From 5fdc467924fc9a22f28f8d577b90cac7a44c785c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 15 Sep 2025 11:39:12 +0000
Subject: [PATCH] build(deps): bump semver from 1.0.26 to 1.0.27 in /rust
 (#10357)

Bumps [semver](https://github.com/dtolnay/semver) from 1.0.26 to 1.0.27.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/semver/releases">semver's
releases</a>.</em></p>
<blockquote>
<h2>1.0.27</h2>
<ul>
<li>Switch serde dependency to serde_core (<a
href="https://redirect.github.com/dtolnay/semver/issues/333">#333</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dtolnay/semver/commit/6ed8561154715b2c34df417a2052597d586f2c43"><code>6ed8561</code></a>
Release 1.0.27</li>
<li><a
href="https://github.com/dtolnay/semver/commit/6967bba0e2f09b9ead04e4c9e6bc3991fd9fe078"><code>6967bba</code></a>
Add serde version constraint</li>
<li><a
href="https://github.com/dtolnay/semver/commit/84d30574ff1460c741539ef934339219d972afe0"><code>84d3057</code></a>
Exclude build.rs from crates.io package</li>
<li><a
href="https://github.com/dtolnay/semver/commit/b09aac935dcc468f76f1b80a1c5ff9645ddb51d1"><code>b09aac9</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/semver/issues/343">#343</a>
from dtolnay/up</li>
<li><a
href="https://github.com/dtolnay/semver/commit/49b8570e3495a415edbeda1b627ef028935c0386"><code>49b8570</code></a>
Delete backport module</li>
<li><a
href="https://github.com/dtolnay/semver/commit/9b04afee2f5df8912d518346365ce564827ff33b"><code>9b04afe</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/semver/issues/342">#342</a>
from dtolnay/up</li>
<li><a
href="https://github.com/dtolnay/semver/commit/83a8e91dba4917e3a0b4aaff1b4e3c4f052da1c0"><code>83a8e91</code></a>
Delete no_nonzero_bitscan configuration</li>
<li><a
href="https://github.com/dtolnay/semver/commit/e606a17855ae10f8a788c4057acaf650a8e69d49"><code>e606a17</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/semver/issues/341">#341</a>
from dtolnay/up</li>
<li><a
href="https://github.com/dtolnay/semver/commit/ebe7cf18971686bedfab3e617b9dcb2eacbcdc01"><code>ebe7cf1</code></a>
Delete no_unsafe_op_in_unsafe_fn_lint configuration</li>
<li><a
href="https://github.com/dtolnay/semver/commit/a381bff0447df3cdf8ba3b152abe4234001bfd4b"><code>a381bff</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/semver/issues/340">#340</a>
from dtolnay/up</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/semver/compare/1.0.26...1.0.27">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=semver&package-manager=cargo&previous-version=1.0.26&new-version=1.0.27)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 rust/Cargo.lock | 25 ++++++++++++++++++-------
 rust/Cargo.toml |  2 +-
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/rust/Cargo.lock b/rust/Cargo.lock
index 2501ac886..36dddaf99 100644
--- a/rust/Cargo.lock
+++ b/rust/Cargo.lock
@@ -6428,11 +6428,12 @@ dependencies = [
 
 [[package]]
 name = "semver"
-version = "1.0.26"
+version = "1.0.27"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "56e6fa9c48d24d85fb3de5ad847117517440f6beceb7798af16b4a87d616b8d0"
+checksum = "d767eb0aabc880b29956c35734170f26ed551a859dbd361d140cdbeca61ab1e2"
 dependencies = [
  "serde",
+ "serde_core",
 ]
 
 [[package]]
@@ -6568,10 +6569,11 @@ dependencies = [
 
 [[package]]
 name = "serde"
-version = "1.0.219"
+version = "1.0.223"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6"
+checksum = "a505d71960adde88e293da5cb5eda57093379f64e61cf77bf0e6a63af07a7bac"
 dependencies = [
+ "serde_core",
  "serde_derive",
 ]
 
@@ -6596,10 +6598,19 @@ dependencies = [
 ]
 
 [[package]]
-name = "serde_derive"
-version = "1.0.219"
+name = "serde_core"
+version = "1.0.223"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00"
+checksum = "20f57cbd357666aa7b3ac84a90b4ea328f1d4ddb6772b430caa5d9e1309bb9e9"
+dependencies = [
+ "serde_derive",
+]
+
+[[package]]
+name = "serde_derive"
+version = "1.0.223"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3d428d07faf17e306e699ec1e91996e5a165ba5d6bce5b5155173e91a8a01a56"
 dependencies = [
  "proc-macro2",
  "quote",
diff --git a/rust/Cargo.toml b/rust/Cargo.toml
index e5d3cafe4..81188eaa6 100644
--- a/rust/Cargo.toml
+++ b/rust/Cargo.toml
@@ -143,7 +143,7 @@ rustls = { version = "0.23.31", default-features = false, features = ["ring"] }
 sadness-generator = "0.6.0"
 sd-notify = "0.4.5" # This is a pure Rust re-implementation, so it isn't vulnerable to CVE-2024-3094
 secrecy = "0.8"
-semver = "1.0.26"
+semver = "1.0.27"
 sentry = { version = "0.41.0", default-features = false }
 sentry-tracing = "0.41.0"
 serde = "1.0.219"