chore(deps): bump alloy-dyn-abi from 1.3.1 to 1.4.1 in the cargo group across 1 directory

[dependabot]

Bumps the cargo group with 1 update in the / directory: alloy-dyn-abi.

Updates alloy-dyn-abi from 1.3.1 to 1.4.1

Release notes

Sourced from alloy-dyn-abi's releases.

alloy-core v1.4.1

Security

Patched: DoS vulnerability on alloy_dyn_abi::TypedData hashing

An uncaught panic triggered by malformed input to alloy_dyn_abi::TypedData could lead to a denial-of-service (DoS) via eip712_signing_hash().

Software with high availability requirements such as network services may be particularly impacted. If in use, external auto-restarting mechanisms can partially mitigate the availability issues unless repeated attacks are possible.

The vulnerability was patched by adding a check to ensure the element is not empty before accessing its first element; an error is returned if it is empty. The fix is included in version v1.4.1 and backported to v0.8.26.

See: GHSA-pgp9-98jm-wwq2

What's Changed

• chore: remove feature(doc_auto_cfg) by @​DaniPopes in alloy-rs/core#1019
• feat(primitives): Add Borsh support for TxKind by @​mablr in alloy-rs/core#1022
• feat: Add Sqlx Traits for Bytes Type by @​Arvmor in alloy-rs/core#1020
• chore: fix docs, typos by @​DaniPopes in alloy-rs/core#1023
• feat(sol-macro): add transient storage keyword support by @​AurelienFT in alloy-rs/core#1026
• feat: gate 60 tuple impls behind 'more-tuple-impls' feature flag by @​DaniPopes in alloy-rs/core#1027
• chore: remove some inlines by @​DaniPopes in alloy-rs/core#1028
• refactor(dyn-abi): clean up Resolver by @​DaniPopes in alloy-rs/core#1030

New Contributors

• @​AurelienFT made their first contribution in alloy-rs/core#1026

Full Changelog: alloy-rs/core@v1.4.0...v1.4.1

alloy-core v1.4.0

What's Changed

• feat(primitives): add borsh support by @​mablr in alloy-rs/core#993
• feat(sol-macro-expander): add name_by_selector method for enum variant retrieval by @​mablr in alloy-rs/core#995
• chore: typo rollup by @​onbjerg in alloy-rs/core#997
• feat(primitives): extend implementation of diesel's ToSql to Sqlite for FixedBytes and Address by @​xavierm02 in alloy-rs/core#977
• feat(sol-macro-expander): add Clone trait to enum contracts containers by @​fd0r in alloy-rs/core#1003
• fix(sol-types): Fix encode_topic_bytes for byte slices whose length is a non-zero multiple of 32 by @​davidsemakula in alloy-rs/core#1000
• feat(primitives): bump map deps, wrap DefaultHashBuilder by @​DaniPopes in alloy-rs/core#1001
• feat(sol-macro): inherit attributes from contract by @​DaniPopes in alloy-rs/core#1004
• perf(sol-macro): improve abi expansion by @​DaniPopes in alloy-rs/core#1005
• doc(primitives): inline doc for uint! macro by @​0xdapper in alloy-rs/core#1007
• feat: Add Sqlx Traits for Signed Type by @​Arvmor in alloy-rs/core#1008
• fix(sol-macro): remove #[automatically_derived] from non-trait impls by @​DaniPopes in alloy-rs/core#1012
• feat: rkyv support by @​lightsing in alloy-rs/core#990
• chore(deps): bumpies by @​DaniPopes in alloy-rs/core#1014
• fix(sol-macro-expander): propagate all_derives and extra_derives to periphery SC structs by @​squadgazzz in alloy-rs/core#1011
• chore(sol-types): sync panic reasons from geth by @​jsvisa in alloy-rs/core#1015
• fix(sol-macro): internal SC derives by @​squadgazzz in alloy-rs/core#1017
• chore: tweak postgres.rs by @​DaniPopes in alloy-rs/core#1018

New Contributors

... (truncated)

Changelog

Sourced from alloy-dyn-abi's changelog.

1.4.1 - 2025-10-14

Features

• Gate 60 tuple impls behind 'more-tuple-impls' feature flag (#1027)
• [sol-macro] Add transient storage keyword support (#1026)
• Add Sqlx Traits for Bytes Type (#1020)
• [primitives] Add Borsh support for TxKind (#1022)

Miscellaneous Tasks

• Remove some inlines (#1028)
• Fix docs, typos (#1023)
• Remove feature(doc_auto_cfg) (#1019)

Other

• Merge commit from fork

Refactor

• [dyn-abi] Clean up Resolver (#1030)

1.4.0 - 2025-09-26

Bug Fixes

• [sol-macro] Internal SC derives (#1017)
• [sol-macro-expander] Propagate all_derives and extra_derives to periphery SC structs (#1011)
• [sol-macro] Remove #[automatically_derived] from non-trait impls (#1012)
• [sol-types] Fix encode_topic_bytes for byte slices whose length is a non-zero multiple of 32 (#1000)

Dependencies

• [deps] Bumpies (#1014)

Documentation

• [primitives] Inline doc for uint! macro (#1007)

Features

• Rkyv support (#990)
• Add Sqlx Traits for Signed Type (#1008)
• [sol-macro] Inherit attributes from contract (#1004)
• [primitives] Bump map deps, wrap DefaultHashBuilder (#1001)
• [sol-macro-expander] Add Clone trait to enum contracts containers (#1003)
• [primitives] Extend implementation of diesel's ToSql to Sqlite for FixedBytes and Address (#977)
• [sol-macro-expander] Add name_by_selector method for enum variant retrieval (#995)
• [primitives] Add borsh support (#993)

... (truncated)

Commits

• f7d4a85 chore: release 1.4.1
• 5ac01fa refactor(dyn-abi): clean up Resolver (#1030)
• 7823e9a Merge commit from fork
• baa341c chore: remove some inlines (#1028)
• 2ce9079 feat: gate 60 tuple impls behind 'more-tuple-impls' feature flag (#1027)
• 6893986 feat(sol-macro): add transient storage keyword support (#1026)
• bce535b chore: fix docs, typos (#1023)
• 534c90e feat: Add Sqlx Traits for Bytes Type (#1020)
• 4403ac8 feat(primitives): Add Borsh support for TxKind (#1022)
• a71f93a chore: remove feature(doc_auto_cfg) (#1019)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.