build(deps): bump the all group with 6 updates

[dependabot]

Bumps the all group with 6 updates:

Package	From	To
thiserror	1.0.69	2.0.11
chrono	0.4.39	0.4.40
serde	1.0.217	1.0.218
toml	0.8.19	0.8.20
clap	4.5.27	4.5.31
serde_json	1.0.138	1.0.139

Updates thiserror from 1.0.69 to 2.0.11

Release notes

Sourced from thiserror's releases.

2.0.11

• Add feature gate to tests that use std (#409, #410, thanks @​Maytha8)

2.0.10

• Support errors containing a generic type parameter's associated type in a field (#408)

2.0.9

• Work around missing_inline_in_public_items clippy restriction being triggered in macro-generated code (#404)

2.0.8

• Improve support for macro-generated derive(Error) call sites (#399)

2.0.7

• Work around conflict with #[deny(clippy::allow_attributes)] (#397, thanks @​zertosh)

2.0.6

• Suppress deprecation warning on generated From impls (#396)

2.0.5

• Prevent deprecation warning on generated impl for deprecated type (#394)

2.0.4

• Eliminate needless_lifetimes clippy lint in generated From impls (#391, thanks @​matt-phylum)

2.0.3

• Support the same Path field being repeated in both Debug and Display representation in error message (#383)
• Improve error message when a format trait used in error message is not implemented by some field (#384)

2.0.2

• Fix hang on invalid input inside #[error(...)] attribute (#382)

2.0.1

• Support errors that contain a dynamically sized final field (#375)
• Improve inference of trait bounds for fields that are interpolated multiple times in an error message (#377)

2.0.0

Breaking changes

• Referencing keyword-named fields by a raw identifier like {r#type} inside a format string is no longer accepted; simply use the unraw name like {type} (#347)

  This aligns thiserror with the standard library's formatting macros, which gained support for implicit argument capture later than the release of this feature in thiserror 1.x.

  #[derive(Error, Debug)]
  #[error("... {type} ...")]  // Before: {r#type}
  pub struct Error {
      pub r#type: Type,
  }

... (truncated)

Commits

• 0f532e3 Release 2.0.11
• 3d15543 Merge pull request #410 from dtolnay/testnostd
• 1a226ae Disable two more integration tests in no-std mode
• 8b5f2d7 Fix unused import in test when built without std
• eecd247 Add CI step to test with "std" disabled
• 8f2a76b Merge pull request #409 from Maytha8/std-tests
• 693a6cd Add feature gate to tests that use std
• 349f696 Release 2.0.10
• 6cd87bc Merge pull request #408 from dtolnay/assoctype
• 6b3e1e5 Generate trait bounds on associated types
• Additional commits viewable in compare view

Updates chrono from 0.4.39 to 0.4.40

Release notes

Sourced from chrono's releases.

0.4.40

What's Changed

• Add Month::num_days() by @​djc in chronotope/chrono#1645
• Update Windows dependencies by @​kennykerr in chronotope/chrono#1646
• Feature/round_up method on DurationRound trait by @​MagnumTrader in chronotope/chrono#1651
• Expose write_to for DelayedFormat by @​tugtugtug in chronotope/chrono#1654
• Update LICENSE.txt by @​maximevtush in chronotope/chrono#1656
• docs: fix minor typo by @​samfolo in chronotope/chrono#1659
• Use NaiveDateTime for internal tz_info methods. by @​AVee in chronotope/chrono#1658
• Upgrade to windows-bindgen 0.60 by @​djc in chronotope/chrono#1665
• Add quarter (%q) date string specifier by @​drinkcat in chronotope/chrono#1666

Commits

• 2b7a28e Bump version to 0.4.40
• 6d29c8a Add quarter (%q) date string specifier
• 07216ae Upgrade to windows-bindgen 0.60
• bf1973c Use similar-asserts to show bindgen diff
• d0f8b59 Restrict MSRV to check --lib
• 1f345fd Switch to 2024 idiom
• 7f6cf5e Switch to 2024 style
• 11d227a Apply suggestions from clippy 1.85
• 15e287b Use NaiveDateTime for internal tz_info methods. (#1658)
• 8317e7c docs: fix minor typo
• Additional commits viewable in compare view

Updates serde from 1.0.217 to 1.0.218

Release notes

Sourced from serde's releases.

v1.0.218

• Documentation improvements

Commits

• 7bfd518 Release 1.0.218
• 723a949 Merge pull request #2895 from dtolnay/stabledoc
• 2b44efb Point standard library links to stable
• 03dc0fc Merge pull request #2894 from dtolnay/doclink
• 85cb0c4 Convert html links to intra-doc links
• abe7194 Update ui test suite to nightly-2025-02-12
• aaccac7 Unset doc-scrape-examples for lib target
• 7cd4d84 Update ui test suite to nightly-2025-02-07
• 04ff3e8 More precise gitignore patterns
• dc3031b Remove *.sw[po] from gitignore
• Additional commits viewable in compare view

Updates toml from 0.8.19 to 0.8.20

Commits

• f550dbf chore: Release
• 25587db docs: Update changelog
• fbc77ec Merge pull request #829 from tisonkun/map-get-kv
• 4605a64 fea: impl Map get_key_value
• 8efc81e chore(deps): Update Rust crate serde_json to v1.0.138 (#828)
• 15496f1 chore: Release
• 1131ce8 docs: Update changelog
• 4776fca Merge pull request #827 from epage/winnow07
• 754769b chore: Upgrade to Winnow 0.7
• 9415da2 refactor(parser): Switch to ModalParser
• Additional commits viewable in compare view

Updates clap from 4.5.27 to 4.5.31

Release notes

Sourced from clap's releases.

v4.5.31

[4.5.31] - 2025-02-24

Features

• Add ValueParserFactory for Saturating<T>

v4.5.30

[4.5.30] - 2025-02-17

Fixes

• (assert) Allow num_args(0..=1) to be used with SetTrue
• (assert) Clean up rendering of takes_values assertions

v4.5.29

[4.5.29] - 2025-02-11

Fixes

• Change ArgMatches::args_present so not-present flags are considered not-present (matching the documentation)

v4.5.28

[4.5.28] - 2025-02-03

Features

• (derive) Unstable support for full markdown syntax for doc comments, enabled with unstable-markdown

Changelog

Sourced from clap's changelog.

[4.5.31] - 2025-02-24

Features

• Add ValueParserFactory for Saturating<T>

[4.5.30] - 2025-02-17

Fixes

• (assert) Allow num_args(0..=1) to be used with SetTrue
• (assert) Clean up rendering of takes_values assertions

[4.5.29] - 2025-02-11

Fixes

• Change ArgMatches::args_present so not-present flags are considered not-present (matching the documentation)

[4.5.28] - 2025-02-03

Features

• (derive) Unstable support for full markdown syntax for doc comments, enabled with unstable-markdown

Commits

• acf9abb chore: Release
• 9186a18 docs: Update changelog
• 233c316 Merge pull request #5926 from sorairolake/feature/value-parser-factory-for-sa...
• 13931a2 Merge pull request #5923 from Reverier-Xu/master
• 536e29f feat(builder): Add ValueParserFactory for Saturating\<T>
• 45ed71c chore: Avoid using gen for rust 2024 preserved keyword
• 5029bb3 chore: Avoid using gen for rust 2024 preserved keyword
• 8a1d59b chore(deps): Update Rust Stable to v1.85 (#5921)
• 9caee53 docs(changelog): Clarify 5.0.0
• cb2352f Merge pull request #5918 from epage/test
• Additional commits viewable in compare view

Updates serde_json from 1.0.138 to 1.0.139

Release notes

Sourced from serde_json's releases.

v1.0.139

• Documentation improvements

Commits

• 4d4f53c Release 1.0.139
• 5d6b32f Merge pull request #1242 from dtolnay/writefloat
• e5bb8bd Document behavior of write_f32/f64 on non-finite floats
• 7a79781 Merge pull request #1241 from dtolnay/doclink
• 13591f1 Convert html links to intra-doc links
• 1d7378e Unset doc-scrape-examples for lib target
• 1174c5f Resolve unnecessary_semicolon pedantic clippy lint
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[Lun4m]

@intarga maybe it doesn't use cargo upgrade? But then what is it using? Maybe dependabot/dependabot-core#7822?

 α cargo upgrade -i --dry-run
    Checking met_binary's dependencies
    Checking met_connectors's dependencies
    Checking rove's dependencies
name        old req compatible latest  new req
====        ======= ========== ======  =======
tonic       0.7.2   0.7.2      0.12.3  0.12.3 
prost       0.10.4  0.10.4     0.13.5  0.13.5 
prost-types 0.10    0.10.1     0.13.5  0.13   
tracing     0.1.16  0.1.41     0.1.41  0.1.41 
tempfile    3.10.1  3.17.1     3.17.1  3.17.1 
tower       0.4     0.4.13     0.5.2   0.5    
thiserror   1.0.69  1.0.69     2.0.12  2.0.12 
chrono      0.4.39  0.4.40     0.4.40  0.4.40 
async-trait 0.1.86  0.1.87     0.1.87  0.1.87 
tonic-build 0.7.2   0.7.2      0.12.3  0.12.3 
clap        4.5.27  4.5.31     4.5.31  4.5.31 
serde_json  1.0.138 1.0.139    1.0.139 1.0.139
serde       1.0.217 1.0.218    1.0.218 1.0.218
reqwest     0.11    0.11.27    0.12.12 0.12   
toml        0.8.19  0.8.20     0.8.20  0.8.20 

Looking at the logs it finds that the latest version of tonic is 0.12.3, but then it says

updater | 2025/03/01 15:49:01 INFO <job_972810590> Requirements to unlock update_not_possible
2025/03/01 15:49:01 INFO <job_972810590> Requirements update strategy bump_versions
2025/03/01 15:49:01 INFO <job_972810590> No update possible for tonic 0.7.2

which is not that helpful.

[intarga]

Not sure, but I think the problem is that unlike cargo upgrade it tries to update the dependencies one by one, so perhaps it fails tonic, because it sees that tonic 12 is incompatible with tonic_build 7 🤷‍♀️ I think it should at least warn us though. And apparently dependabot is supposed to update lockfiles, so it's a bug that it doesn't for us...

I think we should either try renovatebot or make our own automation that just runs cargo upgrade and files a PR