deps: bump the rust-dependencies group across 1 directory with 10 updates

[dependabot]

Bumps the rust-dependencies group with 10 updates in the / directory:

Package	From	To
anyhow	1.0.100	1.0.102
clap	4.5.55	4.5.60
openssl	0.10.75	0.10.78
x509-parser	0.18.0	0.18.1
reqwest	0.13.1	0.13.3
rand	0.9.2	0.10.1
tss-esapi	7.6.0	7.7.0
assert_cmd	2.1.2	2.2.1
predicates	3.1.3	3.1.4
tempfile	3.24.0	3.27.0

Updates anyhow from 1.0.100 to 1.0.102

Release notes

Sourced from anyhow's releases.

1.0.102

• Remove backtrace dependency (#438, #439, #440, #441, #442)

1.0.101

• Add #[inline] to anyhow::Ok helper (#437, thanks @​Ibitier)

Commits

• 5c657b3 Release 1.0.102
• e737fb6 Merge pull request #442 from dtolnay/backtrace
• 7fe62b5 Further simply backtrace conditional compilation
• c8cb5ca Merge pull request #441 from dtolnay/backtrace
• de27df7 Delete CI use of --features=backtrace
• 9b67e5d Merge pull request #440 from dtolnay/backtrace
• efdb11a Simplify std_backtrace conditional code
• b8a9a70 Merge pull request #439 from dtolnay/backtrace
• a42fc2c Remove feature = "backtrace" conditional code
• 2a2a3ce Re-word backtrace feature comment
• Additional commits viewable in compare view

Updates clap from 4.5.55 to 4.5.60

Release notes

Sourced from clap's releases.

v4.5.60

[4.5.60] - 2026-02-19

Fixes

• (help) Quote empty default values, possible values

v4.5.59

[4.5.59] - 2026-02-16

Fixes

• Command::ignore_errors no longer masks help/version on subcommands

v4.5.58

[4.5.58] - 2026-02-11

v4.5.57

[4.5.57] - 2026-02-03

Fixes

• Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

v4.5.56

[4.5.56] - 2026-01-29

Fixes

• On conflict error, don't show conflicting arguments in the usage

Changelog

Sourced from clap's changelog.

[4.5.60] - 2026-02-19

Fixes

• (help) Quote empty default values, possible values

[4.5.59] - 2026-02-16

Fixes

• Command::ignore_errors no longer masks help/version on subcommands

[4.5.58] - 2026-02-11

[4.5.57] - 2026-02-03

Fixes

• Regression from 4.5.55 where having an argument with .value_terminator("--") caused problems with an argument with .last(true)

[4.5.56] - 2026-01-29

Fixes

• On conflict error, don't show conflicting arguments in the usage

Commits

• 33d24d8 chore: Release
• 9332409 docs: Update changelog
• b7adce5 Merge pull request #6166 from fabalchemy/fix-dynamic-powershell-completion
• 009bba4 fix(clap_complete): Improve powershell registration
• d89d57d chore: Release
• f18b67e docs: Update changelog
• 9d218eb Merge pull request #6165 from epage/shirt
• 126440c fix(help): Correctly calculate padding for short-only args
• 9e3c05e test(help): Show panic with short, valueless arg
• c9898d0 test(help): Verify short with value
• Additional commits viewable in compare view

Updates openssl from 0.10.75 to 0.10.78

Release notes

Sourced from openssl's releases.

openssl-v0.10.78

What's Changed

• Fix Suite B flag assignments in verify.rs by @​alex in rust-openssl/rust-openssl#2592
• Use cvt_p for OPENSSL_malloc error handling by @​alex in rust-openssl/rust-openssl#2593
• Mark BIO_get_mem_data on AWS-LC to be unsafe by @​alex in rust-openssl/rust-openssl#2594
• Set timeout for package installation step by @​alex in rust-openssl/rust-openssl#2595
• Panic in Crypter::new when IV is required but not provided by @​alex in rust-openssl/rust-openssl#2596
• openssl 4 support by @​reaperhulk in rust-openssl/rust-openssl#2591
• Avoid panic for overlong OIDs by @​botovq in rust-openssl/rust-openssl#2598
• Fix dangling stack pointer in custom extension add callback by @​alex in rust-openssl/rust-openssl#2599
• Add support for LibreSSL 4.3.x by @​botovq in rust-openssl/rust-openssl#2603
• fix inverted bounds assertion in AES key unwrap by @​reaperhulk in rust-openssl/rust-openssl#2604
• Reject oversized length returns from password callback trampoline by @​alex in rust-openssl/rust-openssl#2605
• Validate callback-returned lengths in PSK and cookie trampolines by @​alex in rust-openssl/rust-openssl#2607
• Error for short out in MdCtxRef::digest_final() by @​botovq in rust-openssl/rust-openssl#2608
• Check derive output buffer length on OpenSSL 1.1.x by @​alex in rust-openssl/rust-openssl#2606
• Release openssl v0.10.78 and openssl-sys v0.9.114 by @​alex in rust-openssl/rust-openssl#2609

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.77...openssl-v0.10.78

openssl-v0.10.77

What's Changed

• CI: Hash-pin all action usage, avoid credential persistence in actions/checkout by @​woodruffw in rust-openssl/rust-openssl#2587
• Bump aws-lc-sys to 0.39 by @​goffrie in rust-openssl/rust-openssl#2588
• md_ctx: enable sign/verify/reset on BoringSSL, LibreSSL, and AWS-LC by @​alex in rust-openssl/rust-openssl#2589
• Release openssl v0.10.77 and openssl-sys v0.9.113 by @​alex in rust-openssl/rust-openssl#2590

New Contributors

• @​woodruffw made their first contribution in rust-openssl/rust-openssl#2587

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.76...openssl-v0.10.77

openssl-v0.10.76

What's Changed

• feat: New methods EVP_PKEY_new_raw_*_key_ex and EVP_PKEY_is_a by @​FinnRG in rust-openssl/rust-openssl#2521
• Fix invalid value parsing of OCSP revocation reason by @​danpashin in rust-openssl/rust-openssl#2523
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in rust-openssl/rust-openssl#2524
• Bump aws-lc-sys from 0.27 to 0.34 by @​goffrie in rust-openssl/rust-openssl#2526
• Expose X509_NAME_dup on all versions of OpenSSL by @​alex in rust-openssl/rust-openssl#2529
• Unconditionally expose some *_dup() functions by @​botovq in rust-openssl/rust-openssl#2530
• reintroduce dir_name support for subject_alt_names by @​mqqz in rust-openssl/rust-openssl#2528
• Fix cipher comparison with NID instead of pointers by @​lwestlund in rust-openssl/rust-openssl#2531
• Remove ASN1_STRING_data for LibreSSL 4.3.0 by @​botovq in rust-openssl/rust-openssl#2534
• drop openssl 1.0.2 by @​alex in rust-openssl/rust-openssl#2545
• Bump actions/cache from 4 to 5 by @​dependabot[bot] in rust-openssl/rust-openssl#2542
• Add Debug implementation for EcdsaSig{,Ref} by @​buytenh in rust-openssl/rust-openssl#2540
• Add HKDF support by @​Zenkibou in rust-openssl/rust-openssl#2543
• Enhance Debug implementation for Nid by @​buytenh in rust-openssl/rust-openssl#2547
• Remove X509_VERIFY_PARAM_ID for LibreSSL 4.3.0 by @​botovq in rust-openssl/rust-openssl#2549

... (truncated)

Commits

• a6debf5 Release openssl v0.10.78 and openssl-sys v0.9.114 (#2609)
• 09b425e Check derive output buffer length on OpenSSL 1.1.x (#2606)
• 826c388 Error for short out in MdCtxRef::digest_final() (#2608)
• 1d10902 Validate callback-returned lengths in PSK and cookie trampolines (#2607)
• 5af6895 Reject oversized length returns from password callback trampoline (#2605)
• 718d07f fix inverted bounds assertion in AES key unwrap (#2604)
• 53cc69d Add support for LibreSSL 4.3.x (#2603)
• 0b41e79 Fix dangling stack pointer in custom extension add callback (#2599)
• cbdedf8 Avoid panic for overlong OIDs (#2598)
• 1fc51ef openssl 4 support (#2591)
• Additional commits viewable in compare view

Updates x509-parser from 0.18.0 to 0.18.1

Commits

• See full diff in compare view

Updates reqwest from 0.13.1 to 0.13.3

Release notes

Sourced from reqwest's releases.

v0.13.3

tl;dr

• Fix CertificateRevocationList parsing of PEM values.
• Fix logging in resolver to only show host, not full URL.
• Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
• Fix HTTP/3 to handle STOP_SENDING as not an error.
• Fix HTTP/3 pool to remove timed out QUIC connections.
• Fix HTTP/3 connection establishment picking IPv4 and IPv6.
• Upgrade rustls-platform-verifier.
• (wasm) Only use wasm-bindgen on unknown-* targets.

What's Changed

• Update docs.rs Features by @​JamesWiresmith in seanmonstar/reqwest#2961
• fix: fallback to hickory_resolver's default config if reading /etc/resolv.conf fails by @​monosans in seanmonstar/reqwest#2797
• fix: remove timeout con by @​cuiweixie in seanmonstar/reqwest#2967
• http3: handle stop_sending without error by @​anuraaga in seanmonstar/reqwest#2978
• resolve: debug log to change only host by @​lms0806 in seanmonstar/reqwest#2992
• Edit reference link by @​lms0806 in seanmonstar/reqwest#2996
• docs: more accurate about default HTTP2 window sizes by @​seanmonstar in seanmonstar/reqwest#3007
• [HTTP/3] Optimize IPv6 fallback and enforce HTTPS scheme #2911 by @​lyuzichong in seanmonstar/reqwest#3006
• Upgrade rustls-platform-verifier by @​jplatte in seanmonstar/reqwest#3010
• use wasm-bindgen ecosystem only for wasm32-unknown-* target by @​Ludea in seanmonstar/reqwest#3000
• fix rustls crl pem parsing by @​Threated in seanmonstar/reqwest#3013
• docs(retry): include ReqRep in docsrs by @​seanmonstar in seanmonstar/reqwest#3020

New Contributors

• @​JamesWiresmith made their first contribution in seanmonstar/reqwest#2961
• @​monosans made their first contribution in seanmonstar/reqwest#2797
• @​cuiweixie made their first contribution in seanmonstar/reqwest#2967
• @​anuraaga made their first contribution in seanmonstar/reqwest#2978
• @​lms0806 made their first contribution in seanmonstar/reqwest#2992
• @​lyuzichong made their first contribution in seanmonstar/reqwest#3006
• @​Ludea made their first contribution in seanmonstar/reqwest#3000

Full Changelog: seanmonstar/reqwest@v0.13.2...v0.13.3

v0.13.2

tl;dr

• Fix HTTP/2 and native-tls ALPN feature combinations.
• Fix HTTP/3 to send h3 ALPN.
• (wasm) fix RequestBuilder::json() from override previously set content-type.

What's Changed

• chore(deps): bump actions/checkout from 5 to 6 by @​dependabot[bot] in seanmonstar/reqwest#2921
• Update readme for 0.13 by @​VojtaStanek in seanmonstar/reqwest#2926
• fix http2 feature is not enabled for "native-tls" by @​fox0 in seanmonstar/reqwest#2927
• chore(deps): remove unused webpki-roots and rustls-native-certs by @​seanmonstar in seanmonstar/reqwest#2932
• docs: native-tls-alpn has changed to native-tls-no-alpn by @​seanmonstar in seanmonstar/reqwest#2940

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.13.3

• Fix CertificateRevocationList parsing of PEM values.
• Fix logging in resolver to only show host, not full URL.
• Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
• Fix HTTP/3 to handle STOP_SENDING as not an error.
• Fix HTTP/3 pool to remove timed out QUIC connections.
• Fix HTTP/3 connection establishment picking IPv4 and IPv6.
• Upgrade rustls-platform-verifier.
• (wasm) Only use wasm-bindgen on unknown-* targets.

v0.13.2

• Fix HTTP/2 and native-tls ALPN feature combinations.
• Fix HTTP/3 to send h3 ALPN.
• (wasm) fix RequestBuilder::json() from override previously set content-type.

Commits

• a9a88c4 v0.13.3
• f3f6d9d docs(retry): include ReqRep in docsrs (#3020)
• 5f9c231 fix rustls CRL PEM parsing (#3013)
• 11d835d use wasm-bindgen ecosystem only for wasm32-unknown-* target (#3000)
• 1f72916 Upgrade rustls-platform-verifier (#3010)
• 5d5bf35 [HTTP/3] Optimize IPv6 fallback and enforce HTTPS scheme #2911 (#3006)
• 93dc1b2 docs: more accurate about default HTTP2 window sizes (#3007)
• c5e50f0 docs: update outdated link in comments
• b25611f resolve: debug log to change only host (#2992)
• ca1f479 http3: handle stop_sending without error (#2978)
• Additional commits viewable in compare view

Updates rand from 0.9.2 to 0.10.1

Changelog

Sourced from rand's changelog.

[0.10.1] — 2026-02-11

This release includes a fix for a soundness bug; see #1763.

Changes

• Document panic behavior of make_rng and add #[track_caller] (#1761)
• Deprecate feature log (#1763)

#1761: rust-random/rand#1761 #1763: rust-random/rand#1763

[0.10.0] - 2026-02-08

Changes

• The dependency on rand_chacha has been replaced with a dependency on chacha20. This changes the implementation behind StdRng, but the output remains the same. There may be some API breakage when using the ChaCha-types directly as these are now the ones in chacha20 instead of rand_chacha (#1642).
• Rename fns IndexedRandom::choose_multiple -> sample, choose_multiple_array -> sample_array, choose_multiple_weighted -> sample_weighted, struct SliceChooseIter -> IndexedSamples and fns IteratorRandom::choose_multiple -> sample, choose_multiple_fill -> sample_fill (#1632)
• Use Edition 2024 and MSRV 1.85 (#1653)
• Let Fill be implemented for element types, not sliceable types (#1652)
• Fix OsError::raw_os_error on UEFI targets by returning Option<usize> (#1665)
• Replace fn TryRngCore::read_adapter(..) -> RngReadAdapter with simpler struct RngReader (#1669)
• Remove fns SeedableRng::from_os_rng, try_from_os_rng (#1674)
• Remove Clone support for StdRng, ReseedingRng (#1677)
• Use postcard instead of bincode to test the serde feature (#1693)
• Avoid excessive allocation in IteratorRandom::sample when amount is much larger than iterator size (#1695)
• Rename os_rng -> sys_rng, OsRng -> SysRng, OsError -> SysError (#1697)
• Rename Rng -> RngExt as upstream rand_core has renamed RngCore -> Rng (#1717)

Additions

• Add fns IndexedRandom::choose_iter, choose_weighted_iter (#1632)
• Pub export Xoshiro128PlusPlus, Xoshiro256PlusPlus prngs (#1649)
• Pub export ChaCha8Rng, ChaCha12Rng, ChaCha20Rng behind chacha feature (#1659)
• Fn rand::make_rng() -> R where R: SeedableRng (#1734)

Removals

• Removed ReseedingRng (#1722)
• Removed unused feature "nightly" (#1732)
• Removed feature small_rng (#1732)

#1632: rust-random/rand#1632 #1642: rust-random/rand#1642 #1649: rust-random/rand#1649 #1652: rust-random/rand#1652 #1653: rust-random/rand#1653 #1659: rust-random/rand#1659 #1665: rust-random/rand#1665 #1669: rust-random/rand#1669 #1674: rust-random/rand#1674 #1677: rust-random/rand#1677 #1693: rust-random/rand#1693 #1695: rust-random/rand#1695 #1697: rust-random/rand#1697

... (truncated)

Commits

• 27ff4cb Prepare v0.10.1: deprecate feature log (#1763)
• 98d0638 make_rng: document panic and add #[track_caller] (#1761)
• 54e5eaa Fix doc error (#1758)
• 1ce4c08 Bump itoa from 1.0.17 to 1.0.18 in the all-deps group (#1756)
• ccb734b docs: fix typo in doc comment (#1754)
• 357eb7d Bump libc from 0.2.182 to 0.2.183 in the all-deps group (#1753)
• 5e77fe5 Fix trait references in documentation (#1752)
• da89185 Bump the all-deps group with 3 updates (#1751)
• 50516ff Bump the all-deps group with 2 updates (#1749)
• fd71de9 Bump the all-deps group with 2 updates (#1747)
• Additional commits viewable in compare view

Updates tss-esapi from 7.6.0 to 7.7.0

Release notes

Sourced from tss-esapi's releases.

tss-esapi v7.7.0

What's Changed

• Bump bindgen to 0.72.1 (fix LLVM 22 compatibility) by @​sarroutbi in parallaxsecond/rust-tss-esapi#634
• Bump v7 by @​ionut-arm in parallaxsecond/rust-tss-esapi#637

New Contributors

• @​sarroutbi made their first contribution in parallaxsecond/rust-tss-esapi#634

Full Changelog: parallaxsecond/rust-tss-esapi@tss-esapi-7.6.0...tss-esapi-7.7.0

Commits

• 27d5063 Merge pull request #637 from ionut-arm/bump-v7
• 7b48ab8 Bump the two crates
• ec38d9d Bump dependencies
• 9f00756 Fix docs on MSRV
• d895933 Merge pull request #634 from sarroutbi/fix/bump-bindgen-for-llvm22
• 4c6e93a Remove run-ci-locally.sh
• 21325bd Resolve all clippy lints for latest rustc
• d95d157 Use MSRV env variable in ci.yml
• 4359a87 fix: bump valgrind CI to rustc 1.85.0
• ab6e74e bump MSRV to 1.85.0 and fix clippy lints
• Additional commits viewable in compare view

Updates assert_cmd from 2.1.2 to 2.2.1

Changelog

Sourced from assert_cmd's changelog.

[2.2.1] - 2026-04-17

Internal

• Dependency update

[2.2.0] - 2026-03-10

Compatibility

• Change cargo_bin bad paths to panics

[2.1.3] - 2026-03-10

Fixes

• Un-deprecate cargo_bin

Commits

• eea8a1c chore: Release assert_cmd version 2.2.1
• cd6828c docs: Update changelog
• c771f78 Merge pull request #286 from assert-rs/renovate/j178-prek-action-2.x
• 4d63465 chore(deps): Update j178/prek-action action to v2
• 4728aea Merge pull request #284 from sendittothenewts/anstream-v1
• d935ff8 chore: Release assert_cmd version 2.2.0
• 1631cf4 docs: Changelog
• 3137b55 Merge pull request #283 from epage/panic
• ebd79f1 fix(cargo): Panic, rather than return bad path
• 79c9b0d chore: Release assert_cmd version 2.1.3
• Additional commits viewable in compare view

Updates predicates from 3.1.3 to 3.1.4

Changelog

Sourced from predicates's changelog.

[3.1.4] - 2026-02-11

• Make BoxPredicate::find_case use the inner find_case implementation

Commits

• f54f2cd chore: Release
• ce8099e Merge pull request #200 from rynoV/master
• 34d11de docs: Update changelog
• a03ae99 feat: Make BoxPredicate::find_case use the inner find_case
• 9b59897 test: Add test for BoxPredicate::find_case
• 45f4333 Merge pull request #201 from assert-rs/renovate/crate-ci-typos-1.x
• b9c965b chore(deps): Update pre-commit hook crate-ci/typos to v1.42.3
• 0d9cf08 Merge pull request #199 from epage/template
• 9968b8a chore: Update from _rust template
• e4f2b35 chore(ci): Update action
• Additional commits viewable in compare view

Updates tempfile from 3.24.0 to 3.27.0

Changelog

Sourced from tempfile's changelog.

3.27.0

This release adds TempPath::try_from_path and deprecates TempPath::from_path.

Prior to this release, TempPath::from_path made no attempts to convert relative paths into absolute paths. The following code would have deleted the wrong file:

let tmp_path = TempPath::from_path("foo")
std::env::set_current_dir("/some/other/path").unwrap();
drop(tmp_path);

Now:

1. TempPath::from_path will attempt to convert relative paths into absolute paths. However, this isn't always possible as we need to call std::env::current_dir, which can fail. If we fail to convert the relative path to an absolute path, we simply keep the relative path.
2. The TempPath::try_from_path behaves exactly like TempPath::from_path, except that it returns an error if we fail to convert a relative path into an absolute path (or if the passed path is empty).

Neither function attempt to verify the existence of the file in question.

Thanks to @​meng-xu-cs for reporting this issue.

3.26.0

• Support NamedTempFile::persist on RedoxOS (#393) (thanks to @​Andy-Python-Programmer).

3.25.0

• Allow getrandom 0.4.x while retaining support for getrandom 0.3.x.

Commits

• 5c8fa12 chore: release 3.27.0
• e34e574 test: disable uds conflict test on redox
• 772c795 test: add CWD guards
• 2632fb9 fix: resolve relative paths when constructing TempPath
• 929a112 chore: release 3.26.0
• 29d6ac5 Add Redox OS CI (#394)
• 375067f doc(README): document supported platforms
• d353717 feat(redox): implement persist() (#393)
• 64114d7 Fix typos in documentation (#392)
• 9a38b8d chore: release 3.25.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions