build(deps): Bump the rust-deps group with 5 updates

[dependabot]

Bumps the rust-deps group with 5 updates:

Package	From	To
toml	0.8.23	0.9.11+spec-1.1.0
schemars	0.8.22	1.2.1
prost	0.13.5	0.14.3
md5	0.7.0	0.8.0
rusqlite	0.32.1	0.38.0

Updates toml from 0.8.23 to 0.9.11+spec-1.1.0

Commits

• febf44c chore: Release
• 5009cf2 docs: Update changelog
• b5798aa fix(toml): Support serializing u64, i128, u128 (#1086)
• 9fd8b72 fix(toml): Support serializing i128/u128
• 94fc5e0 fix(toml): Support serializing full u64 range
• 2e09401 chore: Release
• e32c7a2 chore: Release
• df1c328 docs: Update changelog
• b826cf4 feat(edit)!: Allow set_position(None) (#1080)
• 8043f20 feat(edit)!: Allow set_position(None)
• Additional commits viewable in compare view

Updates schemars from 0.8.22 to 1.2.1

Release notes

Sourced from schemars's releases.

v1.2.1

Fixed

• transform attributes are now applied after the schema is otherwise fully constructed. In particular, they're now applied after all other attributes are processed. (GREsau/schemars#505)

v1.2.0

🎅 Merry Christmas! 🎄

Added

• Add smol_str03 feature (GREsau/schemars#486)

Changed

• Schemas generated for HashMap/BTreeMap with enum keys are now more specific (GREsau/schemars#452)

v1.1.0

Added

• Public functions that have no side-effects are now marked with #[must_use] so that they report a lint warning when the returned value is unused, as this likely indicates a mistake.

Fixed

• Improve accuracy of schemas for flattened enums, in particular: unit variants of externally-tagged enums, and enums wrapped in Option<>. (GREsau/schemars#464 / GREsau/schemars#483)

v1.0.5

Fixed

• Fix schema.pointer_mut() to resolve URI fragment identifiers like #/$defs/foo, matching current behaviour of schema.pointer() (GREsau/schemars#478 / GREsau/schemars#479)

v1.0.4

Fixed

• Fix JsonSchema impl on atomic types being ignored on non-nightly compilers due to a buggy cfg check (GREsau/schemars#453)
• Fix compatibility with minimal dependency versions, e.g. old(-ish) versions of syn (GREsau/schemars#450)
• Fix derive for empty tuple variants (GREsau/schemars#455)

v1.0.3

Fixed

• Fix compile error when a doc comment is set on both a transparent (or newtype) struct and its field (GREsau/schemars#446)
• Fix json_schema!() macro compatibility when used from pre-2021 rust editions (GREsau/schemars#447)

v1.0.2

Fixed

• Fix schema properties being incorrectly reordered during serialization (GREsau/schemars#444)

v1.0.1

Fixed

... (truncated)

Changelog

Sourced from schemars's changelog.

[1.2.1] - 2026-02-01

Fixed

• transform attributes are now applied after the schema is otherwise fully constructed. In particular, they're now applied after all other attributes are processed. (GREsau/schemars#505)

[1.2.0] - 2025-12-25 🎄

Added

• Add smol_str03 feature (GREsau/schemars#486)

Changed

• Schemas generated for HashMap/BTreeMap with enum keys are now more specific (GREsau/schemars#452)

[1.1.0] - 2025-11-05

Added

• Public functions that have no side-effects are now marked with #[must_use] so that they report a lint warning when the returned value is unused, as this likely indicates a mistake.

Fixed

• Improve accuracy of schemas for flattened enums, in particular: unit variants of externally-tagged enums, and enums wrapped in Option<>. (GREsau/schemars#464 / GREsau/schemars#483)

[1.0.5] - 2025-11-02

Fixed

• Fix schema.pointer_mut() to resolve URI fragment identifiers like #/$defs/foo, matching current behaviour of schema.pointer() (GREsau/schemars#478 / GREsau/schemars#479)

[1.0.4] - 2025-07-06

Fixed

• Fix JsonSchema impl on atomic types being ignored on non-nightly compilers due to a buggy cfg check (GREsau/schemars#453)
• Fix compatibility with minimal dependency versions, e.g. old(-ish) versions of syn (GREsau/schemars#450)
• Fix derive for empty tuple variants (GREsau/schemars#455)

[1.0.3] - 2025-06-28

Fixed

• Fix compile error when a doc comment is set on both a transparent (or newtype) struct and its field (GREsau/schemars#446)
• Fix json_schema!() macro compatibility when used from pre-2021 rust editions (GREsau/schemars#447)

[1.0.2] - 2025-06-26

Fixed

... (truncated)

Commits

• 5ef5da1 v1.2.1
• 4081b98 Apply extend/transform attributes after any other attributes (#506)
• 5bfec04 v1.2.0
• f6b1f4c Add smol_str03 feature (#486)
• 18826cd Add test for changes from #452
• 2ac8ff5 Added better map support (#452)
• 6009e82 Limit workflow permissions
• ac0b651 Fix title
• 97b2427 v1.1.0
• e67495b Improve optional enum flattening behaviour
• Additional commits viewable in compare view

Updates prost from 0.13.5 to 0.14.3

Changelog

Sourced from prost's changelog.

Prost version 0.14.2

PROST! is a Protocol Buffers implementation for the Rust Language. prost generates simple, idiomatic Rust code from proto2 and proto3 files.

⚠️ Heads-up

• Increase MSRV to 1.82 (#1356)

• Update maintenance status to Passively Maintained (#1359)

  This excerpt is from the readme:

  The current maintainer is not contributing new features and doesn't have the time to review new features. Bug fixes and small improvements are welcome. Feel free to contribute small and easily reviewable PRs.

  Bug fixes are still important, and security fixes will be released as soon as possible. Contact the #prost channel in Tokio discord if you feel a bug or security fix is not getting enough attention.

  The maintainer expects the official protobuf project to release their rust library soon and expects it to be as fully featured as the C++ library. See their source code and crate for more information.

🚀 Features

• Configure prost path via prost_build::Config or #[(prost(prost_path = "::prost")] (#1274)
• Support for deprecated enum and oneof fields (#1316)

🐛 Bug Fixes

• (prost-build) Resolve OneOf type name conflict with embedded message (#1294)
• (prost-build) Avoid OneOf type collision with enums and keyword names (#1341)

💼 Dependencies

• Use trait Error from core (#1179)
• (deps) Update protobuf to v25.8 (#1323)
• (deps) Update criterion requirement from 0.6 to 0.7 (#1308)
• (deps) Update petgraph to 0.8 (#1327)
• (deps) Bump actions/upload-artifact from 4 to 5 (#1351)
• (deps) Bump actions/checkout from 5 to 6 (#1370)
• Bump actions/checkout to v5 (#1312)
• Update clippy to version 1.87 (#1292)
• Replace once_cell dependency by std lib (#1119)

📚 Documentation

• Update outdated link is test documentation (#1289)
• Describe use of encoding module (#1322)
• Update the readme MSRV to the actual number (#1331)
• Update URLs after manual review (#1336)
• Answer why fields are wrapped in option (#1358)

🎨 Styling

• Add spaces to derive arguments in generated code (#1290)
• Use variables directly in the format! string (#1293)

... (truncated)

Commits

• fafa97f chore: remove protobuf submodule and leverage cmake for it (#1389)
• e0643e2 release 0.14.3
• 5595b61 fix: Add back DecodeError::new (#1382)
• e42dcad Bufix: Name::full_name() is correct for empty packages (#1386)
• 107153f build(deps): update pulldown-cmark-to-cmark requirement from 21 to 22 (#1384)
• 3fc7003 build(deps): bump actions/upload-artifact from 5 to 6 (#1381)
• 33f8721 fix some forgotten prost import paths (#1385)
• efb0755 chore: Release version 0.14.2 (#1372)
• 91a093f test(derive_copy): Allow dead code (#1362)
• 2c22c59 build(deps): bump actions/checkout from 5 to 6 (#1370)
• Additional commits viewable in compare view

Updates md5 from 0.7.0 to 0.8.0

Commits

• See full diff in compare view

Updates rusqlite from 0.32.1 to 0.38.0

Release notes

Sourced from rusqlite's releases.

0.38.0

What's Changed

• bump sqlcipher to 4.10.0 (sqlite 3.50.4) #1725
• Use CARGO_CFG_TARGET_FEATURE for crt-static check #1737
• Disable u64, usize ToSql/FromSql impl by default #1732, ##1722 (breaking change)
• Make statement cache optional #1682, #1173 (breaking change)
• Remove shell scripts from the published package #1744
• Use new interfaces with 64-bit length parameters #1749
• sqlite3_vtab_rhs_value #1753
• Handle VTab IN values #1754
• Give access to Connection from VTabCursor::column #1755
• Bump minimal SQLite version to 3.34.1 #1733, #1731 (breaking change)
• Bump bundled SQLite version to 3.51.1 #1758
• Add support for transaction to the vtab module #1761
• Check Connection is owned when registering Closure as hook #1764 (breaking change)
• Turn libsqlite3-sys in a !#[no_std] crate #1767
• Add wasm32-unknown-unknown support #1769, #488, #827
• Remove useless Send/Sync on Module #1774

Full Changelog: rusqlite/rusqlite@v0.37.0...v0.38.0

0.37.0

What's Changed

• Add FromSqlError::other convenience conversion #1703
• Fix warnings #1705
• Update bindgen requirement from 0.71 to 0.72 #1707
• Fix for vtab::parameter parsing #1712
• Fix clippy warning #1713
• Bump bundled SQLite version to 3.50.2 #1714
• Fix issue with prettyplease #1717

Full Changelog: rusqlite/rusqlite@v0.36.0...v0.37.0

0.36.0

What's Changed

• Introduce Name trait to support both &str and &CStr as name #1659
• Use doc_auto_cfg #1683
• Feature loadable_extension is incompatible with some other features #1686
• Add missing wrappers for sqlite3_vtab_nochange and sqlite3_value_nochange #1688
• Update bindings list #1689
• Homogenize code related to hooks #1690
• Try to increase code coverage #1610
• Bump bundled SQLite version to 3.49.2 #1691
• Add bindings to sqlite3_table_column_metadata #1692
• Add bindings to sqlite3_vtab_distinct #1695
• Fix clippy warning #1697
• Add query_one #1699
• Refactor one_column test method #1700

Full Changelog: rusqlite/rusqlite@v0.35.0...v0.36.0

... (truncated)

Commits

• 35b3be2 Merge pull request #1777 from gwenn/release
• 03feebc Prepare new release
• 671533c Merge pull request #1775 from Spxg/w/bump
• 6df2072 Bump sqlite-wasm-rs to 0.5.1
• 2618364 Merge pull request #1774 from rusqlite/vtab-send
• b37caff Merge pull request #1773 from rusqlite/clippy
• 44bdbc4 Remove useless Send/Sync on Module
• 465d751 Fix Clippy warning
• 78d6678 Merge pull request #1772 from rusqlite/dependabot/cargo/getrandom-0.3
• 6b8fb83 Update Cargo.toml
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[Luiz-Frias]

Closing: safe deps already bumped in v0.1.1; breaking changes (ort v2, tiktoken, qdrant) deferred to v0.2.0. See private repo PR #9 for details.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml