build(deps): bump the production-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the production-dependencies group with 3 updates in the / directory: thiserror, anyhow and serde.

Updates thiserror from 1.0.64 to 1.0.67

Release notes

Sourced from thiserror's releases.

1.0.67

• Improve expression syntax support inside format arguments (#335, #337, #339, #340)

1.0.66

• Improve compile error on malformed format attribute (#327)

1.0.65

• Ensure OUT_DIR is left with deterministic contents after build script execution (#325)

Commits

• 925f2dd Release 1.0.67
• b3bc3e7 Merge pull request #340 from dtolnay/fallbackscan
• 0ab908a Ignore expected unnecessary_wraps pedantic clippy lint
• c357f97 Add infallible expr scanner fallback for scanning invalid code
• 60bc0f2 Merge pull request #339 from dtolnay/fullexpr
• dabb96f Use syn's real expression parser if it has full syntax support
• 144b3b6 Remove #[allow] for fixed clippy bug
• 851f694 Merge pull request #337 from dtolnay/scan
• 45e18f5 Ignore enum_glob_use pedantic clippy lint
• 2585669 More robust scanning for fmt argument expressions
• Additional commits viewable in compare view

Updates anyhow from 1.0.90 to 1.0.92

Release notes

Sourced from anyhow's releases.

1.0.92

• Support Rust 1.82's &raw const and &raw mut syntax inside ensure! (#390)

1.0.91

• Ensure OUT_DIR is left with deterministic contents after build script execution (#388)

Commits

• fd03a8e Release 1.0.92
• a16252b Merge pull request #390 from dtolnay/rawaddr
• fcf2ef8 Compile &raw test on Rust 1.82+ only
• 1e7e9fe Parse raw address expression syntax
• 7d1a8f9 Add test of raw addr expression syntax
• 6c52daa Release 1.0.91
• 4986853 Merge pull request #388 from dtolnay/outdir
• f130b76 Clean up dep-info files from OUT_DIR
• See full diff in compare view

Updates serde from 1.0.210 to 1.0.214

Release notes

Sourced from serde's releases.

v1.0.214

• Implement IntoDeserializer for all Deserializers in serde::de::value module (#2568, thanks @​Mingun)

v1.0.213

• Fix support for macro-generated with attributes inside a newtype struct (#2847)

v1.0.212

• Fix hygiene of macro-generated local variable accesses in serde(with) wrappers (#2845)

v1.0.211

• Improve error reporting about mismatched signature in with and default attributes (#2558, thanks @​Mingun)
• Show variant aliases in error message when variant deserialization fails (#2566, thanks @​Mingun)
• Improve binary size of untagged enum and internally tagged enum deserialization by about 12% (#2821)

Commits

• 4180621 Release 1.0.214
• 210373b Merge pull request #2568 from Mingun/into_deserializer-for-deserializers
• 9cda015 Implement IntoDeserializer for all Deserializers in serde::de::value module
• 58a8d22 Release 1.0.213
• ef0ed22 Merge pull request #2847 from dtolnay/newtypewith
• 79925ac Ignore dead_code warning in regression test
• b60e409 Hygiene for macro-generated newtype struct deserialization with 'with' attr
• fdc36e5 Add regression test for issue 2846
• 49e11ce Ignore trivially_copy_pass_by_ref pedantic clippy lint in test
• 7ae1b5f Release 1.0.212
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
cargo/anyhow	1.0.92	🟢 5.5	Details Check Score Reason Code-Review ⚠️ 0 Found 0/22 approved changesets -- score normalized to 0 Maintained 🟢 10 22 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 3 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/proc-macro2	1.0.89	🟢 6.1	Details Check Score Reason Code-Review ⚠️ 0 Found 1/21 approved changesets -- score normalized to 0 Maintained 🟢 10 13 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 3 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/serde	1.0.214	🟢 6	Details Check Score Reason Code-Review ⚠️ 1 Found 2/18 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/serde_derive	1.0.214	🟢 6	Details Check Score Reason Code-Review ⚠️ 1 Found 2/18 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/syn	2.0.87	🟢 6.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Code-Review ⚠️ 0 Found 0/17 approved changesets -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 3 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/thiserror	1.0.67	🟢 5.5	Details Check Score Reason Code-Review ⚠️ 0 Found 2/21 approved changesets -- score normalized to 0 Maintained 🟢 10 11 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 3 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
cargo/thiserror-impl	1.0.67	🟢 5.5	Details Check Score Reason Code-Review ⚠️ 0 Found 2/21 approved changesets -- score normalized to 0 Maintained 🟢 10 11 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 3 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• Cargo.lock

[dependabot]

Superseded by #86.