build(deps): bump the per-dependency group across 1 directory with 8 updates

[dependabot]

Bumps the per-dependency group with 8 updates in the /bindings/java directory:

Package	From	To
anyhow	1.0.100	1.0.102
jni	0.21.1	0.22.1
spin	0.9.8	0.10.0
regex	1.12.2	1.12.3
uuid	1.20.0	1.21.0
jsonschema	0.30.0	0.42.1
chrono	0.4.43	0.4.44
rand	0.9.2	0.10.0

Updates anyhow from 1.0.100 to 1.0.102

Release notes

Sourced from anyhow's releases.

1.0.102

• Remove backtrace dependency (#438, #439, #440, #441, #442)

1.0.101

• Add #[inline] to anyhow::Ok helper (#437, thanks @​Ibitier)

Commits

• 5c657b3 Release 1.0.102
• e737fb6 Merge pull request #442 from dtolnay/backtrace
• 7fe62b5 Further simply backtrace conditional compilation
• c8cb5ca Merge pull request #441 from dtolnay/backtrace
• de27df7 Delete CI use of --features=backtrace
• 9b67e5d Merge pull request #440 from dtolnay/backtrace
• efdb11a Simplify std_backtrace conditional code
• b8a9a70 Merge pull request #439 from dtolnay/backtrace
• a42fc2c Remove feature = "backtrace" conditional code
• 2a2a3ce Re-word backtrace feature comment
• Additional commits viewable in compare view

Updates jni from 0.21.1 to 0.22.1

Release notes

Sourced from jni's releases.

Release JNI 0.22.1

This release fixes several issues found shortly after releasing 0.22.0 which unfortunately required a few breaking changes.

Instead of bumping to 0.23 though, the assumption 🤞 is that no one will yet be depending on the recently-released 0.22.0 and so we can yank that and have this represent the first 0.22.x release.

In particular this addresses the following issues:

• [Don't allow JNI calls with pending exceptions (undefined behaviour) #731](jni-rs/jni-rs#731)
• [JavaVM::attach_current_thread* should catch + clear exceptions #732](jni-rs/jni-rs#732)
• [Env::throw* APIs should return Err(Error::JavaException) #737](jni-rs/jni-rs#737)

Added

• Env::exception_catch provides a convenient way of catching pending Java exceptions and mapping them to Error::CaughtJavaException (#736)
• AttachGuard::detach_with_catch lets you explicitly detach/drop a guard (like ::detach()) and catch any pending Java exception as a Error::CaughtJavaException (#736).
• JClass::get_name lets you query the binary name for a class, such as java.lang.String (#736)

Changed

The following APIs have had to be made fallible again, in order to safely check for pending exceptions before calling JNI functions that are not documented as being safe to call with a pending exception:

• Env::get_java_vm (GetJavaVM is not exception safe)
• Env::version (GetVersion is not exception safe)
• Env::is_same_object (IsSameObject is not exception safe)
• Weak::is_garbage_collected (based on Env::is_same_object)
• Weak::is_same_object (deprecated) and (based on Env::is_same_object)
• Weak::is_weak_ref_to_same_object (deprecated) (based on Env::is_same_object)

Note: These are a breaking change.

Fixed in #733

• JavaVM::attach_current_thread* APIs all finish by calling AttachGuard::detach_with_catch to clear pending Java exceptions - mapping to Error::CaughtJavaException (#736)
• Env::throw* APIs now return Error::JavaException after throwing and creating a pending exception that must be handled before using JNI further (#738)

Release JNI 0.22.0

The 0.22 release significantly improves safety and ergonomics through changes to thread attachment, environment handling, and the addition of compile-time macros for JNI strings, signatures as well as full Java type bindings.

Please see the jni 0.22 Migration Guide for guidance on how to update from jni 0.21

Added

JavaVM / Thread Attachment APIs

• JavaVM::singleton() lets you acquire the JavaVM for the process when you know that the JavaVM singleton has been initialized (#595)
• JavaVM::is_thread_attached can query whether the current thread is attached to the Java VM (#570)
• AttachGuard::from_unowned added as a low-level (unsafe) way to represent a thread attachment with a raw jni_sys::Env pointer (#570)

... (truncated)

Changelog

Sourced from jni's changelog.

[0.22.1] — 2026-02-20

Note: This release fixes several issues found in 0.22.0 which unfortunately required a few breaking changes. Instead of bumping to 0.23 though, the assumption is that no one will yet be depending on the recently-released 0.22.0 and so we can yank that and have this represent the first 0.22.x release.

Added

• Env::exception_catch provides a convenient way of catching pending Java exceptions and mapping them to Error::CaughtJavaException (#736)
• AttachGuard::detach_with_catch lets you explicitly detach/drop a guard (like ::detach()) and catch any pending Java exception as a Error::CaughtJavaException (#736).
• JClass::get_name lets you query the binary name for a class, such as java.lang.String (#736)

Changed

The following APIs have had to be made fallible again, in order to safely check for pending exceptions before calling JNI functions that are not documented as being safe to call with a pending exception:

• Env::get_java_vm (GetJavaVM is not exception safe)
• Env::version (GetVersion is not exception safe)
• Env::is_same_object (IsSameObject is not exception safe)
• Weak::is_garbage_collected (based on Env::is_same_object)
• Weak::is_same_object (deprecated) and (based on Env::is_same_object)
• Weak::is_weak_ref_to_same_object (deprecated) (based on Env::is_same_object)

Note: These are a breaking change.

Fixed in #733

• JavaVM::attach_current_thread* APIs all finish by calling AttachGuard::detach_with_catch to clear pending Java exceptions - mapping to Error::CaughtJavaException (#736)
• Env::throw* APIs now return Error::JavaException after throwing and creating a pending exception that must be handled before using JNI further (#738)

[0.22.0] — 2026-02-17 (YANKED)

Added

JavaVM / Thread Attachment APIs

• JavaVM::singleton() lets you acquire the JavaVM for the process when you know that the JavaVM singleton has been initialized (#595)
• JavaVM::is_thread_attached can query whether the current thread is attached to the Java VM (#570)
• AttachGuard::from_unowned added as a low-level (unsafe) way to represent a thread attachment with a raw jni_sys::Env pointer (#570)
• AttachConfig exposes fine-grained control over thread attachment including Thread name, ThreadGroup and whether scoped or permanent. (#606)
• JavaVM::attach_current_thread_guard is a low-level (unsafe) building block for attaching threads that exposes the AttachGuard and AttachConfig control. (#606)
• JavaVM::attach_current_thread_with_config is a safe building block for attaching threads that hides the AttachGuard but exposes AttachConfig control. (#606)
• JavaVM::with_local_frame added as method to borrow a Env that is already attached to the current thread, after pushing a new JNI stack frame (#570, #673)
• JavaVM::with_top_local_frame_frame added to borrow a Env for the top JNI stack frame (i.e. without pushing a new JNI stack frame) (#570, #673)

Reference Type APIs

... (truncated)

Commits

• 568568e Release 0.22.1 (take 2)
• c73ab97 Release jni 0.22.1
• 078a9d4 Have Env::throw* APIs return Error::JavaException
• 655e2f4 Catch exceptions after running attachment closures
• c4c025d Call ExceptionCheck before any non-exception-safe JNI calls
• 9290db2 Fix crates/jni/mylib-example
• 779a9b4 Release jni 0.22
• 7801d19 Inline assert_top checks
• 023aa58 cargo publish --dry-run fixes
• 71875ba env: fix load_class example
• Additional commits viewable in compare view

Updates spin from 0.9.8 to 0.10.0

Changelog

Sourced from spin's changelog.

[0.10.0] - 2025-03-26

Added

• Mutex::try_lock_weak
• RwLock::try_write_weak
• RwLock::try_upgrade_weak

Changed

• Updated MSRV to 1.60
• Use dep: syntax in Cargo.toml
• portable_atomic feature has been renamed to portable-atomic, for consistency.

Fixed

Commits

• See full diff in compare view

Updates regex from 1.12.2 to 1.12.3

Changelog

Sourced from regex's changelog.

1.12.3 (2025-02-03)

This release excludes some unnecessary things from the archive published to crates.io. Specifically, fuzzing data and various shell scripts are now excluded. If you run into problems, please file an issue.

Improvements:

• #1319: Switch from a Cargo exclude list to an include list, and exclude some unnecessary stuff.

Commits

• b028e4f 1.12.3
• 5e195de regex-automata-0.4.14
• a3433f6 regex-syntax-0.8.9
• 0c07fae regex-lite-0.1.9
• 6a81006 cargo: exclude development scripts and fuzzing data
• 4733e28 automata: fix onepass::DFA::try_search_slots panic when too many slots are ...
• See full diff in compare view

Updates uuid from 1.20.0 to 1.21.0

Release notes

Sourced from uuid's releases.

v1.21.0

What's Changed

• Update getrandom to 0.4 by @​KodrAus in uuid-rs/uuid#858
• feat: impl core::error::Error for Error by @​XAMPPRocky in uuid-rs/uuid#852
• Prepare for 1.21.0 release by @​KodrAus in uuid-rs/uuid#859

New Contributors

• @​XAMPPRocky made their first contribution in uuid-rs/uuid#852

Full Changelog: uuid-rs/uuid@v1.20.0...v1.21.0

Commits

• a38fa19 Merge pull request #859 from uuid-rs/cargo/v1.21.0
• e45b10f prepare for 1.21.0 release
• f6f5d48 Merge pull request #852 from XAMPPRocky/main
• 9bee4bd Merge branch 'main' into main
• cb8f156 Merge pull request #858 from uuid-rs/chore/getrandom-04
• a59c061 bump msrv to 1.85.0 for getrandom
• b9a3157 bump msrv to 1.81.0
• 2a0a7a3 force an earlier nightly for miri
• a6e0aa1 update rand to 0.10
• 576d47b update getrandom to 0.4
• Additional commits viewable in compare view

Updates jsonschema from 0.30.0 to 0.42.1

Release notes

Sourced from jsonschema's releases.

[Python] Release 0.42.1

Performance

• Reduce dynamic dispatch overhead for non-recursive $ref resolution.
• Cache ECMA regex transformations during format: "regex" validation.

Packaging

• Exclude rust-toolchain.toml from wheels. #1012

[Ruby] Release 0.42.1

Performance

• Reduce dynamic dispatch overhead for non-recursive $ref resolution.
• Cache ECMA regex transformations during format: "regex" validation.

[Rust] Release 0.42.1

Performance

• Reduce dynamic dispatch overhead for non-recursive $ref resolution.
• Cache ECMA regex transformations during format: "regex" validation.

[Python] Release 0.42.0

Fixed

• Panic when validating $ref targets that resolve to boolean schemas.

Performance

• Use FFI PyList_New + PyList_SetItem for array conversion to avoid reallocations.
• Cache ValidationError, ReferencingError, and decimal.Decimal types to avoid repeated module imports.
• Cache formatted schema locations to avoid repeated formatting during evaluate().
• Use as_str instead of to_string for type names in validation errors to avoid allocations.

[Rust] Release 0.42.0

Added

• JsonType::as_str method for zero-allocation type name access.
• ValidationErrorKind::keyword is now public.
• tls-ring feature flag to opt into using ring as the TLS crypto provider instead of the default aws-lc-rs. #997
• CLI: Support YAML (.yaml/.yml) instance files. #988

Changed

• BREAKING: Default TLS crypto provider switched back to aws-lc-rs. Users who need ring can opt in via the tls-ring feature flag. This resolves potential conflicts with other libraries using aws-lc-rs. #997

Fixed

• Panic when validating $ref targets that resolve to boolean schemas.

... (truncated)

Changelog

Sourced from jsonschema's changelog.

[0.42.1] - 2026-02-17

Performance

• Reduce dynamic dispatch overhead for non-recursive $ref resolution.
• Cache ECMA regex transformations during format: "regex" validation.

[0.42.0] - 2026-02-14

Added

• JsonType::as_str method for zero-allocation type name access.
• ValidationErrorKind::keyword is now public.
• tls-ring feature flag to opt into using ring as the TLS crypto provider instead of the default aws-lc-rs. #997
• CLI: Support YAML (.yaml/.yml) instance files in text output mode. #988

Changed

• BREAKING: Default TLS crypto provider switched back to aws-lc-rs. Users who need ring can opt in via the tls-ring feature flag. This resolves potential conflicts with other libraries using aws-lc-rs. #997

Fixed

• Panic when validating $ref targets that resolve to boolean schemas.

Performance

• Cache formatted schema locations with OnceLock to avoid repeated formatting during evaluate().

[0.41.0] - 2026-02-04

Performance

• Replace regex-based uri-template format validation with a hand-rolled RFC 6570 parser.
• Specialize items keyword for simple type schemas ({"type": "string"}, {"type": "number"}, etc.) to eliminate dynamic dispatch overhead.
• Precompute regex matches on known properties.
• Faster unevaluatedProperties validation via O(1) property lookup and short-circuit oneOf evaluation.
• Use HashMap for large set of properties.
• Lower HashMap threshold from 40 to 15 properties for faster property lookups.

[0.40.2] - 2026-01-30

Changed

• Exclude internal tracker field from ValidationError Debug output.
• Switch HTTP client TLS crypto backend from aws-lc-rs to ring to simplify building from source on some Linux distributions. #957

Fixed

• type: integer validation in Draft 4 now correctly accepts large integers outside the i64/u64 range when arbitrary-precision feature is enabled.

... (truncated)

Commits

• 9ea8fe0 chore(ruby): Release 0.42.1
• 283f8ca chore(python): Release 0.42.1
• b1584ef chore(rust): Release 0.42.1
• cc885c5 chore(python): Exclude rust-toolchain.toml from wheels
• fb48493 perf: Cache ECMA regex transformations during format: "regex" validation
• e385dc9 perf: Metaschema validation benchmarks
• 3a0e590 build(deps): update serde-saphyr requirement from 0.0.18 to 0.0.19
• ab25304 perf: Reduce dynamic dispatch overhead for non-recursive $ref resolution
• 61b2ab4 docs(ruby): Update readme
• 7b78864 build(deps): bump werkzeug from 2.2.3 to 3.1.5 in /crates/jsonschema-py
• Additional commits viewable in compare view

Updates chrono from 0.4.43 to 0.4.44

Release notes

Sourced from chrono's releases.

0.4.44

What's Changed

• docs: match MSRV with Cargo.toml contents by @​coryan in chronotope/chrono#1772
• Add track_caller to non-deprecated functions by @​svix-jplatte in chronotope/chrono#1774

Commits

• c14b459 Bump version to 0.4.44
• ea832c5 Add track_caller to non-deprecated functions
• cfae889 Fix panic message in to_rfc2822
• f8900b5 docs: match MSRV with Cargo.toml contents
• See full diff in compare view

Updates rand from 0.9.2 to 0.10.0

Changelog

Sourced from rand's changelog.

[0.10.0] - 2026-02-08

Changes

• The dependency on rand_chacha has been replaced with a dependency on chacha20. This changes the implementation behind StdRng, but the output remains the same. There may be some API breakage when using the ChaCha-types directly as these are now the ones in chacha20 instead of rand_chacha (#1642).
• Rename fns IndexedRandom::choose_multiple -> sample, choose_multiple_array -> sample_array, choose_multiple_weighted -> sample_weighted, struct SliceChooseIter -> IndexedSamples and fns IteratorRandom::choose_multiple -> sample, choose_multiple_fill -> sample_fill (#1632)
• Use Edition 2024 and MSRV 1.85 (#1653)
• Let Fill be implemented for element types, not sliceable types (#1652)
• Fix OsError::raw_os_error on UEFI targets by returning Option<usize> (#1665)
• Replace fn TryRngCore::read_adapter(..) -> RngReadAdapter with simpler struct RngReader (#1669)
• Remove fns SeedableRng::from_os_rng, try_from_os_rng (#1674)
• Remove Clone support for StdRng, ReseedingRng (#1677)
• Use postcard instead of bincode to test the serde feature (#1693)
• Avoid excessive allocation in IteratorRandom::sample when amount is much larger than iterator size (#1695)
• Rename os_rng -> sys_rng, OsRng -> SysRng, OsError -> SysError (#1697)
• Rename Rng -> RngExt as upstream rand_core has renamed RngCore -> Rng (#1717)

Additions

• Add fns IndexedRandom::choose_iter, choose_weighted_iter (#1632)
• Pub export Xoshiro128PlusPlus, Xoshiro256PlusPlus prngs (#1649)
• Pub export ChaCha8Rng, ChaCha12Rng, ChaCha20Rng behind chacha feature (#1659)
• Fn rand::make_rng() -> R where R: SeedableRng (#1734)

Removals

• Removed ReseedingRng (#1722)
• Removed unused feature "nightly" (#1732)
• Removed feature small_rng (#1732)

#1632: rust-random/rand#1632 #1642: rust-random/rand#1642 #1649: rust-random/rand#1649 #1652: rust-random/rand#1652 #1653: rust-random/rand#1653 #1659: rust-random/rand#1659 #1665: rust-random/rand#1665 #1669: rust-random/rand#1669 #1674: rust-random/rand#1674 #1677: rust-random/rand#1677 #1693: rust-random/rand#1693 #1695: rust-random/rand#1695 #1697: rust-random/rand#1697 #1717: rust-random/rand#1717 #1722: rust-random/rand#1722 #1732: rust-random/rand#1732 #1734: rust-random/rand#1734

Commits

• acc5f24 Prepare v0.10.0 releases (#1729)
• 95c5165 Add fn rand::make_rng (#1734)
• 146da58 CHANGELOG: add PR links (#1738)
• 8cacd6d README tweaks (#1737)
• 28e3df8 Update chacha20: use ChaChaCore directly; remove bytes_until_reseed field (#1...
• 03db311 Replace fn reseed_and_generate with try_to_reseed
• b14483e Apply inline attr to fn generate
• fda8f74 Remove bytes_until_reseed field
• 213bb3b Bump chacha20 to 0.10.0-rc.11
• 72afe1e Minor tweaks; prepare v0.10.0-rc.9 (#1736)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions