chore(deps): bump rand from 0.9.2 to 0.10.0 (#1075)

* chore(deps): bump rand from 0.9.2 to 0.10.0 Bumps [rand](https://github.com/rust-random/rand) from 0.9.2 to 0.10.0. - [Release notes](https://github.com/rust-random/rand/releases) - [Changelog](https://github.com/rust-random/rand/blob/master/CHANGELOG.md) - [Commits](https://github.com/rust-random/rand/compare/rand_core-0.9.2...0.10.0) --- updated-dependencies: - dependency-name: rand dependency-version: 0.10.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix(security): keep token generation compatible with rand 0.10 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Will Sarg <12886992+willsarg@users.noreply.github.com>
2026-02-20 05:29:23 -05:00 · 2026-02-20 05:29:23 -05:00 · b23c2e7ae6
commit b23c2e7ae6
parent bd7b59151a
3 changed files with 44 additions and 14 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -47,7 +47,7 @@ checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0"
 dependencies = [
 "cfg-if",
 "cipher",
- "cpufeatures",
+ "cpufeatures 0.2.17",
 ]
 [[package]]
@ -565,7 +565,7 @@ dependencies = [
 "cc",
 "cfg-if",
 "constant_time_eq",
- "cpufeatures",
+ "cpufeatures 0.2.17",
 ]
 [[package]]
@ -701,7 +701,18 @@ checksum = "c3613f74bd2eac03dad61bd53dbe620703d4371614fe0bc3b9f04dd36fe4e818"
 dependencies = [
 "cfg-if",
 "cipher",
- "cpufeatures",
+ "cpufeatures 0.2.17",
 ]
 [[package]]
 name = "chacha20"
 version = "0.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6f8d983286843e49675a4b7a2d174efe136dc93a18d69130dd18198a6c167601"
 dependencies = [
 "cfg-if",
 "cpufeatures 0.3.0",
 "rand_core 0.10.0",
 ]
 [[package]]
@ -711,7 +722,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "10cd79432192d1c0f4e1a0fef9527696cc039165d729fb41b3f4f4f354c2dc35"
 dependencies = [
 "aead",
- "chacha20",
+ "chacha20 0.9.1",
 "cipher",
 "poly1305",
 "zeroize",
@ -987,6 +998,15 @@ dependencies = [
 "libc",
 ]
 [[package]]
 name = "cpufeatures"
 version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8b2a41393f66f16b0823bb79094d54ac5fbd34ab292ddafb9a0456ac9f87d201"
 dependencies = [
 "libc",
 ]
 [[package]]
 name = "crc32fast"
 version = "1.5.0"
@ -1131,7 +1151,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be"
 dependencies = [
 "cfg-if",
- "cpufeatures",
+ "cpufeatures 0.2.17",
 "curve25519-dalek-derive",
 "digest",
 "fiat-crypto",
@ -1985,6 +2005,7 @@ dependencies = [
 "cfg-if",
 "libc",
 "r-efi",
 "rand_core 0.10.0",
 "wasip2",
 "wasip3",
 ]
@ -4117,7 +4138,7 @@ version = "0.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8159bd90725d2df49889a078b54f4f79e87f1f8a8444194cdca81d38f5393abf"
 dependencies = [
- "cpufeatures",
+ "cpufeatures 0.2.17",
 "opaque-debug",
 "universal-hash",
 ]
@ -4129,7 +4150,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9d1fe60d06143b2430aa532c94cfe9e29783047f06c0d7fd359a9a51b729fa25"
 dependencies = [
 "cfg-if",
- "cpufeatures",
+ "cpufeatures 0.2.17",
 "opaque-debug",
 "universal-hash",
 ]
@ -4562,6 +4583,17 @@ dependencies = [
 "rand_core 0.9.5",
 ]
 [[package]]
 name = "rand"
 version = "0.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bc266eb313df6c5c09c1c7b1fbe2510961e5bcd3add930c1e31f7ed9da0feff8"
 dependencies = [
 "chacha20 0.10.0",
 "getrandom 0.4.1",
 "rand_core 0.10.0",
 ]
 [[package]]
 name = "rand_chacha"
 version = "0.3.1"
@ -5401,7 +5433,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba"
 dependencies = [
 "cfg-if",
- "cpufeatures",
+ "cpufeatures 0.2.17",
 "digest",
 ]
@ -5412,7 +5444,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283"
 dependencies = [
 "cfg-if",
- "cpufeatures",
+ "cpufeatures 0.2.17",
 "digest",
 ]
@ -7562,7 +7594,7 @@ dependencies = [
 "probe-rs",
 "prometheus",
 "prost 0.14.3",
- "rand 0.9.2",
+ "rand 0.10.0",
 "regex",
 "reqwest",
 "ring",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -72,7 +72,7 @@ sha2 = "0.10"
 hex = "0.4"
 # CSPRNG for secure token generation
-rand = "0.9"
+rand = "0.10"
 # serde-big-array for wa-rs storage (large array serialization)
 serde-big-array = { version = "0.5", optional = true }
--- a/src/security/pairing.rs
+++ b/src/security/pairing.rs
@ -215,9 +215,7 @@ fn generate_code() -> String {
 /// on macOS). The 32 random bytes (256 bits) are hex-encoded for a
 /// 64-character token, providing 256 bits of entropy.
 fn generate_token() -> String {
-    use rand::RngCore;
+    let bytes: [u8; 32] = rand::random();
    let mut bytes = [0u8; 32];
    rand::rng().fill_bytes(&mut bytes);
    format!("zc_{}", hex::encode(bytes))
 }