chore(deps): bump the prod-dependencies group with 6 updates

[dependabot]

Bumps the prod-dependencies group with 6 updates:

Package	From	To
clap	4.6.0	4.6.1
nanoid	0.4.0	0.5.0
octocrab	0.49.7	0.49.8
tokio	1.51.1	1.52.1
tracing-appender	0.2.4	0.2.5
assert_cmd	2.2.0	2.2.1

Updates clap from 4.6.0 to 4.6.1

Release notes

Sourced from clap's releases.

v4.6.1

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Changelog

Sourced from clap's changelog.

[4.6.1] - 2026-04-15

Fixes

• (derive) Ensure rebuilds happen when an read env variable is changed

Commits

• 1420275 chore: Release
• d2c817d docs: Update changelog
• f88c94e Merge pull request #6341 from epage/sep
• acbb822 fix(complete): Reduce risk of conflict with actual subcommands
• a49fadb refactor(complete): Pull out subcommand separator
• ddc008b Merge pull request #6332 from epage/update
• 497dc50 chore: Update compatible dependencies
• dca2326 Merge pull request #6331 from clap-rs/renovate/j178-prek-action-2.x
• 54bdaa3 chore(deps): Update j178/prek-action action to v2
• f0d30d9 chore: Release
• Additional commits viewable in compare view

Updates nanoid from 0.4.0 to 0.5.0

Changelog

Sourced from nanoid's changelog.

0.5.0

• Bump rand to 0.9
• Add rngs::thread_local random source (#36)
• format now accepts any FnMut(usize) -> Vec<u8> random generator, enabling seeded and stateful RNGs (#32, #41). Non-capturing fn(usize) -> Vec<u8> callers continue to work unchanged.
• nanoid! macro size argument now accepts any expression, not only a single token (#28)
• Specialized fast path for alphabets whose size is a power of two (#35). Note: for seeded RNGs paired with a power-of-two alphabet (e.g. SAFE, the new HEX_* presets), the number of random bytes consumed per ID has changed — the output for a given seed will differ from 0.4.0.
• Add alphabet::HEX_LOWERCASE and alphabet::HEX_UPPERCASE presets (#39)
• Optional smartstring feature for small-string-optimized output (#29)
• Refreshed CI (GitHub Actions across OS matrix), drop Travis/AppVeyor
• Switched benchmarks to criterion

Commits

• 359c02d chore: 0.5.0 release
• f0ad07f #39: Add hex alphabets
• 7f961f2 Merge pull request #35 from tmccombs/fast-impl
• 91a79fc Update fast impl for actual format signature
• ed800e9 feat: Use specialized implementation for alphabets with size 2^n
• fef0b2e Merge pull request #41 from sidarth164/sid/fnmut
• 61e0606 docs: update README and added an example
• 2004ff9 feat: support passing mutable functions as random generators
• 3d405c5 Fix ci for prs
• 7011b10 Fixup readme, delete old example
• Additional commits viewable in compare view

Updates octocrab from 0.49.7 to 0.49.8

Release notes

Sourced from octocrab's releases.

v0.49.8

Added

• add structured GraphQL response and error (#874)

Fixed

• Expose OctoBody (#870)

Changelog

Sourced from octocrab's changelog.

0.49.8 - 2026-04-24

Added

• add structured GraphQL response and error (#874)

Fixed

• Expose OctoBody (#870)

Commits

• b234067 chore: release v0.49.8 (#871)
• e637ad1 feat: add structured GraphQL response and error (#874)
• 3fee114 fix: Expose OctoBody (#870)
• See full diff in compare view

Updates tokio from 1.51.1 to 1.52.1

Release notes

Sourced from tokio's releases.

Tokio v1.52.1

1.52.1 (April 16th, 2026)

Fixed

• runtime: revert #7757 to fix [a regression]#8056 that causes spawn_blocking to hang (#8057)

#7757: tokio-rs/tokio#7757 #8056: tokio-rs/tokio#8056 #8057: tokio-rs/tokio#8057

Tokio v1.52.0

1.52.0 (April 14th, 2026)

Added

• io: AioSource::register_borrowed for I/O safety support (#7992)
• net: add try_io function to unix::pipe sender and receiver types (#8030)

Added (unstable)

• runtime: Builder::enable_eager_driver_handoff setting enable eager hand off of the I/O and time drivers before polling tasks (#8010)
• taskdump: add trace_with() for customized task dumps (#8025)
• taskdump: allow impl FnMut() in trace_with instead of just fn() (#8040)
• fs: support io_uring in AsyncRead for File (#7907)

Changed

• runtime: improve spawn_blocking scalability with sharded queue (#7757)
• runtime: use compare_exchange_weak() in worker queue (#8028)

Fixed

• runtime: overflow second half of tasks when local queue is filled instead of first half (#8029)

Documented

• docs: fix typo in oneshot::Sender::send docs (#8026)
• docs: hide #[tokio::main] attribute in the docs of sync::watch (#8035)
• net: add docs on ConnectionRefused errors with UDP sockets (#7870)

#7757: tokio-rs/tokio#7757 #7870: tokio-rs/tokio#7870 #7907: tokio-rs/tokio#7907 #7992: tokio-rs/tokio#7992 #8010: tokio-rs/tokio#8010 #8025: tokio-rs/tokio#8025 #8026: tokio-rs/tokio#8026 #8028: tokio-rs/tokio#8028 #8029: tokio-rs/tokio#8029

... (truncated)

Commits

• 905c146 chore: prepare to release v1.52.1 (#8059)
• 56aaa43 rt: revert #7757 to fix regression in spawn_blocking (#8057)
• 57ff47a ci: update trybuild to expect output from rustc 1.95.0 (#8058)
• 812de3e ci: bump taiki-e/cache-cargo-install-action from 1 to 3 (#8053)
• ba82e73 ci: use Dependabot to keep github actions up to date (#8052)
• 2e85f9d ci: replace cirrus-ci with freebsd-vm (#8041)
• a7e1cd8 ci: update GitHub Actions workflows to use latest tool versions (#8047)
• 5f7be0a chore: perpare 1.52.0 (#8045)
• 36d12d2 taskdump: allow impl FnMut() in taskdumps instead of just fn() (#8040)
• f943312 fs: support io-uring in AsyncRead for File (#7907)
• Additional commits viewable in compare view

Updates tracing-appender from 0.2.4 to 0.2.5

Release notes

Sourced from tracing-appender's releases.

tracing-appender 0.2.5

Added

• Add latest symlink builder option (#3447)

Fixed

• Fix RollingFileAppender broken links in docs (#3445)
• Fix parsing of date from filename when no time is incuded (#3471)

#3445: tokio-rs/tracing#3445 #3447: tokio-rs/tracing#3447 #3471: tokio-rs/tracing#3471

Commits

• 53e1490 chore: prepare tracing-appender 0.2.5 (#3522)
• 4fb9ca3 examples: add per-layer filtering example (#3488)
• df05516 docs: improve assert message to mention a possible cause of hitting cloning a...
• 72cf52a docs: recommend configuring await-holding-invalid-types lint (#3463)
• 9545be1 attributes: silence clippy lints for #[instrument] on async functions for cra...
• 3160dc1 subscriber: skip RwLock in EnvFilter span callbacks when no dynamic directive...
• 3af2e54 appender: fix parsing of date from filename when no time is incuded (#3471)
• 412986f appender: fix RollingFileAppender broken links in docs (#3445)
• bdccf4d appender: add latest symlink builder option (#3447)
• 2c80f9d subscriber: propagate on_register_dispatch for Option<Layer> and Vec<Layer> (...
• Additional commits viewable in compare view

Updates assert_cmd from 2.2.0 to 2.2.1

Changelog

Sourced from assert_cmd's changelog.

[2.2.1] - 2026-04-17

Internal

• Dependency update

Commits

• eea8a1c chore: Release assert_cmd version 2.2.1
• cd6828c docs: Update changelog
• c771f78 Merge pull request #286 from assert-rs/renovate/j178-prek-action-2.x
• 4d63465 chore(deps): Update j178/prek-action action to v2
• 4728aea Merge pull request #284 from sendittothenewts/anstream-v1
• 1e5a36f chore(deps): Drop support for Rust crate anstream v0.6
• 2429682 chore(deps): Update Rust crate anstream to v1
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions