chore(deps): bump the cargo-dependencies group across 1 directory with 9 updates

[dependabot]

Bumps the cargo-dependencies group with 9 updates in the / directory:

Package	From	To
aws-lc-rs	1.14.1	1.15.1
rustls	0.23.34	0.23.35
vsock	0.5.1	0.5.2
aws-config	1.8.7	1.8.10
aws-credential-types	1.2.8	1.2.10
axum	0.8.6	0.8.7
clap	4.5.51	4.5.53
tracing	0.1.41	0.1.43
tracing-subscriber	0.3.20	0.3.22

Updates aws-lc-rs from 1.14.1 to 1.15.1

Release notes

Sourced from aws-lc-rs's releases.

aws-lc-rs v1.15.1

What's Changed

• Uncap HKDF salt length restriction by @​skmcgrail in aws/aws-lc-rs#951

Build Improvements

• Respect LDFLAGS in memcmp_check by @​aaronmondal and @​justsmth in aws/aws-lc-rs#958
• aws-lc-sys: make bindgen optional by @​justsmth in aws/aws-lc-rs#949

Issues Being Closed

• Build failure when targeting powerpc-unknown-linux-gnu -- #950
• Build script fails when using bazel -- #858

Other Merged PRs

• Align aws-lc-sys v0.34.0 w/ AWS-LC v1.65.0 by @​justsmth in aws/aws-lc-rs#955
• Explicit smart pointer conversion by @​justsmth in aws/aws-lc-rs#954
• Prepare aws-lc-rs v1.15.1 by @​justsmth in aws/aws-lc-rs#956

Full Changelog: aws/aws-lc-rs@v1.15.0...v1.15.1

aws-lc-rs v1.15.0

What's Changed

• Universal Binding in aws-lc-sys 🎉 by @​justsmth in aws/aws-lc-rs#896
  • Users of aws-lc-rs (non-FIPS) will no longer need to generate platform-specific bindings! This was previously a pain point for many as it added build latency and increased the tooling requirements on the build environment.
• Support for AES-CBC mode w/ no padding by @​Elvrarin in aws/aws-lc-rs#895
• New API supporting CMAC operations by @​Elvrarin in aws/aws-lc-rs#903
• Previously pub static values in our API are now pub const by @​justsmth in aws/aws-lc-rs#905

Build Improvements

• Support for NetBSD by @​justsmth in aws/aws-lc-rs#945
• Fix: Add -Wa,--noexecstack to cc_builder for assembly files (resolves #939) by @​psifertex in aws/aws-lc-rs#940
• Support +crt-static through cargo xwin by @​honsunrise and @​justsmth in aws/aws-lc-rs#938
• Set the correct runtime flags for FIPS binaries by @​elad-solomon in aws/aws-lc-rs#930
• (aws-lc-sys v0.32.2) Fix failure when CFLAGS provides -O3 by @​justsmth in aws/aws-lc-rs#900
• (aws-lc-sys v0.32.3) Fix for _FORTIFY_SOURCE by @​justsmth in aws/aws-lc-rs#906
• (aws-lc-sys v0.32.3) Drop explicit/pinned libloading dependency by @​djc in aws/aws-lc-rs#913
• (aws-lc-fips-sys v0.13.9) preserve optimization options from CFLAGS by @​justsmth in aws/aws-lc-rs#916)

Issues Being Resolved

• aws-lc-sys-0.32.3: build breaks on NetBSD -- #932
• Build failure when targeting aarch64-pc-windows-gnullvm -- #919
• digest::Algorithm definitions are defined as static instead of const -- #904
• Is it possible to support arm v7 32-bit compilation? -- #890
• Pregenerated bindings for riscv64gc-unknown-linux-musl -- #874
• ESP32 target error -- #831
• Add bindgen by default if the OS needs to rebuild it -- #769
• Consolidate FFI bindings -- #371

Other Merged PRs

• Prepare aws-lc-sys v0.32.1 by @​justsmth in aws/aws-lc-rs#898

... (truncated)

Commits

• 93f8b32 Prepare aws-lc-rs v1.15.1 (#956)
• a825b51 Respect LDFLAGS in memcmp_check (#958)
• f67e605 Explicit smart pointer conversion (#954)
• ee3917f aws-lc-sys: bindgen is optional (#949)
• cd58abe Align aws-lc-sys v0.34.0 w/ AWS-LC v1.65.0 (#955)
• 3728f18 Uncap HKDF salt length restriction (#951)
• be28b72 Bump aws-lc-fips-sys to v0.13.10 (#948)
• ce17e88 Bump aws-lc-rs to v1.15.0 (#946)
• 0c88590 Switch pub static values to pub const (#905)
• b161316 CI for NetBSD (#945)
• Additional commits viewable in compare view

Updates rustls from 0.23.34 to 0.23.35

Commits

• 7768cd2 Bump version to 0.23.35
• 6ed925e Address nightly clippy::derivable_impls lints
• 645095f Pass through attributes for enum_builder!
• 90e28d6 fix: only add ocsp in ConfigBuilder::with_single_cert_with_ocsp if
• See full diff in compare view

Updates vsock from 0.5.1 to 0.5.2

Commits

• 1ed3d1c release: v0.5.2
• 0efe61e Merge pull request #55 from rust-vsock/jalil/add-sock-dgram-support
• e5722bc fix(clippy): run clippy --fix to fix new lints
• 73da433 feat: implement UdpSocket like VsockSocket structure
• 726f744 Bump actions/checkout from 4 to 5 (#54)
• dae3915 Update nix requirement from 0.29.0 to 0.30.1
• c0f4462 Merge pull request #51 from rust-vsock/dependabot/cargo/rand-0.9.0
• 8a03a26 Fix clippy errors.
• 8843d45 Update rand requirement from 0.8.5 to 0.9.0
• See full diff in compare view

Updates aws-config from 1.8.7 to 1.8.10

Commits

• See full diff in compare view

Updates aws-credential-types from 1.2.8 to 1.2.10

Commits

• See full diff in compare view

Updates axum from 0.8.6 to 0.8.7

Release notes

Sourced from axum's releases.

axum v0.8.7

• Relax implicit Send / Sync bounds on RouterAsService, RouterIntoService (#3555)
• Make it easier to visually scan for default features (#3550)
• Fix some documentation typos

#3550: tokio-rs/axum#3550 #3555: tokio-rs/axum#3555

Commits

• 4404f27 Release axum v0.8.7 and axum-extra v0.12.2
• 8f1545a Fix typo in extractors guide (#3554)
• 4fc3faa Relax implicit Send / Sync bounds (#3555)
• a05920c Make it easier to visually scan for default features (#3550)
• 6d5e6d5 Use extensions directly in from_request_parts (#3542)
• fe607e6 Fixes wording typo (#3540)
• f9ce3e5 Release axum-extra 0.12.1
• 12e1cf9 Add back package.metadata.docs.rs for axum-extra
• 914a35a Release axum-extra 0.12.0
• e20e90d Upgrade axum-extra to prost v0.14 (#3517)
• Additional commits viewable in compare view

Updates clap from 4.5.51 to 4.5.53

Release notes

Sourced from clap's releases.

v4.5.53

[4.5.53] - 2025-11-19

Features

• Add default_values_if, default_values_ifs

v4.5.52

[4.5.52] - 2025-11-17

Fixes

• Don't panic when args_conflicts_with_subcommands conflicts with an ArgGroup

Changelog

Sourced from clap's changelog.

[4.5.53] - 2025-11-19

Features

• Add default_values_if, default_values_ifs

[4.5.52] - 2025-11-17

Fixes

• Don't panic when args_conflicts_with_subcommands conflicts with an ArgGroup

Commits

• 3716f9f chore: Release
• 613b69a docs: Update changelog
• d117f7a Merge pull request #6028 from epage/arg
• cb8255d feat(builder): Allow quoted id's for arg macro
• 1036060 Merge pull request #6025 from AldaronLau/typos-in-faq
• 2fcafc0 docs: Fix minor grammar issues in FAQ
• a380b65 Merge pull request #6023 from epage/template
• 4d7ab14 chore: Update from _rust/main template
• b8a7ea4 chore(deps): Update Rust Stable to v1.87 (#18)
• f9842b3 chore: Avoid MSRV problems out of the box
• Additional commits viewable in compare view

Updates tracing from 0.1.41 to 0.1.43

Release notes

Sourced from tracing's releases.

tracing 0.1.43

Important

The previous release [0.1.42] was yanked because #3382 was a breaking change. See further details in #3424. This release contains all the changes from that version, plus a revert for the problematic part of the breaking PR.

Fixed

• Revert "make valueset macro sanitary" (#3425)

#3382: tokio-rs/tracing#3382 #3424: tokio-rs/tracing#3424 #3425: tokio-rs/tracing#3425 [0.1.42]: https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42

tracing 0.1.42

Important

The [Span::record_all] method has been removed from the documented API. It was always unsuable via the documented API as it requried a ValueSet which has no publically documented constructors. The method remains, but should not be used outside of tracing macros.

Added

• attributes: Support constant expressions as instrument field names (#3158)
• Add record_all! macro for recording multiple values in one call (#3227)
• core: Improve code generation at trace points significantly (#3398)

Changed

• tracing-core: updated to 0.1.35 (#3414)
• tracing-attributes: updated to 0.1.31 (#3417)

Fixed

• Fix "name / parent" variant of event! (#2983)
• Remove 'r#' prefix from raw identifiers in field names (#3130)
• Fix perf regression when release_max_level_* not set (#3373)
• Use imported instead of fully qualified path (#3374)
• Make valueset macro sanitary (#3382)

Documented

• core: Add missing dyn keyword in Visit documentation code sample (#3387)

#2983: tokio-rs/tracing#2983 #3130: tokio-rs/tracing#3130 #3158: tokio-rs/tracing#3158

... (truncated)

Commits

• 64e1c8d chore: prepare tracing 0.1.43 (#3427)
• 7c44f7b tracing: revert "make valueset macro sanitary" (#3425)
• cdaf661 chore: prepare tracing-mock 0.1.0-beta.2 (#3422)
• a164fd3 chore: prepare tracing-journald 0.3.2 (#3421)
• 405397b chore: prepare tracing-appender 0.2.4 (#3420)
• a9eeed7 chore: prepare tracing-subscriber 0.3.21 (#3419)
• 5bd5505 chore: prepare tracing 0.1.42 (#3418)
• 5508623 chore: prepare tracing-attributes 0.1.31 (#3417)
• d92b4c0 chore: prepare tracing-core 0.1.35 (#3414)
• 9751b6e chore: run tracing-subscriber tests with all features (#3412)
• Additional commits viewable in compare view

Updates tracing-subscriber from 0.3.20 to 0.3.22

Release notes

Sourced from tracing-subscriber's releases.

tracing-subscriber 0.3.22

Important

The previous release [0.3.21] was yanked as it depended explicitly on [tracing-0.1.42], which was yanked due to a breaking change (see #3424 for details). This release contains all the changes from the previous release, plus an update to the newer version of tracing.

Changed

• tracing: updated to 0.1.43 (#3427)

#3424: tokio-rs/tracing#3424 #3427: tokio-rs/tracing#3427 [0.3.21]: https://github.com/tokio-rs/tracing/releases/tag/tracing-subscriber-0.3.21 [tracing-0.1.42]: https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42

tracing-subscriber 0.3.21

Fixed

• Change registry exit to decrement local span ref only (#3331)
• Make Layered propagate on_register_dispatch (#3379)

Changed

• tracing: updated to 0.1.42 (#3418)

Performance

• Remove clone_span on enter (#3289)

Documented

• Fix a few small things in the format module (#3339)
• Fix extra closing brace in layer docs (#3350)
• Fix link in FmtSpan docs (#3411)

#3289: tokio-rs/tracing#3289 #3331: tokio-rs/tracing#3331 #3339: tokio-rs/tracing#3339 #3350: tokio-rs/tracing#3350 #3379: tokio-rs/tracing#3379 #3411: tokio-rs/tracing#3411 #3418: tokio-rs/tracing#3418

Commits

• cc44064 chore: prepare tracing-subscriber 0.3.22 (#3428)
• 64e1c8d chore: prepare tracing 0.1.43 (#3427)
• 7c44f7b tracing: revert "make valueset macro sanitary" (#3425)
• cdaf661 chore: prepare tracing-mock 0.1.0-beta.2 (#3422)
• a164fd3 chore: prepare tracing-journald 0.3.2 (#3421)
• 405397b chore: prepare tracing-appender 0.2.4 (#3420)
• a9eeed7 chore: prepare tracing-subscriber 0.3.21 (#3419)
• 5bd5505 chore: prepare tracing 0.1.42 (#3418)
• 5508623 chore: prepare tracing-attributes 0.1.31 (#3417)
• d92b4c0 chore: prepare tracing-core 0.1.35 (#3414)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions