deps(deps): update bincode requirement from 1.3 to 3.0

[dependabot]

Updates the requirements on bincode to permit the latest version.

Commits

• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

Labels

The following labels could not be found: automated, dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[fossabot]

[fossabot]

Needs Review

Unable to perform impact analysis for dependencies. No dependency changes detected.

Fix Suggestions

We identified 3 fixable issues in this upgrade.

• Fix invalid SPDX license identifiers in GitHub Actions workflow - replace 'GPL-3.0' with 'GPL-3.0-only' or 'GPL-3.0-or-later' and 'GPL-2.0' with 'GPL-2.0-only' or 'GPL-2.0-or-later'
  Files: .github/workflows/dependency-review.yml, .github/workflows/ci.yml
• Pin bincode dependency to stable version 1.3.x to avoid broken 3.0.0 release - update Cargo.toml to use bincode = "1.3" or bincode = "~2.0" if v2 features are needed
  Files: Cargo.toml
• Review and update Cargo.lock to ensure bincode resolves to a working version after Cargo.toml changes
  Files: Cargo.lock

AI Assistant Prompt

Copy prompt for AI assistant

Please help me fix dependency upgrade issues in this PR (dependabot/cargo/bincode-3.0).

## Context
Dependabot attempted to upgrade bincode from 1.3 to 3.0, but this upgrade is broken because bincode 3.0.0 contains a deliberate compile_error! macro (an XKCD 2347 reference). Additionally, there are invalid SPDX license identifiers in the GitHub Actions workflows.

## Required Fixes

### 1. Revert bincode to stable version (Cargo.toml)
The bincode 3.0.0 crate is intentionally broken. Update `Cargo.toml` to pin bincode to the stable 1.3.x series:

```toml
# Change from:
bincode = "3.0"
# To:
bincode = "1.3"

After updating, run:

cargo update -p bincode

2. Fix invalid SPDX license identifiers (.github/workflows/)

In any workflow files that use dependency-review-action or license checking, replace deprecated SPDX identifiers:

• Replace GPL-3.0 with GPL-3.0-only or GPL-3.0-or-later
• Replace GPL-2.0 with GPL-2.0-only or GPL-2.0-or-later

Check these files:

• .github/workflows/dependency-review.yml
• .github/workflows/ci.yml

Summary

1. Edit Cargo.toml - revert bincode version to "1.3"
2. Run cargo update -p bincode to update Cargo.lock
3. Fix SPDX license identifiers in workflow YAML files (GPL-3.0 → GPL-3.0-only, GPL-2.0 → GPL-2.0-only)
4. Verify with cargo build and cargo test

</details>


### Dependency Usage

No dependencies were analyzed in this repository.

### Changes

No significant changes were found in the dependency updates.

---

_[fossabot](https://fossa.com/products/fossabot/?utm_source=fossabot&utm_medium=github&utm_campaign=upgrade-pr-analysis) examines dependency changes, understands usage patterns, and assesses the impact on your codebase through a combination of static analysis, deep dependency research, security metadata and AI. [View this analysis on the web](https://bot.fossa.com/pull-requests/25957?utm_source=fossabot&utm_medium=github&utm_campaign=upgrade-pr-analysis)_