chore(deps): bump the production-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the production-dependencies group with 5 updates in the / directory:

Package	From	To
smol_str	0.3.2	0.3.4
tracing	0.1.43	0.1.44
insta	1.44.3	1.45.0
httpmock	0.7.0	0.8.2
axum	0.8.7	0.8.8

Updates smol_str from 0.3.2 to 0.3.4

Changelog

Sourced from smol_str's changelog.

0.3.4 - 2025-10-23

• Added rust-version field to Cargo.toml

0.3.3 - 2025-10-23

• Optimise StrExt::to_ascii_lowercase_smolstr, StrExt::to_ascii_uppercase_smolstr ~2x speedup inline, ~4-22x for heap.
• Optimise StrExt::to_lowercase_smolstr, StrExt::to_uppercase_smolstr ~2x speedup inline, ~5-50x for heap.
• Optimise StrExt::replace_smolstr, StrExt::replacen_smolstr for single ascii replace, ~3x speedup inline & heap.

Commits

• 02336c5 Publish 0.3.4
• bf2e3d7 Publish 0.3.3
• 8f4deab Update changelog
• 97ef5f3 Mark replacen_1_ascii as unsafe
• 026103b Optimise replacen 1-ascii when count >= len
• 104784a Optimise replacen_smolstr for single ascii replace
• 08a9dc8 Add test from_buf_and_chars_size_hinted_heap & fix
• 22feb5f Update changelog
• 3122a9a Optimise to_{lower,upper}case_smolstr
• 81c8790 CI: Add TEST_BENCHES
• Additional commits viewable in compare view

Updates tracing from 0.1.43 to 0.1.44

Release notes

Sourced from tracing's releases.

tracing 0.1.44

Fixed

• Fix record_all panic (#3432)

Changed

• tracing-core: updated to 0.1.36 (#3440)

#3432: tokio-rs/tracing#3432 #3440: tokio-rs/tracing#3440

Commits

• 2d55f6f chore: prepare tracing 0.1.44 (#3439)
• 10a9e83 chore: prepare tracing-core 0.1.36 (#3440)
• ee82cf9 tracing: fix record_all panic (#3432)
• 9978c36 chore: prepare tracing-mock 0.1.0-beta.3 (#3429)
• cc44064 chore: prepare tracing-subscriber 0.3.22 (#3428)
• See full diff in compare view

Updates insta from 1.44.3 to 1.45.0

Release notes

Sourced from insta's releases.

1.45.0

Release Notes

• Add external diff tool support via INSTA_DIFF_TOOL environment variable. When set, insta uses the specified tool (e.g., delta, difftastic) to display snapshot diffs instead of the built-in diff. The tool is invoked as <tool> <old_file> <new_file>. #844
• Add test.disable_nextest_doctest config option to insta.yaml, allowing users to silence the nextest doctest warning via config instead of passing --dnd every time. #842
• Skip non-insta snapshot files in unreferenced detection. Projects using both insta and other snapshot tools (like vitest or jest) can now use --unreferenced=reject without false positives on .snap files from other tools. #846
• Collect warnings from tests for display after run. Ensures deprecation warnings are visible even when nextest suppresses stdout/stderr from passing tests. #840
• Update TOML serialization to be up-to-date and backwards-compatible. #834
• Support clippy::needless_raw_strings lint by only using raw strings when content contains backslashes or quotes. #828

Install cargo-insta 1.45.0

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.45.0/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.45.0/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.45.0

File	Platform	Checksum
cargo-insta-aarch64-apple-darwin.tar.xz	Apple Silicon macOS	checksum
cargo-insta-x86_64-apple-darwin.tar.xz	Intel macOS	checksum
cargo-insta-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
cargo-insta-x86_64-unknown-linux-gnu.tar.xz	x64 Linux	checksum
cargo-insta-x86_64-unknown-linux-musl.tar.xz	x64 MUSL Linux	checksum

Changelog

Sourced from insta's changelog.

1.45.0

• Add external diff tool support via INSTA_DIFF_TOOL environment variable. When set, insta uses the specified tool (e.g., delta, difftastic) to display snapshot diffs instead of the built-in diff. The tool is invoked as <tool> <old_file> <new_file>. #844
• Add test.disable_nextest_doctest config option to insta.yaml, allowing users to silence the nextest doctest warning via config instead of passing --dnd every time. #842
• Skip non-insta snapshot files in unreferenced detection. Projects using both insta and other snapshot tools (like vitest or jest) can now use --unreferenced=reject without false positives on .snap files from other tools. #846
• Collect warnings from tests for display after run. Ensures deprecation warnings are visible even when nextest suppresses stdout/stderr from passing tests. #840
• Update TOML serialization to be up-to-date and backwards-compatible. #834
• Support clippy::needless_raw_strings lint by only using raw strings when content contains backslashes or quotes. #828

Commits

• 681a026 Release 1.45.0 (#847)
• ad233cd Skip non-insta snapshot files in unreferenced detection (#846)
• d8e8dfe Collect warnings from tests for display after run (#840)
• 521812c Support clippy::needless_raw_strings lint (#828)
• 5822a95 Add external diff tool support via INSTA_DIFF_TOOL (#844)
• e50388f Add config file support for disable_nextest_doctest (#842)
• 5aadfe4 Up-to-date, backwards-compatible TOML (#834)
• See full diff in compare view

Updates httpmock from 0.7.0 to 0.8.2

Release notes

Sourced from httpmock's releases.

v0.8.2

This release includes bug fixes, documentation enhancements and new features, such as dynamic responders.

The following pull requests have been merged:

• #178: "Expose proxy method to obtain the recorded yaml without saving to a file" (thanks @​janeisklar)
• #180: "Add missing query parameters in recordings"
• #181: "Append Headers Instead of Inserting"
• #182: "Add Dynamic Responses"
• #184: "Use read_file in body_from_file"

v0.8.1

This release includes bug fixes and documentation enhancements.

The following pull requests have been merged:

• #179: "Use scheme of target url for forwarding"

v0.8.0

This release includes refactoring, dependency updates, and internal cleanups. No breaking changes expected.

The minimum required Rust version has been increased to 1.82.

The following pull requests have been merged:

• #172: "Update Rust edition to 2021" (thanks @​FalkWoldmann)
• #169: "Proxy HTTPS fix"
• #167: "Replace log and env_logger with tracing and tracing-subscriber" (thanks @​FalkWoldmann)
• #166: "Remove unused code" (thanks @​FalkWoldmann)
• #163: "fix: issue 162, non localhost hosts match" (thanks @​Thomblin)
• #160: "Replace custom read_file with std::fs::read_to_string" (thanks @​FalkWoldmann)
• #158: "Improve async executor support"
• #156: "Bump async-object-pool to replace async-std"
• #153: "ci(deps): bump actions/checkout from 4 to 5"
• #152: "Fix missing standalone routes"
• #151: "Cleanup unused test functions"
• #147: "ci(deps): bump codecov/codecov-action from 2 to 5"
• #146: "cargo(deps): update thiserror requirement from 1 to 2"
• #145: "ci(deps): bump actions/checkout from 2 to 4"
• #144: "ci(deps): bump docker/build-push-action from 4 to 6
• #141: "cargo(deps): update path-tree requirement from >=0.8.0, <0.8.1 to >=0.8.0, <0.8.4"
• #140: "ci(deps): bump docker/login-action from 1 to 3"
• #139: "ci(deps): bump withastro/action from 2 to 4"
• #138: "Create dependabot.yml" (thanks @​FalkWoldmann)
• #136: "Replace async_std with tokio" (thanks @​FalkWoldmann)

v0.8.0-alpha.1

BREAKING CHANGES

• A new MockServer::reset method was added that resets a mock server. Thanks for providing the pull request for this feature, @​dax.
• The default port for standalone server was changed from 5000 to 5050 due to conflicts with system services on macOS.
• Custom matcher functions are now closures rather than functions.
• When::json_body_partial was renamed to json_body_includes.

... (truncated)

Changelog

Sourced from httpmock's changelog.

Version 0.8.2

The following pull requests have been merged:

• #178: "Expose proxy method to obtain the recorded yaml without saving to a file" (thanks @​janeisklar)
• #180: "Add missing query parameters in recordings"
• #181: "Append Headers Instead of Inserting"
• #182: "Add Dynamic Responses"
• #184: "Use read_file in body_from_file"

Version 0.8.1

This release includes bug fixes and documentation enhancements.

The following pull requests have been merged:

• #179: "Use scheme of target url for forwarding"

Version 0.8.0

This release includes refactoring, dependency updates, and internal cleanups. No breaking changes expected.

The minimum required Rust version has been increased to 1.82.

The following pull requests have been merged:

• #172: "Update Rust edition to 2021" (thanks @​FalkWoldmann)
• #169: "Proxy HTTPS fix"
• #167: "Replace log and env_logger with tracing and tracing-subscriber" (thanks @​FalkWoldmann)
• #166: "Remove unused code" (thanks @​FalkWoldmann)
• #163: "fix: issue 162, non localhost hosts match" (thanks @​Thomblin)
• #160: "Replace custom read_file with std::fs::read_to_string" (thanks @​FalkWoldmann)
• #158: "Improve async executor support"
• #156: "Bump async-object-pool to replace async-std"
• #153: "ci(deps): bump actions/checkout from 4 to 5"
• #152: "Fix missing standalone routes"
• #151: "Cleanup unused test functions"
• #147: "ci(deps): bump codecov/codecov-action from 2 to 5"
• #146: "cargo(deps): update thiserror requirement from 1 to 2"
• #145: "ci(deps): bump actions/checkout from 2 to 4"
• #144: "ci(deps): bump docker/build-push-action from 4 to 6
• #141: "cargo(deps): update path-tree requirement from >=0.8.0, <0.8.1 to >=0.8.0, <0.8.4"
• #140: "ci(deps): bump docker/login-action from 1 to 3"
• #139: "ci(deps): bump withastro/action from 2 to 4"
• #138: "Create dependabot.yml" (thanks @​FalkWoldmann)
• #136: "Replace async_std with tokio" (thanks @​FalkWoldmann)

Version 0.8.0-beta.1

This release mainly contains internal improvements and bugfixes. The minimum required Rust version has been increased to 1.81. Apart from the updated MSRV, there are no breaking changes.

The following pull requests have been merged:

• #112: "Fix building without cookies feature" by @​jayvdb.

... (truncated)

Commits

• 02efcf9 add disclaimer for custom responders to documentation
• 5b6f04a add disclaimer for custom responders to documentation
• 52bf5d5 raise version to 0.8.2
• 211d072 Merge pull request #182 from httpmock/dynamic-response
• d903d57 fix https with http2 flag
• 470f623 switch to httpbingo for forwarding to a real server
• 7a1732b switch to httpbingo for forwarding to a real server
• 47597b3 add dynamic responses to changelog
• 34f5bc2 rename reply method
• 4f8edf7 mention dynamic responses in docs
• Additional commits viewable in compare view

Updates axum from 0.8.7 to 0.8.8

Release notes

Sourced from axum's releases.

axum v0.8.8

• Clarify documentation for Router::route_layer (#3567)

#3567: tokio-rs/axum#3567

Commits

• d07863f Release axum v0.8.8 and axum-extra v0.12.3
• 287c674 axum-extra: Make typed-routing feature enable routing feature (#3514)
• f5804aa SecondElementIs: Correct a small inconsistency (#3559)
• f51f3ba axum-extra: Add trailing newline to pretty JSON response (#3526)
• 816407a Fix integer underflow in try_range_response for empty files (#3566)
• 78656eb docs: Clarify route_layer does not apply middleware to the fallback handler...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
payments-rs	Ready	Preview, Comment	Dec 22, 2025 5:27am

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.