chore(deps): bump the root-deps group across 1 directory with 12 updates

[dependabot]

Bumps the root-deps group with 10 updates in the / directory:

Package	From	To
ecdsa	0.17.0-rc.17	0.17.0-rc.18
rsa	0.10.0-rc.17	0.10.0-rc.18
rustls	0.23.38	0.23.40
cc	1.2.60	1.2.61
cpubits	0.1.0	0.1.1
ed25519	3.0.0-rc.4	3.0.0-rc.5
hybrid-array	0.4.10	0.4.11
libc	0.2.185	0.2.186
rustls-pki-types	1.14.0	1.14.1
rustls-webpki	0.103.12	0.103.13

Updates ecdsa from 0.17.0-rc.17 to 0.17.0-rc.18

Commits

• 58bae19 Cut new prereleases (#1319)
• 2eadc3c ml-dsa: bump module-lattice to v0.2.2 (#1318)
• 452633d ecdsa: bump elliptic-curve to v0.14.0-rc.32 (#1317)
• 86c035a Bump pkcs8 dependency to v0.11 (#1316)
• f873b8e build(deps): bump hybrid-array from 0.4.10 to 0.4.11 (#1314)
• d8b1875 Bump pkcs8 to v0.11.0-rc.12 (#1312)
• 00e6eed build(deps): bump typenum from 1.19.0 to 1.20.0 (#1306)
• f93d502 ml-dsa: fix unreachable_pub lint by making Eta pub (#1311)
• 0efe0f8 ecdsa: use absolute 128-bit floor for bits2field (#1310)
• See full diff in compare view

Updates pkcs8 from 0.11.0-rc.11 to 0.11.0

Commits

• a582243 pkcs8 v0.11.0 (#2314)
• 6f2ea3e der: disable wasmtime tests (#2315)
• 055d258 pkcs8 v0.11.0-rc.12 (#2312)
• 7d69c45 pkcs8: getrandom feature (#2311)
• 381e23c pkcs8: use TryCryptoRng instead of CryptoRng (#2309)
• 77c386e pkcs8: replace subtle with ctutils (#2308)
• 967d9f1 pkcs8: add KeyError enum (#2305)
• 1a52afe pkcs8: impl Decode/EncodePrivateKey for PrivateKeyInfoOwned (#2306)
• e65d751 pkcs8: enable workspace-level lint config (#2304)
• c50f584 pkcs5: build with all-features = true on docs.rs (#2303)
• Additional commits viewable in compare view

Updates rsa from 0.10.0-rc.17 to 0.10.0-rc.18

Commits

• e31a020 v0.10.0-rc.18 (#689)
• 113a5e9 Bump pkcs8 depenency to v0.11 (#688)
• ecd32e3 Use pkcs8::KeyError (#687)
• 6ca073e Bump spki crate dependency to v0.8 (#684)
• f987d5f Bump sha1, sha2, and sha3 to v0.11 (#683)
• 6cb20e9 Cargo.lock: bump dependencies (#682)
• 6c438f4 Raise max modulus size to 8192-bits (#681)
• See full diff in compare view

Updates rustls from 0.23.38 to 0.23.40

Commits

• b44c09f Prepare 0.23.40
• e7a555f Prefer Ord::max to core::cmp
• c0005be ech: base inner name padding on actual extension
• 4e49529 ech: test inner name padding
• 3e06ef1 ech: add both name and "gross" padding
• c574ffd ech: avoid short-lived allocation for padding
• 8bf935c ech: pop comment from match arm
• 9088004 ech: expand maximum_name_length to usize ASAP
• a612901 Default require_ems based on CryptoProvider FIPS status
• 0541605 Cargo: version 0.23.38 -> 0.23.39
• Additional commits viewable in compare view

Updates cc from 1.2.60 to 1.2.61

Release notes

Sourced from cc's releases.

cc-v1.2.61

Other

• fix OutputKind::Capture documentation (#1705)

Changelog

Sourced from cc's changelog.

1.2.61 - 2026-04-24

Other

• fix OutputKind::Capture documentation (#1705)

Commits

• 360f691 chore(cc): release v1.2.61 (#1707)
• 17a2788 Bump taiki-e/install-action from 2.75.16 to 2.75.17 (#1706)
• da52db7 command_helpers.rs: fix OutputKind::Capture documentation (#1705)
• ee64d58 Bump taiki-e/install-action from 2.75.4 to 2.75.5 (#1703)
• 78cf7e4 CI: Hash-pin all actions, apply other suggestions from zizmor (#1702)
• See full diff in compare view

Updates cpubits from 0.1.0 to 0.1.1

Commits

• bff92a8 cpubits v0.1.1 (#1475)
• 5f2ee92 build(deps): bump rand from 0.9.2 to 0.9.4 (#1476)
• 8320527 build(deps): bump hybrid-array from 0.4.10 to 0.4.11 (#1473)
• cf5a73a dbl: remove MSRV policy section from readme
• 13952b9 Fix output for 16-bit targets (#1470)
• 53f7fc3 ctutils v0.4.2 (#1469)
• 9c43209 build(deps): bump proptest from 1.10.0 to 1.11.0 (#1460)
• 24d7f8b digest-io: fix release date of v0.1.0 (#1468)
• 416ddb0 Release digest-io v0.1.0 (#1462)
• 3d85afd cmov v0.5.3 (#1467)
• Additional commits viewable in compare view

Updates ed25519 from 3.0.0-rc.4 to 3.0.0-rc.5

Commits

• 58bae19 Cut new prereleases (#1319)
• 2eadc3c ml-dsa: bump module-lattice to v0.2.2 (#1318)
• 452633d ecdsa: bump elliptic-curve to v0.14.0-rc.32 (#1317)
• 86c035a Bump pkcs8 dependency to v0.11 (#1316)
• f873b8e build(deps): bump hybrid-array from 0.4.10 to 0.4.11 (#1314)
• d8b1875 Bump pkcs8 to v0.11.0-rc.12 (#1312)
• 00e6eed build(deps): bump typenum from 1.19.0 to 1.20.0 (#1306)
• f93d502 ml-dsa: fix unreachable_pub lint by making Eta pub (#1311)
• 0efe0f8 ecdsa: use absolute 128-bit floor for bits2field (#1310)
• f467f70 ecdsa v0.17.0-rc.17 (#1304)
• Additional commits viewable in compare view

Updates elliptic-curve from 0.14.0-rc.31 to 0.14.0-rc.32

Commits

• c6d4dd7 elliptic-curve v0.14.0-rc.32 (#2399)
• f2069a2 elliptic-curve: bump pkcs8 to v0.11 (#2397)
• 8250383 elliptic-curve: bump pkcs8 to v0.11.0-rc.12 (#2396)
• 54e464f signature: remove long-winded intro section in rustdoc (#2392)
• 5cb62a4 signature: enable/fix workspace-level lints; reformat docs (#2391)
• 375378f elliptic-curve: consistent PKCS#8 / SEC1 naming in secret_key.rs (#2388)
• 30a48ab elliptic-curve: add mul_by_generator(_vartime) benchmarks (#2389)
• f7e7c3d Implement SecretKey::from_pem to decode variety of keys (#2387)
• See full diff in compare view

Updates hybrid-array from 0.4.10 to 0.4.11

Changelog

Sourced from hybrid-array's changelog.

0.4.11 (2026-04-24)

Added

• HPKE Hybrid KEM sizes (#218)

Removed

• Clone bounds on Box/Vec conversions (#209)

#209: RustCrypto/hybrid-array#209 #218: RustCrypto/hybrid-array#218

Commits

• bd89049 v0.4.11 (#219)
• 343190c Add HPKE Hybrid KEM sizes (#218)
• 15f74ea Bump typenum from 1.19.0 to 1.20.0 (#217)
• 73d6e70 .codecov.yml: bump coverage target to 100% (#216)
• 9253a53 Add tests for Arbitrary impl on Array (#215)
• fb2957e Add tests for Hash impl (#214)
• b3b36c6 Add tests for serde impl's Visitor::expected (#213)
• 25d2b78 Add tests for TryFrom\<&Box> and ...&Vec> for Array (#212)
• dd850e2 Add tests for Zeroize impl (#211)
• eddb29c Add tests for (Partial)Ord impls (#210)
• Additional commits viewable in compare view

Updates libc from 0.2.185 to 0.2.186

Release notes

Sourced from libc's releases.

0.2.186

Added

• Apple: Add KEVENT_FLAG_* constants (#5070)
• Linux: Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE (#5060)

Changed

• CI: Migrate FreeBSD CI from Cirrus CI to GitHub Actions (#5058)

Changelog

Sourced from libc's changelog.

0.2.186 - 2026-04-24

Added

• Apple: Add KEVENT_FLAG_* constants (#5070)
• Linux: Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE (#5060)

Changed

• CI: Migrate FreeBSD CI from Cirrus CI to GitHub Actions (#5058)

Commits

• 42620ff [0.2] libc: Release 0.2.186
• 9db2eaa apple: add KEVENT_FLAG_* constants
• 3840939 Add PR_SET_MEMORY_MERGE and PR_GET_MEMORY_MERGE for linux
• f697deb chore: migrate from Cirrus CI to GHA
• See full diff in compare view

Updates rustls-pki-types from 1.14.0 to 1.14.1

Release notes

Sourced from rustls-pki-types's releases.

1.14.1

Parsing PEM will now error for PEM sections larger than 256 MB in size, to avoid running out of memory during parsing. The limit was chosen based on historical data from large certificate revocation lists from the web PKI.

What's Changed

• Remove mention of rustls-pemfile from docs by @​ranile in rustls/pki-types#103
• Update ECH reference to RFC9849 by @​ctz in rustls/pki-types#104
• pem: error for sections that are too large by @​djc in rustls/pki-types#106
• Update ECH reference to RFC 9849 by @​ctz in rustls/pki-types#107
• Adjust PEM size limit to account for huge CRLs by @​ctz in rustls/pki-types#108

Commits

• bb3c1da Adjust PEM size limit to account for huge CRLs
• 20bcfe1 Bump version to 1.14.1
• b796d3d pem: error for sections that are too large
• 422d8cf Update ECH reference to RFC 9849
• 14ce65c Remove mention of rustls-pemfile from docs
• See full diff in compare view

Updates rustls-webpki from 0.103.12 to 0.103.13

Release notes

Sourced from rustls-webpki's releases.

0.103.13

• Fix reachable panic in parsing a CRL. This was reported to us as GHSA-82j2-j2ch-gfr8. Users who don't use CRLs are not affected.
• For name constraints on URI names, we incorrectly processed excluded subtrees in a way which inverted the desired meaning. See rustls/webpki#471. This was a case missing in the fix for GHSA-965h-392x-2mh5.

What's Changed

• Actually fail closed for URI matching against excluded subtrees by @​djc in rustls/webpki#473
• Prepare 0.103.13 by @​ctz in rustls/webpki#474

Full Changelog: rustls/webpki@v/0.103.12...v/0.103.13

Commits

• 2879b2c Prepare 0.103.13
• 2c49773 Improve tests for padding of BitStringFlags
• 4e3c0b3 Correct validation of BIT STRING constraints
• 39c91d2 Actually fail closed for URI matching against excluded subtrees
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions