Skip to content

deps: bump snow from 0.9.6 to 0.10.0#6321

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/cargo/snow-0.10.0
Open

deps: bump snow from 0.9.6 to 0.10.0#6321
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/cargo/snow-0.10.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 16, 2026
edited
Loading

Bumps snow from 0.9.6 to 0.10.0.

Release notes

Sourced from snow's releases.

v0.10.0

Quick Summary

snow is now no_std-friendly, with only one required dependency (subtle) now if you bring your own cryptographic provider, thank you @​complexspaces!

This release also sees some breaking API changes in the builder to further prevent misuse/abuse - more builder functions now return Result<Self, Error> instead of Self.

The P-256 curve is now also available as a non-default feature for those of you needing more curves in your life.

Finally, this release transitioned the snow codebase to Rust 2024 and has a new MSRV of 1.85.

New

Improvements

Migrating from 0.9

The main change you'll likely notice is the need to add expect(...) or ? to a few builder functions that have been updated to further limit the chance of misuse.

Here are the semver-breaking changes:

  • Builder function fallibility: more functions in the builder now return a Result to more explicitly prohibit calling the same setter twice.
  • DHChoice::Ed448 has been renamed to DHChoice::Curve448
  • Multiple new error enum variants have been added.

PRs

... (truncated)

Commits
  • 4bb43f5 meta: release 0.10.0
  • ee66c84 meta: release 0.10.0-beta.2
  • 315a4a8 rust 1.85 msrv updates
  • 08caaed remove unused byteorder dependency
  • 48d21aa feature-gate getrandom (enabled by default)
  • b6fe251 Remove direct dependency on rand and rand_core (#193)
  • edcc0da update rust edition to 2024
  • 659eeb7 meta: release 0.10.0-beta.1
  • 700b2cd update dependencies to latest RUSTSEC approved versions
  • e399e6b criterion 0.5 -> 0.6
  • Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Mar 16, 2026
@dependabot
deps: bump snow from 0.9.6 to 0.10.0
96ce747 
Bumps [snow](https://github.com/mcginty/snow) from 0.9.6 to 0.10.0.
- [Release notes](https://github.com/mcginty/snow/releases)
- [Commits](mcginty/snow@v0.9.6...v0.10.0)

---
updated-dependencies:
- dependency-name: snow
  dependency-version: 0.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/snow-0.10.0 branch from 6457233 to 96ce747 Compare April 13, 2026 08:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants