chore(deps): bump the rust-dependencies group across 1 directory with 10 updates

[dependabot]

Bumps the rust-dependencies group with 10 updates in the / directory:

Package	From	To
soroban-sdk	21.7.7	25.3.0
thiserror	1.0.69	2.0.18
z3	0.12.1	0.19.15
criterion	0.5.1	0.8.2
toml	0.8.23	1.1.0+spec-1.1.0
colored	2.2.0	3.1.1
sha2	0.10.9	0.11.0
jsonschema	0.18.3	0.45.0
bolero	0.10.1	0.13.4
bolero-generator	0.10.2	0.13.5

Updates soroban-sdk from 21.7.7 to 25.3.0

Release notes

Sourced from soroban-sdk's releases.

25.3.0

What's Changed

• Fix Fr scalar field to reduce modulo r on construction by @​jayz22 in stellar/rs-soroban-sdk#1750 GHSA-x2hw-px52-wp4m
• Bump version to 25.3.0 by @​github-actions[bot] in stellar/rs-soroban-sdk#1751

Full Changelog: stellar/rs-soroban-sdk@v25.2.0...v25.3.0

25.2.0

What's Change

New Experimental Features

• Spec shaking for smaller contract binaries: The SDK now supports automatic removal of unused type and event definitions from the contractspecv0 section of compiled WASM files. By embedding markers that survive dead code elimination, only types and events actually used at contract boundaries (function parameters, return values, and events) are retained. This reduces contract binary size and enables imported contract types to be automatically re-exported when used. Requires Stellar CLI v25.2.0+. Behind a feature flag experimental_spec_shaking_v2 during the v25 release. (#1672)

Improvements

• Compile-time validation for BigInt conversions: BigInt::from<BytesN> now catches length mismatches at compile time instead of panicking at runtime, giving you earlier and clearer error messages. (#1725)

• Remove unnecessary clones in iterators: Iterator implementations no longer perform redundant clones, reducing overhead when iterating over SDK collection types. (#1734)

Bug Fixes

• Fix BytesN::is_empty: BytesN::is_empty previously always returned false. It now correctly returns true for BytesN<0>. (#1733)

Documentation

• Document the alloc feature: The alloc module is now publicly documented in rustdoc, covering how the bump-pointer allocator works, that dealloc is a no-op, and how to use a custom allocator instead. (#1726)

All Changes

• Remove unnecessary clone in iterators by @​leighmcculloch in stellar/rs-soroban-sdk#1734
• Fix BytesN::is_empty to check const length by @​leighmcculloch in stellar/rs-soroban-sdk#1733
• Use compile-time assert in BigInt::from by @​leighmcculloch in stellar/rs-soroban-sdk#1725
• Add commentary to alloc module about use of static_mut_refs and light code reordering and vis changes by @​leighmcculloch in stellar/rs-soroban-sdk#1722
• Document alloc feature by @​leighmcculloch in stellar/rs-soroban-sdk#1726
• Bump deny action by @​sisuresh in stellar/rs-soroban-sdk#1742
• Implement spec shaking using dead code elimination and data section of wasm by @​leighmcculloch in stellar/rs-soroban-sdk#1672
• Bump version to 25.2.0 by @​github-actions[bot] in stellar/rs-soroban-sdk#1749

Full Changelog: stellar/rs-soroban-sdk@v25.1.1...v25.2.0

25.1.1

What's Changed

Bugs Fixed

• Fix trait method call resolution in contractimpl (stellar/rs-soroban-sdk#1729) (GHSA-4chv-4c6w-w254)

All Changes

• Fix trait method call resolution in contractimpl by @​leighmcculloch in stellar/rs-soroban-sdk#1729

... (truncated)

Commits

• dcbea44 Bump version to 25.3.0 (#1751)
• 082424b Fix Fr scalar field to reduce modulo r on construction (#1750)
• 3e529a6 Bump version to 25.2.0 (#1749)
• 80529be Implement spec shaking using dead code elimination and data section of wasm (...
• 78ede6a Bump deny action (#1742)
• 914d7f6 Document alloc feature (#1726)
• fadfa56 Add commentary to alloc module about use of static_mut_refs and light code re...
• 070b0d6 Use compile-time assert in BigInt::from (#1725)
• ee06e71 Fix BytesN::is_empty to check const length (#1733)
• 87d2d43 Remove unnecessary clone in iterators (#1734)
• Additional commits viewable in compare view

Updates thiserror from 1.0.69 to 2.0.18

Release notes

Sourced from thiserror's releases.

2.0.18

• Make compatible with project-level needless_lifetimes = "forbid" (#443, thanks @​LucaCappelletti94)

2.0.17

• Use differently named __private module per patch release (#434)

2.0.16

• Add to "no-std" crates.io category (#429)

2.0.15

• Prevent Error::provide API becoming unavailable from a future new compiler lint (#427)

2.0.14

• Allow build-script cleanup failure with NFSv3 output directory to be non-fatal (#426)

2.0.13

• Documentation improvements

2.0.12

• Prevent elidable_lifetime_names pedantic clippy lint in generated impl (#413)

2.0.11

• Add feature gate to tests that use std (#409, #410, thanks @​Maytha8)

2.0.10

• Support errors containing a generic type parameter's associated type in a field (#408)

2.0.9

• Work around missing_inline_in_public_items clippy restriction being triggered in macro-generated code (#404)

2.0.8

• Improve support for macro-generated derive(Error) call sites (#399)

2.0.7

• Work around conflict with #[deny(clippy::allow_attributes)] (#397, thanks @​zertosh)

2.0.6

• Suppress deprecation warning on generated From impls (#396)

2.0.5

• Prevent deprecation warning on generated impl for deprecated type (#394)

2.0.4

• Eliminate needless_lifetimes clippy lint in generated From impls (#391, thanks @​matt-phylum)

2.0.3

• Support the same Path field being repeated in both Debug and Display representation in error message (#383)
• Improve error message when a format trait used in error message is not implemented by some field (#384)

2.0.2

... (truncated)

Commits

• dc0f6a2 Release 2.0.18
• 0275292 Touch up PR 443
• 3c33bc6 Merge pull request #443 from LucaCappelletti94/master
• 995939c Reproduce issue 442
• 21653d1 Made clippy lifetime allows conditional
• 45e5388 Update actions/upload-artifact@v5 -> v6
• 386aac1 Update actions/upload-artifact@v4 -> v5
• ec50561 Update actions/checkout@v5 -> v6
• 247eab5 Update name of empty_enum clippy lint
• 91b181f Raise required compiler to Rust 1.68
• Additional commits viewable in compare view

Updates z3 from 0.12.1 to 0.19.15

Commits

• See full diff in compare view

Updates criterion from 0.5.1 to 0.8.2

Release notes

Sourced from criterion's releases.

criterion-plot-v0.8.2

Other

• Update Readme

criterion-v0.8.2

Fixed

• don't build alloca on unsupported targets

Other

• (deps) bump crate-ci/typos from 1.40.0 to 1.43.0
• Fix panic with uniform iteration durations in benchmarks
• Update Readme
• Exclude development scripts from published package

criterion-plot-v0.8.1

Fixed

• Typo

criterion-v0.8.1

Fixed

• Homepage link

Other

• (deps) bump crate-ci/typos from 1.23.5 to 1.40.0
• (deps) bump jontze/action-mdbook from 3 to 4
• (deps) bump actions/checkout from 4 to 6

criterion-plot-v0.8.0

No release notes provided.

criterion-v0.8.0

BREAKING

• Drop async-std support

Changed

• Bump MSRV to 1.86, stable to 1.91.1

Added

• Add ability to plot throughput on summary page.
• Add support for reporting throughput in elements and bytes - Throughput::ElementsAndBytes allows the text summary to report throughput in both units simultaneously.
• Add alloca-based memory layout randomisation to mitigate memory effects on measurements.

... (truncated)

Changelog

Sourced from criterion's changelog.

0.8.2 - 2026-02-04

Fixed

• don't build alloca on unsupported targets

Other

• (deps) bump crate-ci/typos from 1.40.0 to 1.43.0
• Fix panic with uniform iteration durations in benchmarks
• Update Readme
• Exclude development scripts from published package

0.8.1 - 2025-12-07

Fixed

• Homepage link

Other

• (deps) bump crate-ci/typos from 1.23.5 to 1.40.0
• (deps) bump jontze/action-mdbook from 3 to 4
• (deps) bump actions/checkout from 4 to 6

0.8.0 - 2025-11-29

BREAKING

• Drop async-std support

Changed

• Bump MSRV to 1.86, stable to 1.91.1

Added

• Add ability to plot throughput on summary page.
• Add support for reporting throughput in elements and bytes - Throughput::ElementsAndBytes allows the text summary to report throughput in both units simultaneously.
• Add alloca-based memory layout randomisation to mitigate memory effects on measurements.
• Add doc comment to benchmark runner in criterion_group macro (removes linter warnings)

Fixed

• Fix plotting NaN bug

Other

• Remove Master API Docs links temporarily while we restore the docs publishing.

... (truncated)

Commits

• 7f0d745 chore: release v0.8.2
• 4a467ce chore(deps): bump crate-ci/typos from 1.40.0 to 1.43.0
• b277a75 Fix panic with uniform iteration durations in benchmarks
• 828af14 fix: don't build alloca on unsupported targets
• b01316b Update Readme
• 4c02a3b Exclude development scripts from published package
• e4e06df chore: release v0.8.1
• aa548b9 fix: Homepage link
• 950c3b7 fix: Typo
• 7e3e50c chore(deps): bump crate-ci/typos from 1.23.5 to 1.40.0
• Additional commits viewable in compare view

Updates toml from 0.8.23 to 1.1.0+spec-1.1.0

Commits

• d66e46e chore: Release
• 8a05aef docs: Update changelog
• dae1752 chore: Bump to Edition 2024 (#1124)
• 88aaa9c chore: Bump to Edition 2024
• 35ae47f refactor(bench): Rename away from 'gen'
• 7f43936 style: Remove redundant ref
• 24a472a refactor: Use core::error::Error with MSRV 1.85
• b4c0840 chore: Bump MSRV to 1.85
• 9079072 chore: Release
• 06f2ba3 docs: Update changelog
• Additional commits viewable in compare view

Updates colored from 2.2.0 to 3.1.1

Release notes

Sourced from colored's releases.

v3.1.1

No release notes provided.

v3.1.0

No release notes provided.

v3.0.0

• [BREAKING CHANGE]: Upgrade MSRV to 1.80 and remove the then unnecessary lazy_static dependency.

Changelog

Sourced from colored's changelog.

Unreleased

• Added methods ansi_color and on_ansi_color to Colorize.

3.0.0

• [BREAKING CHANGE]: Upgrade MSRV to 1.80 and remove the then unnecessary lazy_static dependency.

Commits

• 5204a26 3.1.1
• 49392a3 Limit to 5 keywords
• b791685 3.1.0
• 9a83121 Allow windows-sys 0.61 to be used (#218)
• 192598d Clean up Colorize trait
• ec013ae chore: minor improvement for docs (#212)
• 5bc198b Replace 'ansi_term' dev-dependency with 'ansiterm' (#209)
• a21367d Allow windows-sys 0.60 to be used (#206)
• 9450fea Fix clippy warning (#207)
• 68761c1 README: use the latest v3.0 version for example (#204)
• Additional commits viewable in compare view

Updates sha2 from 0.10.9 to 0.11.0

Commits

• ffe0939 Release sha2 0.11.0 (#806)
• 8991b65 Use the standard order of the [package] section fields (#807)
• 3d2bc57 sha2: refactor backends (#802)
• faa55fb sha3: bump keccak to v0.2 (#803)
• d3e6489 sha3 v0.11.0-rc.9 (#801)
• bbf6f51 sha2: tweak backend docs (#800)
• 155dbbf sha3: add default value for the DS generic parameter on TurboShake128/256...
• ed514f2 Use published version of keccak v0.2 (#799)
• 702bcd8 Migrate to closure-based keccak (#796)
• 827c043 sha3 v0.11.0-rc.8 (#794)
• Additional commits viewable in compare view

Updates jsonschema from 0.18.3 to 0.45.0

Release notes

Sourced from jsonschema's releases.

[Python] Release 0.45.0

Added

• bundle(schema, ...): produce a Compound Schema Document with all external $ref targets embedded in a draft-appropriate container (definitions for Draft 4/6/7, $defs for Draft 2019-09/2020-12; Appendix B). #791.
• ValidationError.absolute_keyword_location to get the absolute keyword location URI of the schema node that produced the error.

[Ruby] Release 0.45.0

Added

• JSONSchema.bundle(schema, ...): produce a Compound Schema Document with all external $ref targets embedded in a draft-appropriate container (definitions for Draft 4/6/7, $defs for Draft 2019-09/2020-12; Appendix B). #791.
• ValidationError#absolute_keyword_location to get the absolute keyword location URI of the schema node that produced the error.

[Rust] Release 0.45.0

Added

• bundle(schema) / async_bundle(schema) / ValidationOptions::bundle: produce a Compound Schema Document with external $ref targets embedded in a draft-appropriate container (definitions for Draft 4/6/7, $defs for Draft 2019-09/2020-12) while preserving $ref values. #791.
• CLI: jsonschema validate and jsonschema bundle subcommands. Flat invocation (jsonschema schema.json -i …) is deprecated — use jsonschema validate instead. #791.
• ValidationError::absolute_keyword_location() to get the absolute keyword location URI of the schema node that produced the error. #737.

Changed

• ValidationError::into_parts() now returns ValidationErrorParts instead of a tuple.

[Python] Release 0.44.1

Fixed

• hostname format now applies legacy RFC 1034 semantics in Draft 4/6 and keeps IDNA A-label validation in Draft 7+.

[Ruby] Release 0.44.1

Fixed

• hostname format now applies legacy RFC 1034 semantics in Draft 4/6 and keeps IDNA A-label validation in Draft 7+.

[Rust] Release 0.44.1

Fixed

• hostname format now applies legacy RFC 1034 semantics in Draft 4/6 and keeps IDNA A-label validation in Draft 7+.

[Python] Release 0.44.0

Added

• canonical.json.to_string(object) for canonical JSON serialization (stable key ordering and numeric normalization), useful for deduplicating equivalent JSON Schemas.

Fixed

• Do not produce annotations for non-string instances from contentMediaType, contentEncoding, and contentSchema keywords.
• Crash when serializing strings with invalid UTF-8 (e.g., lone surrogates) during schema/instance conversion.
• Crash when serializing dicts keyed by str enums whose value lookup raises an exception.
• Crash when serializing enum instances whose value lookup raises an exception.
• Reference leak when serializing enum instances repeatedly.

... (truncated)

Changelog

Sourced from jsonschema's changelog.

[0.45.0] - 2026-03-08

Added

• bundle(schema) / async_bundle(schema) / ValidationOptions::bundle: produce a Compound Schema Document with external $ref targets embedded in a draft-appropriate container (definitions for Draft 4/6/7, $defs for Draft 2019-09/2020-12) while preserving $ref values. #791.
• CLI: jsonschema validate and jsonschema bundle subcommands. Flat invocation (jsonschema schema.json -i …) is deprecated — use jsonschema validate instead. #791.
• ValidationError::absolute_keyword_location() to get the absolute keyword location URI of the schema node that produced the error. #737.

Changed

• ValidationError::into_parts() now returns ValidationErrorParts instead of a tuple.

[0.44.1] - 2026-03-03

Fixed

• hostname format now applies legacy RFC 1034 semantics in Draft 4/6 and keeps IDNA A-label validation in Draft 7+.

[0.44.0] - 2026-03-02

Added

• canonical::json::to_string(value) for canonical JSON serialization (stable key ordering and numeric normalization), useful for deduplicating equivalent JSON Schemas.

Fixed

• Do not produce annotations for non-string instances from contentMediaType, contentEncoding, and contentSchema keywords.

[0.43.0] - 2026-02-28

Performance

• Optimize pattern and patternProperties for ^(a|b|c)$ alternations via linear array scan.
• Optimize ^\S*$ patterns by replacing regex with a direct ECMA-262 whitespace check.

Fixed

• anyOf, format, unevaluatedProperties, and unevaluatedItems now correctly collect annotations per spec.

[0.42.2] - 2026-02-26

Fixed

• SWAR digit parser accepted bytes :–? (0x3A–0x3F) as valid digits during date, time, and date-time format validation, potentially allowing malformed values to pass.

Performance

• Extend pattern prefix optimization to handle escaped slashes (^\/) and exact-match patterns (^\$ref$).
• Specialize enum for cases when all variants are strings.

... (truncated)

Commits

• 29ca0b0 chore(ruby): Release 0.45.0
• f0d1392 chore(python): Release 0.45.0
• 8dea24a chore(rust): Release 0.45.0
• 8da0f79 feat: Schema bundling
• 7e49e4f test: Add ci job for s390x
• 83aec59 feat: Add absolute keyword location to ValidationError
• e06c794 chore(ruby): Release 0.44.1
• 5020204 chore(python): Release 0.44.1
• d7bc14f chore(rust): Release 0.44.1
• e6c1bc8 docs: Update changelog
• Additional commits viewable in compare view

Updates bolero from 0.10.1 to 0.13.4

Commits

• See full diff in compare view

Updates bolero-generator from 0.10.2 to 0.13.5

Commits

• See full diff in compare view

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.