chore(deps): bump act-sdk from 0.6.0 to 0.7.1

[dependabot]

Bumps act-sdk from 0.6.0 to 0.7.1.

Changelog

Sourced from act-sdk's changelog.

[0.7.1] - 2026-05-24

Added

• include! support in #[act_component]. #[act_tool] functions can now live in separate files and be pulled into the component module via include!("path"), so large components (e.g. 100+ tools) can be split across many modules instead of one giant lib.rs. Included paths resolve relative to src/.
• wasi:sockets capability declarations. SocketsCap now carries allow entries (host/CIDR + required ports + optional protocols, defaulting to TCP+UDP), declaring the capability ceiling for raw TCP/UDP I/O. Default protocols are omitted on serialization to keep manifest round-trips clean.

[0.7.0] - 2026-05-06

Added

• act:sessions/session-provider macro support. wit/deps/act-sessions is bundled in the SDK; consumers symlink it like the other interfaces and add export act:sessions/session-provider@0.1.0; to their world.wit.
• act_sdk::SessionRegistry<T> — interior-mutable id→state map for components that maintain per-session state. Allocates ids as <prefix>_<n>.
• #[session_open] and #[session_close] markers — when both appear inside #[act_component], the macro generates the session-provider Guest impl. get-open-session-args-schema is derived from the open fn's args type via JsonSchema; open-session decodes metadata-shaped args; close-session is a sync pass-through (per WIT).
• act_sdk::sessions::session_id_from_metadata — pulls std:session-id out of WIT metadata (CBOR-decoded).
• New constants in act_types::constants: META_SESSION_ID, META_AGENT_ID, META_SESSION_OP, ERR_SESSION_NOT_FOUND. ActError::session_not_found helper.
• New act_types::http wire types: OpenSessionRequest, OpenSessionResponse. error_kind_to_status now maps std:session-not-found to 404.

Migration

No breaking changes for tool-only components — the macro is opt-in through the new #[session_open]/#[session_close] markers and the extra wit/deps/act-sessions symlink.

Commits

• 8f04c63 chore(release): 0.7.1
• dab526a feat(macros): expand include! in #[act_component] for modular tool files
• 41740d8 fix(act-types): skip default protocols on SocketsAllow serialize
• 5544d85 feat(act-types): declare wasi:sockets capability shape
• ab9c73f chore(release): 0.7.0
• 6808ccb feat(sdk): act:sessions/session-provider macro support
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	act-sdk@​0.6.0 ⏵ 0.7.1

View full report