build: update rand to 0.9

We already have both rand 0.8 and rand 0.9
in our dependency tree.

We still need rand 0.8 because
public APIs of rPGP 0.17.0 and Iroh 0.35.0
use rand 0.8 types in public APIs,
so it is imported as rand_old.

Cargo.lock

@@ -1358,6 +1358,7 @@ dependencies = [
  "qrcodegen",
  "quick-xml",
  "rand 0.8.5",
+ "rand 0.9.0",
  "ratelimit",
  "regex",
  "rusqlite",
@@ -1487,7 +1488,7 @@ dependencies = [
  "human-panic",
  "libc",
  "num-traits",
- "rand 0.8.5",
+ "rand 0.9.0",
  "serde_json",
  "thiserror 2.0.17",
  "tokio",

Cargo.toml

@@ -82,6 +82,7 @@ pgp = { version = "0.17.0", default-features = false }
 pin-project = "1"
 qrcodegen = "1.7.0"
 quick-xml = { version = "0.38", features = ["escape-html"] }
+rand-old = { package = "rand", version = "0.8" }
 rand = { workspace = true }
 regex = { workspace = true }
 rusqlite = { workspace = true, features = ["sqlcipher"] }
@@ -186,7 +187,7 @@ log = "0.4"
 mailparse = "0.16.1"
 nu-ansi-term = "0.50"
 num-traits = "0.2"
-rand = "0.8"
+rand = "0.9"
 regex = "1.10"
 rusqlite = "0.36"
 sanitize-filename = "0.5"

deltachat-ffi/src/lib.rs

@@ -39,7 +39,6 @@ use deltachat_jsonrpc::api::CommandApi;
 use deltachat_jsonrpc::yerpc::{OutReceiver, RpcClient, RpcSession};
 use message::Viewtype;
 use num_traits::{FromPrimitive, ToPrimitive};
-use rand::Rng;
 use tokio::runtime::Runtime;
 use tokio::sync::RwLock;
 use tokio::task::JoinHandle;
@@ -101,7 +100,7 @@ pub unsafe extern "C" fn dc_context_new(
 
     let ctx = if blobdir.is_null() || *blobdir == 0 {
         // generate random ID as this functionality is not yet available on the C-api.
-        let id = rand::thread_rng().gen();
+        let id = rand::random();
         block_on(
             ContextBuilder::new(as_path(dbfile).to_path_buf())
                 .with_id(id)
@@ -129,7 +128,7 @@ pub unsafe extern "C" fn dc_context_new_closed(dbfile: *const libc::c_char) -> *
         return ptr::null_mut();
     }
 
-    let id = rand::thread_rng().gen();
+    let id = rand::random();
     match block_on(
         ContextBuilder::new(as_path(dbfile).to_path_buf())
             .with_id(id)

src/authres.rs

@@ -468,7 +468,7 @@ Authentication-Results: box.hispanilandia.net; spf=pass smtp.mailfrom=adbenitez@
             // The ordering in which the emails are received can matter;
             // the test _should_ pass for every ordering.
             dir.sort_by_key(|d| d.file_name());
-            //rand::seq::SliceRandom::shuffle(&mut dir[..], &mut rand::thread_rng());
+            //rand::seq::SliceRandom::shuffle(&mut dir[..], &mut rand::rng());
 
             for entry in &dir {
                 let mut file = fs::File::open(entry.path()).await?;

src/imap.rs

@@ -20,7 +20,6 @@ use deltachat_contact_tools::ContactAddress;
 use futures::{FutureExt as _, TryStreamExt};
 use futures_lite::FutureExt;
 use num_traits::FromPrimitive;
-use rand::Rng;
 use ratelimit::Ratelimit;
 use url::Url;
 
@@ -342,9 +341,9 @@ impl Imap {
         const BACKOFF_MIN_MS: u64 = 2000;
         const BACKOFF_MAX_MS: u64 = 80_000;
         self.conn_backoff_ms = min(self.conn_backoff_ms, BACKOFF_MAX_MS / 2);
-        self.conn_backoff_ms = self.conn_backoff_ms.saturating_add(
+        self.conn_backoff_ms = self.conn_backoff_ms.saturating_add(rand::random_range(
-            rand::thread_rng().gen_range((self.conn_backoff_ms / 2)..=self.conn_backoff_ms),
+            (self.conn_backoff_ms / 2)..=self.conn_backoff_ms,
-        );
+        ));
         self.conn_backoff_ms = max(BACKOFF_MIN_MS, self.conn_backoff_ms);
 
         let login_params = prioritize_server_login_params(&context.sql, &self.lp, "imap").await?;

src/imex/key_transfer.rs

@@ -1,8 +1,6 @@
 //! # Key transfer via Autocrypt Setup Message.
 use std::io::BufReader;
 
-use rand::{Rng, thread_rng};
-
 use anyhow::{Result, bail, ensure};
 
 use crate::blob::BlobObject;
@@ -133,12 +131,11 @@ pub async fn render_setup_file(context: &Context, passphrase: &str) -> Result<St
 /// Creates a new setup code for Autocrypt Setup Message.
 fn create_setup_code(_context: &Context) -> String {
     let mut random_val: u16;
-    let mut rng = thread_rng();
     let mut ret = String::new();
 
     for i in 0..9 {
         loop {
-            random_val = rng.r#gen();
+            random_val = rand::random();
             if random_val as usize <= 60000 {
                 break;
             }

src/key.rs

@@ -11,7 +11,6 @@ use pgp::composed::Deserializable;
 pub use pgp::composed::{SignedPublicKey, SignedSecretKey};
 use pgp::ser::Serialize;
 use pgp::types::{KeyDetails, KeyId, Password};
-use rand::thread_rng;
 use tokio::runtime::Handle;
 
 use crate::context::Context;
@@ -314,7 +313,7 @@ impl DcSecretKey for SignedSecretKey {
     fn split_public_key(&self) -> Result<SignedPublicKey> {
         self.verify()?;
         let unsigned_pubkey = self.public_key();
-        let mut rng = thread_rng();
+        let mut rng = rand_old::thread_rng();
         let signed_pubkey = unsigned_pubkey.sign(
             &mut rng,
             &self.primary_key,

src/mimefactory.rs

@@ -11,7 +11,6 @@ use iroh_gossip::proto::TopicId;
 use mail_builder::headers::HeaderType;
 use mail_builder::headers::address::{Address, EmailAddress};
 use mail_builder::mime::MimePart;
-use rand::Rng as _;
 use tokio::fs;
 
 use crate::aheader::{Aheader, EncryptPreference};
@@ -1015,7 +1014,7 @@ impl MimeFactory {
                 //
                 // and the explanation page says
                 // "The time information deviates too much from the actual time".
-                let timestamp_offset = rand::thread_rng().gen_range(0..1000000);
+                let timestamp_offset = rand::random_range(0..1000000);
                 let protected_timestamp = self.timestamp.saturating_sub(timestamp_offset);
                 let unprotected_date =
                     chrono::DateTime::<chrono::Utc>::from_timestamp(protected_timestamp, 0)

src/peer_channels.rs

@@ -235,7 +235,7 @@ impl Context {
     /// Create iroh endpoint and gossip.
     async fn init_peer_channels(&self) -> Result<Iroh> {
         info!(self, "Initializing peer channels.");
-        let secret_key = SecretKey::generate(rand::rngs::OsRng);
+        let secret_key = SecretKey::generate(rand_old::rngs::OsRng);
         let public_key = secret_key.public();
 
         let relay_mode = if let Some(relay_url) = self

src/pgp.rs

@@ -17,7 +17,7 @@ use pgp::crypto::hash::HashAlgorithm;
 use pgp::crypto::sym::SymmetricKeyAlgorithm;
 use pgp::packet::{SignatureConfig, SignatureType, Subpacket, SubpacketData};
 use pgp::types::{CompressionAlgorithm, KeyDetails, Password, PublicKeyTrait, StringToKey};
-use rand::thread_rng;
+use rand_old::thread_rng;
 use tokio::runtime::Handle;
 
 use crate::key::{DcKey, Fingerprint};

src/push.rs

@@ -13,7 +13,6 @@ use anyhow::{Context as _, Result};
 use base64::Engine as _;
 use pgp::crypto::aead::{AeadAlgorithm, ChunkSize};
 use pgp::crypto::sym::SymmetricKeyAlgorithm;
-use rand::thread_rng;
 use tokio::sync::RwLock;
 
 use crate::context::Context;
@@ -80,8 +79,7 @@ pub(crate) fn encrypt_device_token(device_token: &str) -> Result<String> {
         .first()
         .context("No encryption subkey found")?;
     let padded_device_token = pad_device_token(device_token);
-    let mut rng = thread_rng();
+    let mut rng = rand_old::thread_rng();
-
     let mut msg = pgp::composed::MessageBuilder::from_bytes("", padded_device_token).seipd_v2(
         &mut rng,
         SymmetricKeyAlgorithm::AES128,

src/receive_imf/receive_imf_tests.rs

@@ -4339,8 +4339,8 @@ async fn test_download_later() -> Result<()> {
     let bob_chat = bob.create_chat(&alice).await;
 
     // Generate a random string so OpenPGP does not compress it.
-    let text: String = rand::thread_rng()
+    let text: String = rand::rng()
-        .sample_iter(&rand::distributions::Alphanumeric)
+        .sample_iter(&rand::distr::Alphanumeric)
         .take(MIN_DOWNLOAD_LIMIT as usize)
         .map(char::from)
         .collect();

src/scheduler.rs

@@ -7,7 +7,6 @@ use anyhow::{Context as _, Error, Result, bail};
 use async_channel::{self as channel, Receiver, Sender};
 use futures::future::try_join_all;
 use futures_lite::FutureExt;
-use rand::Rng;
 use tokio::sync::{RwLock, oneshot};
 use tokio::task;
 use tokio_util::sync::CancellationToken;
@@ -831,7 +830,7 @@ async fn smtp_loop(
                 let slept = time_elapsed(&now).as_secs();
                 timeout = Some(cmp::max(
                     t,
-                    slept.saturating_add(rand::thread_rng().gen_range((slept / 2)..=slept)),
+                    slept.saturating_add(rand::random_range((slept / 2)..=slept)),
                 ));
             } else {
                 info!(ctx, "SMTP has no messages to retry, waiting for interrupt.");

src/test_utils.rs

@@ -15,7 +15,6 @@ use chat::ChatItem;
 use deltachat_contact_tools::{ContactAddress, EmailAddress};
 use nu_ansi_term::Color;
 use pretty_assertions::assert_eq;
-use rand::Rng;
 use tempfile::{TempDir, tempdir};
 use tokio::runtime::Handle;
 use tokio::{fs, task};
@@ -494,7 +493,7 @@ impl TestContext {
     async fn new_internal(name: Option<String>, log_sink: Option<LogSink>) -> Self {
         let dir = tempdir().unwrap();
         let dbfile = dir.path().join("db.sqlite");
-        let id = rand::thread_rng().r#gen();
+        let id = rand::random();
         if let Some(name) = name {
             let mut context_names = CONTEXT_NAMES.write().unwrap();
             context_names.insert(id, name);

src/tools.rs

@@ -32,7 +32,7 @@ use mailparse::MailHeaderMap;
 use mailparse::dateparse;
 use mailparse::headers::Headers;
 use num_traits::PrimInt;
-use rand::{Rng, thread_rng};
+use rand::Rng;
 use tokio::{fs, io};
 use url::Url;
 use uuid::Uuid;
@@ -291,7 +291,7 @@ async fn maybe_warn_on_outdated(context: &Context, now: i64, approx_compile_time
 /// and divides both by 8 (byte size) and 6 (number of bits in a single Base64 character).
 pub(crate) fn create_id() -> String {
     // ThreadRng implements CryptoRng trait and is supposed to be cryptographically secure.
-    let mut rng = thread_rng();
+    let mut rng = rand::rng();
 
     // Generate 144 random bits.
     let mut arr = [0u8; 18];