chore(deps): update rust crate bcrypt to 0.19.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
bcrypt	workspace.dependencies	minor	0.18.0 → 0.19.0

---

Release Notes

Keats/rust-bcrypt (bcrypt)

v0.19.0

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[claude]

PR Review: bcrypt 0.18.0 → 0.19.0

This is a routine automated dependency update from Renovate. Here's my assessment:

Summary of Changes

• bcrypt (workspace dependency): 0.18.0 → 0.19.0
• Transitive dependency updates pulled in:
  • getrandom: 0.3.1 → 0.4.1
  • windows-sys: 0.52.0 → 0.59.0 / 0.61.1
  • socket2: 0.5.10 → 0.6.0

Assessment

Security (relevant — bcrypt is used for password hashing): Keeping this crate current is important. The getrandom bump from 0.3 to 0.4 is a significant internal dependency change within bcrypt, and staying up-to-date here reduces exposure to any latent entropy/CSPRNG bugs.

Risk: Low. Only Cargo.toml and Cargo.lock are modified — no source code changes. The bcrypt API surface is stable and unlikely to have breaking changes for the usage patterns in this crepo.

Transitive updates: The cascade updates to windows-sys, socket2, and getrandom are all incremental version bumps with no expected behavioral changes on Linux (the primary deployment target).

Recommendation

Safe to merge, provided CI passes. No concerns.