chore(deps): scheduled dependency update

[vadimpiven]

• Cargo: mimalloc 0.1.51→0.1.52, serde_json 1.0.149→1.0.150
• pnpm: vite 8.0.13→8.0.14
• mise tools: uv 0.11.15→0.11.16, nextest 0.9.135→0.9.136, cargo-deny 0.19.6→0.19.7, typos 1.46.2→1.46.3, mise v2026.5.13→v2026.5.15
• Python: ruff 0.15.13→0.15.14
• GitHub Actions: codeql-action v4.35.5→v4.36.0, docker/login-action v4.1.0→v4.2.0, docker/setup-buildx-action v4.0.0→v4.1.0
• Rust nightly 2026-05-20→2026-05-24
• Dockerfile: manylinux_2_28 digest refreshed

[semanticdiff-com]

Review changes with  

Changed Files

File	Status
pnpm-lock.yaml	57% smaller
.github/workflows/regular.yaml	18% smaller
.github/actions/setup-docker/action.yaml	15% smaller
.mise-version	Unsupported file format
.python-version	Unsupported file format
Cargo.lock	Unsupported file format
Cargo.toml	Unsupported file format
Dockerfile	Unsupported file format
docker-compose.proxied.yaml	0% smaller
mise.lock	Unsupported file format
mise.toml	Unsupported file format
pnpm-workspace.yaml	0% smaller
pyproject.toml	Unsupported file format
rust-toolchain.toml	Unsupported file format
uv.lock	Unsupported file format

[gemini-code-assist]

Code Review

This pull request consists of a wide-ranging update to project dependencies and tool versions across multiple environments. Key changes include bumping GitHub Actions for Docker, updating the Rust nightly toolchain, and refreshing library versions in the Cargo, pnpm, and Python configurations, along with their respective lock files. Additionally, the Dockerfile base image and various system tools managed via mise were updated to newer releases. I have no feedback to provide as there were no review comments to assess.

[greptile-apps]

Greptile Summary

Scheduled automated dependency update across all package managers and tooling — no application logic changes. All version bumps are accompanied by updated checksums and digests, following the repository's pinning strategy.

• Rust: mimalloc 0.1.51→0.1.52, serde_json 1.0.149→1.0.150, Rust nightly rolled forward to 2026-05-24, with transitive lock file updates for wasm-bindgen, bumpalo, autocfg, and related crates.
• Node/pnpm: vite 8.0.13→8.0.14, rolldown 1.0.1→1.0.2, and several browser-compat transitive packages updated in pnpm-lock.yaml.
• Tooling & CI: mise v2026.5.13→v2026.5.15, uv 0.11.15→0.11.16, nextest 0.9.135→0.9.136, cargo-deny 0.19.6→0.19.7, typos 1.46.2→1.46.3, ruff 0.15.13→0.15.14; GitHub Actions (docker/login-action, docker/setup-buildx-action, codeql-action) pinned to new commit SHAs; manylinux_2_28 Dockerfile base image digest refreshed.

Confidence Score: 5/5

This PR is safe to merge — it contains only dependency version bumps with no changes to application code.

All changes are mechanical version bumps across Cargo, pnpm, Python, mise tools, and GitHub Actions, each accompanied by updated checksums or commit-SHA pins. There are no modifications to source code, build logic, or CI behavior beyond the tool versions themselves.

No files require special attention.

Important Files Changed

Filename	Overview
.github/actions/setup-docker/action.yaml	docker/login-action v4.1.0→v4.2.0 and docker/setup-buildx-action v4.0.0→v4.1.0 pinned to new commit SHAs
.github/workflows/regular.yaml	codeql-action/upload-sarif v4.35.5→v4.36.0 pinned to new commit SHA
Cargo.toml	mimalloc 0.1.51→0.1.52 and serde_json 1.0.149→1.0.150 version bumps
Cargo.lock	Lock file updated for mimalloc, serde_json, and several transitive dependencies
Dockerfile	manylinux_2_28 base image digest refreshed to latest
mise.toml	Tool versions bumped: uv, nextest, cargo-deny, typos, rust nightly date updated
mise.lock	Lock file updated with new checksums and URLs for all bumped tools
pnpm-workspace.yaml	vite catalog version bumped to 8.0.14
pnpm-lock.yaml	vite 8.0.13→8.0.14 and associated transitive updates
pyproject.toml	ruff 0.15.13→0.15.14
rust-toolchain.toml	Rust nightly channel date updated from 2026-05-20 to 2026-05-24
uv.lock	Python dependency lock file updated to reflect ruff version bump
.mise-version	mise tool version bumped from v2026.5.13 to v2026.5.15

_{Reviews (1): Last reviewed commit: "chore(deps): scheduled dependency update" | Re-trigger Greptile}

[socket-security]

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring alerts on:

• pypi/flask@3.1.3
• pypi/flask@3.1.3

View full report

[vadimpiven]

@SocketSecurity ignore pypi/flask@3.1.3

[codspeed-hq]

Merging this PR will not alter performance

✅ 15 untouched benchmarks

---

_{Comparing chore/deps-update-2026-05-24 (c748f95) with main (1c94669)}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!