Bump the rust group across 1 directory with 2 updates

[dependabot]

Bumps the rust group with 2 updates in the / directory: pyo3 and serde_json.

Updates pyo3 from 0.24.2 to 0.25.1

Release notes

Sourced from pyo3's releases.

PyO3 0.25.1

This release adds testing for arm64 Windows, and fixes a bug with Python 3.14 support on 32-bit systems.

This release also adds a chrono-local feature to enable support for chrono::Local timezone (this was previously available in PyO3 0.24 but would convert the local timezone to a fixed offset, which did not round-trip well).

There are a few other fixes, mostly correcting FFI definitions and improving compiler errors when writing async code without the experimental-async feature enabled.

Thank you to the following contributors for the improvements:

@​bschoenmaeckers @​Cheukting @​davidhewitt @​decathorpe @​dependabot[bot] @​Icxolu @​jessekrubin @​musicinmybrain @​ngoldbaum @​timfel @​tonybaloney @​Tpt @​yogevm15

PyO3 0.25.0

This version extends Python version support to include the new Python 3.14, currently in beta. Please note it is possible that there may yet be changes to 3.14 before stable release which may impact final compatibility.

New optional dependencies on bigdecimal, ordered_float, and time have been added to permit converting types from those crates to Python types (and vice versa).

The experimental-inspect feature now has the capability to autogenerate type stubs. These stubs are still extremely basic and lack much information. Tooling such as setuptools-rust and maturin will also need to be updated to make adoption of these easier. Please follow PyO3/pyo3#5137 to keep abreast of developments of this feature.

The #[pyclass] macro has gained new options #[pyclass(generic)] and #[pyclass(immutable_type)] to offer additional control over the runtime behaviour of the generated Python type object.

The AsPyPointer trait has been removed as PyO3's smart pointer types such as Py<T>, Bound<T> and Borrowed<T> covered this use case with a better API.

As part of the upgrade to support 3.14, there have also been many cleanups to pyo3-ffi. Many definitions which are private implementation details of CPython have been removed; projects downstream of CPython cannot rely on stability of these even across CPython patch releases.

There are also many other incremental improvements, bug fixes and smaller features.

Please consult the migration guide for help upgrading.

Thank you to everyone who contributed code, documentation, design ideas, bug reports, and feedback. The following contributors' commits are included in this release:

@​0x676e67 @​bschoenmaeckers @​clin1234 @​davidbrochart @​davidhewitt @​ddelange @​decathorpe @​dependabot[bot]

... (truncated)

Changelog

Sourced from pyo3's changelog.

[0.25.1] - 2025-06-12

Packaging

• Add support for Windows on ARM64. #5145
• Add chrono-local feature for optional conversions for chrono's Local timezone & DateTime<Local> instances. #5174

Added

• Add FFI definition PyBytes_AS_STRING. #5121
• Add support for module associated consts introspection. #5150

Changed

• Enable "vectorcall" FFI definitions on GraalPy. #5121
• Use Py_Is function on GraalPy #5121

Fixed

• Report a better compile error for async declarations when not using experimental-async feature. #5156
• Fix implementation of FromPyObject for uuid::Uuid on big-endian architectures. #5161
• Fix segmentation faults on 32-bit x86 with Python 3.14. #5180

[0.25.0] - 2025-05-14

Packaging

• Support Python 3.14.0b1. #4811
• Bump supported GraalPy version to 24.2. #5116
• Add optional bigdecimal dependency to add conversions for bigdecimal::BigDecimal. #5011
• Add optional time dependency to add conversions for time types. #5057
• Remove cfg-if dependency. #5110
• Add optional ordered_float dependency to add conversions for ordered_float::NotNan and ordered_float::OrderedFloat. #5114

Added

• Add initial type stub generation to the experimental-inspect feature. #3977
• Add #[pyclass(generic)] option to support runtime generic typing. #4926
• Implement OnceExt & MutexExt for parking_lot & lock_api. Use the new extension traits by enabling the arc_lock, lock_api, or parking_lot cargo features. #5044
• Implement From/Into for Borrowed<T> -> Py<T>. #5054
• Add PyTzInfo constructors. #5055
• Add FFI definition PY_INVALID_STACK_EFFECT. #5064
• Implement AsRef<Py<PyAny>> for Py<T>, Bound<T> and Borrowed<T>. #5071
• Add FFI definition PyModule_Add and compat::PyModule_Add. #5085
• Add FFI definitions Py_HashBuffer, Py_HashPointer, and PyObject_GenericHash. #5086
• Support #[pymodule_export] on const items in declarative modules. #5096
• Add #[pyclass(immutable_type)] option (on Python 3.14+ with abi3, or 3.10+ otherwise) for immutable type objects. #5101
• Support #[pyo3(rename_all)] support on #[derive(IntoPyObject)]. #5112
• Add PyRange wrapper. #5117

Changed

... (truncated)

Commits

• 2aacae6 release: 0.25.1
• a4c35ce Make PyObjectObRefcnt.refcnt_and_flags 64-bit-only (#5180)
• 0ba8f31 docs: add Kyle Barron libraries/packages to README.md (#5172)
• eb3fac9 fix: typos in guide/docs (#5182)
• 7601c0c ci: fixes 2025-06-06 (#5186)
• 2829027 Add conversions for chrono's Local timezone (#5174)
• 5db4871 Remove unnecessary warning filter in pytests (#5165)
• 008efe2 conversions: fix FromPyObject impl for uuid::Uuid for big-endian (#5161)
• a27ccd7 Updates to better support ormsgpack on GraalPy. (#5121)
• 2c13c1c Catching Invalid Asyncs (#5156)
• Additional commits viewable in compare view

Updates serde_json from 1.0.140 to 1.0.141

Release notes

Sourced from serde_json's releases.

v1.0.141

• Optimize string escaping during serialization (#1273, thanks @​conradludgate)

Commits

• 6843c36 Release 1.0.141
• 6e2c210 Touch up PR 1273
• 623d9b4 Merge pull request #1273 from conradludgate/optimise-string-escaping
• de70b7d use unreachable_unchecked for escape table. use a second match to roundtrip E...
• f2d940d replace start index with bytes slice reference
• cd55b5a Ignore mismatched_lifetime_syntaxes lint
• c1826eb Pin nightly toolchain used for miri job
• 8a56cfa Merge pull request #1248 from jimmycathy/master
• af3d80d chore: fix typo
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[saulshanabrook]

Waiting on this till next pyo3 release which will include changes to run_code which will make it easier to update my changed version that supports paths.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.