diff --git a/Cargo.lock b/Cargo.lock
index 7991eb8..45a47bb 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -99,6 +99,12 @@ version = "1.7.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "69f7f8c3906b62b754cd5326047894316021dcfe5a194c8ea52bdd94934a3457"
 
+[[package]]
+name = "arrayref"
+version = "0.3.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "76a2e8124351fda1ef8aaaa3bbd7ebbcb486bbcd4225aca0aa0d84bb2db8fecb"
+
 [[package]]
 name = "arrayvec"
 version = "0.7.6"
@@ -180,12 +186,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de"
 
 [[package]]
-name = "block-buffer"
-version = "0.10.4"
+name = "blake3"
+version = "1.5.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71"
+checksum = "d82033247fd8e890df8f740e407ad4d038debb9eb1f40533fffb32e7d17dc6f7"
 dependencies = [
- "generic-array",
+ "arrayref",
+ "arrayvec",
+ "cc",
+ "cfg-if",
+ "constant_time_eq",
 ]
 
 [[package]]
@@ -261,7 +271,7 @@ checksum = "6469776d007022d505bbcc2be726f5f096174ae76d710ebc609eb3029a45b551"
 dependencies = [
  "semver",
  "serde",
- "toml 0.8.19",
+ "toml",
  "url",
 ]
 
@@ -352,6 +362,12 @@ version = "1.0.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990"
 
+[[package]]
+name = "constant_time_eq"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7c74b8349d32d297c9134b8c88677813a227df8f779daa29bfc29c183fe3dca6"
+
 [[package]]
 name = "core-foundation"
 version = "0.9.4"
@@ -368,15 +384,6 @@ version = "0.8.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b"
 
-[[package]]
-name = "cpufeatures"
-version = "0.2.14"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "608697df725056feaccfa42cffdaeeec3fccc4ffc38358ecd19b243e716a78e0"
-dependencies = [
- "libc",
-]
-
 [[package]]
 name = "crc32fast"
 version = "1.4.2"
@@ -420,16 +427,6 @@ version = "0.8.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "22ec99545bb0ed0ea7bb9b8e1e9122ea386ff8a48c0922e43f36d45ab09e0e80"
 
-[[package]]
-name = "crypto-common"
-version = "0.1.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
-dependencies = [
- "generic-array",
- "typenum",
-]
-
 [[package]]
 name = "cvss"
 version = "2.0.0"
@@ -449,36 +446,6 @@ dependencies = [
  "serde",
 ]
 
-[[package]]
-name = "digest"
-version = "0.10.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
-dependencies = [
- "block-buffer",
- "crypto-common",
-]
-
-[[package]]
-name = "dirs"
-version = "4.0.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ca3aa72a6f96ea37bbc5aa912f6788242832f75369bdfdadcb0e38423f100059"
-dependencies = [
- "dirs-sys",
-]
-
-[[package]]
-name = "dirs-sys"
-version = "0.3.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1b1d1d91c932ef41c0f2663aa8b0ca0342d444d842c06914aa0a7e352d0bada6"
-dependencies = [
- "libc",
- "redox_users",
- "winapi",
-]
-
 [[package]]
 name = "displaydoc"
 version = "0.2.5"
@@ -671,16 +638,6 @@ dependencies = [
  "slab",
 ]
 
-[[package]]
-name = "generic-array"
-version = "0.14.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a"
-dependencies = [
- "typenum",
- "version_check",
-]
-
 [[package]]
 name = "getrandom"
 version = "0.2.15"
@@ -761,7 +718,7 @@ dependencies = [
  "gix-utils",
  "itoa",
  "thiserror",
- "winnow 0.6.20",
+ "winnow",
 ]
 
 [[package]]
@@ -843,7 +800,7 @@ dependencies = [
  "smallvec",
  "thiserror",
  "unicode-bom",
- "winnow 0.6.20",
+ "winnow",
 ]
 
 [[package]]
@@ -1087,7 +1044,7 @@ dependencies = [
  "itoa",
  "smallvec",
  "thiserror",
- "winnow 0.6.20",
+ "winnow",
 ]
 
 [[package]]
@@ -1211,7 +1168,7 @@ dependencies = [
  "gix-utils",
  "maybe-async",
  "thiserror",
- "winnow 0.6.20",
+ "winnow",
 ]
 
 [[package]]
@@ -1243,7 +1200,7 @@ dependencies = [
  "gix-validate",
  "memmap2",
  "thiserror",
- "winnow 0.6.20",
+ "winnow",
 ]
 
 [[package]]
@@ -1499,18 +1456,6 @@ version = "0.3.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d231dfb89cfffdbc30e7fc41579ed6066ad03abda9e567ccafae602b97ec5024"
 
-[[package]]
-name = "hex"
-version = "0.4.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
-
-[[package]]
-name = "hex-literal"
-version = "0.4.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6fe2267d4ed49bc07b63801559be28c718ea06c4738b7a03c94df7386d2cde46"
-
 [[package]]
 name = "home"
 version = "0.5.9"
@@ -1908,7 +1853,7 @@ dependencies = [
  "rayon",
  "tar",
  "tempfile",
- "terminfo 0.9.0",
+ "terminfo",
  "tracing",
  "tracing-subscriber",
  "walkdir",
@@ -2079,23 +2024,21 @@ dependencies = [
 name = "obs-service-cargo"
 version = "4.0.2"
 dependencies = [
+ "blake3",
  "clap",
  "glob",
- "hex",
- "hex-literal",
  "libroast",
  "quick-xml",
  "rand",
  "reqwest",
  "rustsec",
  "serde",
- "sha2",
  "tempfile",
- "terminfo 0.8.0",
+ "terminfo",
  "test-log",
  "tokio",
  "tokio-test",
- "toml 0.7.8",
+ "toml",
  "tracing",
  "tracing-subscriber",
 ]
@@ -2407,17 +2350,6 @@ dependencies = [
  "bitflags",
 ]
 
-[[package]]
-name = "redox_users"
-version = "0.4.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43"
-dependencies = [
- "getrandom",
- "libredox",
- "thiserror",
-]
-
 [[package]]
 name = "regex"
 version = "1.11.1"
@@ -2623,7 +2555,7 @@ dependencies = [
  "tame-index",
  "thiserror",
  "time",
- "toml 0.8.19",
+ "toml",
  "url",
 ]
 
@@ -2748,17 +2680,6 @@ version = "1.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bbfa15b3dddfee50a0fff136974b3e1bde555604ba463834a7eb7deb6417705d"
 
-[[package]]
-name = "sha2"
-version = "0.10.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8"
-dependencies = [
- "cfg-if",
- "cpufeatures",
- "digest",
-]
-
 [[package]]
 name = "sharded-slab"
 version = "0.1.7"
@@ -2971,19 +2892,6 @@ dependencies = [
  "windows-sys 0.59.0",
 ]
 
-[[package]]
-name = "terminfo"
-version = "0.8.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "666cd3a6681775d22b200409aad3b089c5b99fb11ecdd8a204d9d62f8148498f"
-dependencies = [
- "dirs",
- "fnv",
- "nom",
- "phf",
- "phf_codegen",
-]
-
 [[package]]
 name = "terminfo"
 version = "0.9.0"
@@ -3191,18 +3099,6 @@ dependencies = [
  "tokio",
 ]
 
-[[package]]
-name = "toml"
-version = "0.7.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dd79e69d3b627db300ff956027cc6c3798cef26d22526befdfcd12feeb6d2257"
-dependencies = [
- "serde",
- "serde_spanned",
- "toml_datetime",
- "toml_edit 0.19.15",
-]
-
 [[package]]
 name = "toml"
 version = "0.8.19"
@@ -3212,7 +3108,7 @@ dependencies = [
  "serde",
  "serde_spanned",
  "toml_datetime",
- "toml_edit 0.22.22",
+ "toml_edit",
 ]
 
 [[package]]
@@ -3233,19 +3129,6 @@ dependencies = [
  "serde",
 ]
 
-[[package]]
-name = "toml_edit"
-version = "0.19.15"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1b5bb770da30e5cbfde35a2d7b9b8a2c4b8ef89548a7a6aeab5c9a576e3e7421"
-dependencies = [
- "indexmap",
- "serde",
- "serde_spanned",
- "toml_datetime",
- "winnow 0.5.40",
-]
-
 [[package]]
 name = "toml_edit"
 version = "0.22.22"
@@ -3256,7 +3139,7 @@ dependencies = [
  "serde",
  "serde_spanned",
  "toml_datetime",
- "winnow 0.6.20",
+ "winnow",
 ]
 
 [[package]]
@@ -3342,12 +3225,6 @@ dependencies = [
  "static_assertions",
 ]
 
-[[package]]
-name = "typenum"
-version = "1.17.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825"
-
 [[package]]
 name = "uluru"
 version = "3.1.0"
@@ -3683,15 +3560,6 @@ version = "0.52.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
 
-[[package]]
-name = "winnow"
-version = "0.5.40"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f593a95398737aeed53e489c785df13f3618e41dbcd6718c6addbf1395aa6876"
-dependencies = [
- "memchr",
-]
-
 [[package]]
 name = "winnow"
 version = "0.6.20"
diff --git a/cargo/Cargo.toml b/cargo/Cargo.toml
index 3d79616..5411030 100644
--- a/cargo/Cargo.toml
+++ b/cargo/Cargo.toml
@@ -15,12 +15,10 @@ glob.workspace = true
 tracing-subscriber.workspace = true
 tracing.workspace = true
 tempfile = "3.8"
-terminfo = "0.8"
-toml = "0.7"
+terminfo = "0.9"
+toml = "0.8"
 libroast.workspace = true
-hex-literal = "0.4.1"
-hex = "0.4.3"
-sha2 = "0.10"
+blake3 = "1"
 
 [lints]
 workspace = true
diff --git a/cargo/src/cargo_commands.rs b/cargo/src/cargo_commands.rs
index 459d25c..770de31 100644
--- a/cargo/src/cargo_commands.rs
+++ b/cargo/src/cargo_commands.rs
@@ -3,9 +3,6 @@ use std::io;
 use std::path::Path;
 use std::path::PathBuf;
 
-use sha2::Digest;
-use sha2::Sha256;
-
 #[allow(unused_imports)]
 use tracing::{debug, error, info, trace, warn, Level};
 
@@ -88,8 +85,8 @@ pub fn cargo_vendor(
     }
     let mut first_manifest = curdir.join("Cargo.toml");
     let mut lockfiles: Vec<PathBuf> = Vec::new();
-    let mut hasher1 = Sha256::default();
-    let mut hasher2 = Sha256::default();
+    let mut hasher1 = blake3::Hasher::new();
+    let mut hasher2 = blake3::Hasher::new();
     if !first_manifest.is_file() {
         warn!("⚠️ Root manifest seems to not exist. Will attempt to fallback to manifest paths.");
         if let Some(first) = &manifest_paths.first() {
@@ -193,8 +190,8 @@ pub fn cargo_vendor(
         let bytes = fs::read(&possible_lockfile)?;
         hasher2.update(&bytes);
     }
-    let hash1 = hex::encode(hasher1.finalize());
-    let hash2 = hex::encode(hasher2.finalize());
+    let hash1 = hasher1.finalize();
+    let hash2 = hasher2.finalize();
     if hash1 != hash2 {
         debug!(?hash1, ?hash2);
         warn!("⚠️ Lockfile has changed");
@@ -249,8 +246,8 @@ pub fn cargo_generate_lockfile(
 ) -> io::Result<String> {
     info!("🔓 💂 Running `cargo generate-lockfile`...");
     let mut has_update_value_changed = false;
-    let mut hasher1 = Sha256::default();
-    let mut hasher2 = Sha256::default();
+    let mut hasher1 = blake3::Hasher::new();
+    let mut hasher2 = blake3::Hasher::new();
     let mut default_options: Vec<String> = vec![];
     let manifest_path = PathBuf::from(&manifest);
     let manifest_path_parent = manifest_path.parent().unwrap_or(curdir);
@@ -276,8 +273,8 @@ pub fn cargo_generate_lockfile(
         let lockfile_bytes = fs::read(&possible_lockfile)?;
         hasher2.update(&lockfile_bytes);
     }
-    let hash1 = hex::encode(hasher1.finalize());
-    let hash2 = hex::encode(hasher2.finalize());
+    let hash1 = hasher1.finalize();
+    let hash2 = hasher2.finalize();
     if hash1 != hash2 {
         debug!(?hash1, ?hash2);
         warn!("⚠️ Lockfile has changed");