chore(deps): bump the production-dependencies group with 8 updates

[dependabot]

Bumps the production-dependencies group with 8 updates:

Package	From	To
geojson	0.24.2	1.0.0
geozero	0.14.0	0.15.1
jsonschema	0.33.0	0.46.4
sqlparser	0.58.0	0.62.0
wasm-bindgen	0.2.120	0.2.121
web-sys	0.3.97	0.3.98
wasm-bindgen-test	0.3.70	0.3.71
js-sys	0.3.97	0.3.98

Updates geojson from 0.24.2 to 1.0.0

Changelog

Sourced from geojson's changelog.

v1.0.0 - 2025-03-16

• BREAKING: Position is now a struct, rather than a type alias for Vec. The new struct uses the tinyvec crate, which allows for faster GeoJSON processing in the common (2-D) case by avoiding per-coordinate heap allocations.

  // BEFORE: Position *was* a Vec. A Vec is always allocated on the heap, which is slow.
  let position: Position = vec![1.0, 2.0];
  let x = position[0];
  // AFTER: Position is its own type, buildable from a Vec.
  let position: Position = vec![1.0, 2.0].into();
  // index access is unchanged
  let x = position[0];
  // Alternatively, you can now construct from an Array, avoiding the Vec's heap allocation.
  let position: Position = [1.0, 2.0].into();
  // equivalently:
  let position = Position::from([1.0, 2.0]);
  // You can still build 3D+ Positions. These higher dimension coordinates will use Heap storage.
  let position = Position::from([1.0, 2.0, 3.0]);
  let position = Position::from(vec![1.0, 2.0, 3.0, 4.0, 5.0, 6.0]);

  • See georust/geojson#222
• Substantially speed up parsing (Benches show 30% reduction). This was essentially a rewrite of our deserialization logic. Instead of going from input -> serde_json::JsonObject -> geojson types we now go directly from input -> geojson types.
• Deserialization errors now include line number and column position. Before:

  Encountered neither number type nor string type for 'id' field on 'feature' object: {} After: Error while deserializing GeoJSON: Feature 'id' must be a string or a number at line 3 column 11

• BREAKING: geojson::Error has had many cases removed and some new cases added, reflecting the deserialization rewrite.
• BREAKING: TryInto/From implementations for serde_json::Value and serde_json::Object have been removed now that they are not used for deserialization.
• type is now the first field when serializing GeoJSON objects.
• Since feature.id is optional, we now accept "id: null", whereas previously you were required to omit the id key. Now either is acceptable.
• Fix: Return [] instead of [[]] for POLYGON EMPTY.
  • See georust/geojson#262
• Potentially breaking: De/Serializing your custom structs with serde now maps your struct's id field to Feature.id, rather than to Feature.properties.id.
• Fix geo_rect_conversion_test to conform to the correctly-wound Polygon output from geo_types::geometry::Rect.to_polygon

... (truncated)

Commits

• f6eafed prepare for 1.0.0 release
• 8c12816 prepare for 0.25.0 release
• c64043f simpler docs
• fa96c26 update to rust 2024 (#273)
• 3c362b4 Additional ergonomic constructors (for Geometry and FeatureCollection) (#271)
• f5fffd0 Remove methods related to json to/from now that we ser/de directly (#270)
• de445d9 Speed up parsing by deserializing directly to geojson (without intermediate s...
• a7870db Move code around - no new functionality (#268)
• 37ea3c9 Merge branch 'mkirk/derive-serialization-3'
• 67c07a1 derive Serialization rather than manual impls
• Additional commits viewable in compare view

Updates geozero from 0.14.0 to 0.15.1

Commits

• See full diff in compare view

Updates jsonschema from 0.33.0 to 0.46.4

Release notes

Sourced from jsonschema's releases.

[Python] Release 0.46.4

Fixed

• Panic in the regex engine when matching against patterns with very large {0,N} quantifiers.

[Rust] Release 0.46.4

Fixed

• Panic in the regex engine when matching against patterns with very large {0,N} quantifiers.

[Ruby] Release 0.46.4

Fixed

• Panic in the regex engine when matching against patterns with very large {0,N} quantifiers.

[Python] Release 0.46.3

Fixed

• Memory not reclaimed when a validator for a schema with recursive $ref or $dynamicRef is dropped. #1125

[Ruby] Release 0.46.3

Fixed

• Memory not reclaimed when a validator for a schema with recursive $ref or $dynamicRef is dropped. #1125

[Rust] Release 0.46.3

Fixed

• Memory not reclaimed when a Validator for a schema with recursive $ref or $dynamicRef is dropped. #1125
• Compilation failure on wasm32-wasip1 and wasm32-unknown-emscripten targets.

[Python] Release 0.46.2

Fixed

• required not enforced when additionalProperties is a schema object and required lists exactly 2 keys.

[Ruby] Release 0.46.2

Fixed

• required not enforced when additionalProperties is a schema object and required lists exactly 2 keys.

[Rust] Release 0.46.2

Fixed

• required not enforced when additionalProperties is a schema object and required lists exactly 2 keys.

[Python] Release 0.46.1

Fixed

• required not enforced when properties has 15 or more entries and required lists exactly 2 keys.

... (truncated)

Changelog

Sourced from jsonschema's changelog.

[0.46.4] - 2026-05-01

Fixed

• Panic in the regex engine when matching against patterns with very large {0,N} quantifiers.

[0.46.3] - 2026-04-28

Fixed

• Memory not reclaimed when a Validator for a schema with recursive $ref or $dynamicRef is dropped. #1125
• Compilation failure on wasm32-wasip1 and wasm32-unknown-emscripten targets.

[0.46.2] - 2026-04-20

Fixed

• required not enforced when additionalProperties is a schema object and required lists exactly 2 keys.

[0.46.1] - 2026-04-18

Fixed

• required not enforced when properties has 15 or more entries and required lists exactly 2 keys.

[0.46.0] - 2026-04-10

Added

• ValidatorMap for validating instances against subschemas identified by URI-fragment JSON pointer. #1075
• CLI: Accept multiple values after -i/--instance (e.g. jsonschema validate schema.json -i *.json). #1085
• dereference function to recursively inline $ref references. #422
• CLI: jsonschema dereference subcommand to dereference a schema from the command line.

Breaking Changes

• Registry construction now uses an explicit prepare step, and with_registry now borrows the prepared registry. ValidationOptions::with_resource and ValidationOptions::with_resources were removed in favor of building a Registry first. See the Migration Guide for the details.

Performance

• Avoid registry clones and document clones during validator construction. This improves real-world schema compilation by roughly 10-20% in internal benchmarks.

[0.45.1] - 2026-04-06

Fixed

• Incorrect handling of multipleOf validation for negative numeric instances.
• Incorrect handling of duration format when hours and seconds appear without minutes, or years and days without months.

[0.45.0] - 2026-03-08

... (truncated)

Commits

• d87ce88 chore(ruby): Release 0.46.4
• ba1ed52 chore(python): Release 0.46.4
• f1a8764 chore(rust): Release 0.46.4
• 7dc8d6b fix: Panic in the regex engine when matching against patterns with very large...
• ab3a91f chore(ruby): Release 0.46.3
• a3185c1 chore(python): Release 0.46.3
• 6cf992f chore(rust): Release 0.46.3
• ef3daeb build(deps): update serde-saphyr requirement from 0.0.24 to 0.0.25
• cd85221 fix: Compilation failure on wasm32 targets with the resolve-async feature
• ee4fd16 chore: fix msrv
• Additional commits viewable in compare view

Updates sqlparser from 0.58.0 to 0.62.0

Commits

• 3dd0e30 chore: Bump version to 0.62.0 and add changelog (#2331)
• 9833c03 feat(clickhouse): support PARTITION BY after ORDER BY and ARRAY JOIN (#2283)
• 9550e93 Add Teradata dialect (#2309)
• 7eba3ca PostgreSQL: Parse optimizer hints in leading comments (#2320)
• fa1dae1 Snowflake: Add support for text data type modifiers (#2297)
• 63e9a33 Redshift: PartiQL AT <index> (#2303)
• 19a7468 Track Parens\<T>'s span (#2291)
• 9a70c42 PostgreSQL: Add support for LATERAL ... WITH ORDINALITY (#2304)
• 53dcc82 Spark SQL: Add SparkSqlDialect (#2305)
• 9f04ebe Coding agents guidelines (#2298)
• Additional commits viewable in compare view

Updates wasm-bindgen from 0.2.120 to 0.2.121

Release notes

Sourced from wasm-bindgen's releases.

0.2.121

Added

• Added the slice_to_array attribute for imported JS functions, which makes a &[T] (or Option<&[T]>) argument arrive on the JS side as a plain Array rather than a typed array — without changing the Rust-side &[T] signature. Useful when binding JS APIs that take T[] rather than TypedArray<T>. For primitive element kinds the wire is the same zero-copy borrow used by plain &[T], with the JS-side shim wrapping the view in Array.from(...) to materialise the Array — no extra allocation. For String, JsValue, and JS-imported element types the Rust side builds a fresh [u32] index buffer that JS reads and frees, with per-element &T -> JsValue (refcount bump for handle-shaped types). No T: Clone bound is required. The attribute can be set per-fn (#[wasm_bindgen(slice_to_array)] fn ...) or per-block on an extern "C" { ... } declaration to apply to every imported function in that block. &[ExportedRustStruct] remains unsupported (use owned Vec<T> for that). Has no effect on exported functions; default &[T] (typed-array view / memory borrow) and owned Vec<T> semantics are unchanged for callers that didn't opt in. See the slice_to_array guide page. #5145

• Added js_sys::AggregateError bindings (constructor, errors getter, and new_with_message / new_with_options overloads). AggregateError represents multiple unrelated errors wrapped in a single error, e.g. as thrown by Promise.any when all input promises reject, along with js_sys::ErrorOptions, accepted by built-in error constructors. ErrorOptions::new(cause) constructs an instance pre-populated with cause, and get_cause / set_cause provide typed access to the property. All standard error constructors that previously took only a message (EvalError, RangeError, ReferenceError, SyntaxError, TypeError, URIError, WebAssembly.CompileError, WebAssembly.LinkError, WebAssembly.RuntimeError) now expose a new_with_options(message, &ErrorOptions) overload, and Error gains new_with_error_options(message, &ErrorOptions) alongside the existing untyped new_with_options. AggregateError::new_with_options also takes &ErrorOptions. #5139

• Added inheritance for Rust-exported types: an exported struct may declare #[wasm_bindgen(extends = Parent)] to inherit from another exported #[wasm_bindgen] struct. The macro injects a hidden parent: wasm_bindgen::Parent<Parent> field (a refcounted cell around the parent value) and emits class Child extends Parent in the generated JS / .d.ts. The child gets an AsRef<Parent<Parent>> impl for the direct parent, and threads per-class pointer slots through the wasm ABI so that instanceof Parent is true and parent methods

... (truncated)

Changelog

Sourced from wasm-bindgen's changelog.

0.2.121

Added

• Added the slice_to_array attribute for imported JS functions, which makes a &[T] (or Option<&[T]>) argument arrive on the JS side as a plain Array rather than a typed array — without changing the Rust-side &[T] signature. Useful when binding JS APIs that take T[] rather than TypedArray<T>. For primitive element kinds the wire is the same zero-copy borrow used by plain &[T], with the JS-side shim wrapping the view in Array.from(...) to materialise the Array — no extra allocation. For String, JsValue, and JS-imported element types the Rust side builds a fresh [u32] index buffer that JS reads and frees, with per-element &T -> JsValue (refcount bump for handle-shaped types). No T: Clone bound is required. The attribute can be set per-fn (#[wasm_bindgen(slice_to_array)] fn ...) or per-block on an extern "C" { ... } declaration to apply to every imported function in that block. &[ExportedRustStruct] remains unsupported (use owned Vec<T> for that). Has no effect on exported functions; default &[T] (typed-array view / memory borrow) and owned Vec<T> semantics are unchanged for callers that didn't opt in. See the slice_to_array guide page. #5145

• Added js_sys::AggregateError bindings (constructor, errors getter, and new_with_message / new_with_options overloads). AggregateError represents multiple unrelated errors wrapped in a single error, e.g. as thrown by Promise.any when all input promises reject, along with js_sys::ErrorOptions, accepted by built-in error constructors. ErrorOptions::new(cause) constructs an instance pre-populated with cause, and get_cause / set_cause provide typed access to the property. All standard error constructors that previously took only a message (EvalError, RangeError, ReferenceError, SyntaxError, TypeError, URIError, WebAssembly.CompileError, WebAssembly.LinkError, WebAssembly.RuntimeError) now expose a new_with_options(message, &ErrorOptions) overload, and Error gains new_with_error_options(message, &ErrorOptions) alongside the existing untyped new_with_options. AggregateError::new_with_options also takes &ErrorOptions. #5139

• Added inheritance for Rust-exported types: an exported struct may declare #[wasm_bindgen(extends = Parent)] to inherit from another exported #[wasm_bindgen] struct. The macro injects a hidden parent: wasm_bindgen::Parent<Parent> field (a refcounted cell around the parent value) and emits class Child extends Parent in the generated JS / .d.ts. The child gets an AsRef<Parent<Parent>> impl for the direct parent, and threads per-class pointer slots through

... (truncated)

Commits

• 49457f2 Loosen JsFuture<T> bound to support Promise<Union> (#5149)
• e755d21 release: 0.2.121 - schema bump (#5148)
• 1cb17ad Release 0.2.121
• 2064570 Fix slice_to_array erroring on non-slice args of slice_to_array fns (#5146)
• dfefda7 Fix panic unwind bundler js (#5142)
• 12646be Add slice_to_array attribute for plain-Array slice imports (#5145)
• f4706e3 feat: support union types with Rust enums (#4734)
• b75c754 feat: inheritance for Rust-exported types via #[wasm_bindgen(extends = ...)] ...
• b259436 Support raw identifiers for enums, enum variants, extern types, and impls (#4...
• b7ffebc Update experimental ViewTransition interface (#5138)
• Additional commits viewable in compare view

Updates web-sys from 0.3.97 to 0.3.98

Commits

• See full diff in compare view

Updates wasm-bindgen-test from 0.3.70 to 0.3.71

Commits

• See full diff in compare view

Updates js-sys from 0.3.97 to 0.3.98

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions