build(deps): bump the production-dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the production-dependencies group with 8 updates in the / directory:

Package	From	To
async-compression	0.4.41	0.4.42
axum	0.8.8	0.8.9
clap	4.6.0	4.6.1
redis	1.1.0	1.2.1
serde_json	1.0.149	1.0.150
tokio	1.50.0	1.52.3
tower-http	0.6.8	0.6.11
testcontainers	0.27.2	0.27.3

Updates async-compression from 0.4.41 to 0.4.42

Release notes

Sourced from async-compression's releases.

async-compression-v0.4.42

Other

• Include license files in published crates (#467)
• Fix async-compression CHANGELOG ordering (#463)

Commits

• 9582d2c chore: release (#464)
• 26cbdd0 Include license files in published crates (#467)
• 4191573 chore(deps): bump codecov/codecov-action from 5 to 6 (#465)
• 9ebf82e Fix async-compression CHANGELOG ordering (#463)
• See full diff in compare view

Updates axum from 0.8.8 to 0.8.9

Release notes

Sourced from axum's releases.

axum-v0.8.9

• added: WebSocketUpgrade::{requested_protocols, set_selected_protocol} for more flexible subprotocol selection (#3597)
• changed: Update minimum rust version to 1.80 (#3620)
• fixed: Set connect endpoint on correct field in MethodRouter (#3656)
• fixed: Return specific error message when multipart body limit is exceeded (#3611)

#3597: tokio-rs/axum#3597 #3620: tokio-rs/axum#3620 #3656: tokio-rs/axum#3656 #3611: tokio-rs/axum#3611

Commits

• c59208c revert axum-core changelog changes
• 99068f5 Revert "Fix IntoResponse for tuples overriding error response codes (#3603)"
• 23d7098 Revert "axum-core 0.5.6"
• e8a39ad axum-macros 0.5.1
• 6e9a249 axum-extra 0.12.6
• 0ec9041 axum 0.8.9
• c3fcebb axum-core 0.5.6
• a8790fc update release notes
• 26ba7bb docs: consolidate state management docs in crate root (#3683)
• 9fc59ef Update to tokio-tungstenite 0.29 (#3689)
• Additional commits viewable in compare view

Updates clap from 4.6.0 to 4.6.1

Release notes

Sourced from clap's releases.

v4.6.1

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Changelog

Sourced from clap's changelog.

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Commits

• 1420275 chore: Release
• d2c817d docs: Update changelog
• f88c94e Merge pull request #6341 from epage/sep
• acbb822 fix(complete): Reduce risk of conflict with actual subcommands
• a49fadb refactor(complete): Pull out subcommand separator
• ddc008b Merge pull request #6332 from epage/update
• 497dc50 chore: Update compatible dependencies
• dca2326 Merge pull request #6331 from clap-rs/renovate/j178-prek-action-2.x
• 54bdaa3 chore(deps): Update j178/prek-action action to v2
• f0d30d9 chore: Release
• Additional commits viewable in compare view

Updates redis from 1.1.0 to 1.2.1

Release notes

Sourced from redis's releases.

redis-1.2.1

Changes & Bug fixes

• commands: Stop double-take-ing for mset (#2043 by @​somechris)
• json: Stop double-wrapping commands in RedisResult (#2042 by @​somechris)
• ValueType: Add missing possible types (#2030 by @​somechris)
• Stream idempotent producers (at-most-once guarantee) (#2032 by @​StefanPalashev)
• Improve streaming auth error handling (#2021 by @​alexcole)
• feat: add Slot type and functions to create Slot / Route with key (#2047 by @​anatawa12)
• Fix async connection handling to avoid TCP deadlocks (#2070 by @​PDXKimani)

CI improvements

• ci: Bump Redis/Valkey versions (#2035 by @​somechris)
• ci: Clarify how databases get selected (#2040 by @​somechris)
• README: Declare "supported" versions (#2034 by @​somechris)
• Add EntraID integration tests for OSS cluster API (#2050 by @​StefanPalashev)
• fix new nightly lint & fmt (#2052 by @​nihohit)
• log sentinel test startup failures. (#2062 by @​nihohit)

redis-1.2.0

What's Changed

• feat: support custom TcpSettings on sentinel client by @​hugobpx in redis-rs/redis-rs#2016
• Attempt to Fix CI by @​nihohit in redis-rs/redis-rs#2017
• Add lazy instantiation to the connection manager. by @​nihohit in redis-rs/redis-rs#2022
• Bump async-io from 2.4.0 to 2.6.0 by @​dependabot[bot] in redis-rs/redis-rs#2029
• Bump env_logger from 0.11.8 to 0.11.10 by @​dependabot[bot] in redis-rs/redis-rs#2027
• Bump itoa from 1.0.17 to 1.0.18 by @​dependabot[bot] in redis-rs/redis-rs#2026
• Bump async-trait from 0.1.88 to 0.1.89 by @​dependabot[bot] in redis-rs/redis-rs#2025
• Bump tokio-util from 0.7.17 to 0.7.18 by @​dependabot[bot] in redis-rs/redis-rs#2023
• Add strategies for routing reads to cluster replicas by @​PDXKimani in redis-rs/redis-rs#1985
• Bump anyhow from 1.0.100 to 1.0.102 by @​dependabot[bot] in redis-rs/redis-rs#2024
• README: Add stanza about AI contributions by @​somechris in redis-rs/redis-rs#2033
• Don't compile tokio runtime when using smol by @​cstyles in redis-rs/redis-rs#2036

New Contributors

• @​cstyles made their first contribution in redis-rs/redis-rs#2036

Full Changelog: redis-rs/redis-rs@redis-1.1.0...redis-1.2.0

Commits

• a6608fd Prepare new version (#2074)
• 7e063ff Fix async connection handling to avoid TCP deadlocks (#2070)
• 7adf964 Bump hashbrown from 0.16.1 to 0.17.0 (#2068)
• 78693ac Bump tokio from 1.49.0 to 1.50.0 (#2067)
• 5ed93d6 Bump quickcheck from 1.0.3 to 1.1.0 (#2066)
• 1cbb4f6 Bump arc-swap from 1.8.2 to 1.9.1 (#2065)
• a141fff Bump rust_decimal from 1.39.0 to 1.41.0 (#2064)
• a113ee7 Bump quote from 1.0.44 to 1.0.45 (#2063)
• ef68835 log sentinel test startup failures. (#2062)
• cddd795 feat: add Slot type and functions to create Slot / Route with key (#2047)
• Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Updates tokio from 1.50.0 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

• runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

• io: AioSource::register_borrowed for I/O safety support (#7992)
• net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

• runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)
• taskdump: add trace_with() for customized task dumps (#8025)
• taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)
• fs: support io_uring in AsyncRead for File (#7907)

... (truncated)

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• Additional commits viewable in compare view

Updates tower-http from 0.6.8 to 0.6.11

Release notes

Sourced from tower-http's releases.

tower-http-0.6.11

Added

• set-header: add SetMultipleResponseHeadersLayer and SetMultipleResponseHeader for setting multiple response headers at once. Supports overriding, appending, and if_not_present modes. Header values can be fixed or computed dynamically via closures (#672)

  use http::{Response, header::{self, HeaderValue}};
  use http_body::Body as _;
  use tower_http::set_header::response::SetMultipleResponseHeadersLayer;
  let layer = SetMultipleResponseHeadersLayer::overriding(vec![
  (header::X_FRAME_OPTIONS, HeaderValue::from_static("DENY")).into(),
  (header::CONTENT_LENGTH, |res: &Response<MyBody>| {
  res.body().size_hint().exact()
  .map(|size| HeaderValue::from_str(&size.to_string()).unwrap())
  }).into(),
  ]);

• set-header: add SetMultipleRequestHeadersLayer and SetMultipleRequestHeaders for setting multiple request headers at once, mirroring the response-side API (#677)

• classify: add From<i32> and From<NonZeroI32> impls for GrpcCode. Unrecognized status codes map to GrpcCode::Unknown (#506)

Changed

• compression: compress application/grpc-web responses. Previously all application/grpc* content types were excluded from compression; now only application/grpc (non-web) is excluded (#408)

Fixed

• fs: fix ServeDir returning 500 instead of 405 for non-GET/HEAD requests when call_fallback_on_method_not_allowed is enabled but no fallback service is configured (#587)
• fs: remove duplicate cfg attribute on is_reserved_dos_name (#675)

#408: tower-rs/tower-http#408 #506: tower-rs/tower-http#506 #587: tower-rs/tower-http#587 #672: tower-rs/tower-http#672 #675: tower-rs/tower-http#675 #677: tower-rs/tower-http#677

All PRs

• ci: fix flaky encoding test, add nightly stress test job by @​jlizen in tower-rs/tower-http#670

... (truncated)

Commits

• 1d082ef v0.6.11
• 9c3117d feat: set multiple request header (#677)
• 667e7c7 Remove duplicate cfg attribute for is_reserved_dos_name (#675)
• 7551a9b feat(set_header): refactor and improve multiple header middleware (#672)
• 991e9ee add From<i32> impl for GrpcCode (#506)
• 3962dba Do compress grpc-web responses (#408)
• f0b3bb6 Fix serve_dir method not allowed handling when no fallback is configured (#587)
• d1a571b ci: use static timeout in stress-test workflow (#671)
• 309555a ci: fix flaky encoding test, add nightly stress test job (#670)
• 4532fc2 v0.6.10
• Additional commits viewable in compare view

Updates testcontainers from 0.27.2 to 0.27.3

Release notes

Sourced from testcontainers's releases.

v0.27.3

Details

Bug Fixes

• Pass Docker Hub credentials for images without a registry prefix (#935)

Miscellaneous Tasks

• Update docker-compose-types requirement from 0.22 to 0.23 (#931)
• Update ferroid requirement from 0.8.7 to 2.0.0 (#929)
• Update russh requirement from 0.56.0 to 0.60.0 (#933)
• Update signal-hook requirement from 0.3 to 0.4 (#934)
• Update temp-dir requirement from 0.1 to 0.2 (#921)

Changelog

Sourced from testcontainers's changelog.

[0.27.3] - 2026-04-15

Details

Bug Fixes

• Pass Docker Hub credentials for images without a registry prefix (#935)

Miscellaneous Tasks

• Update docker-compose-types requirement from 0.22 to 0.23 (#931)
• Update ferroid requirement from 0.8.7 to 2.0.0 (#929)
• Update russh requirement from 0.56.0 to 0.60.0 (#933)
• Update signal-hook requirement from 0.3 to 0.4 (#934)
• Update temp-dir requirement from 0.1 to 0.2 (#921)

Commits

• 2c96733 chore: release v0.27.3 (#938)
• 8e074dc chore(deps): update temp-dir requirement from 0.1 to 0.2 (#921)
• 2e8beae chore(deps): update signal-hook requirement from 0.3 to 0.4 (#934)
• 0c6f257 chore(deps): update russh requirement from 0.56.0 to 0.60.0 (#933)
• 99e1715 chore(deps): update ferroid requirement from 0.8.7 to 2.0.0 (#929)
• a4c9c8c chore(deps): update docker-compose-types requirement from 0.22 to 0.23 (#931)
• 1a29616 fix: pass Docker Hub credentials for images without a registry prefix (#935)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions