chore(deps): bump the rust-dependencies group with 2 updates

[dependabot]

Bumps the rust-dependencies group with 2 updates: git2 and serde_json.

Updates git2 from 0.20.4 to 0.21.0

Changelog

Sourced from git2's changelog.

0.21.0 - TBD

0.20.4...main

Added

• Added experimental SHA256 repository support behind the new unstable-sha256 Cargo feature, along with *_ext API variants that accept an ObjectFormat. #1206
• Added opts::set_cache_max_size() and opts::get_cached_memory(). #1188
• Added Repository::object_format() and a new ObjectFormat enum. #1204
• Added Repository::set_config(). #1208
• Added merge_file() along with MergeFileInput. #1210
• Added Repository::refdb_compress() for packing loose refs. #1221
• Added public Refdb type, along with Repository::refdb() and Repository::set_refdb(). Repository::refdb_compress() now delegates to Refdb::compress(). #1228
• Added Revspec::into_objects(). #1230
• Added BlameHunk::final_committer(), BlameHunk::orig_committer(), BlameHunk::summary(), and BlameHunk::summary_bytes(). #1231
• Implemented Clone for Reference. #1233
• Added Repository::author_from_env() and Repository::committer_from_env(). #1237
• Added impl From<Utf8Error> for Error. #1239

Changed

• ❗ The ssh, https, and cred Cargo features are no longer enabled by default. Previously default = ["ssh", "https"]; now default = []. Enable them explicitly if you rely on credential helpers or transport support. #1168
• ❗ CredentialHelper and the url dependency are now gated behind the new cred Cargo feature. Enabling ssh or https transitively enables cred. #1168
• ❗ Updated to the 2021 edition. #1173
• ❗ Many string accessors that previously returned Option<&str> now return Result<&str, Error> or Result<Option<&str>, Error>, so callers can distinguish a missing value from a non-UTF-8 one. #1241
• ❗ BlameHunk::final_signature, BlameHunk::final_committer, BlameHunk::orig_signature, and BlameHunk::orig_committer now return Option to avoid segfaults when signature information is missing. #1254
• Bumped requirement to libgit2-sys 0.18.4, which updates libgit2 to 1.9.3.

... (truncated)

Commits

• dffaf27 Merge pull request #1256 from weihanglo/changelog
• 84b9c76 docs: changelog for git2@0.21
• 8c6dc4a Merge pull request #1206 from weihanglo/sha256-git2
• 7bd145e fix: import ObjectFormat in one place
• fc8af6a test(oid): split _ext to test each format separately
• b9bde87 test: oid length sanity check
• 57a68e0 feat(oid): impl Display for ObjectFormat
• 7acee09 chore(ci): test git2 sha256 support
• bdf5b7b fix: init example with --object-format option
• 9fb4e6a refactor(util): drop unsafe from zeroed_raw_oid
• Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions