diff --git a/Cargo.toml b/Cargo.toml
index f333208..db3bd84 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -49,28 +49,28 @@ required-features = ["reqwest-blocking"]
 
 [dependencies]
 base64 = ">= 0.21, <0.23"
-thiserror = "1.0"
-http = "1.0"
-rand = "0.8"
+thiserror = "2.0"
+http = "1.3"
+rand = "0.9"
 reqwest = { version = "0.12", optional = true, default-features = false }
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 sha2 = "0.10"
 ureq = { version = "2", optional = true }
-url = { version = "2.1", features = ["serde"] }
-chrono = { version = "0.4.31", default-features = false, features = ["clock", "serde", "std", "wasmbind"] }
-serde_path_to_error = "0.1.2"
+url = { version = "2.5", features = ["serde"] }
+chrono = { version = "0.4.41", default-features = false, features = ["clock", "serde", "std", "wasmbind"] }
+serde_path_to_error = "0.1.17"
 
 [target.'cfg(target_arch = "wasm32")'.dependencies]
-getrandom = { version = "0.2", features = ["js"] }
+getrandom = { version = "0.3", features = ["wasm_js"] }
 
 [target.'cfg(not(target_arch = "wasm32"))'.dependencies]
-curl = { version = "0.4.0", optional = true }
+curl = { version = "0.4.47", optional = true }
 
 [dev-dependencies]
 hex = "0.4"
 hmac = "0.12"
-uuid = { version = "1.10", features = ["v4"] }
+uuid = { version = "1.16", features = ["v4"] }
 anyhow = "1.0"
-tokio = { version = "1.0", features = ["full"] }
+tokio = { version = "1.38", features = ["full"] }
 async-std = "1.13"
diff --git a/src/types.rs b/src/types.rs
index 039bfa5..506e03f 100644
--- a/src/types.rs
+++ b/src/types.rs
@@ -1,5 +1,5 @@
 use base64::prelude::*;
-use rand::{thread_rng, Rng};
+use rand::{rng, Rng};
 use serde::{Deserialize, Serialize};
 use sha2::{Digest, Sha256};
 use url::Url;
@@ -473,7 +473,7 @@ impl PkceCodeChallenge {
         // characters and a maximum length of 128 characters".
         // This implies 32-96 octets of random data to be base64 encoded.
         assert!((32..=96).contains(&num_bytes));
-        let random_bytes: Vec<u8> = (0..num_bytes).map(|_| thread_rng().gen::<u8>()).collect();
+        let random_bytes: Vec<u8> = (0..num_bytes).map(|_| rng().random::<u8>()).collect();
         PkceCodeVerifier::new(BASE64_URL_SAFE_NO_PAD.encode(random_bytes))
     }
 
@@ -568,7 +568,7 @@ new_secret_type![
         ///
         /// * `num_bytes` - Number of random bytes to generate, prior to base64-encoding.
         pub fn new_random_len(num_bytes: u32) -> Self {
-            let random_bytes: Vec<u8> = (0..num_bytes).map(|_| thread_rng().gen::<u8>()).collect();
+            let random_bytes: Vec<u8> = (0..num_bytes).map(|_| rng().random::<u8>()).collect();
             CsrfToken::new(BASE64_URL_SAFE_NO_PAD.encode(random_bytes))
         }
     }