chore(deps): bump the rust-minor group across 1 directory with 7 updates

[dependabot]

Bumps the rust-minor group with 7 updates in the / directory:

Package	From	To
serde_json	1.0.149	1.0.150
dashmap	6.1.0	6.2.1
memchr	2.8.0	2.8.1
rayon	1.11.0	1.12.0
bumpalo	3.20.2	3.20.3
clap	4.6.0	4.6.1
json-patch	4.1.0	4.2.0

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Updates dashmap from 6.1.0 to 6.2.1

Release notes

Sourced from dashmap's releases.

v6.2.1

This is an interim maintenance release for the existing v6 branch before v7 can be released. This bumps the MSRV to 1.85 and updates dependencies to their latest versions.

Commits

• 749ed1f v6.2.1
• d02b945 v6.2.0
• b983625 update dependencies
• 94a294a bump msrv to 1.85
• See full diff in compare view

Updates memchr from 2.8.0 to 2.8.1

Commits

• ff7dca7 2.8.1
• 016878a target: fix aarch64_be endianness bug
• ee18717 docs: add AI policy for contributors
• db1a77d build(deps): bump actions/checkout in the actions group (#212)
• c8abbe1 Hash-pin all actions, drop persisted credentials (#210)
• 24f5daa lint: fix clippy get_first
• 1708355 lint: fix clippy question_mark
• 5b86d0c lint: fix clippy clone_on_copy
• See full diff in compare view

Updates rayon from 1.11.0 to 1.12.0

Changelog

Sourced from rayon's changelog.

Release rayon 1.12.0 (2026-04-13)

• Fixed a bug in parallel Range<char> when the end is 0xE000, just past the surrogate boundary, which was unsafely producing invalid char values.
• The new method ParallelSlice::par_array_windows works like par_windows but with a constant length, producing &[T; N] items.

Commits

• 7449d7d Merge #1093
• b3d9e3f Release rayon 1.8.0 and rayon-core 1.12.0
• 3fe51e5 Fix clippy::let_and_return
• 082f215 Merge #1087
• ea0c06d core: registry: Factor out "wait till out of work" part of the main loop.
• 75524e2 Merge #1063
• 01d2800 Ignore the multi-threaded test on emscripten/wasm
• 40b59c0 core: Make use_current_thread error rather than panic when already in the pool.
• f4db4d7 core: tests: Add some basic tests for ThreadPoolBuilder::use_current_thread.
• 87274ad core: registry: Add some more documentation for ThreadPoolBuilder::use_curren...
• Additional commits viewable in compare view

Updates bumpalo from 3.20.2 to 3.20.3

Changelog

Sourced from bumpalo's changelog.

3.20.3

Released 2026-05-22.

Fixed

• Fixed the try_alloc_slice_fill_with, alloc_slice_try_fill_with, alloc_slice_fill_with methods to properly rewind the bump pointer on allocation, initialization, and panic failure and avoid wasting bump capacity.
• Fixed a drop bug in bumpalo::collections::vec::DrainFilter (used by retain and retain_mut) when the predicate panics.

---

Commits

• 84654ac Rewind on slice allocation failure (#324)
• 5325624 Fix a couple bugs (#323)
• fcf8370 Fix UB in Allocator::grow_zeroed (#321)
• 657caf8 test: fix test for OOM instead of overflow (#320)
• 1db9be9 fix: fix typo in comment (#318)
• a47f6d6 fix: bump pointer/bump chunk debug assertion (#313)
• 0b12966 Update Cargo.toml with keywords (#303)
• See full diff in compare view

Updates clap from 4.6.0 to 4.6.1

Release notes

Sourced from clap's releases.

v4.6.1

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Changelog

Sourced from clap's changelog.

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Commits

• 1420275 chore: Release
• d2c817d docs: Update changelog
• f88c94e Merge pull request #6341 from epage/sep
• acbb822 fix(complete): Reduce risk of conflict with actual subcommands
• a49fadb refactor(complete): Pull out subcommand separator
• ddc008b Merge pull request #6332 from epage/update
• 497dc50 chore: Update compatible dependencies
• dca2326 Merge pull request #6331 from clap-rs/renovate/j178-prek-action-2.x
• 54bdaa3 chore(deps): Update j178/prek-action action to v2
• f0d30d9 chore: Release
• Additional commits viewable in compare view

Updates json-patch from 4.1.0 to 4.2.0

Commits

• 1b0f707 chore: Release json-patch version 4.2.0
• e401ec9 chore: update test snapshots
• f5ee2a4 chore: update cargo-tarpaulin
• 3a33036 Update to thiserror 2
• e8ea209 Exclude development scripts from published package
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

✅ Benchmark Results: No significant regressions

Click to expand benchmark comparison

group                                         main                                    pr
-----                                         ----                                    --
diff_patch_merge/crdt_lww/batch/10            1.16     36.4±4.80ns        ? ?/sec     1.00     31.3±0.61ns        ? ?/sec
diff_patch_merge/crdt_max_min/max_batch/10    1.16     73.8±7.78ns        ? ?/sec     1.00     63.4±0.71ns        ? ?/sec
format/comparison/toml/simd                   1.00      2.7±0.03µs 359.9 KElem/sec    1.29      3.5±0.03µs 278.0 KElem/sec
format/toon/parsing/simd_scan/medium          1.00     10.5±0.07µs   367.2 MB/sec     1.21     12.7±0.19µs   303.9 MB/sec
format/yaml/features/anchor_detection         1.35      3.3±0.10µs  1334.4 MB/sec     1.00      2.5±0.03µs  1795.9 MB/sec
format/yaml/parsing/simd_scan/large           1.26     49.3±0.39µs   461.3 MB/sec     1.00     39.1±0.64µs   580.7 MB/sec
format/yaml/parsing/simd_scan/medium          1.27      4.8±0.03µs   466.0 MB/sec     1.00      3.8±0.05µs   589.7 MB/sec
format/yaml/parsing/simd_scan/small           1.31    439.8±2.40ns   518.3 MB/sec     1.00    334.9±2.46ns   680.5 MB/sec
format/yaml/parsing/structural/large          1.00     30.6±1.25µs   743.8 MB/sec     1.17     35.8±0.39µs   634.3 MB/sec
streaming/simd_comparison/simd_batch/100      1.00     29.7±0.22µs   375.1 MB/sec     1.18     35.1±0.64µs   318.2 MB/sec

Threshold: 15% regression triggers warning

---

Benchmarks compare this PR against main branch

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.