build(deps): bump tower-http from 0.3.4 to 0.3.5

[dependabot]

Bumps tower-http from 0.3.4 to 0.3.5.

Release notes

Sourced from tower-http's releases.

v0.3.5

Added

• Add NormalizePath middleware (#275)
• Add ValidateRequest middleware (#289)
• Add RequestBodyTimeout middleware (#303)

Changed

• Bump Minimum Supported Rust Version to 1.60 (#299)

Fixed

• trace: Correctly identify gRPC requests in default on_response callback (#278)
• cors: Panic if a wildcard (*) is passed to AllowOrigin::list. Use AllowOrigin::any() instead (#285)
• serve_dir: Call the fallback on non-uft8 request paths (#310)

#275: tower-rs/tower-http#275 #278: tower-rs/tower-http#278 #285: tower-rs/tower-http#285 #289: tower-rs/tower-http#289 #299: tower-rs/tower-http#299 #303: tower-rs/tower-http#303 #310: tower-rs/tower-http#310

Commits

• ffcdec5 Release 0.3.5 (#311)
• 49fc4d1 Call ServeDir's fallback on non-uft8 request paths (#310)
• b41401a Make sure all changelog entries have PR links
• 69b6f47 Update axum version in example (#305)
• 7228784 Bump MSRV to 1.60 (#306)
• 618a765 Timeout on body (#303)
• ff7cfc9 Fix implementation of CorsLayer::very_permissive (#298)
• 833820f Bump MSRV to 1.56 (#299)
• aeb6e91 Fix sensitive value leak (#294)
• 080caea Add layer to validate requests (#289)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[saschagrunert]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dependabot[bot], saschagrunert

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [saschagrunert]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[saschagrunert]

@dependabot rebase

[saschagrunert]

/lgtm

[saschagrunert]

@dependabot rebase

[saschagrunert]

/lgtm

[saschagrunert]

@dependabot rebase

[saschagrunert]

/lgtm

[codecov-commenter]

Codecov Report

Merging #941 (291daa8) into main (6951946) will decrease coverage by 0.08%.
The diff coverage is n/a.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #941      +/-   ##
==========================================
- Coverage   32.95%   32.86%   -0.09%     
==========================================
  Files          13       13              
  Lines        1138     1138              
  Branches      427      430       +3     
==========================================
- Hits          375      374       -1     
  Misses        493      493              
- Partials      270      271       +1