Bump the "backend" group with 1 update across multiple ecosystems

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps the backend group with 20 updates:

Package	From	To
aws-sdk-s3	1.131.0	1.132.0
cached	0.59.0	1.1.0
emojis	0.8.1	0.8.2
garde	0.22.1	0.23.0
hmac	0.12.1	0.13.0
icalendar	0.17.10	0.17.11
lettre	0.11.21	0.11.22
openssl	0.10.78	0.10.80
quick-xml	0.39.2	0.40.1
reqwest	0.13.3	0.13.4
rkyv	0.7.46	0.8.16
serde_json	1.0.149	1.0.150
serde_qs	1.1.1	1.1.2
serde_with	3.18.0	3.20.0
sha2	0.10.9	0.11.0
tokio	1.52.1	1.52.3
tower-http	0.6.8	0.6.11
tower-sessions	0.14.0	0.15.0
unicode-segmentation	1.13.2	1.13.3
uuid	1.23.1	1.23.2

Updates aws-sdk-s3 from 1.131.0 to 1.132.0

Commits

• See full diff in compare view

Updates cached from 0.59.0 to 1.1.0

Changelog

Sourced from cached's changelog.

[1.1.0 / cached_proc_macro 1.1.0]

Added

• Add ExpiringCache (and ExpiringCacheBuilder) as a size-unbounded store where each value implements the Expires trait and determines its own expiration.
• Add expires = true attribute to the #[cached] procedural macro: automatically selects ExpiringCache (unbounded) or ExpiringLruCache (LRU-bounded when size is also set), so the return type controls its own expiry via Expires. Compatible with result, option, result_fallback, sync_writes, key/convert, and size. Mutually exclusive with ttl, ty, create, with_cached_flag, unsync_reads, refresh, and unbound.
• Add support for the expires = true attribute in the #[once] procedural macro to allow single-value functions to utilize value-defined expiration (Expires trait).
• Add comprehensive unit tests in src/stores/expiring_lru.rs covering the Expires trait and ExpiringLruCache's CachedIter::iter expired-filtering, Clone, std::fmt::Debug, cache_remove, and cache_clear.
• Implement std::fmt::Debug and Clone for TtlSortedCache (and its internal Entry type) and ExpiringCache to ensure full Debug/Clone trait parity across all 7 core in-memory store types.
• Add robust unit tests across all remaining core cache stores (UnboundCache, LruCache, TtlCache, LruTtlCache, TtlSortedCache) verifying Debug and Clone trait behaviors; UnboundCache and LruCache also verify PartialEq and Eq.
• Add comprehensive validation unit tests for each store builder's fallible try_build() methods (asserting expected BuildError outcomes for invalid capacities, sizes, or missing required attributes like ttl).
• Add unit tests validating the std::fmt::Display representation for all BuildError variants in src/stores/mod.rs.
• Add standardized micro-benchmarks (benches/cache_benches.rs) for cache hits across all 7 core in-memory stores (UnboundCache, LruCache, TtlCache, LruTtlCache, ExpiringLruCache, ExpiringCache, TtlSortedCache), cache misses & inserts, eviction capacity overhead, and RwLock lock-synchronization (with and without CachedRead::cache_get_read unsynchronized reads).
• Add new bench target to the Makefile to run the benchmark suite.
• Add GitHub Actions workflow (.github/workflows/codspeed.yml) for automated, low-noise continuous benchmarking on every push and pull request.
• Add standard, runnable example examples/expires_per_key.rs demonstrating how to use the Expires trait with ExpiringLruCache and ExpiringCache for per-value expiration, including keyed caching via #[cached(expires = true)] and single-value caching via #[once(expires = true)].
• Add detailed library-level documentation and quickstart example for Expires, ExpiringCache, and ExpiringLruCache to src/lib.rs (automatically synced to README.md).

[1.0.0 / cached_proc_macro 1.0.0 / cached_proc_macro_types 1.0.0]

Upgrading from 0.x? See the 1.0 migration guide for a complete walkthrough of every breaking change (and an agent-oriented version for automated tooling).

Added

• Add comprehensive async integration tests in tests/cached.rs for CachedAsync methods on TtlCache, LruTtlCache, TtlSortedCache, ExpiringLruCache, and UnboundCache to assert correct on_evict invocation on expired lookups.
• Add make help and make check/help targets for documenting and validating supported Makefile commands.
• Add fallible try_build methods to TtlCacheBuilder and ExpiringLruCacheBuilder.
• Re-export TtlSortedCacheError at the crate root (and via cached::stores) so users can name and match on the error returned by TtlSortedCache::cache_try_set.
• ExpiringLruCache::store() accessor (mirroring LruTtlCache::store()) for advanced introspection of the inner LruCache.
• Add ConcurrentCached::cache_delete and ConcurrentCachedAsync::cache_delete for deleting entries without decoding or returning the previous value.
• CachedPeek trait: non-mutating cache lookups that skip recency updates, TTL refresh, and hit/miss metrics
• CachedRead trait: shared-reference reads for stores with no read-side mutation; used by unsync_reads
• CacheEvict trait: explicit evict() method to sweep expired entries from all timed/expiring stores
• unsync_reads = true option for #[cached]: uses a read lock on the cache-hit path instead of a write lock; requires the store to implement CachedRead (supported by UnboundCache, TtlSortedCache, HashMap, and custom stores that implement CachedRead)
• on_evict(|k, v| { ... }) eviction callbacks on all in-memory stores (LruCache, TtlCache, LruTtlCache, ExpiringLruCache, TtlSortedCache)
• ::builder() constructor APIs for all in-memory stores
• cache_evictions() metric on all stores that support eviction
• ConcurrentCachedAsync is now implemented for DiskCache; #[concurrent_cached(disk = true)] on an async fn runs all sled I/O on tokio's blocking pool via spawn_blocking instead of blocking the async runtime. Adds the DiskCacheError::BackgroundTaskFailed variant returned if that blocking task is cancelled or panics.
• #[cached], #[once], and #[concurrent_cached] are now re-exported at the crate root (use cached::cached; works), alongside the existing cached::macros::* path.
• DiskCacheBuildError, DiskCacheBuilder, RedisCacheBuildError, RedisCacheBuilder, and AsyncRedisCacheBuilder are now re-exported at the crate root, matching the in-memory *Builder re-exports — the error type returned by DiskCache/RedisCache build() is now nameable via the same path the cache type came from.

Changed

... (truncated)

Commits

• See full diff in compare view

Updates emojis from 0.8.1 to 0.8.2

Changelog

Sourced from emojis's changelog.

0.8.2

May 10th, 2026

No public API changes

• [Bump dev dependency toml to 1.x.x]#30

  Contributed by Michel Lind

#30: rossmacarthur/emojis#30

Commits

• f6d6077 This is 0.8.2
• c209f61 Fix clippy warnings
• 27eb5c4 Fix workflow 🤦‍♂️
• 25eef45 Bump toml to 1.x (#30)
• 5e064a3 Only run cargo check on MSRV
• See full diff in compare view

Updates garde from 0.22.1 to 0.23.0

Release notes

Sourced from garde's releases.

v0.23.0

Internationalization (i18n)

Error messages may now be customized.

struct Czech;
impl I18n for Czech {
fn length_lower_than(&self, min: usize) -> Cow<'static, str> {
format!("musí obsahovat alespoň {min} znaků").into()
}
fn email_invalid(&amp;self, _reason: InvalidEmail) -&gt; Cow&lt;'static, str&gt; {
    format!(&quot;email je neplatný&quot;).into()
}
// etc.

}
#[derive(Validate)]
struct User {
#[garde(length(min = 3))]
name: String,
#[garde(email)]
email: String,
}
let user = User {
name: "Jan Novák".to_string(),
email: "invalid-email".to_string(),
};
let result = with_i18n(Czech, || user.validate());

The goal behind this feature is to support localization of error messages, but it can also be used to assign custom error messages in English to all errors produced by garde.

if(cond = <expr>, <rules>...)

Rules may now be nested within an if rule, which only validates if a given condition is true. The condition can refer to self and ctx as with any other rule.

struct Config {
    strict: bool,
}
#[derive(garde::Validate)]
#[garde(context(Config as ctx))]
struct User {
</tr></table>

... (truncated)

Commits

• 62b71b1 0.23.0
• edda2ec support pre-1.0 version bumps
• 8a2ad42 Merge pull request #183 from jprochazk/ci-exclude-ui-on-stable
• f8a75e1 Merge pull request #182 from jprochazk/fix-skip-tuple-variant-binding
• 6c4ff77 exclude pattern_mismatched_types test on stable instead of pinned
• 88694f4 fix(derive): bind all tuple variant fields so skipped fields don't shift bind...
• 7d4a538 Merge pull request #150 from jprochazk/i18n
• 7c33d10 fix wasm test
• 951940f impl
• 51f80cf Merge pull request #178 from jprochazk/toolchain
• Additional commits viewable in compare view

Updates hmac from 0.12.1 to 0.13.0

Commits

• 0236c8e hmac v0.13.0 (#263)
• b895e50 Migrate tests to the new blobby format (#264)
• 3d1440b Workspace-level lint configuration (#261)
• 11d4f36 hmac: use release versions of dev-dependencies (#260)
• c40b82b hmac: bump sha2 dev-dependency to v0.11 (#259)
• 1fa0781 Cut rc.5 prereleases (#258)
• a008265 hmac v0.13.0-rc.6 (#256)
• da485cd Use (Reset)MacTraits (#254)
• 2c51e3b hmac: derive Clone instead of relying on (Reset)MacTraits (#253)
• 669d805 Relax Clone bounds (#250)
• Additional commits viewable in compare view

Updates icalendar from 0.17.10 to 0.17.11

Release notes

Sourced from icalendar's releases.

v0.17.11

What's Changed

• fix: X-WR-CALDESC property non properly escaped by @​nixxo in hoodie/icalendar#176

New Contributors

• @​nixxo made their first contribution in hoodie/icalendar#176

Full Changelog: hoodie/icalendar@v0.17.10...v0.17.11

Changelog

Sourced from icalendar's changelog.

v0.17.11 (2026-06-03)

Fixes

• treat non-standard properties as text (4905029)

Commits

• bd4d3d9 chore: bump version
• c01c9d0 Merge pull request #176 from nixxo/patch-2
• 4905029 fix: treat non-standard properties as text
• 143ea5f chore: changelog
• See full diff in compare view

Updates lettre from 0.11.21 to 0.11.22

Release notes

Sourced from lettre's releases.

v0.11.22 - update now if you're using Boring TLS

Security

• Fix inverted TLS hostname verification flag in boring-tls backend that silently disabled hostname verification f5efffc

Bug Fixes

• Cap read_response buffer to prevent unbounded memory growth #1143

Misc

• Upgrade rustls-platform-verifier to v0.7 #1136

Changelog

Sourced from lettre's changelog.

v0.11.22 (2026-05-14)

Security

• Fix inverted TLS hostname verification flag in boring-tls backend that silently disabled hostname verification (f5efffc)

Bug Fixes

• Cap read_response buffer to prevent unbounded memory growth (#1143)

Misc

• Upgrade rustls-platform-verifier to v0.7 (#1136)

#1136: lettre/lettre#1136 #1143: lettre/lettre#1143

Commits

• 9b88c4f Prepare v0.11.22
• f5efffc fix(transport-smtp): negate hostname-verify flag for boring-tls
• f62f304 fix(transport-smtp): cap read_response buffer
• fa402db build(deps): upgrade rustls-platform-verifier to v0.7
• See full diff in compare view

Updates openssl from 0.10.78 to 0.10.80

Release notes

Sourced from openssl's releases.

openssl-v0.10.80

What's Changed

• Prefer Homebrew openssl@4 and stop looking for openssl@1.1 by @​alex in rust-openssl/rust-openssl#2633
• Fix output buffer overflow in cipher_update_inplace for AES key-wrap-with-padding by @​alex in rust-openssl/rust-openssl#2638
• Release openssl 0.10.80 and openssl-sys 0.9.116 by @​alex in rust-openssl/rust-openssl#2639

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.79...openssl-v0.10.80

openssl-v0.10.79

What's Changed

• Bump actions/cache from 5.0.4 to 5.0.5 by @​dependabot[bot] in rust-openssl/rust-openssl#2610
• Try to fix OpenSSL 1.1.0l download by @​botovq in rust-openssl/rust-openssl#2614
• Require &mut BigNumContextRef for EcPointRef mul/invert by @​alex in rust-openssl/rust-openssl#2615
• Fix UB in EcGroupRef::generator on groups without a generator by @​alex in rust-openssl/rust-openssl#2617
• Replace use libc::*; with targeted imports in openssl-sys by @​alex in rust-openssl/rust-openssl#2618
• Add PKeyRef::is_a and KeyType for name-based key identification by @​reaperhulk in rust-openssl/rust-openssl#2619
• Add PKey::{public,private}_key_from_raw_bytes_ex by @​reaperhulk in rust-openssl/rust-openssl#2620
• Bump MSRV to 1.80 by @​reaperhulk in rust-openssl/rust-openssl#2622
• Drop once_cell in favor of std::sync::{LazyLock, OnceLock} by @​reaperhulk in rust-openssl/rust-openssl#2623
• Add PKey::private_key_from_seed for ML-DSA/ML-KEM key import by @​reaperhulk in rust-openssl/rust-openssl#2621
• parallelize more builds in CI for cold caches by @​reaperhulk in rust-openssl/rust-openssl#2625
• Add PKeyRef::seed_into for ML-DSA/ML-KEM seed extraction by @​reaperhulk in rust-openssl/rust-openssl#2626
• Fix process abort when verify/PSK callbacks fire after SSL_CTX swap by @​alex in rust-openssl/rust-openssl#2624
• Bind OSSL_PARAM_modified and use it for seed_into by @​reaperhulk in rust-openssl/rust-openssl#2628
• Add PkeyCtxRef::set_context_string for ML-DSA by @​reaperhulk in rust-openssl/rust-openssl#2629
• Reject non-UTF-8 OCSP responder URLs in X509Ref::ocsp_responders by @​alex in rust-openssl/rust-openssl#2631
• Fix output buffer overflow for AES key-wrap-with-padding ciphers by @​alex in rust-openssl/rust-openssl#2630
• Release openssl 0.10.79 and openssl-sys 0.9.115 by @​reaperhulk in rust-openssl/rust-openssl#2632

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79

Commits

• 35be7ae Release openssl 0.10.80 and openssl-sys 0.9.116 (#2639)
• 19eceb2 Fix output buffer overflow in cipher_update_inplace for AES key-wrap-with-pad...
• b460eb3 Prefer Homebrew openssl@4 and stop looking for openssl@1.1 (#2633)
• 649f2d9 Release openssl 0.10.79 and openssl-sys 0.9.115 (#2632)
• 257f9b2 Fix output buffer overflow for AES key-wrap-with-padding ciphers (#2630)
• d43e917 Reject non-UTF-8 OCSP responder URLs in X509Ref::ocsp_responders (#2631)
• f46519c Add PkeyCtxRef::set_context_string for ML-DSA (#2629)
• ad9ae31 Bind OSSL_PARAM_modified and use it for seed_into (#2628)
• 4e25c9b Fix process abort when verify/PSK callbacks fire after SSL_CTX swap (#2624)
• 3dd8f42 Add PKeyRef::seed_into for ML-DSA/ML-KEM seed extraction (#2626)
• Additional commits viewable in compare view

Updates quick-xml from 0.39.2 to 0.40.1

Release notes

Sourced from quick-xml's releases.

v0.40.1 - Fix rarely possible serde deserialization panic

What's Changed

• #964: Fix unreachable!() panic in the serde deserializer when a DOCTYPE declaration appears between two text runs inside an element (e.g. <a>x<!DOCTYPE y>z</a>). The DOCTYPE used to break drain_text's consecutive-text merge, so two DeEvent::Text events reached read_text and tripped its "Cannot be two consequent Text events" invariant. DOCTYPE is now treated as transparent during text drain — it still goes through the entity resolver, but the surrounding text is merged into one run. Discovered via libFuzzer on a real-world SAML deserializer harness.

#964: tafia/quick-xml#964

New Contributors

• @​williamareynolds made their first contribution in tafia/quick-xml#964

Full Changelog: tafia/quick-xml@v0.40.0...v0.40.1

v0.40.0 - UTF-16 and ISO-2022-JP encodings supported

What's Changed

MSRV bumped to 1.79.

Now quick-xml supports the UTF-16 and ISO-2022-JP encoded documents. See the new DecodingReader type.

New Features

• #956: Add DecodingReader, a BufRead adapter that auto-detects encoding from BOM or XML declaration and transcodes to UTF-8. Enabled by the encoding feature.

• #938: Add new enumeration XmlVersion and typified getter BytesDecl::xml_version().

• #938: Add new error variant IllFormedError::UnknownVersion.

• #371: Add new error variant EscapeError::TooManyNestedEntities.

• #371: Improved compliance with the XML attribute value normalization process by adding

  • Attribute::normalized_value()
  • Attribute::normalized_value_with()
  • Attribute::decoded_and_normalized_value()
  • Attribute::decoded_and_normalized_value_with()

  which ought to be used in place of deprecated

  • Attribute::unescape_value()
  • Attribute::unescape_value_with()
  • Attribute::decode_and_unescape_value()
  • Attribute::decode_and_unescape_value_with()

  Deprecated functions now behaves the same as newly added.

Bug Fixes

• #938: Use correct rules for EOL normalization in Deserializer when parse XML 1.0 documents. Previously XML 1.1. rules was applied.

Misc Changes

• #914: Remove deprecated .prefixes(), .resolve(), .resolve_attribute(), and .resolve_element() of NsReader. Use .resolver().<...> methods instead.
• #938: Now BytesText::xml_content, BytesCData::xml_content and BytesRef::xml_content accepts XmlVersion parameter to apply correct EOL normalization rules.
• #944: read_text() now returns BytesText which allows you to get the content with properly normalized EOLs. To get the previous behavior use .read_text().decode()?.
• #956: Bumped MSRV from 1.59 (Feb 2022) to 1.79 (June 2024)

... (truncated)

Changelog

Sourced from quick-xml's changelog.

0.40.1 -- 2026-05-15

Bug Fixes

• #964: Fix unreachable!() panic in the serde deserializer when a DOCTYPE declaration appears between two text runs inside an element (e.g. <a>x<!DOCTYPE y>z</a>). The DOCTYPE used to break drain_text's consecutive-text merge, so two DeEvent::Text events reached read_text and tripped its "Cannot be two consequent Text events" invariant. DOCTYPE is now treated as transparent during text drain — it still goes through the entity resolver, but the surrounding text is merged into one run. Discovered via libFuzzer on a real-world SAML deserializer harness.

#964: tafia/quick-xml#964

Misc Changes

0.40.0 -- 2026-05-11

MSRV bumped to 1.79.

Now quick-xml supports the UTF-16 encoded documents. See the new DecodingReader type.

New Features

• #956: Add DecodingReader, a BufRead adapter that auto-detects encoding from BOM or XML declaration and transcodes to UTF-8. Enabled by the encoding feature.

• #938: Add new enumeration XmlVersion and typified getter BytesDecl::xml_version().

• #938: Add new error variant IllFormedError::UnknownVersion.

• #371: Add new error variant EscapeError::TooManyNestedEntities.

• #371: Improved compliance with the XML attribute value normalization process by adding

  • Attribute::normalized_value()
  • Attribute::normalized_value_with()
  • Attribute::decoded_and_normalized_value()
  • Attribute::decoded_and_normalized_value_with()

  which ought to be used in place of deprecated

  • Attribute::unescape_value()
  • Attribute::unescape_value_with()
  • Attribute::decode_and_unescape_value()
  • Attribute::decode_and_unescape_value_with()

  Deprecated functions now behaves the same as newly added.

Bug Fixes

• #938: Use correct rules for EOL normalization in Deserializer when parse XML 1.0 documents. Previously XML 1.1. rules was applied.

... (truncated)

Commits

• 9aaea92 Release 0.40.1
• ce488bc Merge pull request #964 from williamareynolds/fix/de-doctype-in-text-unreachable
• e00ae5c Fix unreachable!() panic when DOCTYPE appears between text runs in element co...
• 2778564 Release 0.40.0
• 393db03 Merge pull request #962 from Mingun/prepare-0.40
• a27709a Fix misprint in code example
• 0c0c914 Make some functions const and enable clippy::missing_const_for_fn lint
• bf4ffe5 Fix clippy warning: use .first() instead of .get(0)
• d69baad Fix clippy warning: remove unnecessary after 241f01e20ff679e9248f2ae424c9ba82...
• 8e0ae4f Fix clippy warning: use strip_prefix instead of manual stripping
• Additional commits viewable in compare view

Updates reqwest from 0.13.3 to 0.13.4

Release notes

Sourced from reqwest's releases.

v0.13.4

tl;dr

• Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.
• Add ClientBuilder::http2_keep_alive_* options for the blocking client.
• Add TLS 1.3 support when using native-tls backend.
• Fix redirect handling to strip sensitive headers when the scheme changes.
• Fix HTTP/3 happy-eyeball connection creation.
• Upgrade hickory-resolver to 0.26.

What's Changed

• fix(tls): improve rustls-no-provider panic message and add module docs by @​smythg4 in seanmonstar/reqwest#3021
• fix: do not lose the url in error when decoding json by @​Dushistov in seanmonstar/reqwest#3026
• Add tls_sslkeylogfile builder method by @​passcod in seanmonstar/reqwest#2923
• fix(redirect): strip sensitive headers on scheme change across redirects by @​SAY-5 in seanmonstar/reqwest#3034
• chore: upgrade MSRV to 1.85 by @​seanmonstar in seanmonstar/reqwest#3038
• chore: clean up minimal-versions CI job by @​seanmonstar in seanmonstar/reqwest#3039
• fix(http3): use happy eyeballs for h3 connect by @​lyuzichong in seanmonstar/reqwest#3030
• fix: update hickory-resolver to 0.26 and adjust code accordingly by @​seanmonstar in seanmonstar/reqwest#3040
• fix: remove unwrap in hickory initialization by @​mat813 in seanmonstar/reqwest#3041
• feat(https): support TLS 1.3 as min version under native-tls 🎉 by @​AverageHelper in seanmonstar/reqwest#2975
• Expose keep alive configurations in blocking client by @​aeb-dev in seanmonstar/reqwest#3043
• Prepare v0.13.4 by @​seanmonstar in seanmonstar/reqwest#3046

New Contributors

• @​smythg4 made their first contribution in seanmonstar/reqwest#3021
• @​Dushistov made their first contribution in seanmonstar/reqwest#3026
• @​SAY-5 made their first contribution in seanmonstar/reqwest#3034
• @​mat813 made their first contribution in seanmonstar/reqwest#3041
• @​AverageHelper made their first contribution in seanmonstar/reqwest#2975
• @​aeb-dev made their first contribution in seanmonstar/reqwest#3043

Full Changelog: seanmonstar/reqwest@v0.13.3...v0.13.4

Changelog

Sourced from reqwest's changelog.

v0.13.4

• Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.
• Add ClientBuilder::http2_keep_alive_* options for the blocking client.
• Add TLS 1.3 support when using native-tls backend.
• Fix redirect handling to strip sensitive headers when the scheme changes.
• Fix HTTP/3 happy-eyeball connection creation.
• Upgrade hickory-resolver to 0.26.

Commits

• 11489b3 v0.13.4
• d31ffbb feat: Expose HTTP2 keep alive configurations in blocking client (#3043)
• 79ed0d7 feat: support TLS 1.3 as min version under native-tls 🎉 (#2975)
• fb7bf6a fix: remove unwrap in hickory initialization (#3041)
• 3da616f fix: update hickory-resolver to 0.26 and adjust code accordingly (#3040)
• c77e7b2 fix(http3): use happy eyeballs for h3 connect (#3030)
• 9cbb65b chore: clean up minimal-versions CI job (#3039)
• 17a7dc5 chore: upgrade MSRV to 1.85 (#3038)
• 03db63a fix(redirect): strip sensitive headers on scheme change across redirects (#3034)
• 4b813a8 feat: add tls_sslkeylogfile builder method (#2923)
• Additional commits viewable in compare view

Updates rkyv from 0.7.46 to 0.8.16

Release notes

Sourced from rkyv's releases.

0.8.8

• Fixes auto copy optimization referring to generated types with as = ...

Full Changelog: rkyv/rkyv@0.8.7...0.8.8

0.8.7

• Removes an unused lifetime from the high- and low-level API serializer types.

Full Changelog: rkyv/rkyv@0.8.6...0.8.7

0.8.6

What's Changed

• Derive Default, Eq, Hash, Ord, PartialEq, and PartialOrd for ArchivedTuple* by @​evie-calico in rkyv/rkyv#556

New Contributors

• @​evie-calico made their first contribution in rkyv/rkyv#556

Full Changelog: rkyv/rkyv@0.8.5...0.8.6

0.8.5

This bugfix release only includes performance optimizations.

Full Changelog: rkyv/rkyv@0.8.4...0.8.5

0.8.4

What's Changed

• Support missing enum variants on remote derives by @​MaxOhn in rkyv/rkyv#553
• Removed a stale reference to ArchivedAlignedVec
• Fixed a panic caused by serializing hashmaps of large elements
• Reduced branching when writing inline strings (~15% ser improvement on log benchmark)

Full Changelog: rkyv/rkyv@0.8.3...0.8.4

0.8.3

What's Changed

• fix: minimum syn version by @​xJonathanLEI in rkyv/rkyv#550

New Contributors

• @​xJonathanLEI made their first contribution in rkyv/rkyv#550

Full Changelog: rkyv/rkyv@0.8.2...0.8.3

0.8.2

This bugfix release addresses the following issues:

• #548 Makes the AsVec wrapper compatible with any choice of hasher
• #549 Access pointer validation fails for nested HashMaps

0.8.1

This bugfix release corrects an infinite loop in hash map probing.

... (truncated)

Commits

• See full diff in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Updates serde_qs from 1.1.1 to 1.1.2

Release notes

Sourced from serde_qs's releases.

v1.1.2

Fixed

• do not strict-validate ignored compound fields (#168)

Changelog

Sourced from serde_qs's changelog.

1.1.2 - 2026-05-15

Fixed

• do not strict-validate ignored compound fields (#168)

Commits

• ba6b6f7 chore: release v1.1.2 (#169)
• f220b13 fix: do not strict-validate ignored compound fields (#168)
• See full diff in compare view

Updates serde_with from 3.18.0 to 3.20.0

Release notes

Sourced from serde_with's releases.

serde_with v3.20.0

Added

• Add support for base58 encoding, similar to the existing base64 setup by @​mitinarseny (#943)

Fixed

• Extend base64 with schemars support by @​mitinarseny (#9949)

serde_with v3.19.0

Added

• Add support for hashbrown v0.17 (#940)

  This extends the existing support for hashbrown to the newly released version.

Commits

• f1b06c7 Bump version to 3.20.0 (#953)
• 11fe1c5 Bump version to 3.20.0
• 222b9aa Include Rust 1.95 in the CI matrix (#951)
• 993770c Include Rust 1.95 in the CI matrix
• 731b00b feat: automatic schemars support for Base64 (#949)
• 93d6d9d Bump github/codeql-action from 4.35.2 to 4.35.3 in the github-actions group (...
• 59bc97b Bump github/codeql-action in the github-actions group
• 84f2e40 feat: automatic schemars support for base64
• ff837ab feat: base58 (#943)
• 9fda9ce chore: bring back newline
• Additional commits viewable in compare view

Updates sha2 from 0.10.9 to 0.11.0

Commits

• ffe0939 Release sha2 0.11.0 (#806)
• 8991b65 Use the standard order of the [package] section fields (#807)
• 3d2bc57 sha2: refactor backends (#802)
• faa55fb sha3: bump keccak to v0.2 (#803)
• d3e6489 sha3 v0.11.0-rc.9 (#801)
• bbf6f51 sha2: tweak backend docs (#800)
• 155dbbf sha3: add default value for the DS generic parameter on TurboShake128/256...
• ed514f2 Use published version of keccak v0.2 (#799)
• 702bcd8 Migrate to closure-based keccak (#796)
• 827c043 sha3 v0.11.0-rc.8 (#794)
• Additional commits viewable in compare view

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• s...

  Description has been truncated