c Avoid Windows mtime restore in bundled builds
• 1d999dd Add bundled-cmake jemalloc escape hatch (#763)
• Additional commits viewable in compare view

Updates axum-extra from 0.12.5 to 0.12.6

Release notes

Sourced from axum-extra's releases.

axum-extra-v0.12.6

• fixed: Escape backslashes and double quotes in Content-Disposition filenames to prevent header parameter injection in Attachment and FileStream (#3664)
• vpath! macro now stops the compilation if your path is using deprecated path variables in the old 107 format, such as :var and *var. the only allowed way now is {var}. (#3618)
• fixed: Return specific error message when multipart body limit is exceeded (#3611)

#3664: tokio-rs/axum#3664 #3618: tokio-rs/axum#3618 #3611: tokio-rs/axum#3611

Commits

• c59208c revert axum-core changelog changes
• 99068f5 Revert "Fix IntoResponse for tuples overriding error response codes (#3603)"
• 23d7098 Revert "axum-core 0.5.6"
• e8a39ad axum-macros 0.5.1
• 6e9a249 axum-extra 0.12.6
• 0ec9041 axum 0.8.9
• c3fcebb axum-core 0.5.6
• a8790fc update release notes
• 26ba7bb docs: consolidate state management docs in crate root (#3683)
• 9fc59ef Update to tokio-tungstenite 0.29 (#3689)
• Additional commits viewable in compare view

Updates bcrypt from 0.19.0 to 0.19.1

Commits

• 4aed95a New version
• 66b6192 Update blowfish dependency version to 0.10 (#102)
• c420fca chore: Update build status badge (#99)
• 3a6d31d docs: Fix bare URL to clickable link (#98)
• See full diff in compare view

Updates uuid from 1.22.0 to 1.23.2

Release notes

Sourced from uuid's releases.

v1.23.2

What's Changed

• Improve error messages for ambiguous formats by @​KodrAus in uuid-rs/uuid#882
• Prepare for 1.23.2 release by @​KodrAus in uuid-rs/uuid#883

Full Changelog: uuid-rs/uuid@v1.23.1...v1.23.2

v1.23.1

What's Changed

• Remove deprecated msrv feature from wasm-bindgen dependency by @​guybedford in uuid-rs/uuid#877
• fix: Timestamp::from_gregorian deprecation note by @​aznashwan in uuid-rs/uuid#878
• Prepare for 1.23.1 release by @​KodrAus in uuid-rs/uuid#879

New Contributors

• @​guybedford made their first contribution in uuid-rs/uuid#877
• @​aznashwan made their first contribution in uuid-rs/uuid#878

Full Changelog: uuid-rs/uuid@v1.23.0...v1.23.1

v1.23.0

What's Changed

• feat: add support for 'hyphenated' format in the serde module by @​FrenchDilettante in uuid-rs/uuid#865
• Fix a number of bugs in time-related code by @​KodrAus in uuid-rs/uuid#872
• Reword invalid char error message by @​KodrAus in uuid-rs/uuid#873
• Impl cleanups by @​KodrAus in uuid-rs/uuid#874
• Use LazyLock to synchronize v1/v6 context initialization by @​KodrAus in uuid-rs/uuid#875
• Prepare for 1.23.0 release by @​KodrAus in uuid-rs/uuid#876

New Contributors

• @​FrenchDilettante made their first contribution in uuid-rs/uuid#865

Special thanks

@​meng-xu-cs raised a series of bugs against the timestamp logic in uuid using automated tooling. The issues themselves were reasonably and responsibly presented and the end result is a better uuid library for everyone. Thanks!

Deprecations

This release includes the following deprecations:

• Context: Renamed to ContextV1
• Timestamp::from_gregorian: Renamed to Timestamp::from_gregorian_time

Change to Version::Max

Version::Max's u8 representation has changed from 0xff to 0x0f to match the value returned by Uuid::get_version_num.

Change to Uuid::get_version for the max UUID

Uuid::get_version will only return Some(Version::Max) if the UUID is actually the max UUID (all bytes are 0xff). Previously it would return Some if only the version field was 0x0f. This change matches the behaviour of the nil UUID, which only returns Some(Version::Nil) if the UUID is the nil UUID (all bytes are 0x00).

... (truncated)

Commits

• d119657 Merge pull request #883 from uuid-rs/cargo/v1.23.2
• 0651cfc prepare for 1.23.2 release
• e8dea0c Merge pull request #882 from uuid-rs/fix/error-msgs
• bdc429a fix up serde messages
• d4342e4 make indexes 0 based and fix up more error messages
• 4ad479f work on more accurate parser errors
• ca0c85f Merge pull request #879 from uuid-rs/cargo/v1.23.1
• b4db015 prepare for 1.23.1 release
• 771069d Merge pull request #878 from aznashwan/fix-from-gregorian-deprecation-note
• 80994a2 fix: Timestamp::from_gregorian deprecation note
• Additional commits viewable in compare view

Updates moka from 0.12.14 to 0.12.15

Release notes

Sourced from moka's releases.

Moka 0.12.15

Version 0.12.15

Fixed

• Fixed a bug where re-inserting an expired entry could cause it to lose its expiration time and remain in the cache indefinitely when using a custom Expiry policy with per-entry expiration. (#582gh-pull-0582 by @​jiangzhe, #581gh-pull-0581 by @​atrocities, reported in #575gh-issue-0575):
  • This occurred when an entry that had expired but not yet been evicted was re-inserted, and expire_after_update returned None. This primarily affected users who only override expire_after_create, since the default expire_after_update returns duration_until_expiry, which is None for expired entries.
  • This bug was introduced by the changes in v0.12.13 (#549gh-pull-0549 and #564gh-pull-0564).
  • Subtle behavior change:
    • Before this fix, re-inserting an expired entry was treated as an update, so Expiry::expire_after_update was called.
    • After this fix, re-inserting an expired entry is treated as a creation, so Expiry::expire_after_create is called instead.
    • This may change the expiration time of re-inserted entries, depending on your Expiry trait implementation.
• Fixed flaky tests cht::segment::tests::drop_many_values and drop_many_values_concurrent that were failing on high-core-count machines (#586gh-pull-0586):
  • These tests were using a CPU-dependent segment count, causing inconsistent bucket array shrinking behavior of the internal segmented hash map across different machines.
  • Changed these tests to use a fixed segment count (4) for consistent results.

Changed

• Disabled flaky GC-dependent tests by default using run_flaky_tests cfg (#584gh-pull-0584):
  • These tests rely on epoch-based garbage collection (crossbeam-epoch) timing that is not guaranteed, causing intermittent failures.
  • Fixed #539gh-issue-0539 and #580gh-issue-0580.
  • To run these tests, set RUSTFLAGS='--cfg run_flaky_tests'.

Changelog

Sourced from moka's changelog.

Version 0.12.15

Fixed

• Fixed a bug where re-inserting an expired entry could cause it to lose its expiration time and remain in the cache indefinitely when using a custom Expiry policy with per-entry expiration. (#582[gh-pull-0582] by [@​jiangzhe][gh-jiangzhe], #581[gh-pull-0581] by [@​atrocities][gh-atrocities], reported in #575[gh-issue-0575]):
  • This occurred when an entry that had expired but not yet been evicted was re-inserted, and expire_after_update returned None. This primarily affected users who only override expire_after_create, since the default expire_after_update returns duration_until_expiry, which is None for expired entries.
  • This bug was introduced by the changes in v0.12.13 (#549[gh-pull-0549] and #564[gh-pull-0564]).
  • Subtle behavior change:
    • Before this fix, re-inserting an expired entry was treated as an update, so Expiry::expire_after_update was called.
    • After this fix, re-inserting an expired entry is treated as a creation, so Expiry::expire_after_create is called instead.
    • This may change the expiration time of re-inserted entries, depending on your Expiry trait implementation.
• Fixed flaky tests cht::segment::tests::drop_many_values and drop_many_values_concurrent that were failing on high-core-count machines (#586[gh-pull-0586]):
  • These tests were using a CPU-dependent segment count, causing inconsistent bucket array shrinking behavior of the internal segmented hash map across different machines.
  • Changed these tests to use a fixed segment count (4) for consistent results.

Changed

• Disabled flaky GC-dependent tests by default using run_flaky_tests cfg (#584[gh-pull-0584]):
  • These tests rely on epoch-based garbage collection (crossbeam-epoch) timing that is not guaranteed, causing intermittent failures.
  • Fixed #539[gh-issue-0539] and #580[gh-issue-0580].
  • To run these tests, set RUSTFLAGS='--cfg run_flaky_tests'.

Commits

• 616473e Merge pull request #586 from moka-rs/fix-flaky-cht-test-on-many-core-machines
• caf8c82 Apply cargo fmt
• 65ff433 Fix flaky test cht::segment::tests::drop_many_values on many-core machines
• fd103ad Update the change log for PR #586
• 5baf38c Fix flaky test cht::segment::tests::drop_many_values_concurrent
• 4b709c8 Merge pull request #585 from moka-rs/chore/prepare-v0.12.15
• 9e7c73b Remove an unused link from the change log
• fa14f78 Bump the version to v0.12.15
• 98968b3 Update the change log for v0.12.15
• 4c37fd4 Merge pull request #584 from moka-rs/chore/disable-flaky-tests-by-default
• Additional commits viewable in compare view

Updates clap from 4.6.0 to 4.6.1

Release notes

Sourced from clap's releases.

v4.6.1

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Changelog

Sourced from clap's changelog.

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Commits

• 1420275 chore: Release
• d2c817d docs: Update changelog
• f88c94e Merge pull request #6341 from epage/sep
• acbb822 fix(complete): Reduce risk of conflict with actual subcommands
• a49fadb refactor(complete): Pull out subcommand separator
• ddc008b Merge pull request #6332 from epage/update
• 497dc50 chore: Update compatible dependencies
• dca2326 Merge pull request #6331 from clap-rs/renovate/j178-prek-action-2.x
• 54bdaa3 chore(deps): Update j178/prek-action action to v2
• f0d30d9 chore: Release
• Additional commits viewable in compare view

Updates tokio-postgres from 0.7.16 to 0.7.17

Release notes

Sourced from tokio-postgres's releases.

tokio-postgres v0.7.17

Added

• Added Client::execute_typed method.
• Added Client::query_typed_one and Client::query_typed_opt methods.
• Added GenericClient::execute_typed, GenericClient::query_typed_one, and GenericClient::query_typed_opt methods.
• Added Transaction::execute_typed, Transaction::query_typed_one, and Transaction::query_typed_opt methods.
• Added support for bit-vec 0.9 via the with-bit-vec-0_9 feature.

Changed

• Upgraded rand to 0.10.
• Upgraded to Rust edition 2024, minimum Rust version 1.85.

Commits

• 35a85bd Release tokio-postgres v0.7.17
• 64674ba Release postgres-types v0.2.13
• 40b760d Release postgres-derive v0.4.8
• 6c92298 Release postgres-protocol v0.6.11
• e088d7d style(clippy): fix clippy::useless_conversion
• 19897e8 build(deps): upgrade semver compatible Rust dependencies
• 2584926 build(deps): upgrade RustCrypto dependencies
• 10a7724 chore: add bit-vec v0.9 support
• 2853157 fix: cargo fmt --all
• c8f8993 feat: add rustfmt.toml for opiniated formatting
• Additional commits viewable in compare view

Updates embed-resource from 3.0.7 to 3.0.9

Commits

• 9dbd940 Add @​Legend-Master to authors list
• e804fbd Generate lockfile
• 75aabf9 Specify edition and rust-version
• aadfe6c Revert "Ship a toml=1.0.7 lock file for CI"
• cae565f Ship a toml=1.0.7 lock file for CI
• ee64a84 toml = 0.9 -> 1
• 57a559e Revert "toml = 0.9 -> 1.1"
• b50ff93 Bump version to 3.0.9
• adf18ff toml = 0.9 -> 1.1
• 3e5df7f Bump version to 3.0.8
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.