chore(deps): bump the dependencies group with 4 updates

[dependabot]

Bumps the dependencies group with 4 updates: reqwest, serde_json, tempfile and octocrab.

Updates reqwest from 0.12.26 to 0.12.28

Release notes

Sourced from reqwest's releases.

v0.12.28

What's Changed

• fix: correctly import TokioIo on Windows by @​seanmonstar in seanmonstar/reqwest#2896

Full Changelog: seanmonstar/reqwest@v0.12.27...v0.12.28

v0.12.27

tl;dr

• Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Pipe.

What's Changed

• chore: Disable unused tokio-util codec feature by @​tottoto in seanmonstar/reqwest#2893
• chore: Use http_body_util::BodyDataStream by @​tottoto in seanmonstar/reqwest#2892
• feat: add windows_named_pipe() option to client builder by @​seanmonstar in seanmonstar/reqwest#2789

Full Changelog: seanmonstar/reqwest@v0.12.26...v0.12.27

Changelog

Sourced from reqwest's changelog.

v0.12.28

• Fix compiling on Windows if TLS and SOCKS features are not enabled.

v0.12.27

• Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Piper.

Commits

• d978599 v0.12.28
• ef2768a fix: correctly import TokioIo on Windows (#2896)
• 1bf6441 v0.12.27
• 4967b1b feat: add windows_named_pipe() option to client builder (#2789)
• ef5b239 chore: Use http_body_util::BodyDataStream (#2892)
• a810004 chore: Disable unused tokio-util codec feature (#2893)
• See full diff in compare view

Updates serde_json from 1.0.145 to 1.0.148

Release notes

Sourced from serde_json's releases.

v1.0.148

• Update zmij dependency to 1.0

v1.0.147

• Switch float-to-string algorithm from Ryū to Żmij for better f32 and f64 serialization performance (#1304)

v1.0.146

• Set fast_arithmetic=64 for riscv64 (#1305, thanks @​Xeonacid)

Commits

• 8b291c4 Release 1.0.148
• 1aefe15 Update to zmij 1.0
• 62d6e8d Release 1.0.147
• fd829a6 Merge pull request #1304 from dtolnay/zmij
• e757a3d Switch from ryu -> zmij for float formatting
• 75ad7e6 Release 1.0.146
• bc6c827 Merge pull request #1305 from Xeonacid/patch-1
• a09210a Set fast_arithmetic=64 for riscv64
• 01182e5 Update actions/upload-artifact@v5 -> v6
• 383b13a Update actions/upload-artifact@v4 -> v5
• Additional commits viewable in compare view

Updates tempfile from 3.23.0 to 3.24.0

Changelog

Sourced from tempfile's changelog.

3.24.0

• Actually support WASIp2 without the nightly feature. This library is now feature complete on WASIp2 without any additional feature flags.
• Exclude CI scripts from the published crate.

Commits

• 1712764 chore: release v3.24.0
• a8dc864 feat: completely support WASIP2 on stable rust (#382)
• 5a03572 Exclude CI scripts from published package (#384)
• da894f1 build(deps): bump actions/checkout from 5 to 6 (#383)
• See full diff in compare view

Updates octocrab from 0.49.2 to 0.49.4

Release notes

Sourced from octocrab's releases.

v0.49.4

Added

• Add squash_merge_commit_title, squash_merge_commit_title to repo model (#845)

v0.49.3

Added

• Http caching & Conditional requests (#831)

Changelog

Sourced from octocrab's changelog.

0.49.4 - 2025-12-25

Added

• Add squash_merge_commit_title, squash_merge_commit_title to repo model (#845)

0.49.3 - 2025-12-21

Added

• Http caching & Conditional requests (#831)

Commits

• 4ffda40 chore: release v0.49.4 (#846)
• 0c20a91 feat: Add squash_merge_commit_title, squash_merge_commit_title to repo model ...
• 73799b2 chore: release v0.49.3 (#844)
• c08ad2e feat: Http caching & Conditional requests (#831)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[mre]

So nice to finally have a dependency update without breaking changes.