chore(deps): bump thin-vec from 0.2.14 to 0.2.16 in /vm/rust in the cargo group across 1 directory

[dependabot]

Bumps the cargo group with 1 update in the /vm/rust directory: thin-vec.

Updates thin-vec from 0.2.14 to 0.2.16

Changelog

Sourced from thin-vec's changelog.

Version 0.2.16 (2026-04-14)

• Fix reserve() on auto arrays in gecko-ffi mode.
• Fix two double-drop issues with ThinVec::clear() and ThinVec::into_iter() when the Drop implementation of the item panics.

Version 0.2.15 (2026-04-08)

• Support AutoTArrays created from Rust in Gecko FFI mode.
• Add extract_if.
• Add const new() support behind feature flag.
• Fix thin_vec macro not being hygienic when recursing
• Improve extend() performance.

Commits

• 3c96f1e chore: Bump version to v0.2.16
• df64748 Fix two panic=unwind issues.
• 4e3a217 ci: Ignore msrv job for now since it just hangs trying to pull deps.
• 63c2f5f gecko-ffi: Fix auto-t-array push.
• 6797813 tests: Appease clippy.
• af81b17 ci: Don't use actions-rs/{cargo,clippy-check} as it's not allowed in mozilla/...
• 360f9ef Update repository URL and various cleanups
• 70bcca0 chore: Bump version to v0.2.15
• 322423b Fix miri error on extract_if().
• eca5334 Don't make push_unchecked public.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 75.78%. Comparing base (3318620) to head (896e766).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3560      +/-   ##
==========================================
+ Coverage   75.75%   75.78%   +0.03%     
==========================================
  Files         385      385              
  Lines       33836    33836              
==========================================
+ Hits        25632    25644      +12     
+ Misses       6402     6398       -4     
+ Partials     1802     1794       -8     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.