chore(deps): bump the cargo group across 1 directory with 6 updates

[dependabot]

Bumps the cargo group with 6 updates in the / directory:

Package	From	To
tokio	1.52.2	1.52.3
clap_complete	4.6.3	4.6.5
quick-xml	0.39.3	0.40.1
windows-sys	0.59.0	0.61.2
cc	1.2.61	1.2.62
winreg	0.55.0	0.56.0

Updates tokio from 1.52.2 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• See full diff in compare view

Updates clap_complete from 4.6.3 to 4.6.5

Commits

• c8c9355 chore: Release
• af74def docs: Update changelog
• c96f222 Merge pull request #6368 from truffle-dev/fix/fish-env-escaping
• 49a05cd fix(complete): Two-pass quote fish env-completer
• e791004 test(complete): Snapshot fish env quoting cases
• 87ec1ad chore: Release
• 78f2529 docs: Update changelog
• b61f270 Merge pull request #6369 from Metbcy/fix/zsh-completion-ordering
• 74c6666 fix(complete): Keep zsh candidate order
• d142d8f Merge pull request #6360 from epage/string
• Additional commits viewable in compare view

Updates quick-xml from 0.39.3 to 0.40.1

Release notes

Sourced from quick-xml's releases.

v0.40.1 - Fix rarely possible serde deserialization panic

What's Changed

• #964: Fix unreachable!() panic in the serde deserializer when a DOCTYPE declaration appears between two text runs inside an element (e.g. <a>x<!DOCTYPE y>z</a>). The DOCTYPE used to break drain_text's consecutive-text merge, so two DeEvent::Text events reached read_text and tripped its "Cannot be two consequent Text events" invariant. DOCTYPE is now treated as transparent during text drain — it still goes through the entity resolver, but the surrounding text is merged into one run. Discovered via libFuzzer on a real-world SAML deserializer harness.

#964: tafia/quick-xml#964

New Contributors

• @​williamareynolds made their first contribution in tafia/quick-xml#964

Full Changelog: tafia/quick-xml@v0.40.0...v0.40.1

v0.40.0 - UTF-16 and ISO-2022-JP encodings supported

What's Changed

MSRV bumped to 1.79.

Now quick-xml supports the UTF-16 and ISO-2022-JP encoded documents. See the new DecodingReader type.

New Features

• #956: Add DecodingReader, a BufRead adapter that auto-detects encoding from BOM or XML declaration and transcodes to UTF-8. Enabled by the encoding feature.

• #938: Add new enumeration XmlVersion and typified getter BytesDecl::xml_version().

• #938: Add new error variant IllFormedError::UnknownVersion.

• #371: Add new error variant EscapeError::TooManyNestedEntities.

• #371: Improved compliance with the XML attribute value normalization process by adding

  • Attribute::normalized_value()
  • Attribute::normalized_value_with()
  • Attribute::decoded_and_normalized_value()
  • Attribute::decoded_and_normalized_value_with()

  which ought to be used in place of deprecated

  • Attribute::unescape_value()
  • Attribute::unescape_value_with()
  • Attribute::decode_and_unescape_value()
  • Attribute::decode_and_unescape_value_with()

  Deprecated functions now behaves the same as newly added.

Bug Fixes

• #938: Use correct rules for EOL normalization in Deserializer when parse XML 1.0 documents. Previously XML 1.1. rules was applied.

Misc Changes

• #914: Remove deprecated .prefixes(), .resolve(), .resolve_attribute(), and .resolve_element() of NsReader. Use .resolver().<...> methods instead.
• #938: Now BytesText::xml_content, BytesCData::xml_content and BytesRef::xml_content accepts XmlVersion parameter to apply correct EOL normalization rules.
• #944: read_text() now returns BytesText which allows you to get the content with properly normalized EOLs. To get the previous behavior use .read_text().decode()?.
• #956: Bumped MSRV from 1.59 (Feb 2022) to 1.79 (June 2024)

... (truncated)

Changelog

Sourced from quick-xml's changelog.

0.40.1 -- 2026-05-15

Bug Fixes

• #964: Fix unreachable!() panic in the serde deserializer when a DOCTYPE declaration appears between two text runs inside an element (e.g. <a>x<!DOCTYPE y>z</a>). The DOCTYPE used to break drain_text's consecutive-text merge, so two DeEvent::Text events reached read_text and tripped its "Cannot be two consequent Text events" invariant. DOCTYPE is now treated as transparent during text drain — it still goes through the entity resolver, but the surrounding text is merged into one run. Discovered via libFuzzer on a real-world SAML deserializer harness.

#964: tafia/quick-xml#964

Misc Changes

0.40.0 -- 2026-05-11

MSRV bumped to 1.79.

Now quick-xml supports the UTF-16 encoded documents. See the new DecodingReader type.

New Features

• #956: Add DecodingReader, a BufRead adapter that auto-detects encoding from BOM or XML declaration and transcodes to UTF-8. Enabled by the encoding feature.

• #938: Add new enumeration XmlVersion and typified getter BytesDecl::xml_version().

• #938: Add new error variant IllFormedError::UnknownVersion.

• #371: Add new error variant EscapeError::TooManyNestedEntities.

• #371: Improved compliance with the XML attribute value normalization process by adding

  • Attribute::normalized_value()
  • Attribute::normalized_value_with()
  • Attribute::decoded_and_normalized_value()
  • Attribute::decoded_and_normalized_value_with()

  which ought to be used in place of deprecated

  • Attribute::unescape_value()
  • Attribute::unescape_value_with()
  • Attribute::decode_and_unescape_value()
  • Attribute::decode_and_unescape_value_with()

  Deprecated functions now behaves the same as newly added.

Bug Fixes

• #938: Use correct rules for EOL normalization in Deserializer when parse XML 1.0 documents. Previously XML 1.1. rules was applied.

... (truncated)

Commits

• 9aaea92 Release 0.40.1
• ce488bc Merge pull request #964 from williamareynolds/fix/de-doctype-in-text-unreachable
• e00ae5c Fix unreachable!() panic when DOCTYPE appears between text runs in element co...
• 2778564 Release 0.40.0
• 393db03 Merge pull request #962 from Mingun/prepare-0.40
• a27709a Fix misprint in code example
• 0c0c914 Make some functions const and enable clippy::missing_const_for_fn lint
• bf4ffe5 Fix clippy warning: use .first() instead of .get(0)
• d69baad Fix clippy warning: remove unnecessary after 241f01e20ff679e9248f2ae424c9ba82...
• 8e0ae4f Fix clippy warning: use strip_prefix instead of manual stripping
• Additional commits viewable in compare view

Updates windows-sys from 0.59.0 to 0.61.2

Release notes

Sourced from windows-sys's releases.

61

Major crate updates:

• windows 0.59.0
• windows-core 0.59.0
  • windows-implement 0.59.0
  • windows-interface 0.59.0
• windows-targets 0.53.0
  • windows_i686_msvc 0.53.0
  • windows_x86_64_msvc 0.53.0
  • windows_aarch64_msvc 0.53.0
  • windows_i686_gnu 0.53.0
  • windows_x86_64_gnu 0.53.0
  • windows_i686_gnullvm 0.53.0
  • windows_x86_64_gnullvm 0.53.0
  • windows_aarch64_gnullvm 0.53.0
• windows-bindgen 0.59.0
• windows-registry 0.4.0
• windows-result 0.3.0
• windows-strings 0.3.0
• cppwinrt 0.2.0

Minor crate updates:

• windows-version 0.1.2

Excluded:

• windows-sys 0.59.0

Things to keep in mind:

• The tag/release names no longer map directly to the crate versions, so to find samples for a particular release requires looking at the releases page and finding the release that most recently updated a particular crate.

• The windows-bindgen crate includes the major code generation overhaul that brings many improvements - be sure to check out the PR description for more information. The resulting code gen depends on the new version of windows-core and its dependencies, unless you include the --sys option. #3359

• The cppwinrt crate constitutes a major update due to streamlining the error handling. #3415

• The windows-registry, windows-strings, and windows-result crates are also major version updates since they include small breaking changes.

• The windows-targets crate finally receives a major version update, the first in over a year. This is due to #3359 and #3342 potentially introducing breaking changes. Although unlikely, these updates introduced sufficient changes that make it hard to ensure that the windows-targets libs don't break existing code. As we're updating windows-targets anyway, I took the liberty to bump the MSRV to 1.60 - to match the latest version of windows-sys - and remove the old but unused doc macro feature. Both remained for compatibility with very old dependents of the windows-targets crate.

• The windows-version crate receives a minor update to update its dependency on the windows-targets crate.

• Beyond these specifics, this update is the culmination of around 6 months worth of work on the windows-rs project. The biggest improvements comes from the new code generation engine, but many other improvements are now also available for production. This includes support for many new lints, warnings, and suggestions provided by the Rust toolchain; much smaller code gen thanks to deriving many more traits; more efficient code gen; major improvements to WinRT type system and implementation support; more robust and consistent error handling; stock collection and async support; improved support for class hierarchies; and much more!

In addition to "what's changed" below, check out what's changed for notes for 0.60.0 and 0.59.0 for additional changes that roll up to the crates published as part of this release.

What's Changed

• Remove improper_ctypes workaround by @​ChrisDenton in microsoft/windows-rs#3296

... (truncated)

Commits

• See full diff in compare view

Updates cc from 1.2.61 to 1.2.62

Release notes

Sourced from cc's releases.

cc-v1.2.62

Other

• Regenerate target info (#1721)
• Allow exceptions on wasm platforms (#1714)
• Add relibc env (#1710)
• recognize sh4 architecture in parse_arch() (#1712)

Changelog

Sourced from cc's changelog.

1.2.62 - 2026-05-08

Other

• Regenerate target info (#1721)
• Allow exceptions on wasm platforms (#1714)
• Add relibc env (#1710)
• recognize sh4 architecture in parse_arch() (#1712)

Commits

• 37a5f8f chore(cc): release v1.2.62 (#1716)
• 34a2218 Regenerate target info (#1721)
• a9d8632 Allow exceptions on wasm platforms (#1714)
• ce036b3 Add relibc env (#1710)
• 18ed3dc target: recognize sh4 architecture in parse_arch() (#1712)
• 33f84c5 Bump taiki-e/install-action from 2.75.18 to 2.75.19 (#1709)
• cbd4c09 Bump taiki-e/install-action from 2.75.17 to 2.75.18 (#1708)
• See full diff in compare view

Updates winreg from 0.55.0 to 0.56.0

Release notes

Sourced from winreg's releases.

0.56.0 (windows-sys)

• Breaking change: RegValue.bytes is now Cow<[u8]> and not Vec<u8> which introduces a lifetime to the structure (#64).
• Breaking change: serialization now opens the key with DELETE, KEY_ENUMERATE_SUB_KEYS and KEY_QUERY_VALUE permissions in addition to KEY_CREATE_SUB_KEY and KEY_SET_VALUE used previously. This is required for:
• New RegKey methods: encode_destructive() and encode_destructive_transacted() that wipe all subkeys/values of a target key before writing to it (#76).
• New RegKey methods: enum_keys_os_string() and enum_values_os_string() return iterators that use OsString for key/value names (#80).
• Add consts for predefined registry keys: HKCR, HKCU, HKLM, HKU and HKCC.
• Implement std traits FromRawHandle, IntoRawHandle and AsRawHandle for Transaction.
• Set windows-sys version to >=0.59, <=0.61 according to its README recomendation.

Changelog

Sourced from winreg's changelog.

Changelog

0.56

• Set windows-sys version to >=0.59, <=0.61 according to its README recomendation.

0.16.0, 0.56

• Breaking change: RegValue.bytes is now Cow<[u8]> and not Vec<u8> which introduces a lifetime to the structure (#64).
• Breaking change: serialization now opens the key with DELETE, KEY_ENUMERATE_SUB_KEYS and KEY_QUERY_VALUE permissions in addition to KEY_CREATE_SUB_KEY and KEY_SET_VALUE used previously. This is required for:
• New RegKey methods: encode_destructive() and encode_destructive_transacted() that wipe all subkeys/values of a target key before writing to it (#76).
• New RegKey methods: enum_keys_os_string() and enum_values_os_string() return iterators that use OsString for key/value names (#80)
• Add consts for predefined registry keys: HKCR, HKCU, HKLM, HKU and HKCC
• Implement std traits FromRawHandle, IntoRawHandle and AsRawHandle for Transaction.

Commits

• d14c8bd Merge branch 'winapi'. Bump version to 0.56.0
• 0315df4 Bump version to 0.16.0
• d960232 Fix build with rust 1.34
• 2ee4896 Implement iterators that use OsString for key/value names
• f2ad8dd Move EnumKeys and EnumValues to separate files
• bc60391 Add predefined key constants
• fe54169 Implement destructive serialization
• 4993455 Clarify the documentation of RegKey::encode()
• 5931b79 Fix formatting of examples in documentation
• 9ea7768 Implement transaction rollback in transacted_serialization example
• Additional commits viewable in compare view