build(deps): update getrandom requirement from 0.3 to 0.4

[dependabot]

Updates the requirements on getrandom to permit the latest version.

Changelog

Sourced from getrandom's changelog.

[0.4.0] - 2026-02-02

Added

• RawOsError type alias #739
• SysRng behind new feature sys_rng #751
• WASIp3 support #779
• extern_impl opt-in backend #786 #794
• Motor OS support #797

Changed

• Use Edition 2024 and MSRV 1.85 #749

#739: rust-random/getrandom#739 #749: rust-random/getrandom#749 #751: rust-random/getrandom#751 #779: rust-random/getrandom#779 #786: rust-random/getrandom#786 #794: rust-random/getrandom#794

[0.3.4] - 2025-10-14

Major change to wasm_js backend

Now, when the wasm_js feature is enabled, the wasm_js backend will be used by default. Users of wasm32-unknown-unknown targeting JavaScript environments like the Web and Node.js will no longer need to specify:

--cfg getrandom_backend="wasm_js"

in RUSTFLAGS for the crate to compile. They can now simple enable a feature.

Note: this should not affect non-JS users of the wasm32-unknown-unknown target. Using --cfg getrandom_backend will still override the source of randomness even if the wasm_js feature is enabled. This includes --cfg getrandom_backend=custom and --cfg getrandom_backend=unsupported.

For more information, see the discussions in #671, #675, and #730.

Added

• unsupported opt-in backend #667
• windows_legacy opt-in backend #724

Changed

• Implement Memory Sanitizer unpoisoning more precisely #678
• Relax MSRV for the linux_raw opt-in backend on ARM targets #688
• Use getrandom syscall on all RISC-V Linux targets #699
• Replaced wasi dependency with wasip2 #721
• Enable wasm_js backend by default if the wasm_js feature is enabled #730

Removed

... (truncated)

Commits

• 35fd5af Prepare v0.4.0 release (#798)
• 269bc59 ci: fix tests.yml (#799)
• 1fce070 Rename extern_item_impls opt-in backend to extern_impl (#794)
• 887775d Add rdrand backend for Motor OS (#797)
• 2e35077 Update license year (#795)
• 2e15731 Add extern_item_impls opt-in backend (#786)
• 698db3b Bump wasip3 to v0.4 (#790)
• ebc99b6 readme: fix outdated Windows 10 entry (#792)
• 56a2961 Enable lints in Cargo.toml (#791)
• 4f596a9 ci: check docs with enabled sys_rng feature (#789)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[github-actions]

Benchmark for bf3a474

Click to view benchmark

Test	PR Benchmark	Master Benchmark	%
b_benchmark_rbac_model_large	10.2±0.03ms	9.8±0.04ms	+4.08%
benchmark priority model	1484.3±23.91ns	1450.5±26.60ns	+2.33%
benchmark_abac_model	1025.2±12.58ns	1036.4±8.09ns	-1.08%
benchmark_basic_model	1172.0±9.60ns	1152.5±22.10ns	+1.69%
benchmark_key_match	4.1±0.07µs	4.0±0.05µs	+2.50%
benchmark_raw	0.0±0.00ns	0.0±0.00ns	NaN%
benchmark_rbac_model	3.3±0.05µs	3.1±0.04µs	+6.45%
benchmark_rbac_model_medium	871.1±4.49µs	827.4±3.86µs	+5.28%
benchmark_rbac_model_with_domains	1995.3±30.08ns	1974.4±20.23ns	+1.06%
benchmark_rbac_with_deny	5.5±0.08µs	5.3±0.06µs	+3.77%
benchmark_rbac_with_resource_roles	1430.4±12.76ns	1404.6±20.54ns	+1.84%
benchmark_role_manager_large	4.4±0.01ms	4.4±0.01ms	0.00%
benchmark_role_manager_medium	278.7±4.30µs	276.6±6.31µs	+0.76%
benchmark_role_manager_small	88.0±0.80µs	85.6±1.01µs	+2.80%

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.