deps: bump the rust-dependencies group with 2 updates

[dependabot]

Bumps the rust-dependencies group with 2 updates: tokio and hickory-resolver.

Updates tokio from 1.52.1 to 1.52.2

Release notes

Sourced from tokio's releases.

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• f82bcf3 Merge 'tokio-1.51.2' into 'tokio-1.52.x' (#8114)
• 7db9bc4 test: revert "remove churn() task from lifo_stealable" (#8114)
• 64834ec chore: prepare Tokio v1.51.2 (#8113)
• 967f571 runtime: revert "steal tasks from the LIFO slot" (#8100)
• 9271e3e Merge tokio-1.51.x (for #8101) into tokio-1.52.x (#8106)
• cd1823f Revert "Pin stable to 1.94 for tokio-1.51.x" (#8106)
• a97cf12 Merge tokio-1.47.x (commit 670a907c55c7) into tokio-1.51.x (#8105)
• bde3f20 Pin stable to 1.94 for tokio-1.51.x (#8105)
• 670a907 ci: fix CI on tokio-1.47.x (#8101)
• Additional commits viewable in compare view

Updates hickory-resolver from 0.26.0 to 0.26.1

Release notes

Sourced from hickory-resolver's releases.

v0.26.1

This point release for the 0.26 release series brings in several bug fixes, and no user-facing changes. Two security reports are addressed: RUSTSEC-2026-0120 and RUSTSEC-2026-0119.

What's Changed

• net: avoid infinite loop in NSEC3 processing by @​djc in hickory-dns/hickory-dns#3597
• Limit work expended on name compression (backport) by @​divergentdave in hickory-dns/hickory-dns#3615

Full Changelog: hickory-dns/hickory-dns@v0.26.0...v0.26.1

Commits

• f093210 Limit number of names that may be compressed
• a9b884b Skip search when name compression is disabled
• 6e70e93 Limit number of name pointers stored in BinEncoder
• c2bdb8c Add benchmark for encoding message with many names
• 9e0b528 Bump version to 0.26.1
• 14cc3c8 net: respect caller timeout for DoT TCP connect
• fc2e3f4 resolver: release connections lock before TCP/TLS handshake
• bbdfcd2 Add tests combining NSEC and NSEC3 via CNAME chain
• 994076b Update rustls-webpki to 0.103.13
• 3b265fb net: check query name is in zone when building encloser candidates
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions