From 6c4819e4d90c67825c54c0de9589660da653885b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 5 Apr 2026 09:55:21 +0000 Subject: [PATCH] Bump the minor-and-patch group across 1 directory with 17 updates Bumps the minor-and-patch group with 17 updates in the / directory: | Package | From | To | | --- | --- | --- | | [chrono](https://github.com/chronotope/chrono) | `0.4.43` | `0.4.44` | | [zip](https://github.com/zip-rs/zip2) | `8.0.0` | `8.5.0` | | [sha2](https://github.com/RustCrypto/hashes) | `0.11.0-rc.5` | `0.11.0` | | [sha3](https://github.com/RustCrypto/hashes) | `0.11.0-rc.7` | `0.11.0` | | [blake3](https://github.com/BLAKE3-team/BLAKE3) | `1.8.3` | `1.8.4` | | [p256](https://github.com/RustCrypto/elliptic-curves) | `0.14.0-rc.7` | `0.14.0-rc.8` | | [p384](https://github.com/RustCrypto/elliptic-curves) | `0.14.0-rc.7` | `0.14.0-rc.8` | | [rsa](https://github.com/RustCrypto/RSA) | `0.10.0-rc.15` | `0.10.0-rc.17` | | [ml-dsa](https://github.com/RustCrypto/signatures) | `0.1.0-rc.7` | `0.1.0-rc.8` | | [getrandom](https://github.com/rust-random/getrandom) | `0.4.1` | `0.4.2` | | [tempfile](https://github.com/Stebalien/tempfile) | `3.25.0` | `3.27.0` | | [proptest](https://github.com/proptest-rs/proptest) | `1.10.0` | `1.11.0` | | [clap](https://github.com/clap-rs/clap) | `4.5.58` | `4.6.0` | | [clap_complete](https://github.com/clap-rs/clap) | `4.5.66` | `4.6.0` | | [anyhow](https://github.com/dtolnay/anyhow) | `1.0.101` | `1.0.102` | | [tokio](https://github.com/tokio-rs/tokio) | `1.49.0` | `1.51.0` | | [assert_cmd](https://github.com/assert-rs/assert_cmd) | `2.1.2` | `2.2.0` | Updates `chrono` from 0.4.43 to 0.4.44 - [Release notes](https://github.com/chronotope/chrono/releases) - [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md) - [Commits](https://github.com/chronotope/chrono/compare/v0.4.43...v0.4.44) Updates `zip` from 8.0.0 to 8.5.0 - [Release notes](https://github.com/zip-rs/zip2/releases) - [Changelog](https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md) - [Commits](https://github.com/zip-rs/zip2/compare/v8.0.0...v8.5.0) Updates `sha2` from 0.11.0-rc.5 to 0.11.0 - [Commits](https://github.com/RustCrypto/hashes/compare/sha2-v0.11.0-rc.5...sha2-v0.11.0) Updates `sha3` from 0.11.0-rc.7 to 0.11.0 - [Commits](https://github.com/RustCrypto/hashes/compare/sha3-v0.11.0-rc.7...sha3-v0.11.0) Updates `blake3` from 1.8.3 to 1.8.4 - [Release notes](https://github.com/BLAKE3-team/BLAKE3/releases) - [Commits](https://github.com/BLAKE3-team/BLAKE3/compare/1.8.3...1.8.4) Updates `p256` from 0.14.0-rc.7 to 0.14.0-rc.8 - [Commits](https://github.com/RustCrypto/elliptic-curves/compare/p256/v0.14.0-rc.7...p256/v0.14.0-rc.8) Updates `p384` from 0.14.0-rc.7 to 0.14.0-rc.8 - [Commits](https://github.com/RustCrypto/elliptic-curves/compare/p384/v0.14.0-rc.7...p384/v0.14.0-rc.8) Updates `rsa` from 0.10.0-rc.15 to 0.10.0-rc.17 - [Changelog](https://github.com/RustCrypto/RSA/blob/master/CHANGELOG.md) - [Commits](https://github.com/RustCrypto/RSA/compare/v0.10.0-rc.15...v0.10.0-rc.17) Updates `ml-dsa` from 0.1.0-rc.7 to 0.1.0-rc.8 - [Commits](https://github.com/RustCrypto/signatures/compare/ml-dsa/v0.1.0-rc.7...ml-dsa/v0.1.0-rc.8) Updates `getrandom` from 0.4.1 to 0.4.2 - [Changelog](https://github.com/rust-random/getrandom/blob/master/CHANGELOG.md) - [Commits](https://github.com/rust-random/getrandom/compare/v0.4.1...v0.4.2) Updates `tempfile` from 3.25.0 to 3.27.0 - [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md) - [Commits](https://github.com/Stebalien/tempfile/commits/v3.27.0) Updates `proptest` from 1.10.0 to 1.11.0 - [Release notes](https://github.com/proptest-rs/proptest/releases) - [Changelog](https://github.com/proptest-rs/proptest/blob/main/CHANGELOG.md) - [Commits](https://github.com/proptest-rs/proptest/compare/v1.10.0...v1.11.0) Updates `clap` from 4.5.58 to 4.6.0 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.58...clap_complete-v4.6.0) Updates `clap_complete` from 4.5.66 to 4.6.0 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.66...clap_complete-v4.6.0) Updates `anyhow` from 1.0.101 to 1.0.102 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](https://github.com/dtolnay/anyhow/compare/1.0.101...1.0.102) Updates `tokio` from 1.49.0 to 1.51.0 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.49.0...tokio-1.51.0) Updates `assert_cmd` from 2.1.2 to 2.2.0 - [Changelog](https://github.com/assert-rs/assert_cmd/blob/master/CHANGELOG.md) - [Commits](https://github.com/assert-rs/assert_cmd/compare/v2.1.2...v2.2.0) --- updated-dependencies: - dependency-name: chrono dependency-version: 0.4.44 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: zip dependency-version: 8.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: sha2 dependency-version: 0.11.0 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: sha3 dependency-version: 0.11.0 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: blake3 dependency-version: 1.8.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: p256 dependency-version: 0.14.0-rc.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: p384 dependency-version: 0.14.0-rc.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: rsa dependency-version: 0.10.0-rc.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: ml-dsa dependency-version: 0.1.0-rc.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: getrandom dependency-version: 0.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: tempfile dependency-version: 3.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: proptest dependency-version: 1.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: clap dependency-version: 4.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: clap_complete dependency-version: 4.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: anyhow dependency-version: 1.0.102 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: tokio dependency-version: 1.51.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: assert_cmd dependency-version: 2.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 217 +++++++++++++++++++++----------------------- cdx-cli/Cargo.toml | 6 +- cdx-core/Cargo.toml | 12 +-- 3 files changed, 112 insertions(+), 123 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 08f8c88..9215958 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -93,9 +93,9 @@ checksum = "4b46cbb362ab8752921c97e041f5e366ee6297bd428a31275b9fcf1e380f7299" [[package]] name = "anstream" -version = "0.6.21" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43d5b281e737544384e969a5ccad3f1cdd24b48086a0fc1b2a5262a26b8f4f4a" +checksum = "824a212faf96e9acacdbd09febd34438f8f711fb84e09a8916013cd7815ca28d" dependencies = [ "anstyle", "anstyle-parse", @@ -114,9 +114,9 @@ checksum = "5192cca8006f1fd4f7237516f40fa183bb07f8fbdfedaa0036de5ea9b0b45e78" [[package]] name = "anstyle-parse" -version = "0.2.7" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e7644824f0aa2c7b9384579234ef10eb7efb6a0deb83f9630a49594dd9c15c2" +checksum = "52ce7f38b242319f7cabaa6813055467063ecdc9d355bbb4ce0c68908cd8130e" dependencies = [ "utf8parse", ] @@ -143,9 +143,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.101" +version = "1.0.102" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f0e0fee31ef5ed1ba1316088939cea399010ed7731dba877ed44aeb407a75ea" +checksum = "7f202df86484c868dbad7eaa557ef785d5c66295e41b460ef922eca0723b842c" [[package]] name = "argon2" @@ -173,9 +173,9 @@ checksum = "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50" [[package]] name = "assert_cmd" -version = "2.1.2" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c5bcfa8749ac45dd12cb11055aeeb6b27a3895560d60d71e3c23bf979e60514" +checksum = "9a686bbee5efb88a82df0621b236e74d925f470e5445d3220a5648b892ec99c9" dependencies = [ "anstyle", "bstr", @@ -248,16 +248,16 @@ dependencies = [ [[package]] name = "blake3" -version = "1.8.3" +version = "1.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2468ef7d57b3fb7e16b576e8377cdbde2320c60e1491e961d11da40fc4f02a2d" +checksum = "4d2d5991425dfd0785aed03aedcf0b321d61975c9b5b3689c774a2610ae0b51e" dependencies = [ "arrayref", "arrayvec", "cc", "cfg-if", "constant_time_eq", - "cpufeatures 0.2.17", + "cpufeatures 0.3.0", ] [[package]] @@ -344,7 +344,7 @@ dependencies = [ "clap", "clap_complete", "colored", - "getrandom 0.4.1", + "getrandom 0.4.2", "hmac 0.12.1", "pbkdf2", "predicates", @@ -352,7 +352,7 @@ dependencies = [ "rpassword", "serde", "serde_json", - "sha2 0.10.9", + "sha2 0.11.0", "tempfile", "thiserror", "tokio", @@ -373,7 +373,7 @@ dependencies = [ "der 0.8.0", "ecdsa", "ed25519-dalek", - "getrandom 0.4.1", + "getrandom 0.4.2", "hkdf 0.12.4", "json-canon", "jsonschema", @@ -388,8 +388,8 @@ dependencies = [ "rsa", "serde", "serde_json", - "sha2 0.10.9", - "sha3 0.10.8", + "sha2 0.11.0", + "sha3", "strum", "tempfile", "thiserror", @@ -435,9 +435,9 @@ dependencies = [ [[package]] name = "chrono" -version = "0.4.43" +version = "0.4.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fac4744fb15ae8337dc853fee7fb3f4e48c0fbaa23d0afe49c447b4fab126118" +checksum = "c673075a2e0e5f4a1dde27ce9dee1ea4558c7ffe648f576438a20ca1d2acc4b0" dependencies = [ "num-traits", "serde", @@ -483,9 +483,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.58" +version = "4.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "63be97961acde393029492ce0be7a1af7e323e6bae9511ebfac33751be5e6806" +checksum = "b193af5b67834b676abd72466a96c1024e6a6ad978a1f484bd90b85c94041351" dependencies = [ "clap_builder", "clap_derive", @@ -493,9 +493,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.58" +version = "4.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f13174bda5dfd69d7e947827e5af4b0f2f94a4a3ee92912fba07a66150f21e2" +checksum = "714a53001bf66416adb0e2ef5ac857140e7dc3a0c48fb28b2f10762fc4b5069f" dependencies = [ "anstream", "anstyle", @@ -506,18 +506,18 @@ dependencies = [ [[package]] name = "clap_complete" -version = "4.5.66" +version = "4.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c757a3b7e39161a4e56f9365141ada2a6c915a8622c408ab6bb4b5d047371031" +checksum = "19c9f1dde76b736e3681f28cec9d5a61299cbaae0fce80a68e43724ad56031eb" dependencies = [ "clap", ] [[package]] name = "clap_derive" -version = "4.5.55" +version = "4.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a92793da1a46a5f2a02a6f4c46c6496b28c43638adea8306fcb0caa1634f24e5" +checksum = "1110bd8a634a1ab8cb04345d8d878267d57c3cf1b38d91b71af6686408bbca6a" dependencies = [ "heck", "proc-macro2", @@ -671,13 +671,13 @@ checksum = "460fbee9c2c2f33933d720630a6a0bac33ba7053db5344fac858d4b8952d77d5" [[package]] name = "crypto-bigint" -version = "0.7.0-rc.27" +version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b43308b9b6a47554f4612d5b1fb95ff935040aa3927dd42b1d6cbc015a262d96" +checksum = "42a0d26b245348befa0c121944541476763dcc46ede886c88f9d12e1697d27c3" dependencies = [ "cpubits", "ctutils", - "getrandom 0.4.1", + "getrandom 0.4.2", "hybrid-array", "num-traits", "rand_core 0.10.0", @@ -702,16 +702,16 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "211f05e03c7d03754740fd9e585de910a095d6b99f8bcfffdef8319fa02a8331" dependencies = [ - "getrandom 0.4.1", + "getrandom 0.4.2", "hybrid-array", "rand_core 0.10.0", ] [[package]] name = "crypto-primes" -version = "0.7.0-pre.9" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6081ce8b60c0e533e2bba42771b94eb6149052115f4179744d5779883dc98583" +checksum = "21f41f23de7d24cdbda7f0c4d9c0351f99a4ceb258ef30e5c1927af8987ffe5a" dependencies = [ "crypto-bigint", "libm", @@ -893,9 +893,9 @@ checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719" [[package]] name = "elliptic-curve" -version = "0.14.0-rc.28" +version = "0.14.0-rc.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bde7860544606d222fd6bd6d9f9a0773321bf78072a637e1d560a058c0031978" +checksum = "e84043d573efd4ac9d2d125817979a379204bf7e328b25a4a30487e8d100e618" dependencies = [ "base16ct", "crypto-bigint", @@ -1122,21 +1122,21 @@ dependencies = [ "cfg-if", "js-sys", "libc", - "r-efi", + "r-efi 5.3.0", "wasip2", "wasm-bindgen", ] [[package]] name = "getrandom" -version = "0.4.1" +version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "139ef39800118c7683f2fd3c98c1b23c09ae076556b435f8e9064ae108aaeeec" +checksum = "0de51e6874e94e7bf76d726fc5d13ba782deca734ff60d5bb2fb2607c7406555" dependencies = [ "cfg-if", "js-sys", "libc", - "r-efi", + "r-efi 6.0.0", "rand_core 0.10.0", "wasip2", "wasip3", @@ -1261,9 +1261,9 @@ checksum = "6dbf3de79e51f3d586ab4cb9d5c3e2c14aa28ed23d180cf89b4df0454a69cc87" [[package]] name = "hybrid-array" -version = "0.4.7" +version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e1b229d73f5803b562cc26e4da0396c8610a4ee209f4fac8fa4f8d709166dc45" +checksum = "3944cf8cf766b40e2a1a333ee5e9b563f854d5fa49d6a8ca2764e97c6eddb214" dependencies = [ "subtle", "typenum", @@ -1555,20 +1555,12 @@ dependencies = [ [[package]] name = "keccak" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb26cec98cce3a3d96cbb7bced3c4b16e3d13f27ec56dbd62cbc8f39cfb9d653" -dependencies = [ - "cpufeatures 0.2.17", -] - -[[package]] -name = "keccak" -version = "0.2.0-rc.1" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a412fe37705d515cba9dbf1448291a717e187e2351df908cfc0137cbec3d480" +checksum = "9e24a010dd405bd7ed803e5253182815b41bf2e6a80cc3bfc066658e03a198aa" dependencies = [ - "cpufeatures 0.2.17", + "cfg-if", + "cpufeatures 0.3.0", ] [[package]] @@ -1585,9 +1577,9 @@ checksum = "09edd9e8b54e49e587e4f6295a7d29c3ea94d469cb40ab8ca70b288248a81db2" [[package]] name = "libc" -version = "0.2.182" +version = "0.2.184" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6800badb6cb2082ffd7b6a67e6125bb39f18782f793520caee8cb8846be06112" +checksum = "48f5d2a454e16a5ea0f4ced81bd44e4cfc7bd3a507b61887c99fd3538b28e4af" [[package]] name = "libm" @@ -1597,9 +1589,9 @@ checksum = "b6d2cec3eae94f9f509c767b45932f1ada8350c4bdb85af2fcab4a3c14807981" [[package]] name = "linux-raw-sys" -version = "0.11.0" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df1d3c3b53da64cf5760482273a98e575c651a67eec7f77df96b5b642de8f039" +checksum = "32a66949e030da00e8c7d4434b251670a91556f4144941d37452769c25d58a53" [[package]] name = "litemap" @@ -1637,9 +1629,9 @@ dependencies = [ [[package]] name = "mio" -version = "1.1.1" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a69bcab0ad47271a0234d9422b131806bf3968021e5dc9328caf2d4cd58557fc" +checksum = "50b7e5b27aa02a74bac8c3f23f448f8d87ff11f92d3aac1a6ed369ee08cc56c1" dependencies = [ "libc", "wasi", @@ -1648,24 +1640,25 @@ dependencies = [ [[package]] name = "ml-dsa" -version = "0.1.0-rc.7" +version = "0.1.0-rc.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af6e554a2affc86740759dbe568a92abd58b47fea4e28ebe1b7bb4da99e490d4" +checksum = "f5b2bb0ad6fa2b40396775bd56f51345171490fef993f46f91a876ecdbdaea55" dependencies = [ "const-oid 0.10.2", + "ctutils", "hybrid-array", "module-lattice", "pkcs8 0.11.0-rc.11", "rand_core 0.10.0", - "sha3 0.11.0-rc.7", + "sha3", "signature 3.0.0-rc.10", ] [[package]] name = "module-lattice" -version = "0.1.0" +version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6dfecc750073acc09af2f8899b2342d520d570392ba1c3aed53eeb0d84ca4103" +checksum = "164eb3faeaecbd14b0b2a917c1b4d0c035097a9c559b0bed85c2cdd032bc8faa" dependencies = [ "hybrid-array", "num-traits", @@ -1782,29 +1775,29 @@ checksum = "1a80800c0488c3a21695ea981a54918fbb37abf04f4d0720c453632255e2ff0e" [[package]] name = "p256" -version = "0.14.0-rc.7" +version = "0.14.0-rc.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "018bfbb86e05fd70a83e985921241035ee09fcd369c4a2c3680b389a01d2ad28" +checksum = "44f0a10fe314869359cb2901342b045f4e5a962ef9febc006f03d2a8c848fe4c" dependencies = [ "ecdsa", "elliptic-curve", "primefield", "primeorder", - "sha2 0.11.0-rc.5", + "sha2 0.11.0", ] [[package]] name = "p384" -version = "0.14.0-rc.7" +version = "0.14.0-rc.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8c91df688211f5957dbe2ab599dcbcaade8d6d3cdc15c5b350d350d7d07ce423" +checksum = "b079e66810c55ab3d6ba424e056dc4aefcdb8046c8c3f3816142edbdd7af7721" dependencies = [ "ecdsa", "elliptic-curve", "fiat-crypto 0.3.0", "primefield", "primeorder", - "sha2 0.11.0-rc.5", + "sha2 0.11.0", ] [[package]] @@ -2029,9 +2022,9 @@ dependencies = [ [[package]] name = "primefield" -version = "0.14.0-rc.7" +version = "0.14.0-rc.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "93401c13cc7ff24684571cfca9d3cf9ebabfaf3d4b7b9963ade41ec54da196b5" +checksum = "c6543f5eec854fbf74ba5ef651fbdc9408919b47c3e1526623687135c16d12e9" dependencies = [ "crypto-bigint", "crypto-common 0.2.0", @@ -2043,9 +2036,9 @@ dependencies = [ [[package]] name = "primeorder" -version = "0.14.0-rc.7" +version = "0.14.0-rc.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a0c5c8a39bcd764bfedf456e8d55e115fe86dda3e0f555371849f2a41cbc9706" +checksum = "569d9ad6ef822bb0322c7e7d84e5e286244050bd5246cac4c013535ae91c2c90" dependencies = [ "elliptic-curve", ] @@ -2061,9 +2054,9 @@ dependencies = [ [[package]] name = "proptest" -version = "1.10.0" +version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37566cb3fdacef14c0737f9546df7cfeadbfbc9fef10991038bf5015d0c80532" +checksum = "4b45fcc2344c680f5025fe57779faef368840d0bd1f42f216291f0dc4ace4744" dependencies = [ "bit-set", "bit-vec", @@ -2141,9 +2134,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.44" +version = "1.0.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21b2ebcf727b7760c461f091f9f0f539b77b8e87f2fd88131e7f1b433b3cece4" +checksum = "41f2619966050689382d2b44f664f4bc593e129785a36d6ee376ddf37259b924" dependencies = [ "proc-macro2", ] @@ -2154,6 +2147,12 @@ version = "5.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" +[[package]] +name = "r-efi" +version = "6.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8dcc9c7d52a811697d2151c701e0d08956f92b0e24136cf4cf27b57a6a0d9bf" + [[package]] name = "rand" version = "0.9.2" @@ -2366,9 +2365,9 @@ dependencies = [ [[package]] name = "rsa" -version = "0.10.0-rc.15" +version = "0.10.0-rc.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b342b99544549f37509ed7fd42b0cea04bfd9ce07c16ca56094cf0fbeefbbcd" +checksum = "87ed3e93fc7e473e464b9726f4759659e72bc8665e4b8ea227547024f416d905" dependencies = [ "const-oid 0.10.2", "crypto-bigint", @@ -2377,7 +2376,7 @@ dependencies = [ "pkcs1", "pkcs8 0.11.0-rc.11", "rand_core 0.10.0", - "sha2 0.11.0-rc.5", + "sha2 0.11.0", "signature 3.0.0-rc.10", "spki 0.8.0-rc.4", "zeroize", @@ -2431,9 +2430,9 @@ dependencies = [ [[package]] name = "rustix" -version = "1.1.3" +version = "1.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "146c9e247ccc180c1f61615433868c99f3de3ae256a30a43b49f67c2d9171f34" +checksum = "b6fe4565b9518b83ef4f91bb47ce29620ca828bd32cb7e408f0062e9930ba190" dependencies = [ "bitflags", "errno", @@ -2518,9 +2517,9 @@ dependencies = [ [[package]] name = "sec1" -version = "0.8.0-rc.13" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a2400ed44a13193820aa528a19f376c3843141a8ce96ff34b11104cc79763f2" +checksum = "d56d437c2f19203ce5f7122e507831de96f3d2d4d3be5af44a0b0a09d8a80e4d" dependencies = [ "base16ct", "ctutils", @@ -2614,33 +2613,23 @@ dependencies = [ [[package]] name = "sha2" -version = "0.11.0-rc.5" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7c5f3b1e2dc8aad28310d8410bd4d7e180eca65fca176c52ab00d364475d0024" +checksum = "446ba717509524cb3f22f17ecc096f10f4822d76ab5c0b9822c5f9c284e825f4" dependencies = [ "cfg-if", - "cpufeatures 0.2.17", + "cpufeatures 0.3.0", "digest 0.11.0", ] [[package]] name = "sha3" -version = "0.10.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75872d278a8f37ef87fa0ddbda7802605cb18344497949862c0d4dcb291eba60" -dependencies = [ - "digest 0.10.7", - "keccak 0.1.6", -] - -[[package]] -name = "sha3" -version = "0.11.0-rc.7" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c5bfe7820113e633d8886e839aae78c1184b8d7011000db6bc7eb61e34f28350" +checksum = "be176f1a57ce4e3d31c1a166222d9768de5954f811601fb7ca06fc8203905ce1" dependencies = [ "digest 0.11.0", - "keccak 0.2.0-rc.1", + "keccak", ] [[package]] @@ -2688,12 +2677,12 @@ checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03" [[package]] name = "socket2" -version = "0.6.2" +version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86f4aa3ad99f2088c990dfa82d367e19cb29268ed67c574d10d0a4bfe71f07e0" +checksum = "3a766e1110788c36f4fa1c2b71b387a7815aa65f88ce0229841826633d93723e" dependencies = [ "libc", - "windows-sys 0.60.2", + "windows-sys 0.61.2", ] [[package]] @@ -2757,9 +2746,9 @@ checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292" [[package]] name = "syn" -version = "2.0.116" +version = "2.0.117" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3df424c70518695237746f84cede799c9c58fcb37450d7b23716568cc8bc69cb" +checksum = "e665b8803e7b1d2a727f4023456bbbbe74da67099c585258af0ad9c5013b9b99" dependencies = [ "proc-macro2", "quote", @@ -2788,12 +2777,12 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.25.0" +version = "3.27.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0136791f7c95b1f6dd99f9cc786b91bb81c3800b639b3478e561ddb7be95e5f1" +checksum = "32497e9a4c7b38532efcdebeef879707aa9f794296a4f0244f6f69e9bc8574bd" dependencies = [ "fastrand", - "getrandom 0.4.1", + "getrandom 0.4.2", "once_cell", "rustix", "windows-sys 0.61.2", @@ -2893,9 +2882,9 @@ dependencies = [ [[package]] name = "tokio" -version = "1.49.0" +version = "1.51.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72a2903cd7736441aac9df9d7688bd0ce48edccaadf181c3b90be801e81d3d86" +checksum = "2bd1c4c0fc4a7ab90fc15ef6daaa3ec3b893f004f915f2392557ed23237820cd" dependencies = [ "bytes", "libc", @@ -2908,9 +2897,9 @@ dependencies = [ [[package]] name = "tokio-macros" -version = "2.6.0" +version = "2.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af407857209536a95c8e56f8231ef2c2e2aff839b22e07a1ffcbc617e9db9fa5" +checksum = "385a6cb71ab9ab790c5fe8d67f1645e6c450a7ce006a33de03daa956cf70a496" dependencies = [ "proc-macro2", "quote", @@ -3707,9 +3696,9 @@ dependencies = [ [[package]] name = "zip" -version = "8.0.0" +version = "8.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "79b32dd4ad3aca14ae109f8cce0495ac1c57f6f4f00ad459a40e582f89440d97" +checksum = "2726508a48f38dceb22b35ecbbd2430efe34ff05c62bd3285f965d7911b33464" dependencies = [ "crc32fast", "flate2", diff --git a/cdx-cli/Cargo.toml b/cdx-cli/Cargo.toml index dc505cb..2f8848d 100644 --- a/cdx-cli/Cargo.toml +++ b/cdx-cli/Cargo.toml @@ -39,13 +39,13 @@ tokio = { version = "1", features = ["rt-multi-thread", "macros"], optional = tr argon2 = { version = "0.5", optional = true } pbkdf2 = { version = "0.12", optional = true } hmac = { version = "0.12", optional = true } -sha2 = { version = "0.10", optional = true } +sha2 = { version = "0.11", optional = true } base64 = { version = "0.22", optional = true } rand_core = { version = "0.10", optional = true } getrandom = { version = "0.4", optional = true } rpassword = { version = "7", optional = true } [dev-dependencies] -tempfile = "3.14" -assert_cmd = "2.1.2" +tempfile = "3.27" +assert_cmd = "2.2.0" predicates = "3.0" diff --git a/cdx-core/Cargo.toml b/cdx-core/Cargo.toml index 2a4871b..4dee30b 100644 --- a/cdx-core/Cargo.toml +++ b/cdx-core/Cargo.toml @@ -53,12 +53,12 @@ serde_json = "1.0" json-canon = "0.1" # RFC 8785 JSON Canonicalization # ZIP handling -zip = { version = "8.0", default-features = false, features = ["deflate"] } +zip = { version = "8.5", default-features = false, features = ["deflate"] } # Cryptography -sha2 = "0.10" -sha3 = "0.10" -blake3 = "1.5" +sha2 = "0.11" +sha3 = "0.11" +blake3 = "1.8" # Signatures (optional) p256 = { version = ">=0.14.0-rc.7, <0.15", features = ["ecdsa", "pem"], optional = true } @@ -107,9 +107,9 @@ thiserror = "2.0" getrandom = "0.4" [dev-dependencies] -tempfile = "3.14" +tempfile = "3.27" pretty_assertions = "1.4" -proptest = "1.5" +proptest = "1.11" criterion = { version = "0.8", features = ["html_reports"] } jsonschema = "0.28"