build(deps): bump the tauri-rust-dependencies group in /apps/desktop/src-tauri with 8 updates

[dependabot]

Bumps the tauri-rust-dependencies group in /apps/desktop/src-tauri with 8 updates:

Package	From	To
tauri	2.10.2	2.10.3
tauri-plugin-fs	2.4.5	2.5.0
tauri-plugin-dialog	2.6.0	2.7.0
window-vibrancy	0.6.0	0.7.1
alloy	1.7.3	2.0.1
typenum	1.19.0	1.20.0
revm	34.0.0	38.0.0
tauri-build	2.5.5	2.5.6

Updates tauri from 2.10.2 to 2.10.3

Release notes

Sourced from tauri's releases.

tauri v2.10.3

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 941 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1052 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.54.0
    │   └── tauri-runtime-wry 2.10.1
    │       └── tauri 2.10.3
    │           ├── tauri-utils 2.8.3
    │           │   ├── tauri-schema-generator 0.0.0
    │           │   ├── tauri-runtime-wry 2.10.1
    │           │   ├── tauri-runtime 2.10.1
    │           │   │   ├── tauri-runtime-wry 2.10.1
    │           │   │   └── tauri 2.10.3
    │           │   ├── tauri-plugin 2.5.4
    │           │   │   ├── tauri-plugin-sample 0.1.0
    │           │   │   │   └── api 0.1.0
    │           │   │   └── tauri-plugin-log 2.6.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-macros 2.5.5
    │           │   │   └── tauri 2.10.3
    │           │   ├── tauri-codegen 2.5.5
    │           │   │   ├── tauri-macros 2.5.5
    │           │   │   └── tauri-build 2.5.6
    │           │   │       ├── tauri-file-associations-demo 0.1.0
    │           │   │       ├── tauri 2.10.3
    │           │   │       ├── resources 0.1.0
    │           │   │       ├── bench_helloworld 0.1.0
    │           │   │       ├── bench_files_transfer 0.1.0
    │           │   │       ├── bench_cpu_intensive 0.1.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-cli 2.10.1
    │           │   │   └── tauri-cli-node 0.0.0
    │           │   ├── tauri-bundler 2.8.1
    │           │   │   └── tauri-cli 2.10.1
    │           │   ├── tauri-build 2.5.6
</tr></table> 

... (truncated)

Commits

• 9b17a7a fix(ci): bump rustsec/audit-check to v2 and ignore time audit (#15030)
• d868279 apply version updates (#14897)
• 3a65cc6 fix(test): disable resolve_resource_dir on Android (#15026)
• 52cf195 refactor(cli): reduce some nesting code (#14844)
• c3cbff3 fix: resource path handles ./ path differently (#14662)
• 33754ae fix(cli): unusable empty password private keys (#15022)
• 3935dee Add AI tool policy to contributing guide (#15002)
• 33932a7 chore(deps-dev): bump svelte from 5.51.5 to 5.53.5 (#15015)
• 7d3c759 chore(deps): update dependency rollup to v4.59.0 (#15001)
• f20256b chore: fix clippy warnings (#14999)
• Additional commits viewable in compare view

Updates tauri-plugin-fs from 2.4.5 to 2.5.0

Release notes

Sourced from tauri-plugin-fs's releases.

dialog-js v2.5.0

[2.5.0]

• dff6fa98 (#3034 by @​onehumandev) Add pickerMode option to file picker (currently only used on iOS)

Dependencies

• Upgraded to fs-js@2.4.5

feat

• c23fa03f (#3098 by @​Lepidopteran) Add xdg-portal as an optional feature for rfd

npm warn Unknown user config "always-auth". This will stop working in the next major version of npm.
npm warn publish npm auto-corrected some errors in your package.json when publishing.  Please run "npm pkg fix" to address these errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an object
npm warn publish "repository.url" was normalized to "git+https://github.com/tauri-apps/plugins-workspace.git"
npm notice
npm notice 📦  @tauri-apps/plugin-dialog@2.5.0
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 3.5kB README.md
npm notice 6.4kB dist-js/index.cjs
npm notice 12.2kB dist-js/index.d.ts
npm notice 6.3kB dist-js/index.js
npm notice 11B dist-js/init.d.ts
npm notice 656B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-dialog
npm notice version: 2.5.0
npm notice filename: tauri-apps-plugin-dialog-2.5.0.tgz
npm notice package size: 5.8 kB
npm notice unpacked size: 30.0 kB
npm notice shasum: 52057077b52cc51643ac9829d48c2c590e5e1a54
npm notice integrity: sha512-I0R0ygwRd9AN8[...]lxPHD5vDcFjiA==
npm notice total files: 7
npm notice
npm notice Security Notice: Classic tokens have been revoked. Granular tokens are now limited to 90 days and require 2FA by default. Update your CI/CD workflows to avoid disruption. Learn more https://gh.io/all-npm-classic-tokens-revoked
npm notice Publishing to https://registry.npmjs.org/ with tag latest and public access
npm notice publish Signed provenance statement with source and build information from GitHub Actions
npm notice publish Provenance statement published to transparency log: https://search.sigstore.dev/?logIndex=804721691
+ @tauri-apps/plugin-dialog@2.5.0

... (truncated)

Commits

• d6a3898 Publish New Versions (v2) (#3268)
• 2e5bcdf chore(deps): fix audits (#3373)
• 4374b4f chore(notification): remove unused dev-deps (#3372)
• f75d21d chore(deps): remove used of tauri-utils build feature (#3360)
• 4b95f5e chore(deps): update dependency eslint to v10.1.0 (#3357)
• 99c3e37 chore(deps): bump tar in /plugins/updater/tests/updater-migration/v1-app (#3352)
• eaac19a chore(deps): update rust crate tar to v0.4.45 [security] (#3353)
• 5183e31 chore(deps): update dependency typescript-eslint to v8.57.1 (#3344)
• 2c0883e chore(deps): update dependency vite to v8 (#3346)
• 024ec0c fix(deep-link): ChromeOS deep link calls filtered and ignored by plugin (fix ...
• Additional commits viewable in compare view

Updates tauri-plugin-dialog from 2.6.0 to 2.7.0

Release notes

Sourced from tauri-plugin-dialog's releases.

dialog-js v2.7.0

[2.7.0]

• 24154472 (#3287 by @​Legend-Master) Re-use message command in Rust side for ask and confirm commands, allow-ask and allow-confirm permissions are now aliases to allow-message

Dependencies

• Upgraded to fs-js@2.5.0

npm warn Unknown user config "always-auth". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm warn publish npm auto-corrected some errors in your package.json when publishing.  Please run "npm pkg fix" to address these errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an object
npm warn publish "repository.url" was normalized to "git+https://github.com/tauri-apps/plugins-workspace.git"
npm notice
npm notice 📦  @tauri-apps/plugin-dialog@2.7.0
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 3.5kB README.md
npm notice 6.9kB dist-js/index.cjs
npm notice 14.6kB dist-js/index.d.ts
npm notice 6.8kB dist-js/index.js
npm notice 11B dist-js/init.d.ts
npm notice 657B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-dialog
npm notice version: 2.7.0
npm notice filename: tauri-apps-plugin-dialog-2.7.0.tgz
npm notice package size: 6.7 kB
npm notice unpacked size: 33.3 kB
npm notice shasum: b510ecd42d9900725eaf51f42ec98523c40d29b4
npm notice integrity: sha512-4nS/hfGMGCXiA[...]RtrKXkANKDHvw==
npm notice total files: 7
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and public access
npm notice publish Signed provenance statement with source and build information from GitHub Actions
npm notice publish Provenance statement published to transparency log: https://search.sigstore.dev/?logIndex=1235993203
+ @tauri-apps/plugin-dialog@2.7.0

dialog v2.7.0

[2.7.0]

• 24154472 (#3287 by @​Legend-Master) Re-use message command in Rust side for ask and confirm commands, allow-ask and allow-confirm permissions are now aliases to allow-message

... (truncated)

Commits

• 51b430b ci: delete .changes/updater-new-bundle-support.md
• fd439b1 Publish New Versions (v2) (#2964)
• 2522b71 fix(deep-link): revert the breaking change introduced by #2928 (#2970)
• 9021a73 chore(deps): update dependency rollup to v4.50.0 (#2966)
• 625bb1c feat(log): re-export the log crate (#2965)
• 6215afe chore(deps): update dependency rollup to v4.49.0 (#2962)
• 8cf8eea feat(updater): inject bundle_type into endpoint url (#2960)
• 509eba8 feat: support message dialogs with 3 buttons (#2641)
• 9ac5fe8 feat(updater): support bundle-specific targets (#2624)
• c247410 chore(deps): update dependency typescript-eslint to v8.41.0 (#2956)
• Additional commits viewable in compare view

Updates window-vibrancy from 0.6.0 to 0.7.1

Release notes

Sourced from window-vibrancy's releases.

window-vibrancy v0.7.1

[0.7.1]

bug

• 65f5d28 (#196 by @​FabianLars) Increased objc2-app-kit version to 0.3.2. No user facing changes because cargo already resolves to that version because of the enabled features.

Cargo Publish

\` Updating crates.io index Packaging window-vibrancy v0.7.1 (/home/runner/work/window-vibrancy/window-vibrancy) Updating crates.io index warning: package crossbeam-channel v0.5.14 in Cargo.lock is yanked in registry crates-io, consider updating to a version that is not yanked Packaged 34 files, 1.5MiB (1.3MiB compressed) Uploading window-vibrancy v0.7.1 (/home/runner/work/window-vibrancy/window-vibrancy) Uploaded window-vibrancy v0.7.1 to registry crates-io note: waiting for window-vibrancy v0.7.1 to be available at registry crates-io. You may press ctrl-c to skip waiting; the crate should be available shortly. Published window-vibrancy v0.7.1 at registry crates-io \`

window-vibrancy v0.7.0

[0.7.0]

enhance

• 5178609 (#191 by @​ahonn) Introduce macOS liquid glass support with apply_liquid_glass / clear_liquid_glass.

misc

• 5178609 (#191 by @​ahonn) Increased the MSRV to 1.77.

Cargo Publish

\` Updating crates.io index Packaging window-vibrancy v0.7.0 (/home/runner/work/window-vibrancy/window-vibrancy) Updating crates.io index warning: package crossbeam-channel v0.5.14 in Cargo.lock is yanked in registry crates-io, consider updating to a version that is not yanked Packaged 34 files, 1.5MiB (1.3MiB compressed) Uploading window-vibrancy v0.7.0 (/home/runner/work/window-vibrancy/window-vibrancy) Uploaded window-vibrancy v0.7.0 to registry crates-io note: waiting for window-vibrancy v0.7.0 to be available at registry crates-io. You may press ctrl-c to skip waiting; the crate should be available shortly. Published window-vibrancy v0.7.0 at registry crates-io \`

Changelog

Sourced from window-vibrancy's changelog.

[0.7.1]

bug

• 65f5d28 (#196 by @​FabianLars) Increased objc2-app-kit version to 0.3.2. No user facing changes because cargo already resolves to that version because of the enabled features.

[0.7.0]

enhance

• 5178609 (#191 by @​ahonn) Introduce macOS liquid glass support with apply_liquid_glass / clear_liquid_glass.

misc

• 5178609 (#191 by @​ahonn) Increased the MSRV to 1.77.

Commits

• 5e7ddd7 apply version updates (#197)
• 65f5d28 chore(deps): explicitly set objc2-app-kit to 0.3.2 (#196)
• a1c9b80 ci: refresh lockfile in postversion
• d21c932 apply version updates (#195)
• ad1dd4b ci: fix workflow syntax
• 41d8930 ci: use upstream create-pull-request action (#194)
• a1e7e75 chore(deps): update rust crate winit to 0.30 (#134)
• 3a5a51b chore(deps): update rust crate windows-version to v0.1.7 (#186)
• 4aa3c0c chore(deps): update rust crate tao to 0.34 (#154)
• 9fd17b5 chore(deps): update windows-sys to 0.60 (#193)
• Additional commits viewable in compare view

Updates alloy from 1.7.3 to 2.0.1

Release notes

Sourced from alloy's releases.

v2.0.1

What's Changed

• fix(provider): update test_anvil_set_time for corrected evm_setTime by @​stevencartavia in alloy-rs/alloy#3889
• fix(rpc-types-trace): add 0x prefix to storage keys and values in StructLog by @​figtracer in alloy-rs/alloy#3891
• fix: clear stderr buffer and break on EOF in geth reader thread by @​mattsse in alloy-rs/alloy#3888
• chore: added raw bal rpc by @​Rimeeeeee in alloy-rs/alloy#3892
• ci: pin actions to SHA and add dependabot cooldown by @​decofe in alloy-rs/alloy#3895
• chore(BAL): added from_block_slow_optional_bal by @​Rimeeeeee in alloy-rs/alloy#3898
• perf(consensus): avoid clones in ReceiptWithBloom::into_logs by @​Shresth79 in alloy-rs/alloy#3894
• feat(provider): add ProviderBuilder apply helpers by @​mattsse in alloy-rs/alloy#3901
• chore: update reth rpc endpoints by @​mattsse in alloy-rs/alloy#3902
• chore(deps): bump taiki-e/install-action from 2.74.0 to 2.75.3 by @​dependabot[bot] in alloy-rs/alloy#3897
• chore(deps): bump github/codeql-action from 7fc6561ed893d15cec696e062df840b21db27eb0 to 95e58e9a2cdfd71adc6e0353d5c52f41a045d225 by @​dependabot[bot] in alloy-rs/alloy#3896
• test(provider): re-enable anvil tests by @​mattsse in alloy-rs/alloy#3903
• feat(rpc-types-engine): add ExecutionPayload bal_hash getter by @​mattsse in alloy-rs/alloy#3904
• fix(node-bindings): align Reth::default with Reth::new by @​Shresth79 in alloy-rs/alloy#3900
• chore: changed get_block_access_list_raw to accept BlockId by @​Rimeeeeee in alloy-rs/alloy#3907
• feat(signer): add MnemonicKey for efficient HD key derivation by @​decofe in alloy-rs/alloy#3908
• feat(transport-ws): add WsBackend::from_socket constructor by @​stevencartavia in alloy-rs/alloy#3911
• fix(provider): skip batching eth_call with block overrides by @​Shresth79 in alloy-rs/alloy#3910

Full Changelog: alloy-rs/alloy@v2.0.0...v2.0.1

v2.0.0

This new major release includes several breaking changes as preparation for the Glamsterdam hardfork.

Notable breaking changes are:

• network transaction-builder traits were reshaped: TransactionBuilder was split, network-specific methods moved to NetworkTransactionBuilder, and Network bounds tightened around TransactionRequest / TxEnvelope ([#3344](https://github.com/alloy-rs/alloy/issues/3344), [#3723](https://github.com/alloy-rs/alloy/issues/3723)).
• Blob transaction APIs changed: TransactionBuilder7594 was folded into TransactionBuilder4844, blob-sidecar methods were renamed/specialized, the default TxEip4844Variant generic changed, and PooledTransaction now uses the EIP-7594 sidecar type ([#3600](https://github.com/alloy-rs/alloy/issues/3600), [#3328](https://github.com/alloy-rs/alloy/issues/3328), [#3468](https://github.com/alloy-rs/alloy/issues/3468)).
• AnyTransactionReceipt is now a dedicated struct instead of a type alias, so code that relied on alias semantics or direct wrapped-type usage needs updating ([#3153](https://github.com/alloy-rs/alloy/issues/3153)).
• ChainConfig is now non-exhaustive, and Amsterdam support adds new header/config fields plus new BlockHeader requirements; exhaustive struct literals, pattern matches, and custom header impls may need changes ([#3566](https://github.com/alloy-rs/alloy/issues/3566), [#3871](https://github.com/alloy-rs/alloy/issues/3871)).
• Provider builder / filler APIs changed: .network() now replaces the filler stack, and GasFiller is no longer a unit struct, so .filler(GasFiller) becomes .filler(GasFiller::default()) or custom estimator wiring ([#3686](https://github.com/alloy-rs/alloy/issues/3686), [#3849](https://github.com/alloy-rs/alloy/issues/3849)).
• AnyNetwork no longer silently signs or re-encodes unknown transaction types; those paths now fail fast ([#3794](https://github.com/alloy-rs/alloy/issues/3794)).
• muxTracer now keys mux configs / frames by GethDebugTracerType instead of GethDebugBuiltInTracerType, which breaks existing tracer map code ([#2442](https://github.com/alloy-rs/alloy/issues/2442)).
• Pubsub / RPC surface types gained new variants and fields, including transactionReceipts subscriptions and newer header / transaction fields, so exhaustive enum matches and struct literals may need .. / wildcards ([#3410](https://github.com/alloy-rs/alloy/issues/3410), [#3707](https://github.com/alloy-rs/alloy/issues/3707), [#3871](https://github.com/alloy-rs/alloy/issues/3871)).

What's Changed

• fix(signer-gcp): use rustls instead of native-tls for gcloud-sdk by @​zerosnacks in alloy-rs/alloy#3844
• chore: release 1.8.3 by @​zerosnacks in alloy-rs/alloy#3848
• fix(provider): skip caching missing transaction lookups by @​lmorett1 in alloy-rs/alloy#3826
• fix(provider): fallback to get_block when get_header RPCs unsupported by @​prestwich in alloy-rs/alloy#3850
• feat: add network field to NodeInfo by @​stevencartavia in alloy-rs/alloy#3851
• refactor(pubsub): remove duplicate dispatch logic in reconnect() by @​anim001k in alloy-rs/alloy#3760
• docs(provider): clarify feature requirements for anvil helpers by @​lmorett1 in alloy-rs/alloy#3858
• fix(pubsub): recover request-path backend drops by @​mattsse in alloy-rs/alloy#3846
• feat(rpc-types-debug): add header helpers to ExecutionWitness by @​mattsse in alloy-rs/alloy#3862
• chore: added feature rlp to eip7928 by @​Rimeeeeee in alloy-rs/alloy#3865

... (truncated)

Changelog

Sourced from alloy's changelog.

2.0.1 - 2026-04-22

Bug Fixes

• [provider] Skip batching eth_call with block overrides (#3910)
• [node-bindings] Align Reth::default with Reth::new (#3900)
• Clear stderr buffer and break on EOF in geth reader thread (#3888)
• [rpc-types-trace] Add 0x prefix to storage keys and values in StructLog (#3891)
• [provider] Update test_anvil_set_time for corrected evm_setTime (#3889)

Dependencies

• [deps] Bump github/codeql-action from 7fc6561ed893d15cec696e062df840b21db27eb0 to 95e58e9a2cdfd71adc6e0353d5c52f41a045d225 (#3896)
• [deps] Bump taiki-e/install-action from 2.74.0 to 2.75.3 (#3897)

Features

• [transport-ws] Add WsBackend::from_socket constructor (#3911)
• [signer] Add MnemonicKey for efficient HD key derivation (#3908)
• [rpc-types-engine] Add ExecutionPayload bal_hash getter (#3904)
• [provider] Add ProviderBuilder apply helpers (#3901)

Miscellaneous Tasks

• Release 2.0.1
• Release 2.0.1
• Changed get_block_access_list_raw to accept BlockId (#3907)
• Update reth rpc endpoints (#3902)
• [BAL] Added from_block_slow_optional_bal (#3898)
• Added raw bal rpc (#3892)

Other

• Pin actions to SHA and add dependabot cooldown (#3895)

Performance

• [consensus] Avoid clones in ReceiptWithBloom::into_logs (#3894)

Testing

• [provider] Re-enable anvil tests (#3903)

2.0.0 - 2026-04-13

Bug Fixes

• [provider] Fall back to RPC on get_logs cache deserialization failure (#3859)
• [provider] Error all callers on batch len mismatch (#3827)
• Optimism network incompatible with ProviderBuilder::new constructor (#3686)

... (truncated)

Commits

• 565041c chore: release 2.0.1
• ae505bc chore: release 2.0.1
• ecfb916 chore: release 2.0.1
• 04dc40f fix(provider): skip batching eth_call with block overrides (#3910)
• 5c64130 feat(transport-ws): add WsBackend::from_socket constructor (#3911)
• 9733a12 feat(signer): add MnemonicKey for efficient HD key derivation (#3908)
• f46290a chore: changed get_block_access_list_raw to accept BlockId (#3907)
• a7f537f fix(node-bindings): align Reth::default with Reth::new (#3900)
• 25937b6 feat(rpc-types-engine): add ExecutionPayload bal_hash getter (#3904)
• 921b799 test(provider): re-enable anvil tests (#3903)
• Additional commits viewable in compare view

Updates typenum from 1.19.0 to 1.20.0

Release notes

Sourced from typenum's releases.

v1.20.0

Commits

• 77b877d: remove deprecated features, replace build script with pre-generated tests (#237) (Cathal) #237
• 4d5f26b: Add tuple operations (#242) (grenewode) #242
• c755e2f: Version 1.20.0 (Paho Lurie-Gregg)

Changelog

Sourced from typenum's changelog.

1.20.0 (2026-04-18)

• [removed] Removed no_std feature flag (deprecated since 1.3.0)
• [removed] Removed force_unix_path_separator feature flag (deprecated since 1.17.0)
• [changed] Replaced build.rs script with pre-generated test files
• [added] Indexing into tuples
• [changed] MSRV now 1.41.0

Commits

• c755e2f Version 1.20.0
• 4d5f26b Add tuple operations (#242)
• 77b877d remove deprecated features, replace build script with pre-generated tests (#237)
• See full diff in compare view

Updates revm from 34.0.0 to 38.0.0

Changelog

Sourced from revm's changelog.

Because this is workspace with multi libraries, tags will be simplified, and with this document you can match version of project with git tag.

v107

date: 17.04.2026

Maintanance release, utility changes.

• revm-state: 11.0.0 -> 11.0.1 (✓ API compatible changes)
• revm-context-interface: 17.0.0 -> 17.0.1 (✓ API compatible changes)
• revm-interpreter: 35.0.0 -> 35.0.1 (✓ API compatible changes)
• revm-precompile: 33.0.0 -> 34.0.0 (✓ API compatible changes)
• revm-handler: 18.0.0 -> 19.0.0 (✓ API compatible changes)
• revm-inspector: 18.0.0 -> 19.0.0 (✓ API compatible changes)
• revm-database-interface: 11.0.0 -> 11.0.1
• revm-context: 16.0.0 -> 16.0.1
• revm-database: 13.0.0 -> 13.0.1
• revm-statetest-types: 17.0.0 -> 17.0.1
• revm: 37.0.0 -> 38.0.0
• revme: 14.0.0 -> 15.0.0
• op-revm: 18.0.0 -> 19.0.0

v106

date 10.04.2026

Eth devnet3. EIP-8037 State gas support

• revm-primitives: 22.1.0 -> 23.0.0 (⚠ API breaking changes)
• revm-bytecode: 9.0.0 -> 10.0.0 (✓ API compatible changes)
• revm-database-interface: 10.0.0 -> 11.0.0 (✓ API compatible changes)
• revm-context-interface: 16.0.0 -> 17.0.0 (⚠ API breaking changes)
• revm-context: 15.0.0 -> 16.0.0 (⚠ API breaking changes)
• revm-database: 12.0.0 -> 13.0.0 (⚠ API breaking changes)
• revm-interpreter: 34.0.0 -> 35.0.0 (⚠ API breaking changes)
• revm-precompile: 32.1.0 -> 33.0.0 (⚠ API breaking changes)
• revm-handler: 17.0.0 -> 18.0.0 (⚠ API breaking changes)
• revm-inspector: 17.0.0 -> 18.0.0 (✓ API compatible changes)
• revm-statetest-types: 16.0.0 -> 17.0.0 (✓ API compatible changes)
• revme: 13.0.0 -> 14.0.0 (⚠ API breaking changes)
• op-revm: 17.0.0 -> 18.0.0 (✓ API compatible changes)
• revm-state: 10.0.0 -> 11.0.0
• revm: 36.0.0 -> 37.0.0

v105

date: 04.03.2026

Bump revm-database-interface major version. All dependent crates bumped accordingly.

• revm-database-interface: 9.0.1 -> 10.0.0 (⚠ API breaking changes)
• revm-interpreter: 33.0.0 -> 34.0.0 (⚠ dependency bump)
• revm-database: 11.0.0 -> 12.0.0 (⚠ dependency bump)

... (truncated)

Commits

• cbe99fc chore: release (#1579)
• 5073b04 chore: bump precompile to v9.0.0 (#1590)
• 81818a9 feat(Precompiles): Throw fatal error if c-kzg is disabled (#1589)
• 245f05d docs(README): add rbuilder to used-by (#1585)
• 5507047 feat: add bytecode_address from CallInputs to Contract during construction. (...
• 1fedacd Use HandleOrRuntime to allow alloydb/ethersdb to hold a custom runtime (#1576)
• 28d082d primitives: add utility function AccountInfo::from_bytecode (#1577)
• b6f80af feat: support selfdestruct for dummyhost (#1578)
• b40e4e3 chore: store tokio::runtime::Handle in ethers/alloyDB (#1557)
• 64dc252 feat(Prague): Add EIP-7702 (#1565)
• Additional commits viewable in compare view

Updates tauri-build from 2.5.5 to 2.5.6

Release notes

Sourced from tauri-build's releases.

tauri-build v2.5.6

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 941 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1052 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.54.0
    │   └── tauri-runtime-wry 2.10.1
    │       └── tauri 2.10.3
    │           ├── tauri-utils 2.8.3
    │           │   ├── tauri-schema-generator 0.0.0
    │           │   ├── tauri-runtime-wry 2.10.1
    │           │   ├── tauri-runtime 2.10.1
    │           │   │   ├── tauri-runtime-wry 2.10.1
    │           │   │   └── tauri 2.10.3
    │           │   ├── tauri-plugin 2.5.4
    │           │   │   ├── tauri-plugin-sample 0.1.0
    │           │   │   │   └── api 0.1.0
    │           │   │   └── tauri-plugin-log 2.6.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-macros 2.5.5
    │           │   │   └── tauri 2.10.3
    │           │   ├── tauri-codegen 2.5.5
    │           │   │   ├── tauri-macros 2.5.5
    │           │   │   └── tauri-build 2.5.6
    │           │   │       ├── tauri-file-associations-demo 0.1.0
    │           │   │       ├── tauri 2.10.3
    │           │   │       ├── resources 0.1.0
    │           │   │       ├── bench_helloworld 0.1.0
    │           │   │       ├── bench_files_transfer 0.1.0
    │           │   │       ├── bench_cpu_intensive 0.1.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-cli 2.10.1
    │           │   │   └── tauri-cli-node 0.0.0
    │           │   ├── tauri-bundler 2.8.1
    │           │   │   └── tauri-cli 2.10.1
    │           │   ├── tauri-build 2.5.6
</tr></table> 

... (truncated)

Commits

• 9b17a7a fix(ci): bump rustsec/audit-check to v2 and ignore time audit (#15030)
• d868279 apply version updates (#14897)
• 3a65cc6 fix(test): disable resolve_resource_dir on Android (#15026)
• 52cf195 refactor(cli): reduce some nesting code (#14844)
• c3cbff3 fix: resource path handles ./ path differently (#14662)
• 33754ae fix(cli): unusable empty password private keys (#15022)
• 3935dee Add AI tool policy to contributing guide (#15002)
• 33932a7 chore(deps-dev): bump svelte from 5.51.5 to 5.53.5 (#15015)
• 7d3c759 chore(deps): update dependency rollup to v4.59.0 (#15001)
• f20256b chore: fix clippy warnings (#14999)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
safe-lens-generator	Ready	Preview, Comment	Apr 27, 2026 6:01am