chore(deps): bump the validation-deps group across 1 directory with 7 updates

[dependabot]

Bumps the validation-deps group with 6 updates in the /validation/local_ping_pong_openssl directory:

Package	From	To
aes	0.9.0-rc.4	0.9.0
cc	1.2.59	1.2.60
ctr	0.10.0-rc.4	0.10.0
elliptic-curve	0.14.0-rc.29	0.14.0-rc.30
indexmap	2.13.1	2.14.0
rustls-webpki	0.103.10	0.103.11

Updates aes from 0.9.0-rc.4 to 0.9.0

Commits

• 001e740 Adopt Trusted Publishing (#552)
• d908618 Release aes v0.9.0 (#539)
• b612904 aes: remove zeroize_works test (#551)
• 042fa86 Update Cargo.lock (#547)
• 7290b2b ci: use Dependabot to update Cargo.lock (#546)
• d1910c1 ci: bump actions/checkout to v6 (#545)
• 1120a51 Bump Clippy to 1.94 and fix clippy::manual_rotate (#544)
• d52b5b6 aes: remove weak key test entry from changelog (#543)
• 6531730 aes: replace aes_compact configuration flag with `aes_backend_soft="compact...
• f102c4f aes: consolidate backend configuration under aes_backend (#541)
• Additional commits viewable in compare view

Updates cc from 1.2.59 to 1.2.60

Release notes

Sourced from cc's releases.

cc-v1.2.60

Fixed

• (ar) suppress warnings from D modifier probe (#1700)

Changelog

Sourced from cc's changelog.

1.2.60 - 2026-04-10

Fixed

• (ar) suppress warnings from D modifier probe (#1700)

Commits

• 7cad9f5 chore(cc): release v1.2.60 (#1701)
• c15c3eb fix(ar): suppress warnings from D modifier probe (#1700)
• See full diff in compare view

Updates ctr from 0.10.0-rc.4 to 0.10.0

Commits

• e9a0336 Release new versions dependent on cipher v0.5 (#113)
• 504f0a6 belt-ctr: use type alias to define BeltCtr (#112)
• 0ff441c Add allow(missing_docs) for benchmarks (#111)
• 63a37c8 Use release versions of block cipher crates (#110)
• a19e7bd Workspace-level lint configuration (#108)
• See full diff in compare view

Updates elliptic-curve from 0.14.0-rc.29 to 0.14.0-rc.30

Commits

• cf5b810 elliptic-curve v0.14.0-rc.30 (#2373)
• 2b8c0c5 elliptic-curve: bump ff/group dependencies to v0.14.0-rc.1 (#2372)
• d1954d8 password-hash v0.6.1 (#2371)
• 2501d4f password-hash: change bounds for PHC verify blanket impl [BREAKING] (#2370)
• f18bb80 digest: add dev::initialized_mac_test function (#2367)
• adcbc44 build(deps): bump crate-ci/typos from 1.44.0 to 1.45.0 (#2368)
• fb3f1ea build(deps): bump the all-deps group across 1 directory with 11 updates (#2369)
• 23118ea kem v0.3.0 (#2356)
• 13beea5 kem: add serialization docs (#2355)
• ea57736 kem: add basic usage with example (#2354)
• Additional commits viewable in compare view

Updates hkdf from 0.13.0-rc.5 to 0.13.0

Commits

• bfb3b20 hkdf v0.13.0 (#195)
• 8834f33 Workspace-level lint configuration (#194)
• b802abc Add Trusted Publishing config (#193)
• 9d0a675 hkdf v0.13.0-rc.6 (#192)
• c46732a Bump hmac to v0.13 (#191)
• 29c07ab Bump digest to v0.11 (#190)
• ef4a3ac build(deps): bump the all-deps group across 1 directory with 9 updates (#189)
• See full diff in compare view

Updates indexmap from 2.13.1 to 2.14.0

Changelog

Sourced from indexmap's changelog.

2.14.0 (2026-04-09)

• MSRV: Rust 1.85.0 or later is now required.
• Updated the hashbrown dependency to 0.17.
• Made more map::Slice methods const: new_mut, first_mut, last_mut, split_at_mut, split_at_mut_checked, split_first_mut, split_last_mut

Commits

• bcd165b Merge pull request #439 from cuviper/release-2.14.0
• 4ef06a7 Release 2.14.0
• d21826c Merge pull request #438 from cuviper/hashbrown-0.17
• 2566bec Upgrade to hashbrown v0.17
• 4b62776 Merge pull request #437 from cuviper/disjoint-panic
• 478fba2 Normalize the panic doc of get_disjoint_mut
• fb6dafd Merge pull request #436 from cuviper/const-slice-mut
• 5c237a2 Make Slice::{first,last,split_*}_mut methods const
• 48ff9ce Merge pull request #435 from cuviper/edition-2024
• 648be98 cargo fmt with edition 2024
• Additional commits viewable in compare view

Updates rustls-webpki from 0.103.10 to 0.103.11

Release notes

Sourced from rustls-webpki's releases.

0.103.11

In response to #464, we've slightly relaxed requirements for anchor_from_trust_cert() to ignore unknown extensions even if they're marked as critical. This only affects parsing a TrustAnchor from DER, for which most extensions are ignored anyway.

What's Changed

• Backport parsing trust anchors with unknown critical extensions to 0.103 by @​djc in rustls/webpki#466

Commits

• 57bc62c Bump version to 0.103.11
• d0fa01e Allow parsing trust anchors with unknown criticial extensions
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions