Skip to content

chore(deps): bump the cargo group across 1 directory with 70 updates#3214

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/cargo-e1d4c615a9
Closed

chore(deps): bump the cargo group across 1 directory with 70 updates#3214
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/cargo-e1d4c615a9

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the cargo group with 69 updates in the / directory:

Package From To
aes-gcm 0.10.3 0.11.0
axum 0.7.9 0.8.8
borsh 1.6.0 1.7.0
bytes 1.11.1 1.12.1
cached-path 0.8.1 0.10.1
camino 1.2.2 1.2.4
candid 0.10.24 0.10.32
chrono 0.4.44 0.4.45
claims 0.7.1 0.8.0
serial_test 3.4.0 3.5.0
const_format 0.2.35 0.2.36
curve25519-dalek 4.1.3 5.0.0
dashmap 5.5.3 6.1.0
dcap-qvl 0.3.12 0.5.2
dirs 5.0.1 6.0.0
ed25519-dalek 2.2.0 3.0.0
either 1.15.0 1.16.0
fixedstr 0.5.10 0.5.11
fragile 2.0.1 2.1.0
generic-array 1.3.5 1.4.3
hkdf 0.12.4 0.13.0
ic-agent 0.39.3 0.48.1
indexmap 2.13.0 2.14.0
itertools 0.14.0 0.15.0
jsonschema 0.17.1 0.47.0
jsonwebtoken 9.3.1 10.4.0
lz4_flex 0.11.6 0.13.1
libp2p-identity 0.2.13 0.2.14
memchr 2.8.0 2.8.3
notify 6.1.1 8.2.0
once_cell 1.21.3 1.21.4
owo-colors 3.5.0 4.3.0
prometheus-client 0.23.1 0.25.0
quote 1.0.44 1.0.46
rand 0.8.5 0.10.2
rust-embed 8.11.0 8.12.0
semver 1.0.27 1.0.28
serde_json 1.0.149 1.0.150
serde_json_canonicalizer 0.2.0 0.3.2
serde_with 3.17.0 3.21.0
sha2 0.10.9 0.11.0
strum 0.26.3 0.27.2
syn 2.0.117 2.0.118
tempfile 3.26.0 3.27.0
tdx-quote 0.0.4 0.0.5
thiserror 1.0.69 2.0.18
tokio-tungstenite 0.24.0 0.28.0
toml 0.8.23 1.0.3+spec-1.1.0
toml_edit 0.22.27 0.23.10+spec-1.0.0
tower 0.4.13 0.5.3
tower-http 0.5.2 0.6.8
tower-sessions 0.12.3 0.15.0
tracing-subscriber 0.3.22 0.3.23
trybuild 1.0.116 1.0.117
ureq 2.12.1 3.3.0
wasmer 6.1.0 7.2.0
wasmer-types 6.1.0 7.2.0
wasmer-compiler-cranelift 6.1.0 7.2.0
webbrowser 1.1.0 1.2.1
zeroize 1.8.2 1.9.0
axum-extra 0.10.3 0.12.5
config 0.13.4 0.15.19
ctor 0.1.26 1.0.8
regex 1.12.3 1.12.4
uuid 1.21.0 1.23.4
mockall 0.11.4 0.15.0
sigstore 0.13.0 0.14.0
rand_chacha 0.3.1 0.9.0
wasmparser 0.118.2 0.253.0

Updates aes-gcm from 0.10.3 to 0.11.0

Commits

Updates axum from 0.7.9 to 0.8.8

Release notes

Sourced from axum's releases.

axum v0.8.8

  • Clarify documentation for Router::route_layer (#3567)

#3567: tokio-rs/axum#3567

axum v0.8.7

  • Relax implicit Send / Sync bounds on RouterAsService, RouterIntoService (#3555)
  • Make it easier to visually scan for default features (#3550)
  • Fix some documentation typos

#3550: tokio-rs/axum#3550 #3555: tokio-rs/axum#3555

axum v0.8.5

  • fixed: Reject JSON request bodies with trailing characters after the JSON document (#3453)
  • added: Implement OptionalFromRequest for Multipart (#3220)
  • added: Getter methods Location::{status_code, location}
  • added: Support for writing arbitrary binary data into server-sent events (#3425)]
  • added: middleware::ResponseAxumBodyLayer for mapping response body to axum::body::Body (#3469)
  • added: impl FusedStream for WebSocket (#3443)
  • changed: The sse module and Sse type no longer depend on the tokio feature (#3154)
  • changed: If the location given to one of Redirects constructors is not a valid header value, instead of panicking on construction, the IntoResponse impl now returns an HTTP 500, just like Json does when serialization fails (#3377)
  • changed: Update minimum rust version to 1.78 (#3412)

#3154: tokio-rs/axum#3154 #3220: tokio-rs/axum#3220 #3377: tokio-rs/axum#3377 #3412: tokio-rs/axum#3412 #3425: tokio-rs/axum#3425 #3443: tokio-rs/axum#3443 #3453: tokio-rs/axum#3453 #3469: tokio-rs/axum#3469

axum v0.8.4

  • added: Router::reset_fallback (#3320)
  • added: WebSocketUpgrade::selected_protocol (#3248)
  • fixed: Panic location for overlapping method routes (#3319)
  • fixed: Don't leak a tokio task when using serve without graceful shutdown (#3129)

#3319: tokio-rs/axum#3319 #3320: tokio-rs/axum#3320 #3248: tokio-rs/axum#3248 #3129: tokio-rs/axum#3129

axum v0.8.3

  • added: Implement From<Bytes> for Message (#3273)
  • added: Implement OptionalFromRequest for Json (#3142)
  • added: Implement OptionalFromRequest for Extension (#3157)
  • added: Allow setting the read buffer capacity of WebSocketUpgrade (#3178)

... (truncated)

Commits
  • d07863f Release axum v0.8.8 and axum-extra v0.12.3
  • 287c674 axum-extra: Make typed-routing feature enable routing feature (#3514)
  • f5804aa SecondElementIs: Correct a small inconsistency (#3559)
  • f51f3ba axum-extra: Add trailing newline to pretty JSON response (#3526)
  • 816407a Fix integer underflow in try_range_response for empty files (#3566)
  • 78656eb docs: Clarify route_layer does not apply middleware to the fallback handler...
  • 4404f27 Release axum v0.8.7 and axum-extra v0.12.2
  • 8f1545a Fix typo in extractors guide (#3554)
  • 4fc3faa Relax implicit Send / Sync bounds (#3555)
  • a05920c Make it easier to visually scan for default features (#3550)
  • Additional commits viewable in compare view

Updates borsh from 1.6.0 to 1.7.0

Release notes

Sourced from borsh's releases.

borsh-derive-v1.7.0

No release notes provided.

borsh-v1.7.0

Added

  • impl BorshSerialize and BorshDeserialize for Uuid (#366)

Fixed

  • handle PhantomData in enum schema derive (#369)

Other

  • cover schema predicate bounds referencing filtered enum params (#372)
  • fix the build on current toolchains (#368)

borsh-derive-v1.6.1

No release notes provided.

borsh-v1.6.1

Fixed

  • keep bytes no_std unless borsh std is enabled (#364)
Changelog

Sourced from borsh's changelog.

1.7.0 - 2026-06-17

Added

  • impl BorshSerialize and BorshDeserialize for Uuid (#366)

Fixed

  • handle PhantomData in enum schema derive (#369)

Other

  • cover schema predicate bounds referencing filtered enum params (#372)
  • fix the build on current toolchains (#368)

1.6.1 - 2026-03-15

Fixed

  • keep bytes no_std unless borsh std is enabled (#364)
Commits
  • 3348776 chore: release v1.7.0 (#370)
  • 9e48f60 test: cover schema predicate bounds referencing filtered enum params (#372)
  • 1133023 fix: handle PhantomData in enum schema derive (#369)
  • b53e108 ci: use org-level NEARPROTOCOL_CI_PR_ACCESS token for release-plz (#371)
  • 47e132f feat: impl BorshSerialize and BorshDeserialize for Uuid (#366)
  • aa2e794 ci: fix the build on current toolchains (#368)
  • f8109c7 chore: release v1.6.1 (#365)
  • d099f8c fix: keep bytes no_std unless borsh std is enabled (#364)
  • 2801032 docs: add devex team to CODEOWNERS (#362)
  • See full diff in compare view

Updates bytes from 1.11.1 to 1.12.1

Release notes

Sourced from bytes's releases.

Bytes v1.12.1

1.12.1 (July 8th, 2026)

Fixed

  • Properly handle when Box::new panics (#837)

Bytes v1.12.0

1.12.0 (June 18th, 2026)

Added

  • Add BytesMut::extend_from_within() (#818)
  • Add BytesMut::try_unsplit() (#746)

Fixed

  • Fix panic in get_int if nbytes is zero (#806)

Changed

  • Pass vtable data by value (#826)
  • Exclude development scripts from published package (#810)

Documented

  • Document that BytesMut::{reserve,try_reserve} doesn't preserve unused capacity (#808)
Changelog

Sourced from bytes's changelog.

1.12.1 (July 8th, 2026)

Fixed

  • Properly handle when Box::new panics (#837)

1.12.0 (June 18th, 2026)

Added

  • Add BytesMut::extend_from_within() (#818)
  • Add BytesMut::try_unsplit() (#746)

Fixed

  • Fix panic in get_int if nbytes is zero (#806)

Changed

  • Pass vtable data by value (#826)
  • Exclude development scripts from published package (#810)

Documented

  • Document that BytesMut::{reserve,try_reserve} doesn't preserve unused capacity (#808)
Commits

Updates cached-path from 0.8.1 to 0.10.1

Release notes

Sourced from cached-path's releases.

v0.10.1

What's new

Changed ⚠️

  • Updated various dependencies.

Commits

e1b4519 Update dependencies (#90)

v0.10.0

What's new

Commits

13c3f25 update readme 90f03cd feat: add a progress-bar feature to disable indicatif dependency (#89) 06b2eb4 bump actions/cache 3373bd0 replace deprecated cargo_bin call (#88)

v0.9.0

What's new

Changed ⚠️

  • Updated reqwest dependency from 0.11 to 0.12.

Commits

00f71e3 update reqwest to 0.12 (#86)

Changelog

Sourced from cached-path's changelog.

v0.10.1 - 2026-03-04

Changed

  • Updated various dependencies.

v0.10.0 - 2025-12-19

Added

  • Added a progress-bar feature to enable the indicatif dependency.

v0.9.0 - 2025-08-25

Changed

  • Updated reqwest dependency from 0.11 to 0.12.
Commits

Updates camino from 1.2.2 to 1.2.4

Release notes

Sourced from camino's releases.

camino 1.2.4

Added

Methods to convert between Box<Utf8Path> and Box<Path>:

  • From<Box<Utf8Path>> for Box<Path> (as of release, not documented due to rust-lang/rust#158466).
  • Utf8Path::into_std_boxed_path(self: Box<Self>)
  • Utf8Path::from_boxed_path(path: Box<Path>)
  • TryFrom<Box<Path>> for Box<Utf8Path>

Thanks nicopap for your first contribution!

camino 1.2.3

Performance improvements

  • Utf8Path::hash now delegates to std::path::Path::hash, resulting in hashing requiring ~2x fewer instructions. Thanks stormslowly for your first contribution!
Changelog

Sourced from camino's changelog.

[1.2.4] - 2026-06-27

Added

Methods to convert between Box<Utf8Path> and Box<Path>:

  • From<Box<Utf8Path>> for Box<Path> (as of release, not documented due to rust-lang/rust#158466).
  • Utf8Path::into_std_boxed_path(self: Box<Self>)
  • Utf8Path::from_boxed_path(path: Box<Path>)
  • TryFrom<Box<Path>> for Box<Utf8Path>

Thanks nicopap for your first contribution!

[1.2.3] - 2026-06-18

Performance improvements

  • Utf8Path::hash now delegates to std::path::Path::hash, resulting in hashing requiring ~2x fewer instructions. Thanks stormslowly for your first contribution!
Commits
  • 8966366 [camino] version 1.2.4
  • abf526b [meta] prepare release
  • 417c6e1 docs: fix dangling [from] link in into_std_boxed_path (#125)
  • 6d25706 add Box<Path> -> Box<Utf8Path> conversion (#124)
  • 816ddeb test Box\<Utf8Path> conversions, and other review fixes (#123)
  • e437cc3 Add conversion from Box<Utf8Path> to Box<Path> (#122)
  • 0b4c744 [camino] version 1.2.3
  • feac129 [meta] prepare changelog
  • f806a85 add cargo-release autoreplacements
  • 6368097 perf: delegate Utf8Path::hash to the wrapped Path (#120)
  • Additional commits viewable in compare view

Updates candid from 0.10.24 to 0.10.32

Changelog

Sourced from candid's changelog.

Candid 0.10.32

  • Non-breaking changes:
    • A service reference now decodes where a principal is expected: service <actortype> is a subtype of principal (spec addition: service <: principal, modelled analogously to nat <: int). The subtype checker and the deserializer accept a service reference at type principal; the two share an identical wire encoding, so the coercion is the identity on the reference. The reverse (a principal at a service type) remains rejected.

2026-07-03

ic_principal 0.1.5

  • Non-breaking changes:
    • Make Principal::as_slice(), Principal::len() and Principal::as_fixed_bytes() const functions.

2026-07-02

ic_principal 0.1.4

  • Non-breaking changes:
    • Add Principal::as_fixed_bytes(), returning a reference to the underlying fixed-size [u8; MAX_LENGTH_IN_BYTES] backing array. Bytes at index len() and beyond are always zero.
    • Add Principal::len(), returning the number of significant bytes in the Principal (equivalent to as_slice().len()).

2026-06-25

Candid 0.10.31

  • Non-breaking changes:
    • Encode and decode large Nat/Int values in linear time. Values beyond the u64/i64 fast path were previously processed one LEB128/SLEB128 group at a time, shifting the whole bignum on every byte (O(n²) in the encoded length); they now build the value in a single O(n) pass.

didc 0.6.2

  • Non-breaking changes:
    • Upgrade candid_parser dependency to v0.4.0.

2026-06-23

Candid 0.10.30

  • Non-breaking changes:
    • Add pretty::utils::sep_enclose and sep_enclose_space: list/tuple pretty-printing combinators that separate items and enclose them in delimiters, emitting a trailing separator on multi-line layouts.
    • Add TypeEnv::to_sorted_iter() to iterate bindings in a deterministic, key-sorted order.

candid_parser 0.4.0

  • Breaking changes:
    • Parse and preserve named function arguments and results. The AST now carries argument names so consumers (e.g. binding generators) can emit meaningful parameter names:
      • New syntax::IDLArgType { typ: IDLType, name: Option<String> } with IDLArgType::new / IDLArgType::new_with_name. Purely numeric names are normalized to None.
      • syntax::FuncType::{args, rets}, syntax::IDLType::ClassT, syntax::IDLTypes::args, and syntax::IDLInitArgs::args now hold Vec<IDLArgType> instead of Vec<IDLType>.
      • The pretty-printer now round-trips argument names (e.g. (from : principal)).
    • Type checking is unchanged: names are dropped when lowering to candid::types::Function, so the candid crate is unaffected.

2026-05-27

... (truncated)

Commits

Updates chrono from 0.4.44 to 0.4.45

Release notes

Sourced from chrono's releases.

0.4.45

What's Changed

Commits
  • 1703382 Prepare 0.4.45 release
  • 881f9ab tz_data: fix tzdata locations on Android
  • f14ead4 fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow
  • c6063e6 Update similar-asserts requirement from 1.6.1 to 2.0.0
  • 120686c Bump codecov/codecov-action from 5 to 6
  • See full diff in compare view

Updates claims from 0.7.1 to 0.8.0

Release notes

Sourced from claims's releases.

0.8.0

Changed

  • assert_err_eq, assert_ok_eq, and assert_some_eq now properly display custom messages.
  • MSRV raised to 1.38.0.
  • Rust edition bumped to 2018.
  • Improved error messages.
  • Removed Debug requirement for Ok(T) in assert_ready_ok! macro.
  • Removed Debug requirement for Err(E) in assert_ready_err! macro.

Fixed

  • Corrected the name of debug_assert_ready_ok_eq! to debug_assert_ready_eq!.
  • assert_pending! and debug_assert_pending! now correctly display custom messages.
  • assert_ready! and debug_assert_ready! now correctly display custom messages.
  • debug_assert_pending! no longer emits warnings for unused values.
  • assert_matches! and debug_assert_matches! no longer emit warnings if the given pattern covers all cases.
  • assert_matches! and debug_assert_matches! now include if guard in the pattern in the error message.
  • Fixed macro hygiene issues for all macros.

Removed

  • Dependency on autocfg.
Changelog

Sourced from claims's changelog.

0.8.0 - 2024-11-16

Changed

  • assert_err_eq, assert_ok_eq, and assert_some_eq now properly display custom messages.
  • MSRV raised to 1.38.0.
  • Rust edition bumped to 2018.
  • Improved error messages.
  • Removed Debug requirement for Ok(T) in assert_ready_ok! macro.
  • Removed Debug requirement for Err(E) in assert_ready_err! macro.

Fixed

  • Corrected the name of debug_assert_ready_ok_eq! to debug_assert_ready_eq!.
  • assert_pending! and debug_assert_pending! now correctly display custom messages.
  • assert_ready! and debug_assert_ready! now correctly display custom messages.
  • debug_assert_pending! no longer emits warnings for unused values.
  • assert_matches! and debug_assert_matches! no longer emit warnings if the given pattern covers all cases.
  • assert_matches! and debug_assert_matches! now include if guard in the pattern in the error message.
  • Fixed macro hygiene issues for all macros.

Removed

  • Dependency on autocfg.
Commits

Updates serial_test from 3.4.0 to 3.5.0

Release notes

Sourced from serial_test's releases.

v3.5.0

What's Changed

New Contributors

Full Changelog: palfrey/serial_test@v3.4.0...v3.5.0

Commits

Updates const_format from 0.2.35 to 0.2.36

Changelog

Sourced from const_format's changelog.

0.2.36

Breaking change: bumped Minimum Supported Rust Version to Rust 1.71. This change is motivated by quote increasing its MSRV to 1.71.

Now the "rust_1_64" feature is effectively always enabled, so these items are always enabled:

  • const_format::str_split

Deprecated these items because their replacements now take constant time to run:

  • const_format::fmt::StrWriter::as_bytes_alt: superceeded by as_bytes
  • const_format::fmt::StrWriter::as_str_alt: superceeded by as_str
  • const_format::fmt::StrWriterMut::as_bytes_alt: superceeded by as_bytes
  • const_format::fmt::StrWriterMut::as_str_alt: superceeded by as_str
  • const_format::utils::slice_up_to_len_alt: superceeded by slice_up_to_len

Changed these methods from being conditionally const (by requiring the "rust_1_64" feature to be const) to being unconditionally const:

  • const_format::fmt::StrWriter::as_bytes
  • const_format::fmt::StrWriter::as_str
  • const_format::fmt::StrWriterMut::as_bytes
  • const_format::fmt::StrWriterMut::as_str

Changed this method to be const:

  • const_format::AsciiStr::as_str

Fixed nightly 2026-04-09 compatibility when cargo update -Z minimal-versions is used by bumping konst internal dependency to "0.2.20" version

Commits

Updates curve25519-dalek from 4.1.3 to 5.0.0

Commits

Updates dashmap from 5.5.3 to 6.1.0

Release notes

Sourced from dashmap's releases.

v6.1.0

v6.0.1

This is a patch release, now the main release for v6 as v6.0.0 was yanked shortly after release.

Thanks to @​JesusGuzmanJr for notifying me about a critical bug that was introduced so that I could resolve it: #304.

PRs for this release: #305 + xacrimon/dashmap@d5c8be6

v6.0.0

This release contains performance optimizations, most notably 10-40% gains on Apple Silicon but also 5-10% gains when measured in Intel Sapphire Rapids. This work was accomplished in:

Minor QoL improvements were made in:

Special to the following contributors for making this release possible:

v6.0.0-rc.1

This release contains performance optimizations, most notably 10-40% gains on Apple Silicon but also 5-10% gains when measured in Intel Sapphire Rapids. This work was accomplished in:

Minor QoL improvements were made in:

Special to the following contributors for making this release possible:

Commits

Updates dcap-qvl from 0.3.12 to 0.5.2

Release notes

Sourced from dcap-qvl's releases.

Release v0.5.2

Changes in v0.5.2

  • ci: fire Android + npm publishes on the unified v* tag too (#185)
  • release: unify all versions at 0.5.2 (#184)
  • ci(mobile/ios): auth satellite push via deploy key, not PAT (#183)
  • feat(mobile/ios): Swift Package release pipeline via dcap-qvl-swift satellite (#182)
  • ci(mobile/android): auto-publish releases (automaticRelease = true) (#181)
  • fix(mobile/android): strip 16.7 MB dead .so + on-device test, v0.5.1 (#180)
  • fix(mobile/android): publish via Central Portal bundle (Vanniktech plugin) (#179)
  • ci(mobile/android): Maven Central release workflow + Sonatype onboarding (#173)
  • feat(mobile): native Kotlin and Swift bindings via UniFFI (#172)
  • refactor(x509): revert default pck_ca/extension impls to readable form (#177)
  • refactor(config): replace issuer_contains(&[u8]) with pck_ca() -> Option<PckCa> (#158)
  • fix(js): decode X.509 issuer/subject DN properly so getCertIssuer thus getCollateral works (#175)
  • chore(npm): bump version to 0.4.1

Python Package

This release includes Python wheels for multiple platforms:

  • Linux: x86_64, x86, aarch64, armv7, s390x, ppc64le
  • Windows: x64, x86
  • macOS: x86_64, aarch64 (Apple Silicon)

Install with: pip install dcap-qvl==0.5.2

Rust Crate

Add to your Cargo.toml:

dcap-qvl = "0.5.2"

Release v0.4.1

Changes in v0.4.1

  • chore: release v0.4.1 (#167)
  • feat(js): port QuoteVerifier.allowServiceTd() to pure-JS binding
  • feat: opt-in QuoteVerifier::allow_debug() (#165)
  • feat: expose CollateralClient::fetch_for_fmspc_without_pck_chain()
  • style: fix rustfmt formatting in QuoteVerifier::new
  • fix: restore mr_service_td check with opt-in flag for TDX 1.5
  • style: cargo fmt
  • test+samples: cover overlong components and update sample expectation
  • fix(verify): validate TCB component count before zip comparison
  • fix: allow non-zero mr_service_td in TDX 1.5 quotes
  • build(deps): bump the github-actions group across 1 directory with 2 updates
  • chore(deps): bump reqwest 0.12 → 0.13 + compatible upgrades (#157)
  • feat(collateral): abstract HTTP transport behind HttpClient trait (#156)
  • ci: add json-core feature matrix entry to rust.yml

... (truncated)

Commits
  • 31a32a4 ci: fire Android + npm publishes on the unified v* tag too (#185)
  • c302a1d release: unify all versions at 0.5.2 (#184)
  • 9388e72 ci(mobile/ios): auth satellite push via deploy key, not PAT (#183)
  • f061ff8 feat(mobile/ios): Swift Package release pipeline via dcap-qvl-swift satellite...
  • ad1239a ci(mobile/android): auto-publish releases (automaticRelease = true) (#181)
  • 470c111 fix(mobile/android): strip 16.7 MB dead .so + on-device test, v0.5.1 (#180)
  • 4ad68aa fix(mobile/android): publish via Central Portal bundle (Vanniktech plugin) (#...
  • 6c4d9d8 ci(mobile/android): Maven Central release workflow + Sonatype onboarding (#173)
  • eeba7be feat(mobile): native Kotlin and Swift bindings via UniFFI (#172)
  • d357022 refactor(x509): revert default pck_ca/extension impls to readable form (#...
  • Additional commits viewable in compare view

Updates dirs from 5.0.1 to 6.0.0

Commits

Updates ed25519-dalek from 2.2.0 to 3.0.0

Changelog

Sourced from ed25519-dalek's changelog.

3.0.0

  • Update the digest dependency to 0.9. This requires a major version because the digest traits are part of t...

    Description has been truncated


    [!NOTE]
    High Risk
    Large semver jumps across cryptography (ed25519/curve25519, aes-gcm, sha2), auth/JWT, and the axum/tower HTTP surface mean behavior or API compile fixes may be required even if the diff is mostly manifests.

    Overview
    Bulk Dependabot refresh of the workspace [workspace.dependencies] and Cargo.lock, touching on the order of 70 crates with no described application-logic refactors.

    Notable major/minor moves include axum 0.8 / tower-http 0.6 / tower-sessions 0.15 (HTTP stack), ed25519-dalek 3 and curve25519-dalek 5 (signing), rand 0.10 (with rand_chacha 0.9 in node tests), wasmer 7.2, thiserror 2, ureq 3, jsonwebtoken 10, toml 1, dashmap 6, ic-agent 0.48, and wasmparser 0.253 (ABI tools). Several crates also pin bumped versions locally (e.g. mero-auth crypto/HTTP deps, sha2 0.11 in blob apps, sigstore 0.14 in merod).

    Reviewed by Cursor Bugbot for commit ad6ad6b. Bugbot is set up for automated code reviews on this repo. Configure here.

Bumps the cargo group with 69 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [aes-gcm](https://github.com/RustCrypto/AEADs) | `0.10.3` | `0.11.0` |
| [axum](https://github.com/tokio-rs/axum) | `0.7.9` | `0.8.8` |
| [borsh](https://github.com/near/borsh-rs) | `1.6.0` | `1.7.0` |
| [bytes](https://github.com/tokio-rs/bytes) | `1.11.1` | `1.12.1` |
| [cached-path](https://github.com/epwalsh/rust-cached-path) | `0.8.1` | `0.10.1` |
| [camino](https://github.com/camino-rs/camino) | `1.2.2` | `1.2.4` |
| [candid](https://github.com/dfinity/candid) | `0.10.24` | `0.10.32` |
| [chrono](https://github.com/chronotope/chrono) | `0.4.44` | `0.4.45` |
| [claims](https://github.com/Anders429/claims) | `0.7.1` | `0.8.0` |
| [serial_test](https://github.com/palfrey/serial_test) | `3.4.0` | `3.5.0` |
| [const_format](https://github.com/rodrimati1992/const_format_crates) | `0.2.35` | `0.2.36` |
| [curve25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek) | `4.1.3` | `5.0.0` |
| [dashmap](https://github.com/xacrimon/dashmap) | `5.5.3` | `6.1.0` |
| [dcap-qvl](https://github.com/Phala-Network/dcap-qvl) | `0.3.12` | `0.5.2` |
| [dirs](https://github.com/soc/dirs-rs) | `5.0.1` | `6.0.0` |
| [ed25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek) | `2.2.0` | `3.0.0` |
| [either](https://github.com/rayon-rs/either) | `1.15.0` | `1.16.0` |
| [fixedstr](https://github.com/chuckcscccl/fixedstr) | `0.5.10` | `0.5.11` |
| [fragile](https://github.com/mitsuhiko/fragile) | `2.0.1` | `2.1.0` |
| [generic-array](https://github.com/fizyk20/generic-array) | `1.3.5` | `1.4.3` |
| [hkdf](https://github.com/RustCrypto/KDFs) | `0.12.4` | `0.13.0` |
| [ic-agent](https://github.com/dfinity/agent-rs) | `0.39.3` | `0.48.1` |
| [indexmap](https://github.com/indexmap-rs/indexmap) | `2.13.0` | `2.14.0` |
| [itertools](https://github.com/rust-itertools/itertools) | `0.14.0` | `0.15.0` |
| [jsonschema](https://github.com/Stranger6667/jsonschema) | `0.17.1` | `0.47.0` |
| [jsonwebtoken](https://github.com/Keats/jsonwebtoken) | `9.3.1` | `10.4.0` |
| [lz4_flex](https://github.com/pseitz/lz4_flex) | `0.11.6` | `0.13.1` |
| [libp2p-identity](https://github.com/libp2p/rust-libp2p) | `0.2.13` | `0.2.14` |
| [memchr](https://github.com/BurntSushi/memchr) | `2.8.0` | `2.8.3` |
| [notify](https://github.com/notify-rs/notify) | `6.1.1` | `8.2.0` |
| [once_cell](https://github.com/matklad/once_cell) | `1.21.3` | `1.21.4` |
| [owo-colors](https://github.com/owo-colors/owo-colors) | `3.5.0` | `4.3.0` |
| [prometheus-client](https://github.com/prometheus/client_rust) | `0.23.1` | `0.25.0` |
| [quote](https://github.com/dtolnay/quote) | `1.0.44` | `1.0.46` |
| [rand](https://github.com/rust-random/rand) | `0.8.5` | `0.10.2` |
| rust-embed | `8.11.0` | `8.12.0` |
| [semver](https://github.com/dtolnay/semver) | `1.0.27` | `1.0.28` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.149` | `1.0.150` |
| [serde_json_canonicalizer](https://github.com/evik42/serde-json-canonicalizer) | `0.2.0` | `0.3.2` |
| [serde_with](https://github.com/jonasbb/serde_with) | `3.17.0` | `3.21.0` |
| [sha2](https://github.com/RustCrypto/hashes) | `0.10.9` | `0.11.0` |
| [strum](https://github.com/Peternator7/strum) | `0.26.3` | `0.27.2` |
| [syn](https://github.com/dtolnay/syn) | `2.0.117` | `2.0.118` |
| [tempfile](https://github.com/Stebalien/tempfile) | `3.26.0` | `3.27.0` |
| [tdx-quote](https://github.com/entropyxyz/tdx-quote) | `0.0.4` | `0.0.5` |
| [thiserror](https://github.com/dtolnay/thiserror) | `1.0.69` | `2.0.18` |
| [tokio-tungstenite](https://github.com/snapview/tokio-tungstenite) | `0.24.0` | `0.28.0` |
| [toml](https://github.com/toml-rs/toml) | `0.8.23` | `1.0.3+spec-1.1.0` |
| [toml_edit](https://github.com/toml-rs/toml) | `0.22.27` | `0.23.10+spec-1.0.0` |
| [tower](https://github.com/tower-rs/tower) | `0.4.13` | `0.5.3` |
| [tower-http](https://github.com/tower-rs/tower-http) | `0.5.2` | `0.6.8` |
| [tower-sessions](https://github.com/maxcountryman/tower-sessions) | `0.12.3` | `0.15.0` |
| [tracing-subscriber](https://github.com/tokio-rs/tracing) | `0.3.22` | `0.3.23` |
| [trybuild](https://github.com/dtolnay/trybuild) | `1.0.116` | `1.0.117` |
| [ureq](https://github.com/algesten/ureq) | `2.12.1` | `3.3.0` |
| [wasmer](https://github.com/wasmerio/wasmer) | `6.1.0` | `7.2.0` |
| [wasmer-types](https://github.com/wasmerio/wasmer) | `6.1.0` | `7.2.0` |
| [wasmer-compiler-cranelift](https://github.com/wasmerio/wasmer) | `6.1.0` | `7.2.0` |
| [webbrowser](https://github.com/amodm/webbrowser-rs) | `1.1.0` | `1.2.1` |
| [zeroize](https://github.com/RustCrypto/utils) | `1.8.2` | `1.9.0` |
| [axum-extra](https://github.com/tokio-rs/axum) | `0.10.3` | `0.12.5` |
| [config](https://github.com/rust-cli/config-rs) | `0.13.4` | `0.15.19` |
| [ctor](https://github.com/mmastrac/linktime) | `0.1.26` | `1.0.8` |
| [regex](https://github.com/rust-lang/regex) | `1.12.3` | `1.12.4` |
| [uuid](https://github.com/uuid-rs/uuid) | `1.21.0` | `1.23.4` |
| [mockall](https://github.com/asomers/mockall) | `0.11.4` | `0.15.0` |
| [sigstore](https://github.com/sigstore/sigstore-rs) | `0.13.0` | `0.14.0` |
| [rand_chacha](https://github.com/rust-random/rand) | `0.3.1` | `0.9.0` |
| [wasmparser](https://github.com/bytecodealliance/wasm-tools) | `0.118.2` | `0.253.0` |



Updates `aes-gcm` from 0.10.3 to 0.11.0
- [Commits](RustCrypto/AEADs@aes-gcm-v0.10.3...aes-gcm-v0.11.0)

Updates `axum` from 0.7.9 to 0.8.8
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](tokio-rs/axum@axum-v0.7.9...axum-v0.8.8)

Updates `borsh` from 1.6.0 to 1.7.0
- [Release notes](https://github.com/near/borsh-rs/releases)
- [Changelog](https://github.com/near/borsh-rs/blob/master/CHANGELOG.md)
- [Commits](near/borsh-rs@borsh-v1.6.0...borsh-v1.7.0)

Updates `bytes` from 1.11.1 to 1.12.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](tokio-rs/bytes@v1.11.1...v1.12.1)

Updates `cached-path` from 0.8.1 to 0.10.1
- [Release notes](https://github.com/epwalsh/rust-cached-path/releases)
- [Changelog](https://github.com/epwalsh/rust-cached-path/blob/main/CHANGELOG.md)
- [Commits](epwalsh/rust-cached-path@v0.8.1...v0.10.1)

Updates `camino` from 1.2.2 to 1.2.4
- [Release notes](https://github.com/camino-rs/camino/releases)
- [Changelog](https://github.com/camino-rs/camino/blob/main/CHANGELOG.md)
- [Commits](camino-rs/camino@camino-1.2.2...camino-1.2.4)

Updates `candid` from 0.10.24 to 0.10.32
- [Release notes](https://github.com/dfinity/candid/releases)
- [Changelog](https://github.com/dfinity/candid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/dfinity/candid/commits)

Updates `chrono` from 0.4.44 to 0.4.45
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](chronotope/chrono@v0.4.44...v0.4.45)

Updates `claims` from 0.7.1 to 0.8.0
- [Release notes](https://github.com/Anders429/claims/releases)
- [Changelog](https://github.com/Anders429/claims/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Anders429/claims/commits/v0.8.0)

Updates `serial_test` from 3.4.0 to 3.5.0
- [Release notes](https://github.com/palfrey/serial_test/releases)
- [Commits](palfrey/serial_test@v3.4.0...v3.5.0)

Updates `const_format` from 0.2.35 to 0.2.36
- [Release notes](https://github.com/rodrimati1992/const_format_crates/releases)
- [Changelog](https://github.com/rodrimati1992/const_format_crates/blob/master/Changelog.md)
- [Commits](https://github.com/rodrimati1992/const_format_crates/commits)

Updates `curve25519-dalek` from 4.1.3 to 5.0.0
- [Release notes](https://github.com/dalek-cryptography/curve25519-dalek/releases)
- [Commits](dalek-cryptography/curve25519-dalek@curve25519-4.1.3...curve25519-5.0.0)

Updates `dashmap` from 5.5.3 to 6.1.0
- [Release notes](https://github.com/xacrimon/dashmap/releases)
- [Commits](xacrimon/dashmap@v.5.5.3...v6.1.0)

Updates `dcap-qvl` from 0.3.12 to 0.5.2
- [Release notes](https://github.com/Phala-Network/dcap-qvl/releases)
- [Commits](Phala-Network/dcap-qvl@v0.3.12...v0.5.2)

Updates `dirs` from 5.0.1 to 6.0.0
- [Commits](https://github.com/soc/dirs-rs/commits)

Updates `ed25519-dalek` from 2.2.0 to 3.0.0
- [Release notes](https://github.com/dalek-cryptography/curve25519-dalek/releases)
- [Changelog](https://github.com/dalek-cryptography/curve25519-dalek/blob/3.0.0/CHANGELOG.md)
- [Commits](dalek-cryptography/curve25519-dalek@ed25519-2.2.0...3.0.0)

Updates `either` from 1.15.0 to 1.16.0
- [Commits](rayon-rs/either@1.15.0...1.16.0)

Updates `fixedstr` from 0.5.10 to 0.5.11
- [Commits](https://github.com/chuckcscccl/fixedstr/commits)

Updates `fragile` from 2.0.1 to 2.1.0
- [Changelog](https://github.com/mitsuhiko/fragile/blob/master/CHANGELOG.md)
- [Commits](mitsuhiko/fragile@2.0.1...2.1.0)

Updates `generic-array` from 1.3.5 to 1.4.3
- [Release notes](https://github.com/fizyk20/generic-array/releases)
- [Changelog](https://github.com/fizyk20/generic-array/blob/master/CHANGELOG.md)
- [Commits](fizyk20/generic-array@v1.3.5...v1.4.3)

Updates `hkdf` from 0.12.4 to 0.13.0
- [Commits](RustCrypto/KDFs@hkdf-v0.12.4...hkdf-v0.13.0)

Updates `ic-agent` from 0.39.3 to 0.48.1
- [Release notes](https://github.com/dfinity/agent-rs/releases)
- [Changelog](https://github.com/dfinity/agent-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/dfinity/agent-rs/commits)

Updates `indexmap` from 2.13.0 to 2.14.0
- [Changelog](https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md)
- [Commits](indexmap-rs/indexmap@2.13.0...2.14.0)

Updates `itertools` from 0.14.0 to 0.15.0
- [Changelog](https://github.com/rust-itertools/itertools/blob/master/CHANGELOG.md)
- [Commits](rust-itertools/itertools@v0.14.0...v0.15.0)

Updates `jsonschema` from 0.17.1 to 0.47.0
- [Release notes](https://github.com/Stranger6667/jsonschema/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md)
- [Commits](Stranger6667/jsonschema@rust-v0.17.1...ruby-v0.47.0)

Updates `jsonwebtoken` from 9.3.1 to 10.4.0
- [Changelog](https://github.com/Keats/jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](Keats/jsonwebtoken@v9.3.1...v10.4.0)

Updates `lz4_flex` from 0.11.6 to 0.13.1
- [Release notes](https://github.com/pseitz/lz4_flex/releases)
- [Changelog](https://github.com/PSeitz/lz4_flex/blob/main/CHANGELOG.md)
- [Commits](PSeitz/lz4_flex@0.11.6...0.13.1)

Updates `libp2p-identity` from 0.2.13 to 0.2.14
- [Release notes](https://github.com/libp2p/rust-libp2p/releases)
- [Changelog](https://github.com/libp2p/rust-libp2p/blob/master/CHANGELOG.md)
- [Commits](https://github.com/libp2p/rust-libp2p/commits)

Updates `memchr` from 2.8.0 to 2.8.3
- [Commits](BurntSushi/memchr@2.8.0...2.8.3)

Updates `notify` from 6.1.1 to 8.2.0
- [Release notes](https://github.com/notify-rs/notify/releases)
- [Changelog](https://github.com/notify-rs/notify/blob/notify-8.2.0/CHANGELOG.md)
- [Commits](notify-rs/notify@notify-6.1.1...notify-8.2.0)

Updates `once_cell` from 1.21.3 to 1.21.4
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](matklad/once_cell@v1.21.3...v1.21.4)

Updates `owo-colors` from 3.5.0 to 4.3.0
- [Release notes](https://github.com/owo-colors/owo-colors/releases)
- [Changelog](https://github.com/owo-colors/owo-colors/blob/main/CHANGELOG.md)
- [Commits](owo-colors/owo-colors@v3.5.0...v4.3.0)

Updates `prometheus-client` from 0.23.1 to 0.25.0
- [Release notes](https://github.com/prometheus/client_rust/releases)
- [Changelog](https://github.com/prometheus/client_rust/blob/master/CHANGELOG.md)
- [Commits](prometheus/client_rust@v0.23.1...v0.25.0)

Updates `quote` from 1.0.44 to 1.0.46
- [Release notes](https://github.com/dtolnay/quote/releases)
- [Commits](dtolnay/quote@1.0.44...1.0.46)

Updates `rand` from 0.8.5 to 0.10.2
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand@0.8.5...0.10.2)

Updates `rust-embed` from 8.11.0 to 8.12.0

Updates `semver` from 1.0.27 to 1.0.28
- [Release notes](https://github.com/dtolnay/semver/releases)
- [Commits](dtolnay/semver@1.0.27...1.0.28)

Updates `serde_json` from 1.0.149 to 1.0.150
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.149...v1.0.150)

Updates `serde_json_canonicalizer` from 0.2.0 to 0.3.2
- [Commits](https://github.com/evik42/serde-json-canonicalizer/commits)

Updates `serde_with` from 3.17.0 to 3.21.0
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](jonasbb/serde_with@v3.17.0...v3.21.0)

Updates `sha2` from 0.10.9 to 0.11.0
- [Commits](RustCrypto/hashes@sha2-v0.10.9...sha2-v0.11.0)

Updates `strum` from 0.26.3 to 0.27.2
- [Release notes](https://github.com/Peternator7/strum/releases)
- [Changelog](https://github.com/Peternator7/strum/blob/master/CHANGELOG.md)
- [Commits](Peternator7/strum@v0.26.3...v0.27.2)

Updates `syn` from 2.0.117 to 2.0.118
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](dtolnay/syn@2.0.117...2.0.118)

Updates `tempfile` from 3.26.0 to 3.27.0
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](Stebalien/tempfile@v3.26.0...v3.27.0)

Updates `tdx-quote` from 0.0.4 to 0.0.5
- [Commits](https://github.com/entropyxyz/tdx-quote/commits)

Updates `thiserror` from 1.0.69 to 2.0.18
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](dtolnay/thiserror@1.0.69...2.0.18)

Updates `tokio-tungstenite` from 0.24.0 to 0.28.0
- [Changelog](https://github.com/snapview/tokio-tungstenite/blob/master/CHANGELOG.md)
- [Commits](snapview/tokio-tungstenite@v0.24.0...v0.28.0)

Updates `toml` from 0.8.23 to 1.0.3+spec-1.1.0
- [Commits](toml-rs/toml@toml-v0.8.23...toml-v1.0.3)

Updates `toml_edit` from 0.22.27 to 0.23.10+spec-1.0.0
- [Commits](toml-rs/toml@v0.22.27...v0.23.10)

Updates `tower` from 0.4.13 to 0.5.3
- [Release notes](https://github.com/tower-rs/tower/releases)
- [Commits](tower-rs/tower@tower-0.4.13...tower-0.5.3)

Updates `tower-http` from 0.5.2 to 0.6.8
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](tower-rs/tower-http@tower-http-0.5.2...tower-http-0.6.8)

Updates `tower-sessions` from 0.12.3 to 0.15.0
- [Release notes](https://github.com/maxcountryman/tower-sessions/releases)
- [Changelog](https://github.com/maxcountryman/tower-sessions/blob/main/CHANGELOG.md)
- [Commits](maxcountryman/tower-sessions@v0.12.3...v0.15.0)

Updates `tracing-subscriber` from 0.3.22 to 0.3.23
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](tokio-rs/tracing@tracing-subscriber-0.3.22...tracing-subscriber-0.3.23)

Updates `trybuild` from 1.0.116 to 1.0.117
- [Release notes](https://github.com/dtolnay/trybuild/releases)
- [Commits](dtolnay/trybuild@1.0.116...1.0.117)

Updates `ureq` from 2.12.1 to 3.3.0
- [Changelog](https://github.com/algesten/ureq/blob/main/CHANGELOG.md)
- [Commits](algesten/ureq@2.12.1...3.3.0)

Updates `wasmer` from 6.1.0 to 7.2.0
- [Release notes](https://github.com/wasmerio/wasmer/releases)
- [Changelog](https://github.com/wasmerio/wasmer/blob/main/CHANGELOG.md)
- [Commits](wasmerio/wasmer@v6.1.0...v7.2.0)

Updates `wasmer-types` from 6.1.0 to 7.2.0
- [Release notes](https://github.com/wasmerio/wasmer/releases)
- [Changelog](https://github.com/wasmerio/wasmer/blob/main/CHANGELOG.md)
- [Commits](wasmerio/wasmer@v6.1.0...v7.2.0)

Updates `wasmer-compiler-cranelift` from 6.1.0 to 7.2.0
- [Release notes](https://github.com/wasmerio/wasmer/releases)
- [Changelog](https://github.com/wasmerio/wasmer/blob/main/CHANGELOG.md)
- [Commits](wasmerio/wasmer@v6.1.0...v7.2.0)

Updates `wat` from 1.245.1 to 1.253.0
- [Release notes](https://github.com/bytecodealliance/wasm-tools/releases)
- [Commits](bytecodealliance/wasm-tools@v1.245.1...v1.253.0)

Updates `webbrowser` from 1.1.0 to 1.2.1
- [Release notes](https://github.com/amodm/webbrowser-rs/releases)
- [Changelog](https://github.com/amodm/webbrowser-rs/blob/main/CHANGELOG.md)
- [Commits](amodm/webbrowser-rs@v1.1.0...v1.2.1)

Updates `zeroize` from 1.8.2 to 1.9.0
- [Commits](RustCrypto/utils@zeroize-v1.8.2...zeroize-v1.9.0)

Updates `axum-extra` from 0.10.3 to 0.12.5
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](tokio-rs/axum@axum-extra-v0.10.3...axum-extra-v0.12.5)

Updates `config` from 0.13.4 to 0.15.19
- [Changelog](https://github.com/rust-cli/config-rs/blob/main/CHANGELOG.md)
- [Commits](rust-cli/config-rs@v0.13.4...v0.15.19)

Updates `ctor` from 0.1.26 to 1.0.8
- [Release notes](https://github.com/mmastrac/linktime/releases)
- [Changelog](https://github.com/mmastrac/linktime/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mmastrac/linktime/commits/ctor-1.0.8)

Updates `regex` from 1.12.3 to 1.12.4
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](rust-lang/regex@1.12.3...1.12.4)

Updates `uuid` from 1.21.0 to 1.23.4
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](uuid-rs/uuid@v1.21.0...v1.23.4)

Updates `mockall` from 0.11.4 to 0.15.0
- [Changelog](https://github.com/asomers/mockall/blob/master/CHANGELOG.md)
- [Commits](asomers/mockall@v0.11.4...v0.15.0)

Updates `sigstore` from 0.13.0 to 0.14.0
- [Release notes](https://github.com/sigstore/sigstore-rs/releases)
- [Changelog](https://github.com/sigstore/sigstore-rs/blob/main/CHANGELOG.md)
- [Commits](sigstore/sigstore-rs@v0.13.0...v0.14.0)

Updates `rand_chacha` from 0.3.1 to 0.9.0
- [Release notes](https://github.com/rust-random/rand/releases)
- [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md)
- [Commits](rust-random/rand@rand_chacha-0.3.1...0.9.0)

Updates `wasmparser` from 0.118.2 to 0.253.0
- [Release notes](https://github.com/bytecodealliance/wasm-tools/releases)
- [Commits](https://github.com/bytecodealliance/wasm-tools/commits)

---
updated-dependencies:
- dependency-name: aes-gcm
  dependency-version: 0.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: axum
  dependency-version: 0.8.8
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: borsh
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: bytes
  dependency-version: 1.12.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: cached-path
  dependency-version: 0.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: camino
  dependency-version: 1.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: candid
  dependency-version: 0.10.32
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: chrono
  dependency-version: 0.4.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: claims
  dependency-version: 0.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: serial_test
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: const_format
  dependency-version: 0.2.36
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: curve25519-dalek
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: dashmap
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: dcap-qvl
  dependency-version: 0.5.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: dirs
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: ed25519-dalek
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: either
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: fixedstr
  dependency-version: 0.5.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: fragile
  dependency-version: 2.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: generic-array
  dependency-version: 1.4.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: hkdf
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: ic-agent
  dependency-version: 0.48.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: indexmap
  dependency-version: 2.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: itertools
  dependency-version: 0.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: jsonschema
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: jsonwebtoken
  dependency-version: 10.4.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: lz4_flex
  dependency-version: 0.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: libp2p-identity
  dependency-version: 0.2.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: memchr
  dependency-version: 2.8.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: notify
  dependency-version: 8.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: once_cell
  dependency-version: 1.21.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: owo-colors
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: prometheus-client
  dependency-version: 0.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: quote
  dependency-version: 1.0.46
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: rand
  dependency-version: 0.10.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: rust-embed
  dependency-version: 8.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: semver
  dependency-version: 1.0.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: serde_json
  dependency-version: 1.0.150
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: serde_json_canonicalizer
  dependency-version: 0.3.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: serde_with
  dependency-version: 3.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: sha2
  dependency-version: 0.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: strum
  dependency-version: 0.27.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: syn
  dependency-version: 2.0.118
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: tempfile
  dependency-version: 3.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: tdx-quote
  dependency-version: 0.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: thiserror
  dependency-version: 2.0.18
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: tokio-tungstenite
  dependency-version: 0.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: toml
  dependency-version: 1.0.3+spec-1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: toml_edit
  dependency-version: 0.23.10+spec-1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: tower
  dependency-version: 0.5.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: tower-http
  dependency-version: 0.6.8
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: tower-sessions
  dependency-version: 0.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: tracing-subscriber
  dependency-version: 0.3.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: trybuild
  dependency-version: 1.0.117
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: ureq
  dependency-version: 3.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: wasmer
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: wasmer-types
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: wasmer-compiler-cranelift
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: wat
  dependency-version: 1.253.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: webbrowser
  dependency-version: 1.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: zeroize
  dependency-version: 1.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: axum-extra
  dependency-version: 0.12.5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: config
  dependency-version: 0.15.19
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: ctor
  dependency-version: 1.0.8
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: cargo
- dependency-name: regex
  dependency-version: 1.12.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo
- dependency-name: uuid
  dependency-version: 1.23.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: mockall
  dependency-version: 0.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: sigstore
  dependency-version: 0.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: rand_chacha
  dependency-version: 0.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
- dependency-name: wasmparser
  dependency-version: 0.253.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cargo
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jul 8, 2026
@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown

E2E Rust Apps Failed

One or more E2E workflows (scaffolding-e2e, xcall-example) failed.

Please check the workflow logs for more details.

@meroreviewer meroreviewer Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 AI Code Reviewer

Reviewed by 3 agents | Quality score: 95% | Review time: 140.0s


✅ No Issues Found

All agents reviewed the code and found no issues. LGTM! 🎉


🤖 Generated by AI Code Reviewer | Review ID: review-ddc922f1

@meroreviewer

meroreviewer Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

Documentation Review

The following documentation may need updates based on the changes in this PR:

  • 🟡 AGENTS.md: AGENTS.md exists but was not updated — consider updating it to reflect the architecture changes in this PR.
  • 🟡 CONTRIBUTING.md: CONTRIBUTING.md exists but was not updated — consider updating it to reflect the architecture changes in this PR.
  • 🟡 architecture/crates/auth.html: Files matching crates/auth/** were changed but architecture/crates/auth.html was not updated (per source_to_docs_mapping).
  • 🟡 architecture/crates/node.html: Files matching crates/node/** were changed but architecture/crates/node.html was not updated (per source_to_docs_mapping).
  • 🟡 architecture/crates/sync.html: Files matching crates/node/** were changed but architecture/crates/sync.html was not updated (per source_to_docs_mapping).
  • 🟡 architecture/crates/tools.html: Files matching crates/merod/** were changed but architecture/crates/tools.html was not updated (per source_to_docs_mapping).
  • 🟡 docs/: Static HTML docs in docs/ may need updating — architecture-impacting changes detected. On merge, update-docs will scan this directory and open a PR if any pages need to change.

@frdomovic

Copy link
Copy Markdown
Member

needs rustc 1.94 vs pinned 1.88 + multi-crate breaking migrations

@frdomovic frdomovic closed this Jul 13, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/cargo/cargo-e1d4c615a9 branch July 13, 2026 09:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file external needs-team-review rust Pull requests that update Rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant