build(deps): bump bumpalo from 3.17.0 to 3.18.1

[dependabot]

Bumps bumpalo from 3.17.0 to 3.18.1.

Changelog

Sourced from bumpalo's changelog.

3.18.1

Released 2025-06-05.

Removed

• Removed the allocator-api2 version bump from 3.18.0, as it was not actually semver compatible.

---

3.18.0 (yanked)

Released 2025-06-05.

Added

• Added support for enforcing a minimum alignment on all allocations inside a Bump arena, which can provide speed ups when allocating objects whose alignment is less than or equal to that minimum.
• Added serde serialization support for bumpalo::collections::String.
• Added some missing fallible slice allocation function variants.

Changed

• Replaced extend_from_slice implementation with a formally-verified version that is also faster and more-optimizable for LLVM.
• Updated allocator-api2 support to version 0.3.*.

Fixed

• Fixed a bug where the allocated_bytes metrics helper was accidentally including the size of bumpalo's footer, rather than just reporting the user-allocated bytes.

---

Commits

• a3ac3d6 Bump to version 3.18.1 (#278)
• 789e34b Bump to version 3.18.0 (#276)
• b425081 fix: subtract footer size from allocated_bytes on reset (#275)
• dd8a0e1 Replace extend_from_slice with a verified, optimized implementation (#272)
• 2b638f1 Add a CI job to check that code is formatted (#273)
• 86aaa10 Update allocator-api2 to v0.3 (#271)
• e5c128d Add support for enforcing minimum alignment in Bump (#268)
• cc98667 add serde serialization for String (#266)
• e39cd38 use primitive type u64 in README (#264)
• f1f33f8 Add fallible slice allocation functions (#262)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 82.84%. Comparing base (2eb6a57) to head (caab074).
Report is 1 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #939   +/-   ##
=======================================
  Coverage   82.84%   82.84%           
=======================================
  Files          47       47           
  Lines       12977    12977           
=======================================
  Hits        10751    10751           
  Misses       2226     2226           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.