chore(deps): bump miniscript from 10.2.0 to 13.0.0

[dependabot]

Bumps miniscript from 10.2.0 to 13.0.0.

Changelog

Sourced from miniscript's changelog.

13.0.0 - October 22, 2025

This release is a pretty big one and includes several significant refactors:

• Eliminate recursion throughout (most of) the library, by writing iterative algorithms. Includes many small bugfixes.
• Eliminate many of the stringly typed errors; refactor PolicyError
• Rewrite the Taproot API based on feedback from Mike Tidwell's development of the "Capture the Bitcoin" competition at TABConf 6. (See #766.)

The full changelog:

• remove Ctx::check_witness and replace Miniscript::parse_insane with Miniscript::decode_consensus #871
• refactor data structures in the typechecker and fix some issues around thresholds #859
• fix multiple bugs in size estimation and limit enforcement for descriptors with uncompressed keys #849
• fix size estimation for Taproot control blocks in satisfactions #858
• Extend GetKey impls and fix some bugs #851 #861 #862 #863 (backport in #860)
• improve decoder from Script implementation and error type; rename parse_with_ext to decode_with_ext #845
• enforce that xpubs in descriptors have the same network #848
• fix malleability behavior in Taproot satisfier #826
• Fix DefiniteDescriptorKey::new to forbid multipath keys and hardened derivations (which would cause assertion failures) #830 #839 (backports in #831 #832 #833 #833)
• add Descriptor::iter_pk to iterate over pubkeys in an arbitrary descriptor #823
• satisfy: pass public key to lookup_tap_key_spend_sig to remind satisfier of the keyspend key #827
• plan: remove unused AssetProvider::provider_lookup_tap_control_block_map from trait #826
• Add conversions from XOnlyPublicKey to rust-miniscript descriptor keytypes #818 (backport in #819)
• Fix crash in parse_descriptor

... (truncated)

Commits

• 8990b63 Merge rust-bitcoin/rust-miniscript#870: release 13.0.0
• 8aae18c create massive changelog for 13.0
• 609d4fb Merge rust-bitcoin/rust-miniscript#871: Remove a bit of validation-related cruft
• bd8fca6 miniscript: replace decode_with_ext(., Ext::allow_all) with decode_consensus
• 3dd006a miniscript: remove Ctx::check_witness
• 6c723ed Merge rust-bitcoin/rust-miniscript#859: typeck: clean up data structures
• 1fafde2 Merge rust-bitcoin/rust-miniscript#866: chore: correct typos across files
• 646d79d chore: correct typos across files
• 1179ea2 Merge rust-bitcoin/rust-miniscript#863: fix(keymap): use correct `derivation_...
• 2f72b27 fix(keymap): use correct derivation_path for keys with origin
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.