chore(deps): bump the production-dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the production-dependencies group with 6 updates in the / directory:

Package	From	To
smol_str	0.3.2	0.3.4
httpmock	0.7.0	0.8.2
bytes	1.10.1	1.11.0
actix-web	4.11.0	4.12.0
axum	0.8.6	0.8.7
hyper	1.8.0	1.8.1

Updates smol_str from 0.3.2 to 0.3.4

Changelog

Sourced from smol_str's changelog.

0.3.4 - 2025-10-23

• Added rust-version field to Cargo.toml

0.3.3 - 2025-10-23

• Optimise StrExt::to_ascii_lowercase_smolstr, StrExt::to_ascii_uppercase_smolstr ~2x speedup inline, ~4-22x for heap.
• Optimise StrExt::to_lowercase_smolstr, StrExt::to_uppercase_smolstr ~2x speedup inline, ~5-50x for heap.
• Optimise StrExt::replace_smolstr, StrExt::replacen_smolstr for single ascii replace, ~3x speedup inline & heap.

Commits

• 02336c5 Publish 0.3.4
• bf2e3d7 Publish 0.3.3
• 8f4deab Update changelog
• 97ef5f3 Mark replacen_1_ascii as unsafe
• 026103b Optimise replacen 1-ascii when count >= len
• 104784a Optimise replacen_smolstr for single ascii replace
• 08a9dc8 Add test from_buf_and_chars_size_hinted_heap & fix
• 22feb5f Update changelog
• 3122a9a Optimise to_{lower,upper}case_smolstr
• 81c8790 CI: Add TEST_BENCHES
• Additional commits viewable in compare view

Updates httpmock from 0.7.0 to 0.8.2

Release notes

Sourced from httpmock's releases.

v0.8.2

This release includes bug fixes, documentation enhancements and new features, such as dynamic responders.

The following pull requests have been merged:

• #178: "Expose proxy method to obtain the recorded yaml without saving to a file" (thanks @​janeisklar)
• #180: "Add missing query parameters in recordings"
• #181: "Append Headers Instead of Inserting"
• #182: "Add Dynamic Responses"
• #184: "Use read_file in body_from_file"

v0.8.1

This release includes bug fixes and documentation enhancements.

The following pull requests have been merged:

• #179: "Use scheme of target url for forwarding"

v0.8.0

This release includes refactoring, dependency updates, and internal cleanups. No breaking changes expected.

The minimum required Rust version has been increased to 1.82.

The following pull requests have been merged:

• #172: "Update Rust edition to 2021" (thanks @​FalkWoldmann)
• #169: "Proxy HTTPS fix"
• #167: "Replace log and env_logger with tracing and tracing-subscriber" (thanks @​FalkWoldmann)
• #166: "Remove unused code" (thanks @​FalkWoldmann)
• #163: "fix: issue 162, non localhost hosts match" (thanks @​Thomblin)
• #160: "Replace custom read_file with std::fs::read_to_string" (thanks @​FalkWoldmann)
• #158: "Improve async executor support"
• #156: "Bump async-object-pool to replace async-std"
• #153: "ci(deps): bump actions/checkout from 4 to 5"
• #152: "Fix missing standalone routes"
• #151: "Cleanup unused test functions"
• #147: "ci(deps): bump codecov/codecov-action from 2 to 5"
• #146: "cargo(deps): update thiserror requirement from 1 to 2"
• #145: "ci(deps): bump actions/checkout from 2 to 4"
• #144: "ci(deps): bump docker/build-push-action from 4 to 6
• #141: "cargo(deps): update path-tree requirement from >=0.8.0, <0.8.1 to >=0.8.0, <0.8.4"
• #140: "ci(deps): bump docker/login-action from 1 to 3"
• #139: "ci(deps): bump withastro/action from 2 to 4"
• #138: "Create dependabot.yml" (thanks @​FalkWoldmann)
• #136: "Replace async_std with tokio" (thanks @​FalkWoldmann)

v0.8.0-alpha.1

BREAKING CHANGES

• A new MockServer::reset method was added that resets a mock server. Thanks for providing the pull request for this feature, @​dax.
• The default port for standalone server was changed from 5000 to 5050 due to conflicts with system services on macOS.
• Custom matcher functions are now closures rather than functions.
• When::json_body_partial was renamed to json_body_includes.

... (truncated)

Changelog

Sourced from httpmock's changelog.

Version 0.8.2

The following pull requests have been merged:

• #178: "Expose proxy method to obtain the recorded yaml without saving to a file" (thanks @​janeisklar)
• #180: "Add missing query parameters in recordings"
• #181: "Append Headers Instead of Inserting"
• #182: "Add Dynamic Responses"
• #184: "Use read_file in body_from_file"

Version 0.8.1

This release includes bug fixes and documentation enhancements.

The following pull requests have been merged:

• #179: "Use scheme of target url for forwarding"

Version 0.8.0

This release includes refactoring, dependency updates, and internal cleanups. No breaking changes expected.

The minimum required Rust version has been increased to 1.82.

The following pull requests have been merged:

• #172: "Update Rust edition to 2021" (thanks @​FalkWoldmann)
• #169: "Proxy HTTPS fix"
• #167: "Replace log and env_logger with tracing and tracing-subscriber" (thanks @​FalkWoldmann)
• #166: "Remove unused code" (thanks @​FalkWoldmann)
• #163: "fix: issue 162, non localhost hosts match" (thanks @​Thomblin)
• #160: "Replace custom read_file with std::fs::read_to_string" (thanks @​FalkWoldmann)
• #158: "Improve async executor support"
• #156: "Bump async-object-pool to replace async-std"
• #153: "ci(deps): bump actions/checkout from 4 to 5"
• #152: "Fix missing standalone routes"
• #151: "Cleanup unused test functions"
• #147: "ci(deps): bump codecov/codecov-action from 2 to 5"
• #146: "cargo(deps): update thiserror requirement from 1 to 2"
• #145: "ci(deps): bump actions/checkout from 2 to 4"
• #144: "ci(deps): bump docker/build-push-action from 4 to 6
• #141: "cargo(deps): update path-tree requirement from >=0.8.0, <0.8.1 to >=0.8.0, <0.8.4"
• #140: "ci(deps): bump docker/login-action from 1 to 3"
• #139: "ci(deps): bump withastro/action from 2 to 4"
• #138: "Create dependabot.yml" (thanks @​FalkWoldmann)
• #136: "Replace async_std with tokio" (thanks @​FalkWoldmann)

Version 0.8.0-beta.1

This release mainly contains internal improvements and bugfixes. The minimum required Rust version has been increased to 1.81. Apart from the updated MSRV, there are no breaking changes.

The following pull requests have been merged:

• #112: "Fix building without cookies feature" by @​jayvdb.

... (truncated)

Commits

• 02efcf9 add disclaimer for custom responders to documentation
• 5b6f04a add disclaimer for custom responders to documentation
• 52bf5d5 raise version to 0.8.2
• 211d072 Merge pull request #182 from httpmock/dynamic-response
• d903d57 fix https with http2 flag
• 470f623 switch to httpbingo for forwarding to a real server
• 7a1732b switch to httpbingo for forwarding to a real server
• 47597b3 add dynamic responses to changelog
• 34f5bc2 rename reply method
• 4f8edf7 mention dynamic responses in docs
• Additional commits viewable in compare view

Updates bytes from 1.10.1 to 1.11.0

Release notes

Sourced from bytes's releases.

Bytes v1.11.0

1.11.0 (November 14th, 2025)

• Bump MSRV to 1.57 (#788)

Fixed

• fix: BytesMut only reuse if src has remaining (#803)
• Specialize BytesMut::put::<Bytes> (#793)
• Reserve capacity in BytesMut::put (#794)
• Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

• Guarantee address in slice() for empty slices. (#780)
• Rename Vtable::to_* -> Vtable::into_* (#776)
• Fix latest clippy warnings (#787)
• Ignore BytesMut::freeze doctest on wasm (#790)
• Move drop_fn of from_owner into vtable (#801)

Changelog

Sourced from bytes's changelog.

1.11.0 (November 14th, 2025)

• Bump MSRV to 1.57 (#788)

Fixed

• fix: BytesMut only reuse if src has remaining (#803)
• Specialize BytesMut::put::<Bytes> (#793)
• Reserve capacity in BytesMut::put (#794)
• Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

• Guarantee address in slice() for empty slices. (#780)
• Rename Vtable::to_* -> Vtable::into_* (#776)
• Fix latest clippy warnings (#787)
• Ignore BytesMut::freeze doctest on wasm (#790)
• Move drop_fn of from_owner into vtable (#801)

Commits

• a7952fb chore: prepare bytes v1.11.0 (#804)
• 60cbb77 fix: BytesMut only reuse if src has remaining (#803)
• 7ce330f Move drop_fn of from_owner into vtable (#801)
• 4b53a29 Tweak BytesMut::remaining_mut (#795)
• 016fdbd Reserve capacity in BytesMut::put (#794)
• ef7f257 Specialize BytesMut::put::<Bytes> (#793)
• 8b4f54d Ignore BytesMut::freeze doctest on wasm (#790)
• 16132ad Fix latest clippy warnings (#787)
• 3e44f88 Bump MSRV to 1.57 (#788)
• f29e939 Add some tests for Limit, BytesMut and Reader (#785)
• Additional commits viewable in compare view

Updates actix-web from 4.11.0 to 4.12.0

Release notes

Sourced from actix-web's releases.

actix-web: v4.12.0

Short announcement

We've started GitHub Sponsors: https://github.com/sponsors/actix Support our development!

v4.12.0

• actix_web::response::builder::HttpResponseBuilder::streaming() now sets Content-Type to application/octet-stream if Content-Type does not exist.
• actix_web::response::builder::HttpResponseBuilder::streaming() now calls actix_web::response::builder::HttpResponseBuilder::no_chunking() and returns SizedStream if Content-Length is set by user.
• Add ws crate feature (on-by-default) which forwards to actix-http and guards some of its ResponseError impls.
  • ⚠️ if you use default-feature = false and the web scoket feature, please make sure you enable the ws feature.
• Add public export for EitherExtractError in error module.

Commits

• d119500 release: actix-web v4.12.0 (#3830)
• a3f95ee feat: improve HttpResponseBuilder::streaming with SizedStream (#3829)
• e1da110 chore: Add public export for EitherExtractError (#3826)
• 219b988 build(deps): bump taiki-e/install-action from 2.62.46 to 2.62.49 (#3823)
• 9cf3521 build(deps): bump quote from 1.0.41 to 1.0.42 (#3825)
• 8b10319 build(deps): bump taiki-e/install-action from 2.62.45 to 2.62.46 (#3820)
• d5fae3e chore: rename branch to main (#3821)
• e6958cc build(deps): bump taiki-e/install-action from 2.62.38 to 2.62.45 (#3819)
• 3dd42ee build(deps): bump tokio-util from 0.7.16 to 0.7.17 (#3817)
• 627af8c chore(gha): setup cargo-deny (#3816)
• Additional commits viewable in compare view

Updates axum from 0.8.6 to 0.8.7

Release notes

Sourced from axum's releases.

axum v0.8.7

• Relax implicit Send / Sync bounds on RouterAsService, RouterIntoService (#3555)
• Make it easier to visually scan for default features (#3550)
• Fix some documentation typos

#3550: tokio-rs/axum#3550 #3555: tokio-rs/axum#3555

Commits

• 4404f27 Release axum v0.8.7 and axum-extra v0.12.2
• 8f1545a Fix typo in extractors guide (#3554)
• 4fc3faa Relax implicit Send / Sync bounds (#3555)
• a05920c Make it easier to visually scan for default features (#3550)
• 6d5e6d5 Use extensions directly in from_request_parts (#3542)
• fe607e6 Fixes wording typo (#3540)
• f9ce3e5 Release axum-extra 0.12.1
• 12e1cf9 Add back package.metadata.docs.rs for axum-extra
• 914a35a Release axum-extra 0.12.0
• e20e90d Upgrade axum-extra to prost v0.14 (#3517)
• Additional commits viewable in compare view

Updates hyper from 1.8.0 to 1.8.1

Release notes

Sourced from hyper's releases.

v1.8.1

Bug Fixes

• http1: fix consuming extra CPU from previous change (#3977) (4492f31e)

Full Changelog: hyperium/hyper@v1.8.0...v1.8.1

Changelog

Sourced from hyper's changelog.

v1.8.1 (2025-11-13)

Bug Fixes

• http1: fix consuming extra CPU from previous change (#3977) (4492f31e)

Commits

• 166c6ca v1.8.1
• 4492f31 fix(http1): fix consuming extra CPU from previous change (#3977)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions