From 8ddea5cb6224060375fd1d50d5031bca6c7548ec Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 19 Feb 2026 18:27:19 +0000
Subject: [PATCH] chore(deps): Bump prometheus in
 /services/webmention-rate-limiter

Bumps [prometheus](https://github.com/tikv/rust-prometheus) from 0.13.4 to 0.14.0.
- [Changelog](https://github.com/tikv/rust-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tikv/rust-prometheus/compare/v0.13.4...v0.14.0)

---
updated-dependencies:
- dependency-name: prometheus
  dependency-version: 0.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 services/webmention-rate-limiter/Cargo.lock | 44 ++++++++++++++-------
 services/webmention-rate-limiter/Cargo.toml |  2 +-
 2 files changed, 30 insertions(+), 16 deletions(-)

diff --git a/services/webmention-rate-limiter/Cargo.lock b/services/webmention-rate-limiter/Cargo.lock
index 60dc3d4..a06fd62 100644
--- a/services/webmention-rate-limiter/Cargo.lock
+++ b/services/webmention-rate-limiter/Cargo.lock
@@ -637,25 +637,19 @@ dependencies = [
 
 [[package]]
 name = "prometheus"
-version = "0.13.4"
+version = "0.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3d33c28a30771f7f96db69893f78b857f7450d7e0237e9c8fc6427a81bae7ed1"
+checksum = "3ca5326d8d0b950a9acd87e6a3f94745394f62e4dae1b1ee22b2bc0c394af43a"
 dependencies = [
  "cfg-if",
  "fnv",
  "lazy_static",
  "memchr",
  "parking_lot",
- "protobuf 2.28.0",
- "thiserror",
+ "protobuf",
+ "thiserror 2.0.18",
 ]
 
-[[package]]
-name = "protobuf"
-version = "2.28.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "106dd99e98437432fed6519dedecfade6a06a73bb7b2a1e019fdd2bee5778d94"
-
 [[package]]
 name = "protobuf"
 version = "3.7.2"
@@ -664,7 +658,7 @@ checksum = "d65a1d4ddae7d8b5de68153b48f6aa3bba8cb002b243dbdbc55a5afbc98f99f4"
 dependencies = [
  "once_cell",
  "protobuf-support",
- "thiserror",
+ "thiserror 1.0.69",
 ]
 
 [[package]]
@@ -673,7 +667,7 @@ version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3e36c2f31e0a47f9280fb347ef5e461ffcd2c52dd520d8e216b52f93b0b0d7d6"
 dependencies = [
- "thiserror",
+ "thiserror 1.0.69",
 ]
 
 [[package]]
@@ -866,7 +860,16 @@ version = "1.0.69"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52"
 dependencies = [
- "thiserror-impl",
+ "thiserror-impl 1.0.69",
+]
+
+[[package]]
+name = "thiserror"
+version = "2.0.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4288b5bcbc7920c07a1149a35cf9590a2aa808e0bc1eafaade0b80947865fbc4"
+dependencies = [
+ "thiserror-impl 2.0.18",
 ]
 
 [[package]]
@@ -880,6 +883,17 @@ dependencies = [
  "syn",
 ]
 
+[[package]]
+name = "thiserror-impl"
+version = "2.0.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ebc4ee7f67670e9b64d05fa4253e753e016c6c95ff35b89b7941d6b856dec1d5"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
 [[package]]
 name = "thread_local"
 version = "1.1.9"
@@ -1168,10 +1182,10 @@ dependencies = [
  "axum",
  "chrono",
  "prometheus",
- "protobuf 3.7.2",
+ "protobuf",
  "serde",
  "serde_json",
- "thiserror",
+ "thiserror 1.0.69",
  "tokio",
  "tokio-test",
  "tower 0.4.13",
diff --git a/services/webmention-rate-limiter/Cargo.toml b/services/webmention-rate-limiter/Cargo.toml
index ca97751..cde0017 100644
--- a/services/webmention-rate-limiter/Cargo.toml
+++ b/services/webmention-rate-limiter/Cargo.toml
@@ -33,7 +33,7 @@ tracing = "0.1"
 tracing-subscriber = { version = "0.3", features = ["env-filter", "json"] }
 
 # Metrics
-prometheus = "0.13"
+prometheus = "0.14"
 # Security fix: override transitive protobuf to patch CVE-2025-53605
 protobuf = "3.7"