chore(deps): bump the versions group across 1 directory with 9 updates

[dependabot]

Bumps the versions group with 9 updates in the / directory:

Package	From	To
http	1.3.1	1.4.0
prost	0.14.1	0.14.3
tonic-prost	0.14.2	0.14.3
thiserror	2.0.16	2.0.18
tokio	1.47.1	1.49.0
tokio-stream	0.1.17	0.1.18
tonic	0.14.2	0.14.3
zeroize	1.8.1	1.8.2
tonic-prost-build	0.14.2	0.14.3

Updates http from 1.3.1 to 1.4.0

Release notes

Sourced from http's releases.

v1.4.0

Highlights

• Add StatusCode::EARLY_HINTS constant for 103 Early Hints.
• Make StatusCode::from_u16 now a const fn.
• Make Authority::from_static now a const fn.
• Make PathAndQuery::from_static now a const fn.
• MSRV increased to 1.57 (allows legible const fn panic messages).

What's Changed

• Updated Rand dependency to v0.9.1 by @​FarzadMohtasham in hyperium/http#763
• Fix compilation on latest nightly by @​akonradi-signal in hyperium/http#769
• Avoid unnecessary .expect()s for empty HeaderMap by @​akonradi-signal in hyperium/http#768
• feat: show types in Extensions debug output by @​crepererum in hyperium/http#773
• Docs: Clarify the HeaderMap documentaion by @​Sol-Ell in hyperium/http#774
• style: update format for tests by @​seanmonstar in hyperium/http#782
• Make StatusCode::from_u16 const by @​coolreader18 in hyperium/http#761
• docs: Fix typo 'an' to 'and' in http::status module documentation by @​zxzxovo in hyperium/http#784
• fix: Prevent panic in try_reserve/try_with_capacity on capacity overflow by @​AriajSarkar in hyperium/http#787
• fix: Add reserve() to Extend impl for (Option, T)) by @​AriajSarkar in hyperium/http#788
• chore: minor improvement for docs by @​claudecodering in hyperium/http#790
• chore: bump MSRV to 1.57 by @​seanmonstar in hyperium/http#793
• Add EARLY_HINTS status code by @​mdevino in hyperium/http#758
• refactor(header): use better panic message in const HeaderName and HeaderValue by @​seanmonstar in hyperium/http#797
• docs: remove unnecessary extern crate sentence by @​tottoto in hyperium/http#799
• chore(ci): update to actions/checkout@v5 by @​tottoto in hyperium/http#800
• feat(uri): make Authority/PathAndQuery::from_static const by @​WaterWhisperer in hyperium/http#786
• refactor(header): inline FNV hasher to reduce dependencies by @​seanmonstar in hyperium/http#796
• v1.4.0 by @​seanmonstar in hyperium/http#803

New Contributors

• @​FarzadMohtasham made their first contribution in hyperium/http#763
• @​akonradi-signal made their first contribution in hyperium/http#769
• @​crepererum made their first contribution in hyperium/http#773
• @​Sol-Ell made their first contribution in hyperium/http#774
• @​coolreader18 made their first contribution in hyperium/http#761
• @​zxzxovo made their first contribution in hyperium/http#784
• @​AriajSarkar made their first contribution in hyperium/http#787
• @​claudecodering made their first contribution in hyperium/http#790
• @​mdevino made their first contribution in hyperium/http#758
• @​WaterWhisperer made their first contribution in hyperium/http#786

Full Changelog: hyperium/http@v1.3.1...v1.4.0

Changelog

Sourced from http's changelog.

1.4.0 (November 24, 2025)

• Add StatusCode::EARLY_HINTS constant for 103 Early Hints.
• Make StatusCode::from_u16 now a const fn.
• Make Authority::from_static now a const fn.
• Make PathAndQuery::from_static now a const fn.
• MSRV increased to 1.57 (allows legible const fn panic messages).

Commits

• b9625d8 v1.4.0
• 50b009c refactor(header): inline FNV hasher to reduce dependencies (#796)
• b370d36 feat(uri): make Authority/PathAndQuery::from_static const (#786)
• 0d74251 chore(ci): update to actions/checkout@v5 (#800)
• a760767 docs: remove unnecessary extern crate sentence (#799)
• fb1d457 refactor(header): use better panic message in const HeaderName and HeaderValu...
• 20dbd6e feat(status): Add 103 EARLY_HINTS status code (#758)
• e7a7337 chore: bump MSRV to 1.57
• 1888e28 tests: downgrade rand back to 0.8 for now
• 918bbc3 chore: minor improvement for docs (#790)
• Additional commits viewable in compare view

Updates prost from 0.14.1 to 0.14.3

Changelog

Sourced from prost's changelog.

Prost version 0.14.2

PROST! is a Protocol Buffers implementation for the Rust Language. prost generates simple, idiomatic Rust code from proto2 and proto3 files.

⚠️ Heads-up

• Increase MSRV to 1.82 (#1356)

• Update maintenance status to Passively Maintained (#1359)

  This excerpt is from the readme:

  The current maintainer is not contributing new features and doesn't have the time to review new features. Bug fixes and small improvements are welcome. Feel free to contribute small and easily reviewable PRs.

  Bug fixes are still important, and security fixes will be released as soon as possible. Contact the #prost channel in Tokio discord if you feel a bug or security fix is not getting enough attention.

  The maintainer expects the official protobuf project to release their rust library soon and expects it to be as fully featured as the C++ library. See their source code and crate for more information.

🚀 Features

• Configure prost path via prost_build::Config or #[(prost(prost_path = "::prost")] (#1274)
• Support for deprecated enum and oneof fields (#1316)

🐛 Bug Fixes

• (prost-build) Resolve OneOf type name conflict with embedded message (#1294)
• (prost-build) Avoid OneOf type collision with enums and keyword names (#1341)

💼 Dependencies

• Use trait Error from core (#1179)
• (deps) Update protobuf to v25.8 (#1323)
• (deps) Update criterion requirement from 0.6 to 0.7 (#1308)
• (deps) Update petgraph to 0.8 (#1327)
• (deps) Bump actions/upload-artifact from 4 to 5 (#1351)
• (deps) Bump actions/checkout from 5 to 6 (#1370)
• Bump actions/checkout to v5 (#1312)
• Update clippy to version 1.87 (#1292)
• Replace once_cell dependency by std lib (#1119)

📚 Documentation

• Update outdated link is test documentation (#1289)
• Describe use of encoding module (#1322)
• Update the readme MSRV to the actual number (#1331)
• Update URLs after manual review (#1336)
• Answer why fields are wrapped in option (#1358)

🎨 Styling

• Add spaces to derive arguments in generated code (#1290)
• Use variables directly in the format! string (#1293)

... (truncated)

Commits

• fafa97f chore: remove protobuf submodule and leverage cmake for it (#1389)
• e0643e2 release 0.14.3
• 5595b61 fix: Add back DecodeError::new (#1382)
• e42dcad Bufix: Name::full_name() is correct for empty packages (#1386)
• 107153f build(deps): update pulldown-cmark-to-cmark requirement from 21 to 22 (#1384)
• 3fc7003 build(deps): bump actions/upload-artifact from 5 to 6 (#1381)
• 33f8721 fix some forgotten prost import paths (#1385)
• efb0755 chore: Release version 0.14.2 (#1372)
• 91a093f test(derive_copy): Allow dead code (#1362)
• 2c22c59 build(deps): bump actions/checkout from 5 to 6 (#1370)
• Additional commits viewable in compare view

Updates tonic-prost from 0.14.2 to 0.14.3

Release notes

Sourced from tonic-prost's releases.

v0.14.3

Features

• Expose tcp_keepalive_interval and tcp_keepalive_retries options on Server (#2472)
• Allow configuration of max_local_error_reset_streams on Server (#2437)
• Put source error into the Display impl of Status (#2417)
• Server::default() now sets TCP_NODELAY to true (#2413)

Bug Fixes

• Respect max_message_size when decompressing a message (#2484)
• Depend on http at least 1.1.0 (#2426)

Documentation

• Fix documentation links for timeout configuration (#2483)
• Fix documentation typos and grammar issues in status.rs and codec/mod.rs (#2468)
• Fix labels in Display for Status (#2414)
• Fix features docs in tonic-build and tonic-prost-build (#2434)
• Remove redundant word in tonic-build and tonic-prost-build README (#2425)

Commits

• ed4bafc Prepare v0.14.3 release (#2489)
• 71ec583 Remove metadata from tonic::Status Display impl. (#2481)
• 164c548 chore(ci): Update to cargo-check-external-types 0.4.0 (#2470)
• c1e6206 fix(tonic): respect max_message_size when decompressing a message (#2484)
• a58c291 feat(xds): initial structures for tonic-xds (#2482)
• 2e68a2c chore(doc): Fix documentation links for timeout configuration (#2483)
• 7e98e1f Separate channel creation and state probe, and error handling thereof. (#2465)
• 54fab77 feat(xds): implement tonic-based transport and prost-based codec (#2475)
• d61bc56 chore(ci): increase server start up wait time in interop test (#2473)
• d112d09 feat(xds): add public APIs for xds-client (#2464)
• Additional commits viewable in compare view

Updates thiserror from 2.0.16 to 2.0.18

Release notes

Sourced from thiserror's releases.

2.0.18

• Make compatible with project-level needless_lifetimes = "forbid" (#443, thanks @​LucaCappelletti94)

2.0.17

• Use differently named __private module per patch release (#434)

Commits

• dc0f6a2 Release 2.0.18
• 0275292 Touch up PR 443
• 3c33bc6 Merge pull request #443 from LucaCappelletti94/master
• 995939c Reproduce issue 442
• 21653d1 Made clippy lifetime allows conditional
• 45e5388 Update actions/upload-artifact@v5 -> v6
• 386aac1 Update actions/upload-artifact@v4 -> v5
• ec50561 Update actions/checkout@v5 -> v6
• 247eab5 Update name of empty_enum clippy lint
• 91b181f Raise required compiler to Rust 1.68
• Additional commits viewable in compare view

Updates tokio from 1.47.1 to 1.49.0

Release notes

Sourced from tokio's releases.

Tokio v1.49.0

1.49.0 (January 3rd, 2026)

Added

• net: add support for TCLASS option on IPv6 (#7781)
• runtime: stabilize runtime::id::Id (#7125)
• task: implement Extend for JoinSet (#7195)
• task: stabilize the LocalSet::id() (#7776)

Changed

• net: deprecate {TcpStream,TcpSocket}::set_linger (#7752)

Fixed

• macros: fix the hygiene issue of join! and try_join! (#7766)
• runtime: revert "replace manual vtable definitions with Wake" (#7699)
• sync: return TryRecvError::Disconnected from Receiver::try_recv after Receiver::close (#7686)
• task: remove unnecessary trait bounds on the Debug implementation (#7720)

Unstable

• fs: handle EINTR in fs::write for io-uring (#7786)
• fs: support io-uring with tokio::fs::read (#7696)
• runtime: disable io-uring on EPERM (#7724)
• time: add alternative timer for better multicore scalability (#7467)

Documented

• docs: fix a typos in bounded.rs and park.rs (#7817)
• io: add SyncIoBridge cross-references to copy and copy_buf (#7798)
• io: doc that AsyncWrite does not inherit from std::io::Write (#7705)
• metrics: clarify that num_alive_tasks is not strongly consistent (#7614)
• net: clarify the cancellation safety of the TcpStream::peek (#7305)
• net: clarify the drop behavior of unix::OwnedWriteHalf (#7742)
• net: clarify the platform-dependent backlog in TcpSocket docs (#7738)
• runtime: mention LocalRuntime in new_current_thread docs (#7820)
• sync: add missing period to mpsc::Sender::try_send docs (#7721)
• sync: clarify the cancellation safety of oneshot::Receiver (#7780)
• sync: improve the docs for the errors of mpsc (#7722)
• task: add example for spawn_local usage on local runtime (#7689)

#7125: tokio-rs/tokio#7125 #7195: tokio-rs/tokio#7195 #7305: tokio-rs/tokio#7305 #7467: tokio-rs/tokio#7467 #7614: tokio-rs/tokio#7614 #7686: tokio-rs/tokio#7686 #7689: tokio-rs/tokio#7689

... (truncated)

Commits

• e3b89bb chore: prepare Tokio v1.49.0 (#7824)
• 4f577b8 Merge 'tokio-1.47.3' into 'master'
• f320197 chore: prepare Tokio v1.47.3 (#7823)
• ea6b144 ci: freeze rustc on nightly-2025-01-25 in netlify.toml (#7652)
• 264e703 Merge tokio-1.43.4 into tokio-1.47.x (#7822)
• dfb0f00 chore: prepare Tokio v1.43.4 (#7821)
• 4a91f19 ci: fix wasm32-wasip1 tests (#7788)
• 601c383 ci: upgrade FreeBSD from 14.2 to 14.3 (#7758)
• 484cb52 sync: return TryRecvError::Disconnected from Receiver::try_recv after `Re...
• 16f20c3 rt: mention LocalRuntime in new_current_thread docs (#7820)
• Additional commits viewable in compare view

Updates tokio-stream from 0.1.17 to 0.1.18

Commits

• 60b083b chore: prepare tokio-stream 0.1.18 (#7830)
• 9cc02cc chore: prepare tokio-util 0.7.18 (#7829)
• d2799d7 task: improve the docs of Builder::spawn_local (#7828)
• 4d4870f task: doc that task drops before JoinHandle completion (#7825)
• fdb1509 fs: check for io-uring opcode support (#7815)
• 426a562 rt: remove allow(dead_code) after JoinSet stabilization (#7826)
• e3b89bb chore: prepare Tokio v1.49.0 (#7824)
• 4f577b8 Merge 'tokio-1.47.3' into 'master'
• f320197 chore: prepare Tokio v1.47.3 (#7823)
• ea6b144 ci: freeze rustc on nightly-2025-01-25 in netlify.toml (#7652)
• Additional commits viewable in compare view

Updates tonic from 0.14.2 to 0.14.3

Release notes

Sourced from tonic's releases.

v0.14.3

Features

• Expose tcp_keepalive_interval and tcp_keepalive_retries options on Server (#2472)
• Allow configuration of max_local_error_reset_streams on Server (#2437)
• Put source error into the Display impl of Status (#2417)
• Server::default() now sets TCP_NODELAY to true (#2413)

Bug Fixes

• Respect max_message_size when decompressing a message (#2484)
• Depend on http at least 1.1.0 (#2426)

Documentation

• Fix documentation links for timeout configuration (#2483)
• Fix documentation typos and grammar issues in status.rs and codec/mod.rs (#2468)
• Fix labels in Display for Status (#2414)
• Fix features docs in tonic-build and tonic-prost-build (#2434)
• Remove redundant word in tonic-build and tonic-prost-build README (#2425)

Commits

• ed4bafc Prepare v0.14.3 release (#2489)
• 71ec583 Remove metadata from tonic::Status Display impl. (#2481)
• 164c548 chore(ci): Update to cargo-check-external-types 0.4.0 (#2470)
• c1e6206 fix(tonic): respect max_message_size when decompressing a message (#2484)
• a58c291 feat(xds): initial structures for tonic-xds (#2482)
• 2e68a2c chore(doc): Fix documentation links for timeout configuration (#2483)
• 7e98e1f Separate channel creation and state probe, and error handling thereof. (#2465)
• 54fab77 feat(xds): implement tonic-based transport and prost-based codec (#2475)
• d61bc56 chore(ci): increase server start up wait time in interop test (#2473)
• d112d09 feat(xds): add public APIs for xds-client (#2464)
• Additional commits viewable in compare view

Updates zeroize from 1.8.1 to 1.8.2

Commits

• c100874 zeroize v1.8.2 (#1229)
• 3940ccb Switch from doc_auto_cfg to doc_cfg (#1228)
• c68a520 Fix Nightly warnings (#1080)
• b15cc6c cargo: point repository metadata to clonable URLs (#1079)
• 3db6690 zeroize: fix homepage/repository in Cargo.toml (#1076)
• See full diff in compare view

Updates tonic-prost-build from 0.14.2 to 0.14.3

Release notes

Sourced from tonic-prost-build's releases.

v0.14.3

Features

• Expose tcp_keepalive_interval and tcp_keepalive_retries options on Server (#2472)
• Allow configuration of max_local_error_reset_streams on Server (#2437)
• Put source error into the Display impl of Status (#2417)
• Server::default() now sets TCP_NODELAY to true (#2413)

Bug Fixes

• Respect max_message_size when decompressing a message (#2484)
• Depend on http at least 1.1.0 (#2426)

Documentation

• Fix documentation links for timeout configuration (#2483)
• Fix documentation typos and grammar issues in status.rs and codec/mod.rs (#2468)
• Fix labels in Display for Status (#2414)
• Fix features docs in tonic-build and tonic-prost-build (#2434)
• Remove redundant word in tonic-build and tonic-prost-build README (#2425)

Commits

• ed4bafc Prepare v0.14.3 release (#2489)
• 71ec583 Remove metadata from tonic::Status Display impl. (#2481)
• 164c548 chore(ci): Update to cargo-check-external-types 0.4.0 (#2470)
• c1e6206 fix(tonic): respect max_message_size when decompressing a message (#2484)
• a58c291 feat(xds): initial structures for tonic-xds (#2482)
• 2e68a2c chore(doc): Fix documentation links for timeout configuration (#2483)
• 7e98e1f Separate channel creation and state probe, and error handling thereof. (#2465)
• 54fab77 feat(xds): implement tonic-based transport and prost-based codec (#2475)
• d61bc56 chore(ci): increase server start up wait time in interop test (#2473)
• d112d09 feat(xds): add public APIs for xds-client (#2464)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions