From 7a1a2cbdab154fa387215dbcffcb22a52b9fa5d2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 May 2026 03:32:36 +0000
Subject: [PATCH] build(deps): bump jsonwebtoken in the security group across 1
 directory

Bumps the security group with 1 update in the / directory: [jsonwebtoken](https://github.com/Keats/jsonwebtoken).


Updates `jsonwebtoken` from 9.3.1 to 10.3.0
- [Changelog](https://github.com/Keats/jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Keats/jsonwebtoken/compare/v9.3.1...v10.3.0)

---
updated-dependencies:
- dependency-name: jsonwebtoken
  dependency-version: 10.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: security
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 Cargo.lock | 30 +++++++++++++++++++++++-------
 Cargo.toml |  2 +-
 2 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 5e5995d..7094582 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1268,7 +1268,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4b0f83760fb341a774ed326568e19f5a863af4a952def8c39f9ab92fd95b88e5"
 dependencies = [
  "equivalent",
- "hashbrown 0.15.5",
+ "hashbrown 0.16.1",
  "serde",
  "serde_core",
 ]
@@ -1308,17 +1308,19 @@ dependencies = [
 
 [[package]]
 name = "jsonwebtoken"
-version = "9.3.1"
+version = "10.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5a87cc7a48537badeae96744432de36f4be2b4a34a05a5ef32e9dd8a1c169dde"
+checksum = "eba32bfb4ffdeaca3e34431072faf01745c9b26d25504aa7a6cf5684334fc4fc"
 dependencies = [
  "base64",
+ "getrandom 0.2.16",
  "js-sys",
  "pem",
- "ring",
  "serde",
  "serde_json",
+ "signature",
  "simple_asn1",
+ "zeroize",
 ]
 
 [[package]]
@@ -1785,7 +1787,7 @@ dependencies = [
  "once_cell",
  "socket2",
  "tracing",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -3638,9 +3640,23 @@ dependencies = [
 
 [[package]]
 name = "zeroize"
-version = "1.8.1"
+version = "1.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0"
+dependencies = [
+ "zeroize_derive",
+]
+
+[[package]]
+name = "zeroize_derive"
+version = "1.4.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde"
+checksum = "85a5b4158499876c763cb03bc4e49185d3cccbabb15b33c627f7884f43db852e"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
 
 [[package]]
 name = "zerotrie"
diff --git a/Cargo.toml b/Cargo.toml
index adc92ba..364da23 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -48,7 +48,7 @@ bytes = "1"
 
 # Auth & Security (placeholders for later)
 argon2 = "0.5"
-jsonwebtoken = "9"
+jsonwebtoken = "10"
 rand = "0.10"
 
 # HTTP Client