build(deps): bump the cargo-patch group across 1 directory with 4 updates

[dependabot]

Bumps the cargo-patch group with 4 updates in the /src-tauri directory: serde_json, log, serde-xml-rs and tauri-build.

Updates serde_json from 1.0.145 to 1.0.149

Release notes

Sourced from serde_json's releases.

v1.0.149

• Align arbitrary_precision number strings with zmij's formatting (#1306, thanks @​b41sh)

v1.0.148

• Update zmij dependency to 1.0

v1.0.147

• Switch float-to-string algorithm from Ryū to Żmij for better f32 and f64 serialization performance (#1304)

v1.0.146

• Set fast_arithmetic=64 for riscv64 (#1305, thanks @​Xeonacid)

Commits

• 4f6dbfa Release 1.0.149
• f3df680 Touch up PR 1306
• e16730f Merge pull request #1306 from b41sh/fix-float-number-display
• eeb2bcd Align arbitrary_precision number strings with zmij’s formatting
• 8b291c4 Release 1.0.148
• 1aefe15 Update to zmij 1.0
• 62d6e8d Release 1.0.147
• fd829a6 Merge pull request #1304 from dtolnay/zmij
• e757a3d Switch from ryu -> zmij for float formatting
• 75ad7e6 Release 1.0.146
• Additional commits viewable in compare view

Updates log from 0.4.28 to 0.4.29

Release notes

Sourced from log's releases.

0.4.29

MSRV

This release increases log's MSRV from 1.61.0 to 1.68.0.

What's Changed

• docs: Add missing impls from README.md by @​AldaronLau in rust-lang/log#703
• Point to new URLs for favicon and logo by @​AldaronLau in rust-lang/log#704
• perf: reduce llvm-lines of FromStr for Level and LevelFilter by @​dishmaker in rust-lang/log#709
• Replace serde with serde_core by @​Thomasdezeeuw in rust-lang/log#712
• Fix clippy lints by @​Thomasdezeeuw in rust-lang/log#713
• Use GitHub Actions to install Rust and cargo-hack by @​Thomasdezeeuw in rust-lang/log#715
• Exclude old unstable_kv features from testing matrix by @​Thomasdezeeuw in rust-lang/log#716
• Fix up CI by @​KodrAus in rust-lang/log#718
• Prepare for 0.4.29 release by @​KodrAus in rust-lang/log#719

New Contributors

• @​AldaronLau made their first contribution in rust-lang/log#703
• @​dishmaker made their first contribution in rust-lang/log#709

Full Changelog: rust-lang/log@0.4.28...0.4.29

Changelog

Sourced from log's changelog.

[0.4.29] - 2025-12-02

What's Changed

• perf: reduce llvm-lines of FromStr for Level and LevelFilter by @​dishmaker in rust-lang/log#709
• Replace serde with serde_core by @​Thomasdezeeuw in rust-lang/log#712

New Contributors

• @​AldaronLau made their first contribution in rust-lang/log#703
• @​dishmaker made their first contribution in rust-lang/log#709

Full Changelog: rust-lang/log@0.4.28...0.4.29

Commits

• b1e2df7 Merge pull request #719 from rust-lang/cargo/0.4.29
• 3fe1a54 prepare for 0.4.29 release
• 7a432d9 Merge pull request #718 from rust-lang/ci/msrv
• 0689d56 rebump msrv to 1.68.0
• 46b448e try drop msrv back to 1.61.0
• 929ab38 fix up doc test feature gate
• 957cece bump serde-dependent crates
• bea40c8 bump msrv to 1.68.0
• c540184 Merge pull request #716 from rust-lang/ci-smaller-matrix2
• c971e63 Merge branch 'master' into ci-smaller-matrix2
• Additional commits viewable in compare view

Updates serde-xml-rs from 0.8.1 to 0.8.2

Commits

• 8617bbf 🔖 Version 0.8.2
• 5d1a4ee ✨ Add Serializer::into_inner method to extract the writer (#245)
• 83fed4e ⬆️ xml-rs 8.0 -> xml 1.0 (#242)
• a659f21 ⬆️ upgrade thiserror dependency to version 2.0 (#235)
• See full diff in compare view

Updates tauri-build from 2.5.0 to 2.5.2

Release notes

Sourced from tauri-build's releases.

tauri-build v2.5.2

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 866 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1060 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.53.4
    │   └── tauri-runtime-wry 2.9.1
    │       └── tauri 2.9.3
    │           ├── tauri-plugin-sample 0.1.0
    │           │   └── api 0.1.0
    │           ├── tauri-plugin-log 2.6.0
    │           │   └── api 0.1.0
    │           ├── tauri-file-associations-demo 0.1.0
    │           ├── tauri 2.9.3
    │           ├── restart 0.1.0
    │           ├── resources 0.1.0
    │           ├── bench_helloworld 0.1.0
    │           ├── bench_files_transfer 0.1.0
    │           ├── bench_cpu_intensive 0.1.0
    │           └── api 0.1.0
    ├── webkit2gtk 2.0.1
    │   ├── wry 0.53.4
    │   ├── tauri-runtime-wry 2.9.1
    │   ├── tauri-runtime 2.9.1
    │   │   ├── tauri-runtime-wry 2.9.1
    │   │   └── tauri 2.9.3
    │   └── tauri 2.9.3
    ├── tauri-runtime-wry 2.9.1
    ├── tauri-runtime 2.9.1
    ├── tauri 2.9.3
    ├── tao 0.34.5
    │   └── tauri-runtime-wry 2.9.1
    ├── muda 0.17.1
    │   ├── tray-icon 0.21.0
    │   │   └── tauri 2.9.3
    │   └── tauri 2.9.3
</tr></table> 

... (truncated)

Commits

• 956031d apply version updates (#14458)
• 4b00130 refactor(core): improve iOS log messages from stdout/stderr (#14385)
• 8e3bd63 perf(codegen): wrap generated context in a fn (#14457)
• cfe4787 chore(deps): update dependency rollup to v4.53.1 (#14444)
• 236f55b docs: enable dynamic-acl feature on docs.rs (#14452)
• 9bb7e79 apply version updates (#14425)
• d566679 ci: don't re-generate lockfile on prepublish
• 3899d45 Address review comments (#14426)
• b586ecf fix(cli): demultiply tiny skia pixels (#14416)
• dd70d21 chore(deps): update minisign to 0.8 (#14415)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions