chore(deps): bump the all-cargo-deps group across 1 directory with 5 updates

[dependabot]

Bumps the all-cargo-deps group with 5 updates in the / directory:

Package	From	To
tokio	1.50.0	1.51.0
sha2	0.10.9	0.11.0
noodles-fasta	0.42.0	0.60.0
noodles-core	0.15.0	0.19.0
md-5	0.10.6	0.11.0

Updates tokio from 1.50.0 to 1.51.0

Release notes

Sourced from tokio's releases.

Tokio v1.51.0

1.51.0 (April 3rd, 2026)

Added

• net: implement get_peer_cred on Hurd (#7989)
• runtime: add tokio::runtime::worker_index() (#7921)
• runtime: add runtime name (#7924)
• runtime: stabilize LocalRuntime (#7557)
• wasm: add wasm32-wasip2 networking support (#7933)

Changed

• runtime: steal tasks from the LIFO slot (#7431)

Fixed

• docs: do not show "Available on non-loom only." doc label (#7977)
• macros: improve overall macro hygiene (#7997)
• sync: fix notify_waiters priority in Notify (#7996)
• sync: fix panic in Chan::recv_many when called with non-empty vector on closed channel (#7991)

#7431: tokio-rs/tokio#7431 #7557: tokio-rs/tokio#7557 #7921: tokio-rs/tokio#7921 #7924: tokio-rs/tokio#7924 #7933: tokio-rs/tokio#7933 #7977: tokio-rs/tokio#7977 #7989: tokio-rs/tokio#7989 #7991: tokio-rs/tokio#7991 #7996: tokio-rs/tokio#7996 #7997: tokio-rs/tokio#7997

Commits

• 0af06b7 chore: prepare Tokio v1.51.0 (#8005)
• 01a7f1d chore: prepare tokio-macros v2.7.0 (#8004)
• eeb55c7 runtime: steal tasks from the LIFO slot (#7431)
• 1fc450a runtime: stabilize LocalRuntime (#7557)
• 324218f Merge tag 'tokio-1.47.4' (#8003)
• aa65d0d chore: prepare Tokio v1.47.4 (#8002)
• bf18ed4 sync: fix panic in Chan::recv_many when called with non-empty vector on clo...
• 43134f1 wasm: add wasm32-wasip2 networking support (#7933)
• b4c3246 macros: improve overall macro hygiene (#7997)
• 7947fa4 rt: add runtime name (#7924)
• Additional commits viewable in compare view

Updates sha2 from 0.10.9 to 0.11.0

Commits

• ffe0939 Release sha2 0.11.0 (#806)
• 8991b65 Use the standard order of the [package] section fields (#807)
• 3d2bc57 sha2: refactor backends (#802)
• faa55fb sha3: bump keccak to v0.2 (#803)
• d3e6489 sha3 v0.11.0-rc.9 (#801)
• bbf6f51 sha2: tweak backend docs (#800)
• 155dbbf sha3: add default value for the DS generic parameter on TurboShake128/256...
• ed514f2 Use published version of keccak v0.2 (#799)
• 702bcd8 Migrate to closure-based keccak (#796)
• 827c043 sha3 v0.11.0-rc.8 (#794)
• Additional commits viewable in compare view

Updates noodles-fasta from 0.42.0 to 0.60.0

Commits

• c835f68 Bump versions for noodles 0.106.0
• 3302410 cram/codecs/name_tokenizer/encoder: Use byte buffer
• dbb5dc2 cram/changelog: Add entry for reference sequence copying
• ef7053b cram/io/reader/container/block/compression_method: Use <[T]>::split_off_first
• e1982b9 cram/io/reader/container/block: Return clone-on-write buffers from blocks dec...
• 1537cd4 cram/io/reader/container/header: Reduce visibilities of readers
• a944a0a fasta/repository: Reference count sequences in cache
• 330190a Bump versions for noodles 0.105.0
• a8ccda0 bcf/io/reader: Remove unnecessary import from example
• ee1dc0d cram/file_definition: Return an array reference from FileDefinition::file_id
• Additional commits viewable in compare view

Updates noodles-core from 0.15.0 to 0.19.0

Commits

• 330190a Bump versions for noodles 0.105.0
• a8ccda0 bcf/io/reader: Remove unnecessary import from example
• ee1dc0d cram/file_definition: Return an array reference from FileDefinition::file_id
• 17d5ae9 cram/io/reader/header/tests: Use <[T]>::split_last_chunk
• 398c63d bam/record/fields: Add read length getter
• ae75ebc csi/io/reader/index/reference_sequences: Add reference sequence count reader
• 31fc88a cram/codecs/aac/decode/stripe/tests: Add field reader tests
• e355efb cram: Update to lzma-rust2 0.16.1
• 94d142a cram/changelog: Add entry for index destination creation
• 10facc1 cram/crai/io/writer: Change buffers to sinks in examples
• Additional commits viewable in compare view

Updates md-5 from 0.10.6 to 0.11.0

Commits

• b5051e5 Cut new releases (#812)
• 451c446 md5: replace force-soft crate feature with md5_backend configuration flag...
• 2f00175 Release sha1 v0.11.0 (#810)
• 07d370c sha1: refactor backends selection (#808)
• 7c7cb76 Fix md5 project link in README (#809)
• ffe0939 Release sha2 0.11.0 (#806)
• 8991b65 Use the standard order of the [package] section fields (#807)
• 3d2bc57 sha2: refactor backends (#802)
• faa55fb sha3: bump keccak to v0.2 (#803)
• d3e6489 sha3 v0.11.0-rc.9 (#801)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

• Chores
  • Updated project dependencies to latest available versions for improved stability and security.

[nh13]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

📝 Walkthrough

Walkthrough

Dependency versions updated in Cargo.toml: sha2 (0.10→0.11), noodles-fasta (0.42→0.60), noodles-core (0.15→0.19), and md-5 (0.10→0.11). No public APIs altered.

Changes

Cohort / File(s)	Summary
Dependency Updates Cargo.toml	Updated four dependencies to newer versions: sha2, noodles-fasta, noodles-core, and md-5. Each dependency incremented to the next available minor or patch version.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A hoppy update, so clean and bright,
Dependency bumps done just right,
Sha2 and noodles leap ahead,
Fresh versions fill our Cargo bread!
Dependencies dance in perfect tune, ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: dependency version bumps across the Cargo.toml file using Dependabot's conventional naming convention.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/cargo/all-cargo-deps-ec238cb667

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.