diff --git a/Cargo.toml b/Cargo.toml
index a6fb791..315cbc5 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -30,7 +30,7 @@ serde_bytes = "0.11"
 rmp-serde = { version = "1.3", optional = true }
 
 # High-performance LZ4 compression (optional)
-lz4_flex = { version = "0.12", features = ["frame", "std"], optional = true }
+lz4_flex = { version = "0.13", features = ["frame", "std"], optional = true }
 
 # Fast non-cryptographic hashing for data integrity (optional)
 # xxHash3-64: ~36 GB/s, sufficient for corruption detection (security via AES-GCM auth tag)
@@ -43,10 +43,10 @@ zeroize = { version = "1.8", features = ["derive"], optional = true }
 hkdf = { version = "0.12", optional = true }
 sha2 = { version = "0.10", optional = true }
 hmac = { version = "0.12", optional = true }
-generic-array = { version = "0.14", optional = true }
+generic-array = { version = "1.3", optional = true }
 
 # wasm32 RNG: getrandom with JS feature for wasm32-unknown-unknown targets
-getrandom = { version = "0.2", features = ["js"], optional = true }
+getrandom = { version = "0.4", features = ["js"], optional = true }
 
 # RustCrypto: pure-Rust AES-256-GCM for wasm32 targets (ring requires clang + C asm)
 aes-gcm = { version = "0.10", features = ["zeroize"], optional = true }