chore(deps): bump the cargo group across 1 directory with 4 updates

[dependabot]

Bumps the cargo group with 4 updates in the / directory: h2, mio, rustix and unsafe-libyaml.

Updates h2 from 0.4.2 to 0.4.5

Release notes

Sourced from h2's releases.

v0.4.5

What's Changed

• Fix race condition in connection termination by @​howardjohn in hyperium/h2#772
• Fix request pseudo-header construction for CONNECT & OPTION methods by @​mstyura in hyperium/h2#770
• Replace futures-util with atomic-waker and manual poll_fn by @​notgull in hyperium/h2#721

New Contributors

• @​trungda made their first contribution in hyperium/h2#762
• @​mstyura made their first contribution in hyperium/h2#771
• @​notgull made their first contribution in hyperium/h2#721

v0.4.4

Fixes

• Limit number of CONTINUATION frames for misbehaving connections.

See https://seanmonstar.com/blog/hyper-http2-continuation-flood/ for more info.

v0.4.3

What's Changed

• Fix flow control limits to not apply until receiving SETTINGS ack.
• Fix not returning an error if IO ended without close_notify.
• Improve performance of decoding many headers.

New Contributors

• @​smndtrl made their first contribution in hyperium/h2#751

Full Changelog: hyperium/h2@v0.4.2...v0.4.3

Changelog

Sourced from h2's changelog.

0.4.5 (May 17, 2024)

• Fix race condition that sometimes hung connections during shutdown.
• Fix pseudo header construction for CONNECT and OPTIONS requests.

0.4.4 (April 3, 2024)

• Limit number of CONTINUATION frames for misbehaving connections.

0.4.3 (March 15, 2024)

• Fix flow control limits to not apply until receiving SETTINGS ack.
• Fix not returning an error if IO ended without close_notify.
• Improve performance of decoding many headers.

Commits

• f161f7c v0.4.5
• 3c41151 Replace futures-util with atomic-waker and manual poll_fn (#721)
• c83b2d5 Fix request pseudo-header construction for CONNECT & OPTION methods (#770)
• ecb0095 chore(lib): fix unexpected cfg warning (#777)
• 092f3b3 examples: update to rustls 0.23
• be12983 Fix race condition in connection termination
• 0d66e3c readme: Added link to Tokio Discord. (#771)
• e2168de chore: add simple h2 benchmark (#762)
• 51fe05a v0.4.4
• e76bd74 fix: limit number of CONTINUATION frames allowed
• Additional commits viewable in compare view

Updates mio from 0.8.8 to 0.8.11

Changelog

Sourced from mio's changelog.

0.8.11

• Fix receiving IOCP events after deregistering a Windows named pipe (tokio-rs/mio#1760, backport pr: tokio-rs/mio#1761).

0.8.10

Added

• Solaris support (tokio-rs/mio#1724).

0.8.9

Added

• ESP-IDF framework support (tokio-rs/mio#1692).
• AIX operating system support (tokio-rs/mio#1704).
• Vita support (tokio-rs/mio#1721).
• {UnixListener,UnixStream}:bind_addr (tokio-rs/mio#1630).
• mio_unsupported_force_poll_poll and mio_unsupported_force_waker_pipe unsupported configuration flags to force a specific poll or waker implementation (tokio-rs/mio#1684, tokio-rs/mio#1685, tokio-rs/mio#1692).

Fixed

• The pipe(2) based waker (swapped file descriptors) (tokio-rs/mio#1722).
• The duplicate waker check to work correctly with cloned Registrys. (tokio-rs/mio#1706).

Commits

• 0328bde Release v0.8.11
• 7084498 Fix warnings
• 90d4fe0 named-pipes: fix receiving IOCP events after deregister
• c710a30 Add v0.8.x to the CI
• c29e21c Release v0.8.10
• f6a20da Add Solaris operating system support (#1724)
• e80c3b2 Release v0.8.9
• 862786b Fix importing of IoSourceState
• 4034872 Add support for vita target
• 8eb4010 Fix receiver and sender fd in pipe based waker
• Additional commits viewable in compare view

Updates rustix from 0.37.3 to 0.37.27

Release notes

Sourced from rustix's releases.

0.37.20

• Fix decoding of abstract unix sockets (#661)
• Fix the fstat/statat/etc. fallback when statx fails with EPERM. (#666)
• Add a rustix::pty module. (#673)
• process: Add aliaseses for parent_process_death_signal (#677)
• Fix panic on dropping RecvAncillaryBuffer after failed recvmsg (#676)

0.37.19

What's Changed

• Fix no-std builds for MacOS and BSDs by @​niluxv in bytecodealliance/rustix#647
• Make linkat, unlinkat, and renameat weak on macos. by @​sunfishcode in bytecodealliance/rustix#649

Full Changelog: bytecodealliance/rustix@v0.37.18...v0.37.19

Commits

• b38dc51 chore: Release rustix version 0.37.27
• a2d9c8e Fix p{read,write}v{,v2}'s encoding of the offset argument on Linux. (#896) (#...
• dce2777 chore: Release rustix version 0.37.26
• 06dbe83 Fix sendmsg_unix's address encoding. (#885) (#886)
• 00b84d6 chore: Release rustix version 0.37.25
• cad15a7 Fixes for Dir on macOS, FreeBSD, and WASI.
• df3c3a1 Merge pull request from GHSA-c827-hfw6-qwvm
• b78aeff chore: Release rustix version 0.37.24
• c0c3f01 Add GNU/Hurd support (#852)
• f416b6b Fix the test_ttyname_ok test when /dev/stdin is inaccessable. (#821)
• Additional commits viewable in compare view

Updates unsafe-libyaml from 0.2.5 to 0.2.11

Release notes

Sourced from unsafe-libyaml's releases.

0.2.11

• Fix quadratic parse time for YAML containing deeply nested flow collections (#26)

0.2.10

• Fix write to improperly aligned pointer in 32-bit targets (#21)

0.2.9

• Documentation improvements

0.2.8

No release notes provided.

0.2.7

• Adding support for emitting Unicode characters over codepoint U+FFFF (#20)

0.2.6

• Documentation improvements

Commits

• a7b8d1f Release 0.2.11
• 7c42792 Merge pull request #27 from dtolnay/simplekeys
• eb7de7e Fix quadratic behavior in yaml_parser_fetch_more_tokens
• 7440d58 Merge pull request #25 from jayvdb/typos
• b3496ce fix typos
• 63131f5 Explicitly disable unsafe_op_in_unsafe_fn lint
• 61f3ab8 Release 0.2.10
• d90d7ab Clean up some redundant casts
• 7755559 Merge pull request #24 from dtolnay/mallocalign
• b8a0863 Fix insufficient alignment of malloc's return value on 32-bit
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.