Bump the dependencies group across 1 directory with 13 updates

[dependabot]

Bumps the dependencies group with 8 updates in the / directory:

Package	From	To
tokio	1.47.1	1.48.0
serde	1.0.226	1.0.228
config	0.14.1	0.15.18
aws-config	1.8.6	1.8.7
aws-sdk-secretsmanager	1.88.0	1.90.0
serde_with	3.14.1	3.15.0
thiserror	2.0.16	2.0.17
rustls	0.23.32	0.23.33

Updates tokio from 1.47.1 to 1.48.0

Release notes

Sourced from tokio's releases.

Tokio v1.48.0

1.48.0 (October 14th, 2025)

The MSRV is increased to 1.71.

Added

• fs: add File::max_buf_size (#7594)
• io: export Chain of AsyncReadExt::chain (#7599)
• net: add SocketAddr::as_abstract_name (#7491)
• net: add TcpStream::quickack and TcpStream::set_quickack (#7490)
• net: implement AsRef<Self> for TcpStream and UnixStream (#7573)
• task: add LocalKey::try_get (#7666)
• task: implement Ord for task::Id (#7530)

Changed

• deps: bump windows-sys to version 0.61 (#7645)
• fs: preserve max_buf_size when cloning a File (#7593)
• macros: suppress clippy::unwrap_in_result in #[tokio::main] (#7651)
• net: remove PollEvented noise from Debug formats (#7675)
• process: upgrade Command::spawn_with to use FnOnce (#7511)
• sync: remove inner mutex in SetOnce (#7554)
• sync: use UnsafeCell::get_mut in Mutex::get_mut and RwLock::get_mut (#7569)
• time: reduce the generated code size of Timeout<T>::poll (#7535)

Fixed

• macros: fix hygiene issue in join! and try_join! (#7638)
• net: fix copy/paste errors in udp peek methods (#7604)
• process: fix error when runtime is shut down on nightly-2025-10-12 (#7672)
• runtime: use release ordering in wake_by_ref() even if already woken (#7622)
• sync: close the broadcast::Sender in broadcast::Sender::new() (#7629)
• sync: fix implementation of unused RwLock::try_* methods (#7587)

Unstable

• tokio: use cargo features instead of --cfg flags for taskdump and io_uring (#7655, #7621)
• fs: support io_uring in fs::write (#7567)
• fs: support io_uring with File::open() (#7617)
• fs: support io_uring with OpenOptions (#7321)
• macros: add local runtime flavor (#7375, #7597)

Documented

• io: clarify the zero capacity case of AsyncRead::poll_read (#7580)
• io: fix typos in the docs of AsyncFd readiness guards (#7583)
• net: clarify socket gets closed on drop (#7526)
• net: clarify the behavior of UCred::pid() on Cygwin (#7611)
• net: clarify the supported platform of set_reuseport() and reuseport() (#7628)

... (truncated)

Commits

• 556820f chore: prepare Tokio v1.48.0 (#7677)
• fd1659a chore: prepare tokio-macros v2.6.0 (#7676)
• 53e8aca ci: update nightly version to 2025-10-12 (#7670)
• 9e5527d process: fix error when runtime is shut down on nightly-2025-10-12 (#7672)
• 25a24de net: remove PollEvented noise from Debug formats (#7675)
• c1fa25f task: clarify the behavior of several spawn_local methods (#7669)
• e7e02fc fs: use FileOptions inside fs::File to support uring (#7617)
• f7a7f62 ci: remove cargo-deny Unicode-DFS-2016 license exception config (#7619)
• d1f1499 tokio: use cargo feature for taskdump support instead of cfg (#7655)
• ad6f618 runtime: clarify the behavior of Handle::block_on (#7665)
• Additional commits viewable in compare view

Updates serde from 1.0.226 to 1.0.228

Release notes

Sourced from serde's releases.

v1.0.228

• Allow building documentation with RUSTDOCFLAGS='--cfg=docsrs' set for the whole dependency graph (#2995)

v1.0.227

• Documentation improvements (#2991)

Commits

• a866b33 Release 1.0.228
• 5adc9e8 Merge pull request #2995 from dtolnay/rustdocflags
• ab58178 Workaround for RUSTDOCFLAGS='--cfg=docsrs'
• 415d9fc Release 1.0.227
• 7c58427 Merge pull request #2991 from dtolnay/inlinecoredoc
• 9d3410e Merge pull request #2992 from dtolnay/inplaceseed
• 2fb6748 Remove InPlaceSeed public re-export
• f8137c7 Inline serde_core into serde in docsrs mode
• b7dbf7e Merge pull request #2990 from dtolnay/integer128
• 7c83691 No longer macro_use integer128 module
• Additional commits viewable in compare view

Updates serde_derive from 1.0.226 to 1.0.228

Release notes

Sourced from serde_derive's releases.

v1.0.228

• Allow building documentation with RUSTDOCFLAGS='--cfg=docsrs' set for the whole dependency graph (#2995)

v1.0.227

• Documentation improvements (#2991)

Commits

• a866b33 Release 1.0.228
• 5adc9e8 Merge pull request #2995 from dtolnay/rustdocflags
• ab58178 Workaround for RUSTDOCFLAGS='--cfg=docsrs'
• 415d9fc Release 1.0.227
• 7c58427 Merge pull request #2991 from dtolnay/inlinecoredoc
• 9d3410e Merge pull request #2992 from dtolnay/inplaceseed
• 2fb6748 Remove InPlaceSeed public re-export
• f8137c7 Inline serde_core into serde in docsrs mode
• b7dbf7e Merge pull request #2990 from dtolnay/integer128
• 7c83691 No longer macro_use integer128 module
• Additional commits viewable in compare view

Updates config from 0.14.1 to 0.15.18

Changelog

Sourced from config's changelog.

[0.15.18] - 2025-09-30

Fixes

• Improve consistency between missing field error messages

[0.15.17] - 2025-09-24

Features

• corn file format support

[0.15.16] - 2025-09-15

Performance

• Allow more build parallelism by depending on serde_core

[0.15.15] - 2025-08-29

Fixes

• (json5) Correctly deserialize null (regressed in 0.15.14)

[0.15.14] - 2025-08-12

Performance

• (json5) Reduce overhead when loading json5 files

[0.15.13] - 2025-07-09

Fixes

• Skip UTF-8 BOMs when reading files

[0.15.12] - 2025-07-08

Performance

• Upgrade to toml v0.9

[0.15.11] - 2025-03-12

Features

• Deserialize YAML real keys as strings

[0.15.10] - 2025-03-12

... (truncated)

Commits

• 58a9c74 chore: Release config version 0.15.18
• 87c726f docs: Update changelog
• fd203fb feat: Improve errors from try_deserialize (#695)
• a227d43 chore: Update from _rust template (#699)
• 8985729 chore: Update from _rust template
• 753165a feat: Improve error from try_deserialize
• f218f4a docs(docsrs): Update to new doc_cfg feature name
• 26fa590 feat: Improve error message on missing property
• 88c2ed1 docs(readme): Include corn
• d652aae chore: Release config version 0.15.17
• Additional commits viewable in compare view

Updates aws-config from 1.8.6 to 1.8.7

Commits

• See full diff in compare view

Updates aws-sdk-secretsmanager from 1.88.0 to 1.90.0

Commits

• See full diff in compare view

Updates aws-smithy-runtime-api from 1.9.0 to 1.9.1

Commits

• See full diff in compare view

Updates aws-sdk-sts from 1.86.0 to 1.88.0

Commits

• See full diff in compare view

Updates aws-smithy-runtime from 1.9.2 to 1.9.3

Commits

• See full diff in compare view

Updates aws-smithy-types from 1.3.2 to 1.3.3

Commits

• See full diff in compare view

Updates serde_with from 3.14.1 to 3.15.0

Release notes

Sourced from serde_with's releases.

serde_with v3.15.0

Added

• Added error inspection to VecSkipError and MapSkipError by @​michelhe (#878) This allows interacting with the previously hidden error, for example for logging. Checkout the newly added example to both types.

• Allow documenting the types generated by serde_conv!. The serde_conv! macro now acceps outer attributes before the optional visibility modifier. This allow adding doc comments in the shape of #[doc = "..."] or any other attributes, such as lint modifiers.

  serde_conv!(
      #[doc = "Serialize bools as string"]
      #[allow(dead_code)]
      pub BoolAsString,
      bool,
      |x: &bool| ::std::string::ToString::to_string(x),
      |x: ::std::string::String| x.parse()
  );

• Add support for hashbrown v0.16 (#877)

  This extends the existing support for hashbrown v0.14 and v0.15 to the newly released version.

Changed

• Bump MSRV to 1.76, since that is required for toml dev-dependency.

Commits

• ea38dce Bump version to 3.15.0 (#892)
• a3da8e6 Bump version to 3.15.0
• c36e692 Bump dev-dependencies (#891)
• ae8466d Bump dev-dependencies
• f7337ff Support serde_core and remove dependencies on serde_derive (#889)
• c1d73b3 Replace serde with serde_core in all files
• 320d292 Remove dependency on serde_derive
• dca6df8 Remove version-sync crate and reimplement needed functionality with regex and...
• 6c6e53f Remove version-sync crate and reimplement needed functionality with regex and...
• f64ea40 Add support for hashbrown v0.16 (#888)
• Additional commits viewable in compare view

Updates thiserror from 2.0.16 to 2.0.17

Release notes

Sourced from thiserror's releases.

2.0.17

• Use differently named __private module per patch release (#434)

Commits

• 72ae716 Release 2.0.17
• 599fdce Merge pull request #434 from dtolnay/private
• 9ec05f6 Use differently named __private module per patch release
• d2c492b Raise minimum tested compiler to rust 1.76
• fc3ab95 Opt in to generate-macro-expansion when building on docs.rs
• 819fe29 Update ui test suite to nightly-2025-09-12
• 259f48c Enforce trybuild >= 1.0.108
• 470e6a6 Update ui test suite to nightly-2025-08-24
• 544e191 Update actions/checkout@v4 -> v5
• cbc1eba Delete duplicate cap-lints flag from build script
• See full diff in compare view

Updates rustls from 0.23.32 to 0.23.33

Commits

• b4597ca Prepare 0.23.33
• 667a71d Reset KeyUpdate counter on AppData
• 48b2fd9 Support encryption for QUIC multipath
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.