deps: Bump the rust-dependencies group with 3 updates

[dependabot]

Updates the requirements on thiserror, lz4_flex and generic-array to permit the latest version.
Updates thiserror to 2.0.17

Release notes

Sourced from thiserror's releases.

2.0.17

• Use differently named __private module per patch release (#434)

Commits

• 72ae716 Release 2.0.17
• 599fdce Merge pull request #434 from dtolnay/private
• 9ec05f6 Use differently named __private module per patch release
• d2c492b Raise minimum tested compiler to rust 1.76
• fc3ab95 Opt in to generate-macro-expansion when building on docs.rs
• 819fe29 Update ui test suite to nightly-2025-09-12
• 259f48c Enforce trybuild >= 1.0.108
• 470e6a6 Update ui test suite to nightly-2025-08-24
• 544e191 Update actions/checkout@v4 -> v5
• cbc1eba Delete duplicate cap-lints flag from build script
• Additional commits viewable in compare view

Updates lz4_flex to 0.12.0

Release notes

Sourced from lz4_flex's releases.

0.12.0

What's Changed

• Fix integer overflows when decoding large payloads by @​teh-cmc in PSeitz/lz4_flex#192
• chore(readme): add python binding impl by @​LVivona in PSeitz/lz4_flex#190

New Contributors

• @​teh-cmc made their first contribution in PSeitz/lz4_flex#192
• @​LVivona made their first contribution in PSeitz/lz4_flex#190

Full Changelog: PSeitz/lz4_flex@0.11.5...0.12.0

Changelog

Sourced from lz4_flex's changelog.

0.12.0 (2025-11-11)

• Fix integer overflows when decoding large payloads #192 (thanks @​teh-cmc)

This fixes an u32 integer overflow when decoding large payloads in the block format.
Note: The block format is not suitable for such large payloads, since it
keeps everything in memory. Consider using the frame format for large data.
This change also removes a unsafe fast-path for write_integer to simplify the code.
The performance impact is on incompressible data, which is already fast enough.

0.11.5 (2025-06-19)

• Fix incorrect rust-version field name in Cargo.toml #187

0.11.4 (2025-06-14)

• Upgrade to twox-hash 2.0#175
• Better no_std compatibility #180

0.11.3 (2024-03-30)

• Fix support for --deny=unsafe_code compilation #152
• make get_maximum_output_size const #153

0.11.2 (2024-01-11)

• Include license file in the published crate

0.11.1 (2023-06-19)

• [breaking] remove unchecked-decode Remove unchecked-decode feature-flag, because of feature unification: https://doc.rust-lang.org/cargo/reference/features.html#feature-unification

0.11.0 (2023-06-18)

Documentation

• Docs: add decompress block example

Fixes

• Handle empty input in Frame Format #120

Empty input was ignored previously and didn't write anything. Now an empty Frame is written. This improves compatibility with the reference implementation and some corner cases.

... (truncated)

Commits

• 975bfa7 bump version to 0.12.0
• 40d8110 update readme
• 642020e bump version to 0.12
• 5295b16 chore(readme): add python binding impl
• c1483c4 fix the issue
• b3c03be implement test demonstrating the issue
• a61ee5f remove unsafe write_integer which AFAICT is not used and broken
• ad71a31 fix illegal doc comment
• f1c070e clippy
• 1496be4 update binggan
• Additional commits viewable in compare view

Updates generic-array to 1.3.5

Changelog

Sourced from generic-array's changelog.

• (unreleased)

  • Add subtle, arbitrary, bytemuck, bitvec and as-slice implementations for GenericArray.
  • Add GenericSequence::repeat for creating sequences/arrays with repeated elements.
  • Add FallibleGenericSequence with try_generate and from_fallible_iter for fallible generation of sequences/arrays.
  • Add try_fold and try_map to FunctionalSequence for fallible folding/mapping of sequences/arrays.
  • Add try_from_fallible_iter to GenericArray for fallible construction from fallible iterators.
  • Add each_ref/each_mut methods to GenericArray for creating arrays of references to the elements.

• 1.3.5

  • Fixed const_transmute not compiling between Rust versions 1.74.0 and 1.83.0. Yanked 1.3.4.

• 1.3.4

  • Significantly improve stack usage of GenericArray methods in unoptimized (-C opt-level=0) build modes.
  • Introduce the hybrid-array-0_4 feature to allow interop between generic-array 1.x and hybrid-array 0.4 versions.
  • Add ConstGenericArray type alias for easier usage with literal const usizes.
  • Implement ZeroizeOnDrop for GenericArray when T: ZeroizeOnDrop (when using the zeroize feature).

• 1.3.2

  • Introduce the compat-0_14 feature to allow interop between generic-array 1.x and 0.14 versions.

• 1.3.1

  • Lower MSRV to 1.65.0 (minimum required for GATs)
  • Make some functions const only on Rust 1.83.0 or newer, otherwise they are non-const.
  • Implement core::error::Error for LengthError on Rust 1.81.0 or newer.

• 1.3.0

  • Restrict ArrayLength to lengths representable by usize to fix soundness issues #156 (may break invalid code)
  • Flatten internal representation to improve miri performance #157
  • Use serde_core instead of serde

• 1.2.1

  • Replace doc_auto_cfg with doc_cfg #155

• 1.2.0

  • Mark more functions as const
  • Bump MSRV to 1.83.0 (reverted in generic-array 1.3.1)

• 1.1.1

  • Add Flatten and Unflatten traits for converting between nested arrays.

• 1.1.0

  • Add Remove trait that adds remove/swap_remove to GenericArray (inspired by #147)
  • Soft-deprecate internals::ArrayBuilder in favor of internals::IntrusiveArrayBuilder

• 1.0.1

  • Update faster-hex dependency
  • Mark from_iter as #[inline] to significantly improve codegen.

• 1.0.0

  • Use GATs for ArrayLength !

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions