Bump the rust group across 1 directory with 6 updates

[dependabot]

Bumps the rust group with 5 updates in the /src-tauri directory:

Package	From	To
k8s-openapi	0.27.1	0.28.0
kube	3.1.0	4.0.0
serde_json	1.0.149	1.0.150
tauri	2.10.3	2.11.3
tokio	1.52.1	1.52.3

Updates k8s-openapi from 0.27.1 to 0.28.0

Release notes

Sourced from k8s-openapi's releases.

v0.28.0

k8s-openapi

• BREAKING CHANGE: Added support for Kubernetes 1.36 under the v1_36 feature.

• BREAKING CHANGE: Dropped support for Kubernetes 1.31.

• FEATURE: schemars v0.8 support has been restored under the schemars08 feature flag. This can be enabled independently of the existing schemars feature that enables schemars v1 support.

• FEATURE: StatefulSetSpec::volume_claim_templates field now uses a map merge strategy using its .metadata.name as the key.

Corresponding Kubernetes API server versions:

• v1.32.13
• v1.33.13
• v1.34.9
• v1.35.6
• v1.36.2

k8s-openapi-codegen-common

• FEATURE: schemars v0.8 support has been restored via a new parameter to fn run().

k8s-openapi-derive

• FEATURE: schemars v0.8 support has been restored via a new #[custom_resource_definition(generate_schema08)] attr.

Changelog

Sourced from k8s-openapi's changelog.

v0.28.0 (2026-06-14)

k8s-openapi

• BREAKING CHANGE: Added support for Kubernetes 1.36 under the v1_36 feature.

• BREAKING CHANGE: Dropped support for Kubernetes 1.31.

• FEATURE: schemars v0.8 support has been restored under the schemars08 feature flag. This can be enabled independently of the existing schemars feature that enables schemars v1 support.

• FEATURE: StatefulSetSpec::volume_claim_templates field now uses a map merge strategy using its .metadata.name as the key.

Corresponding Kubernetes API server versions:

• v1.32.13
• v1.33.13
• v1.34.9
• v1.35.6
• v1.36.2

k8s-openapi-codegen-common

• FEATURE: schemars v0.8 support has been restored via a new parameter to fn run().

k8s-openapi-derive

• FEATURE: schemars v0.8 support has been restored via a new #[custom_resource_definition(generate_schema08)] attr.

---

Commits

• b2c839b v0.28.0
• ebea539 Update to v1.33.13, v1.34.9, v1.35.6, v1.36.2
• b7acde4 Restore schemars 0.8 support.
• 366b480 Update kind to v0.32.0
• f1b5881 Update to v1.33.12, v1.34.8, v1.35.5, v1.36.1
• 8a891b9 Add v1.36 and drop v1.31
• bcd3499 Fix StatefulSet::volumeClaimTemplates to deep merge by name.
• 654a839 Update to v1.33.11, v1.34.7, v1.35.4
• eda35ab Update to v1.33.10, v1.34.6, v1.35.3
• See full diff in compare view

Updates kube from 3.1.0 to 4.0.0

Release notes

Sourced from kube's releases.

4.0.0

New Major

As per the release schedule to match up with the latest Kubernetes ハル release. Lots of fixes and improvements. Thanks to everyone who contributed!

Kubernetes v1_36 support via k8s-openapi 0.28

Please upgrade k8s-openapi along with kube to avoid conflicts.

CEL Validation

A new optional crate kube-cel is being re-exported through kube::core::cel via kube-rs/kube#1954

Kubernetes CRDs support CEL validation rules via x-kubernetes-validations, and were supported from 3.0 via KubeSchema, but these rules could only be evaluated server-side by the API server.

The new crate allows evaluating these rules locally using rules matching the upstream Kubernetes CEL libraries.

While low-level, a higher-level CEL validator integrates with CustomResource via #[kube(cel)] from kube-rs/kube#2011 and can be used as;

#[derive(CustomResource, Serialize, Deserialize, Clone, KubeSchema)]
#[kube(group = "example.com", version = "v1", kind = "Foo", namespaced)]
#[kube(cel, validation = "self.spec.replicas >= 0")] // cel trigger + validation rule
struct FooSpec { replicas: i32 }
let foo = Foo::new("test", FooSpec { replicas: -1 });
foo.validate_cel()?;                     // new impl; checks creation rules
new_foo.validate_cel_update(&old_foo)?;  // new impl; checks transition rules

See examples/crd_derive_cel.rs for more details.

This is available under the kube/cel feature, courtesy of @​doxxx93.

Config

A lot of improvements to config handling;

• better error handling of malformed client certs in kube-rs/kube#1966
• add missing Kubeconfig fields in kube-rs/kube#1965
• Kubeconfig future key compatibility for new fields by adding catch-all other key via kube-rs/kube#1964
• deserialization changed from serde-yaml to serde-saphyr to get rid of the long-deprecated dependency. kube-rs/kube#1975

Retry and Timeouts

Better timeout and retry handling to better deal with flaky network conditions, and busy or initializing apiservers.

• default global read timeouts has been unset in favor of watcher level timeouts in kube-rs/kube#1945 (see kube-rs/kube#1798 for context)
• regular (non-watch) queries now respect the RetryPolicy - now enabled by default in kube-rs/kube#2007.

Client

... (truncated)

Changelog

Sourced from kube's changelog.

4.0.0 / 2026-06-16

New Major

As per the release schedule to match up with the latest Kubernetes ハル release. Lots of fixes and improvements. Thanks to everyone who contributed!

Kubernetes v1_36 support via k8s-openapi 0.28

Please upgrade k8s-openapi along with kube to avoid conflicts.

CEL Validation

A new optional crate kube-cel is being re-exported through kube::core::cel via kube-rs/kube#1954

Kubernetes CRDs support CEL validation rules via x-kubernetes-validations, and were supported from 3.0 via KubeSchema, but these rules could only be evaluated server-side by the API server.

The new crate allows evaluating these rules locally using rules matching the upstream Kubernetes CEL libraries.

While low-level, a higher-level CEL validator integrates with CustomResource via #[kube(cel)] from kube-rs/kube#2011 and can be used as;

#[derive(CustomResource, Serialize, Deserialize, Clone, KubeSchema)]
#[kube(group = "example.com", version = "v1", kind = "Foo", namespaced)]
#[kube(cel, validation = "self.spec.replicas >= 0")] // cel trigger + validation rule
struct FooSpec { replicas: i32 }
let foo = Foo::new("test", FooSpec { replicas: -1 });
foo.validate_cel()?;                     // new impl; checks creation rules
new_foo.validate_cel_update(&old_foo)?;  // new impl; checks transition rules

See examples/crd_derive_cel.rs for more details.

This is available under the kube/cel feature, courtesy of @​doxxx93.

Config

A lot of improvements to config handling;

• better error handling of malformed client certs in kube-rs/kube#1966
• add missing Kubeconfig fields in kube-rs/kube#1965
• Kubeconfig future key compatibility for new fields by adding catch-all other key via kube-rs/kube#1964
• deserialization changed from serde-yaml to serde-saphyr to get rid of the long-deprecated dependency. kube-rs/kube#1975

Retry and Timeouts

Better timeout and retry handling to better deal with flaky network conditions, and busy or initializing apiservers.

• default global read timeouts has been unset in favor of watcher level timeouts in kube-rs/kube#1945 (see kube-rs/kube#1798 for context)
• regular (non-watch) queries now respect the RetryPolicy - now enabled by default in kube-rs/kube#2007.

Client

... (truncated)

Commits

• b4f0cc4 re-hook cel feature and move dev-dep pin
• 163ade1 unhook dev-dep temporarily
• 2a14dec release 4.0.0
• 2310a06 feat(derive): client-side CEL validation via #[kube(cel)] / #[x_kube(cel)] (#...
• 8d61784 Enable RetryPolicy::server_retry by default for Client (#2007)
• a5b4f3f Box a large runtime error in ReconcilerErr (#1880)
• 3dd76bc bump k8s-openapi to 0.28 (#2009)
• 60ffe61 chore: group cel into the just hack feature-powerset (#2006)
• c261d78 deps: bump kube-cel to 0.6.1 (validation surface flattened) (#2005)
• 6c26657 refactor(runtime): rename Store::state_with/state_filtered per review feedbac...
• Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Updates tauri from 2.10.3 to 2.11.3

Release notes

Sourced from tauri's releases.

tauri-cli v2.11.3

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 1133 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1085 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Crate:     atk-sys

Version:   0.18.2

Warning:   unmaintained

Title:     gtk-rs GTK3 bindings - no longer maintained

Date:      2024-03-04

ID:        RUSTSEC-2024-0416

URL:       https://rustsec.org/advisories/RUSTSEC-2024-0416
Crate:     fxhash

Version:   0.2.1

Warning:   unmaintained

Title:     fxhash - no longer maintained

Date:      2025-09-05

ID:        RUSTSEC-2025-0057

URL:       https://rustsec.org/advisories/RUSTSEC-2025-0057
Crate:     gdk

Version:   0.18.2

Warning:   unmaintained

Title:     gtk-rs GTK3 bindings - no longer maintained

Date:      2024-03-04

ID:        RUSTSEC-2024-0412

URL:       https://rustsec.org/advisories/RUSTSEC-2024-0412
Crate:     gdk-sys

Version:   0.18.2

Warning:   unmaintained

Title:     gtk-rs GTK3 bindings - no longer maintained

Date:      2024-03-04

ID:        RUSTSEC-2024-0418

URL:       https://rustsec.org/advisories/RUSTSEC-2024-0418
Crate:     gdkwayland-sys

</tr></table>

... (truncated)

Commits

• 6f6ab12 apply version updates (#15409)
• 728c8d4 fix(cli): skip building bundles when using tauri android run (#15473)
• e25f45c refactor: remove impl clone on inner menus (#15553)
• fbcf1b0 chore(deps): update dependency eslint-plugin-security to v4.0.1 (#15545)
• 828f710 fix(cli): respect src/bin required-features (fix: #15325) (#15427)
• ed8fd41 chore(cli): lesser verbose ureq_proto log (#15552)
• 50b0237 fix(android): escape special characters in strings.xml (#15549)
• 800223d docs: fix some missing and wrong docs (#15548)
• 5075c81 fix: check is_maximizable in internal_toggle_maximize (#15550)
• 532c22a chore(deps-dev): bump vite from 8.0.5 to 8.0.16 (#15547)
• Additional commits viewable in compare view

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• Additional commits viewable in compare view

Updates tauri-build from 2.5.6 to 2.6.3

Release notes

Sourced from tauri-build's releases.

tauri-build v2.6.3

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 1133 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1085 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Crate:     atk-sys

Version:   0.18.2

Warning:   unmaintained

Title:     gtk-rs GTK3 bindings - no longer maintained

Date:      2024-03-04

ID:        RUSTSEC-2024-0416

URL:       https://rustsec.org/advisories/RUSTSEC-2024-0416
Crate:     fxhash

Version:   0.2.1

Warning:   unmaintained

Title:     fxhash - no longer maintained

Date:      2025-09-05

ID:        RUSTSEC-2025-0057

URL:       https://rustsec.org/advisories/RUSTSEC-2025-0057
Crate:     gdk

Version:   0.18.2

Warning:   unmaintained

Title:     gtk-rs GTK3 bindings - no longer maintained

Date:      2024-03-04

ID:        RUSTSEC-2024-0412

URL:       https://rustsec.org/advisories/RUSTSEC-2024-0412
Crate:     gdk-sys

Version:   0.18.2

Warning:   unmaintained

Title:     gtk-rs GTK3 bindings - no longer maintained

Date:      2024-03-04

ID:        RUSTSEC-2024-0418

URL:       https://rustsec.org/advisories/RUSTSEC-2024-0418
Crate:     gdkwayland-sys

</tr></table>

... (truncated)

Commits

• 6f6ab12 apply version updates (#15409)
• 728c8d4 fix(cli): skip building bundles when using tauri android run (#15473)
• e25f45c refactor: remove impl clone on inner menus (#15553)
• fbcf1b0 chore(deps): update dependency eslint-plugin-security to v4.0.1 (#15545)
• 828f710 fix(cli): respect src/bin required-features (fix: #15325) (#15427)
• ed8fd41 chore(cli): lesser verbose ureq_proto log (#15552)
• 50b0237 fix(android): escape special characters in strings.xml (#15549)
• 800223d docs: fix some missing and wrong docs (#15548)
• 5075c81 fix: check is_maximizable in internal_toggle_maximize (#15550)
• 532c22a chore(deps-dev): bump vite from 8.0.5 to 8.0.16 (#15547)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions