Skip to content

chore(deps): bump the validation-deps group across 1 directory with 11 updates#270

Merged
tarcieri merged 1 commit into
masterfrom
dependabot/cargo/validation/local_ping_pong_openssl/validation-deps-75dc3df683
Jul 16, 2026
Merged

chore(deps): bump the validation-deps group across 1 directory with 11 updates#270
tarcieri merged 1 commit into
masterfrom
dependabot/cargo/validation/local_ping_pong_openssl/validation-deps-75dc3df683

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor

Bumps the validation-deps group with 11 updates in the /validation/local_ping_pong_openssl directory:

Package From To
rustls 0.23.41 0.23.42
bitflags 2.13.0 2.13.1
cc 1.2.65 1.2.67
curve25519-dalek 5.0.0-rc.1 5.0.0
der 0.8.0 0.8.1
ed25519-dalek 3.0.0-rc.1 3.0.0
p384 0.14.0-rc.15 0.14.0
poly1305 0.9.0 0.9.1
polyval 0.7.1 0.7.2
syn 2.0.118 2.0.119
x25519-dalek 3.0.0-rc.1 3.0.0

Updates rustls from 0.23.41 to 0.23.42

Commits
  • 411fb02 Bump version to 0.23.42
  • aff9845 implement rfc 9149 ticket_request extension
  • 8bd3d1b server: add max_tls13_tickets configuration
  • 4cce222 Address new std_instead_of_core in nightly
  • d3ffdc1 Address new std_instead_of_core in nightly
  • 75d1b7a Take semver-compatible dependency updates
  • See full diff in compare view

Updates bitflags from 2.13.0 to 2.13.1

Release notes

Sourced from bitflags's releases.

2.13.1

What's Changed

New Contributors

Full Changelog: bitflags/bitflags@2.13.0...2.13.1

Changelog

Sourced from bitflags's changelog.

2.13.1

What's Changed

New Contributors

Full Changelog: bitflags/bitflags@2.13.0...2.13.1

Commits

Updates cc from 1.2.65 to 1.2.67

Release notes

Sourced from cc's releases.

cc-v1.2.67

Other

  • Fix clippy warning (#1788)
  • Regenerate target info (#1785)
  • Add support for aarch64-unknown-linux-pauthtest target (#1713)
  • Fix nightly compilation error (#1783)

cc-v1.2.66

Other

  • Fix target parsing for aarch64-unknown-linux-pauthtest (#1779)
  • Support new QNX targets (#1775)
  • Add kache to the supported compiler wrappers (#1770)
Changelog

Sourced from cc's changelog.

1.2.67 - 2026-07-11

Other

  • Fix clippy warning (#1788)
  • Regenerate target info (#1785)
  • Add support for aarch64-unknown-linux-pauthtest target (#1713)
  • Fix nightly compilation error (#1783)

1.2.66 - 2026-07-05

Other

  • Fix target parsing for aarch64-unknown-linux-pauthtest (#1779)
  • Support new QNX targets (#1775)
  • Add kache to the supported compiler wrappers (#1770)
Commits

Updates curve25519-dalek from 5.0.0-rc.1 to 5.0.0

Commits

Updates der from 0.8.0 to 0.8.1

Commits

Updates ed25519-dalek from 3.0.0-rc.1 to 3.0.0

Changelog

Sourced from ed25519-dalek's changelog.

3.0.0

  • Update the digest dependency to 0.9. This requires a major version because the digest traits are part of the public API, but there are otherwise no changes to the API.

2.1.0

  • Make Scalar::from_bits a const fn, allowing its use in const contexts.

2.0.0

  • Fix a data modeling error in the serde feature pointed out by Trevor Perrin which caused points and scalars to be serialized with length fields rather than as fixed-size 32-byte arrays. This is a breaking change, but it fixes compatibility with serde-json and ensures that the serde-bincode encoding matches the conventional encoding for X/Ed25519.
  • Update rand_core to 0.5, allowing use with new rand versions.
  • Switch from clear_on_drop to zeroize (by Tony Arcieri).
  • Require subtle = ^2.2.1 and remove the note advising nightly Rust, which is no longer required as of that version of subtle. See the subtle changelog for more details.
  • Update README.md for 2.x series.
  • Remove the build.rs hack which loaded the entire crate into its own build.rs to generate constants, and keep the constants in the source code.

The only significant change is the data model change to the serde feature; besides the rand_core version bump, there are no other user-visible changes.

1.2.4

  • Specify a semver bound for clear_on_drop rather than an exact version, addressing an issue where changes to inline assembly in rustc prevented clear_on_drop from working without an update.

1.2.3

  • Fix an issue identified by a Quarkslab audit (and Jack Grigg), where manually constructing unreduced Scalar values, as needed for X/Ed25519, and then performing scalar/scalar arithmetic could compute incorrect results.
  • Switch to upstream Rust intrinsics for the IFMA backend now that they exist in Rust and don't need to be defined locally.
  • Ensure that the NAF computation works correctly, even for parameters never used elsewhere in the codebase.
  • Minor refactoring to EdwardsPoint decompression.
  • Fix broken links in documentation.
  • Fix compilation on nightly broken due to changes to the #[doc(include)] path root (not quite correctly done in 1.2.2).

1.2.2

... (truncated)

Commits
  • 6d96eb7 Bump version to 3.0.0.
  • c68b30f Merge pull request #330 from isislovecruft/fix/move-coc
  • 2ee6193 Merge pull request #327 from huitseeker/digests-0.9
  • 91a0fae Move CoC section from CONTRIBUTING.md to new file.
  • 5038fcf Merge pull request #308 from isislovecruft/fix/pippenger-typo
  • 6afd8ff Update sha2, digest to 0.9
  • 3cc13a7 Merge branch 'master' into develop
  • c4824e1 Merge branch 'release/2.1.0'
  • 3fc47ef Bump version to 2.1.0
  • f04b830 Merge branch 'master' into develop
  • Additional commits viewable in compare view

Updates p384 from 0.14.0-rc.15 to 0.14.0

Commits

Updates poly1305 from 0.9.0 to 0.9.1

Commits
  • 4f56919 Release poly1305 v0.9.1 (#345)
  • 08b9ae1 Tweak zeroization (#343)
  • 71e27b5 ci: bump actions/cache from 5 to 6 (#340)
  • 7232d5e build(deps): bump actions/checkout from 6 to 7 (#338)
  • 52dd6af build(deps): bump the all-deps group with 9 updates (#337)
  • cbe6622 build(deps): bump hybrid-array from 0.4.11 to 0.4.12 in the all-deps group (#...
  • See full diff in compare view

Updates polyval from 0.7.1 to 0.7.2

Commits
  • bf69453 polyval v0.7.2 (#348)
  • feb26f6 polyval: detect avx+pclmulqdq CPU features on x86 (#347)
  • 4f56919 Release poly1305 v0.9.1 (#345)
  • 08b9ae1 Tweak zeroization (#343)
  • 71e27b5 ci: bump actions/cache from 5 to 6 (#340)
  • 7232d5e build(deps): bump actions/checkout from 6 to 7 (#338)
  • 52dd6af build(deps): bump the all-deps group with 9 updates (#337)
  • cbe6622 build(deps): bump hybrid-array from 0.4.11 to 0.4.12 in the all-deps group (#...
  • ec9e338 poly1305 v0.9.0 (#333)
  • e25c443 build(deps): bump cpubits from 0.1.0 to 0.1.1 in the all-deps group (#332)
  • Additional commits viewable in compare view

Updates syn from 2.0.118 to 2.0.119

Release notes

Sourced from syn's releases.

2.0.119

  • Preserve attributes on tail-call expressions in statement position (#1994)
  • Parse field-representing types builtin in type position (#1996)
Commits
  • 3295f9e Release 2.0.119
  • 6ae9c18 Merge pull request #1996 from dtolnay/fieldrepresenting
  • 8ebd963 Parse field-representing types builtin
  • 540ccf8 Drop unneeded lifetime on covariant Cursor in verbatim::between
  • aa05887 Merge pull request #1995 from dtolnay/cursor
  • b7160d3 Reduce forking for Verbatim construction
  • efdc925 Merge pull request #1994 from dtolnay/tailcall
  • de6424c Preserve attribute on tail-call expression in statement position
  • 050dd73 Stricter const move closure grammar
  • c7d514b Merge pull request #1992 from dtolnay/scanconstmove
  • Additional commits viewable in compare view

Updates x25519-dalek from 3.0.0-rc.1 to 3.0.0

Changelog

Sourced from x25519-dalek's changelog.

3.0.0

  • Update the digest dependency to 0.9. This requires a major version because the digest traits are part of the public API, but there are otherwise no changes to the API.

2.1.0

  • Make Scalar::from_bits a const fn, allowing its use in const contexts.

2.0.0

  • Fix a data modeling error in the serde feature pointed out by Trevor Perrin which caused points and scalars to be serialized with length fields rather than as fixed-size 32-byte arrays. This is a breaking change, but it fixes compatibility with serde-json and ensures that the serde-bincode encoding matches the conventional encoding for X/Ed25519.
  • Update rand_core to 0.5, allowing use with new rand versions.
  • Switch from clear_on_drop to zeroize (by Tony Arcieri).
  • Require subtle = ^2.2.1 and remove the note advising nightly Rust, which is no longer required as of that version of subtle. See the subtle changelog for more details.
  • Update README.md for 2.x series.
  • Remove the build.rs hack which loaded the entire crate into its own build.rs to generate constants, and keep the constants in the source code.

The only significant change is the data model change to the serde feature; besides the rand_core version bump, there are no other user-visible changes.

1.2.4

  • Specify a semver bound for clear_on_drop rather than an exact version, addressing an issue where changes to inline assembly in rustc prevented clear_on_drop from working without an update.

1.2.3

  • Fix an issue identified by a Quarkslab audit (and Jack Grigg), where manually constructing unreduced Scalar values, as needed for X/Ed25519, and then performing scalar/scalar arithmetic could compute incorrect results.
  • Switch to upstream Rust intrinsics for the IFMA backend now that they exist in Rust and don't need to be defined locally.
  • Ensure that the NAF computation works correctly, even for parameters never used elsewhere in the codebase.
  • Minor refactoring to EdwardsPoint decompression.
  • Fix broken links in documentation.
  • Fix compilation on nightly broken due to changes to the #[doc(include)] path root (not quite correctly done in 1.2.2).

1.2.2

... (truncated)

Commits
  • 6d96eb7 Bump version to 3.0.0.
  • c68b30f Merge pull request #330 from isislovecruft/fix/move-coc
  • 2ee6193 Merge pull request #327 from huitseeker/digests-0.9
  • 91a0fae Move CoC section from CONTRIBUTING.md to new file.
  • 5038fcf Merge pull request #308 from isislovecruft/fix/pippenger-typo
  • 6afd8ff Update sha2, digest to 0.9
  • 3cc13a7 Merge branch 'master' into develop
  • c4824e1 Merge branch 'release/2.1.0'
  • 3fc47ef Bump version to 2.1.0
  • f04b830 Merge branch 'master' into develop
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…1 updates

Bumps the validation-deps group with 11 updates in the /validation/local_ping_pong_openssl directory:

| Package | From | To |
| --- | --- | --- |
| [rustls](https://github.com/rustls/rustls) | `0.23.41` | `0.23.42` |
| [bitflags](https://github.com/bitflags/bitflags) | `2.13.0` | `2.13.1` |
| [cc](https://github.com/rust-lang/cc-rs) | `1.2.65` | `1.2.67` |
| [curve25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek) | `5.0.0-rc.1` | `5.0.0` |
| [der](https://github.com/RustCrypto/formats) | `0.8.0` | `0.8.1` |
| [ed25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek) | `3.0.0-rc.1` | `3.0.0` |
| [p384](https://github.com/RustCrypto/elliptic-curves) | `0.14.0-rc.15` | `0.14.0` |
| [poly1305](https://github.com/RustCrypto/universal-hashes) | `0.9.0` | `0.9.1` |
| [polyval](https://github.com/RustCrypto/universal-hashes) | `0.7.1` | `0.7.2` |
| [syn](https://github.com/dtolnay/syn) | `2.0.118` | `2.0.119` |
| [x25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek) | `3.0.0-rc.1` | `3.0.0` |



Updates `rustls` from 0.23.41 to 0.23.42
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](rustls/rustls@v/0.23.41...v/0.23.42)

Updates `bitflags` from 2.13.0 to 2.13.1
- [Release notes](https://github.com/bitflags/bitflags/releases)
- [Changelog](https://github.com/bitflags/bitflags/blob/main/CHANGELOG.md)
- [Commits](bitflags/bitflags@2.13.0...2.13.1)

Updates `cc` from 1.2.65 to 1.2.67
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](rust-lang/cc-rs@cc-v1.2.65...cc-v1.2.67)

Updates `curve25519-dalek` from 5.0.0-rc.1 to 5.0.0
- [Release notes](https://github.com/dalek-cryptography/curve25519-dalek/releases)
- [Commits](dalek-cryptography/curve25519-dalek@curve25519-5.0.0-rc.1...curve25519-5.0.0)

Updates `der` from 0.8.0 to 0.8.1
- [Commits](RustCrypto/formats@der/v0.8.0...der/v0.8.1)

Updates `ed25519-dalek` from 3.0.0-rc.1 to 3.0.0
- [Release notes](https://github.com/dalek-cryptography/curve25519-dalek/releases)
- [Changelog](https://github.com/dalek-cryptography/curve25519-dalek/blob/3.0.0/CHANGELOG.md)
- [Commits](dalek-cryptography/curve25519-dalek@x25519-3.0.0-rc.1...3.0.0)

Updates `p384` from 0.14.0-rc.15 to 0.14.0
- [Commits](RustCrypto/elliptic-curves@p384/v0.14.0-rc.15...p384/v0.14.0)

Updates `poly1305` from 0.9.0 to 0.9.1
- [Commits](RustCrypto/universal-hashes@poly1305-v0.9.0...poly1305-v0.9.1)

Updates `polyval` from 0.7.1 to 0.7.2
- [Commits](RustCrypto/universal-hashes@polyval-v0.7.1...polyval-v0.7.2)

Updates `syn` from 2.0.118 to 2.0.119
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](dtolnay/syn@2.0.118...2.0.119)

Updates `x25519-dalek` from 3.0.0-rc.1 to 3.0.0
- [Release notes](https://github.com/dalek-cryptography/curve25519-dalek/releases)
- [Changelog](https://github.com/dalek-cryptography/curve25519-dalek/blob/3.0.0/CHANGELOG.md)
- [Commits](dalek-cryptography/curve25519-dalek@x25519-3.0.0-rc.1...3.0.0)

---
updated-dependencies:
- dependency-name: rustls
  dependency-version: 0.23.42
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: validation-deps
- dependency-name: bitflags
  dependency-version: 2.13.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: validation-deps
- dependency-name: cc
  dependency-version: 1.2.67
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: validation-deps
- dependency-name: curve25519-dalek
  dependency-version: 5.0.0
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: validation-deps
- dependency-name: der
  dependency-version: 0.8.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: validation-deps
- dependency-name: ed25519-dalek
  dependency-version: 3.0.0
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: validation-deps
- dependency-name: p384
  dependency-version: 0.14.0
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: validation-deps
- dependency-name: poly1305
  dependency-version: 0.9.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: validation-deps
- dependency-name: polyval
  dependency-version: 0.7.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: validation-deps
- dependency-name: syn
  dependency-version: 2.0.119
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: validation-deps
- dependency-name: x25519-dalek
  dependency-version: 3.0.0
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: validation-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jul 16, 2026
@tarcieri
tarcieri merged commit c1de5bc into master Jul 16, 2026
14 checks passed
@dependabot
dependabot Bot deleted the dependabot/cargo/validation/local_ping_pong_openssl/validation-deps-75dc3df683 branch July 16, 2026 20:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant