chore: bump the all-deps group with 3 updates

[dependabot]

Bumps the all-deps group with 3 updates: tokio, aws-lc-rs and ctor.

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• Additional commits viewable in compare view

Updates aws-lc-rs from 1.16.3 to 1.17.0

Release notes

Sourced from aws-lc-rs's releases.

aws-lc-rs v1.17.0

What's Changed

• Add opt-in legacy DES cipher support behind a legacy-des feature by @​qzh0223 in aws/aws-lc-rs#1109 and aws/aws-lc-rs#1122
  • Provides 2TDEA, 3TDEA, and single DES support. This is gated behind the legacy-des feature flag and intended only for interoperability with legacy systems.
• Add AsDer and ParsedPublicKey conversion for RSA PublicKeyComponents by @​MavenRain in aws/aws-lc-rs#1105
  • PublicKeyComponents<B> now implements AsDer<PublicKeyX509Der> and can be converted to ParsedPublicKey for use with signature verification APIs.
• Add LessSafeKey::open_in_place_separate_tag by @​wpt-oai in aws/aws-lc-rs#1116
  • Enables AEAD decryption when the authentication tag is stored separately from the ciphertext, complementing the existing seal_in_place_separate_tag.
• Add zig compiler support and CI coverage by @​justsmth in aws/aws-lc-rs#1103
  • Resolves long-standing issues with cross-compilation using cargo-zigbuild. The build script now correctly handles zig's compiler flags, and CI coverage has been added to prevent regressions.

Build Improvements

• Fix jitterentropy CFLAGS filtering for HOST_CFLAGS and TARGET_CFLAGS by @​justsmth in aws/aws-lc-rs#1106
  • Fixes build failures (e.g., FreeBSD qdrant) where optimization flags leaked into the jitterentropy compilation, which must be built without optimizations.
• Add ML-DSA x86_64 native assembly to CC builder scripts by @​jakemas in aws/aws-lc-rs#1110
• Fix support for building with MinGW on Windows 7 by @​justsmth in aws/aws-lc-rs#1120
  • Fixes the x86_64-win7-windows-gnu target by addressing MinGW-specific compatibility issues.

Issues Being Closed

• Add API to convert rsa::PublicKeyComponents into signature::ParsedPublicKey and/or DER encoded bytes -- aws/aws-lc-rs#1055
• The CPU Jitter RNG must not be compiled with optimizations (FreeBSD qdrant build failure) -- aws/aws-lc-rs#1097
• Windows 7 support for MinGW (x86_64-win7-windows-gnu target) -- aws/aws-lc-rs#1111
• -Wp,-U breaks cross-builds using zig cc -- aws/aws-lc-rs#993
• Failure to cross-compile for Windows on macOS with cargo-zigbuild -- aws/aws-lc-rs#512
• Zigbuild: Unable to build using cargo-zigbuild for arm targets -- aws/aws-lc-rs#931

Other Merged PRs

• Prepare aws-lc-sys v0.41.0 by @​justsmth in aws/aws-lc-rs#1117
• Bump actions/checkout from 4 to 6 by @​dependabot[bot] in aws/aws-lc-rs#1102
• Bump actions/dependency-review-action from 4 to 5 by @​dependabot[bot] in aws/aws-lc-rs#1118
• Fix nightly clippy warnings by @​justsmth in aws/aws-lc-rs#1112
• Prepare aws-lc-rs v1.17.0 by @​justsmth in aws/aws-lc-rs#1121
• Fix rustfmt by @​justsmth in aws/aws-lc-rs#1123

New Contributors

• @​jakemas made their first contribution in aws/aws-lc-rs#1110
• @​qzh0223 made their first contribution in aws/aws-lc-rs#1109
• @​MavenRain made their first contribution in aws/aws-lc-rs#1105
• @​wpt-oai made their first contribution in aws/aws-lc-rs#1116

Full Changelog: aws/aws-lc-rs@v1.16.3...v1.17.0

Commits

• 2201001 Fix rustfmt (#1123)
• 1ed08ba Add single DES support and rename legacy-3des feature to legacy-des (#1122)
• 889047e Prepare aws-lc-rs v1.17.0 (#1121)
• 4fdf672 fix: support building with MinGW on Windows 7 (#1120)
• 1cbe889 Adds LessSafeKey::open_in_place_separate_tag (#1116)
• ce8bccc Bump actions/dependency-review-action from 4 to 5 (#1118)
• aac6ebd Prepare aws lc sys 0.41.0 (#1117)
• 3cb6cfd Add AsDer and ParsedPublicKey conversion for RSA PublicKeyComponents (#1105)
• 54a222f Fix clippy warnings: inline format args, remove redundant borrows, use assert...
• c9c9bc6 Add opt-in 2TDEA and 3TDEA cipher support behind a legacy-3des feature (#1109)
• Additional commits viewable in compare view

Updates ctor from 0.11.1 to 1.0.7

Release notes

Sourced from ctor's releases.

ctor-1.0.7

What's Changed

• Bump downstream link-section crate version and API updates.
• Better error messages on bad attributes.

Full Changelog: mmastrac/linktime@ctor-1.0.6...ctor-1.0.7

ctor-1.0.6

What's Changed

Changed

• Bump link-section dependency to 0.17.0.
• MSRV bumped to 1.85.0 (if priority feature is enabled), otherwise remains at 1.60.0.
  • To restore MSRV to 1.60.0, use ctor = { version = "1.0.6", default-features = false, features = ["proc_macro", "std"] } in your Cargo.toml.

Fixed

• #[ctor] requires significantly less macro recursion.

Full Changelog: mmastrac/linktime@ctor-1.0.5...ctor-1.0.6

ctor-1.0.5

What's Changed

• Ensure WASM meets MSRV of 1.85 by @​mmastrac in mmastrac/linktime#455

Full Changelog: mmastrac/linktime@ctor-1.0.4...ctor-1.0.5

ctor-1.0.4

What's Changed

• Use target_os=windows rather than target_vendor=pc by @​mmastrac in mmastrac/linktime#443
• Add uefi support (.init_array) by @​mmastrac in mmastrac/linktime#444
• Fall back to .init_array on unsupported platforms by @​mmastrac in mmastrac/linktime#445

Full Changelog: mmastrac/linktime@ctor-1.0.3...ctor-1.0.4

ctor-1.0.3

What's Changed

• Fix unsafe C library access with default priority value by @​mmastrac in mmastrac/linktime#442

Other changes

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions