chore(deps): bump the cargo-dependencies group with 3 updates

[dependabot]

Bumps the cargo-dependencies group with 3 updates: chrono, rusqlite and insta.

Updates chrono from 0.4.44 to 0.4.45

Release notes

Sourced from chrono's releases.

0.4.45

What's Changed

• fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow by @​SAY-5 in chronotope/chrono#1787
• tz_data: fix tzdata locations on Android by @​caruschalalamove in chronotope/chrono#1789

Commits

• 1703382 Prepare 0.4.45 release
• 881f9ab tz_data: fix tzdata locations on Android
• f14ead4 fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow
• c6063e6 Update similar-asserts requirement from 1.6.1 to 2.0.0
• 120686c Bump codecov/codecov-action from 5 to 6
• See full diff in compare view

Updates rusqlite from 0.39.0 to 0.40.1

Release notes

Sourced from rusqlite's releases.

0.40.1

What's Changed

• Fix clippy warnings #1852
• Bump bundled SQLite version to 3.53.2 #1853
• Bump hashlink version #1855
• Fix SQL injection when SAVEPOINT name is tainted #1854

Full Changelog: rusqlite/rusqlite@v0.40.0...v0.40.1

0.40.0

What's Changed

• Breaking changes: Replace VTab macros by constructors #1823
• Breaking changes: Fix VTab::best_index #1824
• Asserts on VTab::connect aux and args #1825
• Breaking changes: Fix VTab::connect / create #1826
• Breaking changes: Allow opting out of using sqlite-wasm-rs on wasm32-unknown-unknown #1828, #1829
• Derive Default for SeriesTabCursor/ArrayTabCursor #1830
• Update link to pre-update hook #1831
• Breaking changes: Fix VTab::connect #1832
• impl From for FromSqlError #1833
• Breaking changes: Fix vtab::dequote #1835
• Bump bundled SQLCipher to version 4.14.0 #1837
• sqlite3_set_errmsg #1752
• Bump sqlite3-parser version #1838
• Fix UB in ToSqlOutput::from_rc #1839
• Ensure miri doesn't complain #1840
• Bump to actions/checkout@v6 #1842
• Add support to UtcDateTime #1843, #1844
• Bump bundled SQLite version to 3.53.1 #1848
• Replace some cfg(not by cfg_select #1850

Full Changelog: rusqlite/rusqlite@v0.39.0...v0.40.0

Commits

• 6d3c282 Merge pull request #1856 from gwenn/0.40.1
• 2ba28b7 Prepare next release
• a021dc7 Merge pull request #1854 from gwenn/savepoint
• 534a149 Merge pull request #1855 from gwenn/hashlink
• 6d9764f Bump hashlink version
• fa574eb Use sqlite3_keyword_check
• 15385cc Fix SQL injection when SAVEPOINT name is tainted
• e5e48f2 Merge pull request #1853 from gwenn/3.53.2
• ac22292 Bump bundled SQLite version to 3.53.2
• c5f8828 Merge pull request #1852 from gwenn/clippy
• Additional commits viewable in compare view

Updates insta from 1.47.2 to 1.48.0

Release notes

Sourced from insta's releases.

1.48.0

Release Notes

• Add strip_ansi_escape_codes setting which removes ANSI escape sequences (color codes, cursor movement, etc.) from snapshot content before comparison. Requires the filters feature. #899 (@​pierluigilenoci)
• Add opt-in support for YAML literal blocks for multiline strings in snapshot metadata fields such as description and expression. Set INSTA_YAML_BLOCK_STYLE=1 to enable. #851 (@​ivov)
• Setting CI=true normally makes cargo insta test behave as though --check was passed. Explicit snapshot handling options such as --accept now take precedence over this environment variable, allowing users to override this behavior if they want to. #924
• Fix cargo insta test --profile being forwarded to nextest as the nextest profile instead of the cargo build profile; it now translates to --cargo-profile for the nextest runner. Add --nextest-profile to select the nextest profile. #910
• Fix cargo insta pending-snapshots printing unusable \\?\-prefixed paths on Windows. The --snapshot filter now also accepts partial paths: any trailing path suffix of the snapshot file matches, so a bare --snapshot my_test.snap works. #904
• Accepting a binary snapshot no longer fails with os error 2 when its data file is missing (e.g. gitignored and not committed). #914

Install cargo-insta 1.48.0

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.48.0/cargo-insta-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/mitsuhiko/insta/releases/download/1.48.0/cargo-insta-installer.ps1 | iex"

Download cargo-insta 1.48.0

File	Platform	Checksum
cargo-insta-aarch64-apple-darwin.tar.xz	Apple Silicon macOS	checksum
cargo-insta-x86_64-apple-darwin.tar.xz	Intel macOS	checksum
cargo-insta-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
cargo-insta-x86_64-unknown-linux-gnu.tar.xz	x64 Linux	checksum
cargo-insta-x86_64-unknown-linux-musl.tar.xz	x64 MUSL Linux	checksum

Changelog

Sourced from insta's changelog.

1.48.0

• Add strip_ansi_escape_codes setting which removes ANSI escape sequences (color codes, cursor movement, etc.) from snapshot content before comparison. Requires the filters feature. #899 (@​pierluigilenoci)
• Add opt-in support for YAML literal blocks for multiline strings in snapshot metadata fields such as description and expression. Set INSTA_YAML_BLOCK_STYLE=1 to enable. #851 (@​ivov)
• Setting CI=true normally makes cargo insta test behave as though --check was passed. Explicit snapshot handling options such as --accept now take precedence over this environment variable, allowing users to override this behavior if they want to. #924
• Fix cargo insta test --profile being forwarded to nextest as the nextest profile instead of the cargo build profile; it now translates to --cargo-profile for the nextest runner. Add --nextest-profile to select the nextest profile. #910
• Fix cargo insta pending-snapshots printing unusable \\?\-prefixed paths on Windows. The --snapshot filter now also accepts partial paths: any trailing path suffix of the snapshot file matches, so a bare --snapshot my_test.snap works. #904
• Accepting a binary snapshot no longer fails with os error 2 when its data file is missing (e.g. gitignored and not committed). #914

Commits

• 7f23d2e Release 1.48.0 (#925)
• ee9cae1 Allow CI=true to be overridden by an explicitly passed --accept CLI flag ...
• 043cf82 fix: translate --profile to --cargo-profile for nextest (#913)
• 9c77f13 test: cover deep-wildcard redaction through arrays (#915)
• 362f432 Fix --snapshot filter on Windows; allow partial paths (#904)
• a436836 fix: tolerate a missing binary snapshot data file (#914)
• bf5fcdf fix: regenerate Cargo.lock and guard it with --locked in CI (#912)
• a761a9c feat: Support YAML literal blocks for multiline strings (#851)
• f9633f3 ci: pin check-minver to nightly-2026-04-25 (#905)
• c7b98b8 feat: add strip_ansi_escape_codes setting (#899)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!