chore(deps): bump the patch-versions group across 1 directory with 8 updates

[dependabot]

Bumps the patch-versions group with 8 updates in the / directory:

Package	From	To
axum	0.8.7	0.8.8
clap_complete	4.5.61	4.5.63
derive_more	2.1.0	2.1.1
pastey	0.2.0	0.2.1
reqwest	0.12.26	0.12.28
serde_json	1.0.145	1.0.148
tracing	0.1.43	0.1.44
proc-macro2	1.0.103	1.0.104

Updates axum from 0.8.7 to 0.8.8

Release notes

Sourced from axum's releases.

axum v0.8.8

• Clarify documentation for Router::route_layer (#3567)

#3567: tokio-rs/axum#3567

Commits

• d07863f Release axum v0.8.8 and axum-extra v0.12.3
• 287c674 axum-extra: Make typed-routing feature enable routing feature (#3514)
• f5804aa SecondElementIs: Correct a small inconsistency (#3559)
• f51f3ba axum-extra: Add trailing newline to pretty JSON response (#3526)
• 816407a Fix integer underflow in try_range_response for empty files (#3566)
• 78656eb docs: Clarify route_layer does not apply middleware to the fallback handler...
• See full diff in compare view

Updates clap_complete from 4.5.61 to 4.5.63

Commits

• 06a2311 chore: Release
• bed131f docs: Update changelog
• a61c53e Merge pull request #6202 from iepathos/6201-symlink-path-completions
• c3b4405 fix(complete): Follow symlinks in path completion
• a794395 test(complete): Add symlink path completion tests
• ca0aeba chore: Release
• 44cdcc1 docs: Update changelog
• 2dc500c Merge pull request #6198 from devjgm/greg/fix-clap-completer-issue-with-fish
• 2280d48 fix: fix path quoting with dynamic env completer
• ac1006c Merge pull request #6197 from devjgm/greg/fix-clap-completer-issue-with-fish
• Additional commits viewable in compare view

Updates derive_more from 2.1.0 to 2.1.1

Release notes

Sourced from derive_more's releases.

2.1.1

API docs Changelog

Changelog

Sourced from derive_more's changelog.

2.1.1 - 2025-12-22

Fixed

• .as_dyn_error() method hygiene inside Error derive expansion. (#527)

Commits

• f7bb41a Correct release date
• 289988a Prepare 2.1.1 release (#529)
• d820ec6 Fix derive(Error) expansion hygiene (#527, #526)
• 5627282 Remove glob imports in derive(From) tests to mend 1.94 nightly Rust regress...
• See full diff in compare view

Updates pastey from 0.2.0 to 0.2.1

Release notes

Sourced from pastey's releases.

v0.2.1

Added

• Support for idents and literals in replace modifier #24

Changed

• Excluded development scripts from the published cargo package #23

Changelog

Sourced from pastey's changelog.

[0.2.1] - 2025-12-16

Added

• Support for idents and literals in replace modifier #24

Changed

• Excluded development scripts from the published cargo package #23

Commits

• c0a17af RELEASE v0.2.1
• 2e06914 Update README.md
• 03527f4 Add support for idents and literals in replace command (#24)
• f20dda0 Exclude development scripts (#23)
• 529a22c Fix link format in CHANGELOG.md
• d27373b Add unique test cases to paste-compat test suite (#18)
• See full diff in compare view

Updates reqwest from 0.12.26 to 0.12.28

Release notes

Sourced from reqwest's releases.

v0.12.28

What's Changed

• fix: correctly import TokioIo on Windows by @​seanmonstar in seanmonstar/reqwest#2896

Full Changelog: seanmonstar/reqwest@v0.12.27...v0.12.28

v0.12.27

tl;dr

• Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Pipe.

What's Changed

• chore: Disable unused tokio-util codec feature by @​tottoto in seanmonstar/reqwest#2893
• chore: Use http_body_util::BodyDataStream by @​tottoto in seanmonstar/reqwest#2892
• feat: add windows_named_pipe() option to client builder by @​seanmonstar in seanmonstar/reqwest#2789

Full Changelog: seanmonstar/reqwest@v0.12.26...v0.12.27

Changelog

Sourced from reqwest's changelog.

v0.12.28

• Fix compiling on Windows if TLS and SOCKS features are not enabled.

v0.12.27

• Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Piper.

Commits

• d978599 v0.12.28
• ef2768a fix: correctly import TokioIo on Windows (#2896)
• 1bf6441 v0.12.27
• 4967b1b feat: add windows_named_pipe() option to client builder (#2789)
• ef5b239 chore: Use http_body_util::BodyDataStream (#2892)
• a810004 chore: Disable unused tokio-util codec feature (#2893)
• See full diff in compare view

Updates serde_json from 1.0.145 to 1.0.148

Release notes

Sourced from serde_json's releases.

v1.0.148

• Update zmij dependency to 1.0

v1.0.147

• Switch float-to-string algorithm from Ryū to Żmij for better f32 and f64 serialization performance (#1304)

v1.0.146

• Set fast_arithmetic=64 for riscv64 (#1305, thanks @​Xeonacid)

Commits

• 8b291c4 Release 1.0.148
• 1aefe15 Update to zmij 1.0
• 62d6e8d Release 1.0.147
• fd829a6 Merge pull request #1304 from dtolnay/zmij
• e757a3d Switch from ryu -> zmij for float formatting
• 75ad7e6 Release 1.0.146
• bc6c827 Merge pull request #1305 from Xeonacid/patch-1
• a09210a Set fast_arithmetic=64 for riscv64
• 01182e5 Update actions/upload-artifact@v5 -> v6
• 383b13a Update actions/upload-artifact@v4 -> v5
• Additional commits viewable in compare view

Updates tracing from 0.1.43 to 0.1.44

Release notes

Sourced from tracing's releases.

tracing 0.1.44

Fixed

• Fix record_all panic (#3432)

Changed

• tracing-core: updated to 0.1.36 (#3440)

#3432: tokio-rs/tracing#3432 #3440: tokio-rs/tracing#3440

Commits

• 2d55f6f chore: prepare tracing 0.1.44 (#3439)
• 10a9e83 chore: prepare tracing-core 0.1.36 (#3440)
• ee82cf9 tracing: fix record_all panic (#3432)
• 9978c36 chore: prepare tracing-mock 0.1.0-beta.3 (#3429)
• cc44064 chore: prepare tracing-subscriber 0.3.22 (#3428)
• See full diff in compare view

Updates proc-macro2 from 1.0.103 to 1.0.104

Release notes

Sourced from proc-macro2's releases.

1.0.104

• Add Rust 1.92.0's TokenStream Extend impls (#527, rust-lang/rust#145722)

Commits

• 4321369 Release 1.0.104
• 9561144 Merge pull request #527 from dtolnay/extend
• 57fed01 Update actions/upload-artifact@v5 -> v6
• 1096f1a Update actions/upload-artifact@v4 -> v5
• 4275e26 Update to 2021 edition
• bccca27 Delete rustversion attributes older than required compiler version
• 8f4c801 Update actions/checkout@v5 -> v6
• 1baff31 Add new TokenStream Extend impls
• 6f45ba0 Rename TokenTree collections to "tokens"
• 2942447 Merge pull request #526 from dtolnay/up
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

• Chores
  • Updated project dependencies to latest compatible versions for improved stability and compatibility.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The changes update two dependencies in Cargo.toml: reqwest is bumped from 0.12 to 0.13 with the TLS feature modified from rustls-tls to rustls, and ra_ap_syntax is bumped from 0.0.310 to 0.0.312. No functional code changes are introduced.

Changes

Cohort / File(s)	Summary
HTTP Client & Syntax Dependency Updates Cargo.toml	Updated reqwest from 0.12 to 0.13 with TLS feature changed from rustls-tls to rustls; bumped ra_ap_syntax from 0.0.310 to 0.0.312

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• chore(deps): bump reqwest from 0.12.25 to 0.12.26 in the patch-versions group #6350: Updates the same reqwest dependency with version bump changes.
• chore(deps): bump the patch-versions group with 2 updates #6318: Bumps both reqwest and ra_ap_syntax dependencies in Cargo.toml.
• chore(deps): bump tracing-appender from 0.2.3 to 0.2.4 in the patch-versions group #6264: Updates the ra_ap_syntax dependency version in Cargo.toml.

Suggested reviewers

• LesnyRumcajs
• sudo-shashank

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the pull request as a dependency bump update across the repository, matching the actual changes made to Cargo.toml.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

📜 Recent review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4ea21a4 and 6ccb08e.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• Cargo.toml

🧰 Additional context used

🧠 Learnings (3)

📓 Common learnings

Learnt from: hanabi1224
Repo: ChainSafe/forest PR: 5867
File: src/ipld/util.rs:553-558
Timestamp: 2025-08-08T12:10:45.218Z
Learning: Forest pins Rust toolchain to 1.89.0 via rust-toolchain.toml; features stabilized in 1.88 (e.g., let-chains) are acceptable in this codebase.

📚 Learning: 2025-08-08T12:10:45.218Z

Learnt from: hanabi1224
Repo: ChainSafe/forest PR: 5867
File: src/ipld/util.rs:553-558
Timestamp: 2025-08-08T12:10:45.218Z
Learning: Forest pins Rust toolchain to 1.89.0 via rust-toolchain.toml; features stabilized in 1.88 (e.g., let-chains) are acceptable in this codebase.

Applied to files:

• Cargo.toml

📚 Learning: 2025-08-08T12:10:45.218Z

Learnt from: hanabi1224
Repo: ChainSafe/forest PR: 5867
File: src/ipld/util.rs:553-558
Timestamp: 2025-08-08T12:10:45.218Z
Learning: Forest project targets Rust stable >=1.89; features stabilized in 1.88 like let-chains are acceptable in this codebase.

Applied to files:

• Cargo.toml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Build MacOS
• GitHub Check: cargo-publish-dry-run
• GitHub Check: Build Ubuntu
• GitHub Check: Build forest binaries on Linux AMD64
• GitHub Check: All lint checks
• GitHub Check: Coverage
• GitHub Check: tests-release

🔇 Additional comments (2)

Cargo.toml (2)

257-257: Cannot verify the PR description inconsistency claim without access to the actual detailed PR description. The git history shows only a generic "cargo update" commit message.

That said, ra_ap_syntax is a legitimate dev-dependency actively used in tests/lint.rs (lines 186, 194). The version bump (0.0.310 → 0.0.312) is minor for an unstable 0.0.x API, and as a dev-dependency, the impact is limited to development tooling.

---

177-181: Verify: PR description inconsistent with version change; reqwest 0.12 → 0.13 is a minor bump, not patch.

The PR description claims this is a patch update (reqwest 0.12.26 → 0.12.28), but the actual change is a minor version bump (0.12 → 0.13). Per reqwest's 0.13 release notes, this version introduces breaking changes and makes rustls the default TLS backend instead of native-tls.

Ensure the build succeeds and validate that this minor version bump doesn't require other code changes for compatibility.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}