chore(deps): bump the cargo-minor-and-patch group across 1 directory with 7 updates

[dependabot]

Bumps the cargo-minor-and-patch group with 7 updates in the / directory:

Package	From	To
bytesize	2.3.1	2.4.0
bitflags	2.12.1	2.13.0
smallvec	1.15.1	1.15.2
uuid	1.23.2	1.23.3
h2	0.4.14	0.4.15
http	1.4.1	1.4.2
prost	0.14.3	0.14.4

Updates bytesize from 2.3.1 to 2.4.0

Release notes

Sourced from bytesize's releases.

bytesize: v2.4.0

• Implement Sum for ByteSize.
• Minimum supported Rust version (MSRV) is now 1.85.

Changelog

Sourced from bytesize's changelog.

2.4.0

• Implement Sum for ByteSize.
• Minimum supported Rust version (MSRV) is now 1.85.

Commits

• ebf8ed3 chore: release v2.4.0 (#161)
• 2a1423f feat: implement Sum for ByteSize (#169)
• b2b22f3 ci: pin actions
• 3c02c4c chore: update msrv to 1.85
• 227baa7 chore(deps): bump rand from 0.10.0 to 0.10.1 (#162)
• 9a4a9c7 chore(deps): bump toml from 1.0.6+spec-1.1.0 to 1.1.2+spec-1.1.0 (#160)
• b695837 chore(deps): bump taiki-e/install-action from 2.70.3 to 2.75.27 (#158)
• 94e559a chore(deps): bump actions-rust-lang/setup-rust-toolchain (#159)
• 1cacb79 chore(deps): bump actions-rust-lang/setup-rust-toolchain (#151)
• ed48c91 chore(deps): bump taiki-e/install-action from 2.68.15 to 2.70.3 (#150)
• Additional commits viewable in compare view

Updates bitflags from 2.12.1 to 2.13.0

Release notes

Sourced from bitflags's releases.

2.13.0

What's Changed

• add MyFlags::Abc::iter_equal_names() method by @​ssrlive in bitflags/bitflags#489

Full Changelog: bitflags/bitflags@2.12.1...2.13.0

Changelog

Sourced from bitflags's changelog.

2.13.0

What's Changed

• add MyFlags::Abc::iter_equal_names() method by @​ssrlive in bitflags/bitflags#489

Full Changelog: bitflags/bitflags@2.12.1...2.13.0

Commits

• 9253889 prepare for 2.13.0 release
• fbbbfac Merge pull request #489 from ssrlive/main
• 8c498c7 Change visibility of new function to crate scope
• 3cbddab move iter_equal_names to trait Flags
• 80f2193 add MyFlags::Abc::iter_equal_names() method
• See full diff in compare view

Updates smallvec from 1.15.1 to 1.15.2

Release notes

Sourced from smallvec's releases.

v1.15.2

What's Changed

• Exclude development script from cargo packaging by @​weiznich in servo/rust-smallvec#397
• Fix use-after-free in DrainFilter::keep_rest for SmallVec with capacity 0 by @​Shnatsel in servo/rust-smallvec#407
• Work around rustc 1.93 perf regression with MaybeUninit by @​glandium in servo/rust-smallvec#410

New Contributors

• @​Shnatsel made their first contribution in servo/rust-smallvec#407
• @​glandium made their first contribution in servo/rust-smallvec#410

Full Changelog: servo/rust-smallvec@v1.15.1...v1.15.2

Commits

• c469051 Bump version.
• 9fe422b Fix Windows CI.
• 51b965f Work around rustc 1.93 perf regression with MaybeUninit
• 9da26a5 Fix use-after-free in DrainFilter::keep_rest for zero-capacity SmallVecs
• 79184f1 Add Miri test for use-after-free in DrainFilter::keep_rest
• f59fb36 Merge pull request #397 from GiGainfosystems/exclude_scripts
• 28b6ed7 Exclude development script
• See full diff in compare view

Updates uuid from 1.23.2 to 1.23.3

Release notes

Sourced from uuid's releases.

v1.23.3

What's Changed

• Fix up parser panic on empty input by @​KodrAus in uuid-rs/uuid#886
• Prepare for 1.23.3 release by @​KodrAus in uuid-rs/uuid#887

Full Changelog: uuid-rs/uuid@v1.23.2...v1.23.3

Commits

• 20da78b Merge pull request #887 from uuid-rs/cargo/v1.23.3
• 62232ca prepare for 1.23.3 release
• 2320c6a Merge pull request #886 from uuid-rs/fix/parser-panics
• 2d034d4 fix some invalid indexers on error reporting
• a8b9f14 update fuzz infra and run in CI
• See full diff in compare view

Updates h2 from 0.4.14 to 0.4.15

Release notes

Sourced from h2's releases.

v0.4.15

What's Changed

• fix: Discard buffered DATA when a scheduled reset is pending by @​ArniDagur in hyperium/h2#896
• fix: poll_capacity must not return Ready(Some(Ok(0))) by @​ArniDagur in hyperium/h2#898
• fix: Reject frames on streams whose HEADERS haven't been sent by @​ArniDagur in hyperium/h2#899
• chore(ci): update actions/checkout to v6 by @​seanmonstar in hyperium/h2#910
• fix: Remove unnecessary clones by @​FranciscoTGouveia in hyperium/h2#911
• fix: use HeaderMap::try_append to prevent panics on absurd amounts of headers by @​imlk0 in hyperium/h2#909
• fix: ignore library resets at connection poll loop level by @​seanmonstar in hyperium/h2#913
• fix: remove padded_len() u8 overflow in DATA frame padding release by @​seanmonstar in hyperium/h2#914
• fix: close connection when header size is way too large by @​seanmonstar in hyperium/h2#915
• Prepare v0.4.15 by @​seanmonstar in hyperium/h2#916

New Contributors

• @​FranciscoTGouveia made their first contribution in hyperium/h2#911
• @​imlk0 made their first contribution in hyperium/h2#909

Full Changelog: hyperium/h2@v0.4.14...v0.4.15

Changelog

Sourced from h2's changelog.

0.4.15 (June 15, 2026)

• Fix closing a connection when header size is "way too large" (currently x4 configured limit).
• Fix overflow calculating padding length if a DATA frame had 255 bytes of padding.
• Fix ignoring library-initiated resets in the connection state loop.
• Fix decoding panic with an absurd amount of headers and no limit to now use try_append().
• Fix rejecting frames on streams whose HEADERS have not been sent.
• Fix poll_capacity() to not return Some(Ok(0)).
• Fix discarding of buffered DATA frames when a reset is scheduled.

Commits

• 21211d0 v0.4.15
• 29e209d fix: close connection when header size is way too large (#915)
• 9231cb0 fix: remove padded_len() u8 overflow in DATA frame padding release (#914)
• d351036 fix: ignore library resets at connection poll loop level (#913)
• 4f51fff fix: use HeaderMap::try_append to prevent panics on absurd amounts of headers...
• c813cc8 refactor: remove unnecessary clones (#911)
• 810f5ae chore(ci): update actions/checkout to v6 (#910)
• d361b75 fix: Reject frames on streams whose HEADERS haven't been sent (#899)
• 93ccead fix: poll_capacity must not return Ready(Some(Ok(0))) (#898)
• 733bba7 fix: Discard buffered DATA when a scheduled reset is pending (#896)
• See full diff in compare view

Updates http from 1.4.1 to 1.4.2

Changelog

Sourced from http's changelog.

1.4.2 (June 8, 2026)

• Fix uri::Builder to allow "*" as the path when scheme and authority are also set, used in HTTP/2 requests.
• Fix Uri to properly reject DEL characters.

Commits

• 82db5b8 v1.4.2
• a9cdbf8 fix(uri): reject DEL character (#842)
• df75ca3 fix(uri): allow STAR paths with scheme/auth (#843)
• ec3f8ce feat(method): impl PartialOrd + Ord (#840)
• See full diff in compare view

Updates prost from 0.14.3 to 0.14.4

Changelog

Sourced from prost's changelog.

Prost version 0.14.4

PROST! is a Protocol Buffers implementation for the Rust Language. prost generates simple, idiomatic Rust code from proto2 and proto3 files.

🚀 Features

• (prost-derive) Make is_valid a constant function (#1401)
• Increase MSRV to 1.85 (#1428)

🐛 Bug Fixes

• Use Display instead of Debug for generated enumeration attributes (#1419)
• (prost-derive) Return error for invalid enumeration default identifiers (#1426)
• (build) Grab binary path from cargo (#1429)
• (build) Fix C++ build on GCC 15 (#1395)

📚 Documentation

• Add example for decode_length_delimiter (#1311)
• Update protobuf-src example to avoid unsafe set_var

🧪 Testing

• Test derive Eq behavior (#1422)
• (groups) Actually construct NestedGroup (#1363)

💼 Dependencies

• (deps) Update criterion requirement from 0.7 to 0.8 (#1374)
• (deps) Remove getrandom@0.4.1 from build-dependencies (#1400)
• (deps) Update rand requirement from 0.9 to 0.10 (#1397)
• (deps) Bump actions/upload-artifact from 6 to 7 (#1409)
• (deps) Update cargo clippy to 1.89 (#1433)
• (deps) Update cargo clippy to 1.91 (#1435)
• (deps) Update and improve nix devshell (#1393)

🎨 Styling

• Prevent needless borrow (#1404)
• Use std::hint::black_box() (#1403)
• Use variables directly in format!() (#1432)
• Remove explicit .into_iter() (#1434)
• Run clippy on benches (#1405)

Commits

• 13646cd chore: Release version 0.14.4 (#1437)
• dad79d5 fix(prost-derive): return error for invalid enumeration default identifiers (...
• b0b6c93 ci: Update cargo clippy to 1.91 (#1435)
• 32cfffb style: remove explicit .into_iter() (#1434)
• 2710efd ci: Update cargo clippy to 1.89 (#1433)
• 18ea4e4 style: use variables directly in format!() (#1432)
• 2821bd1 build(deps): bump actions/upload-artifact from 6 to 7 (#1409)
• 3ce3b39 test(groups): Actually construct NestedGroup (#1363)
• 8776405 docs: Update changelog for version 0.14.3 (#1431)
• 33d3ef1 build: Grab binary path from cargo (#1429)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}