build(deps): bump the http group across 1 directory with 6 updates

[dependabot]

Bumps the http group with 6 updates in the / directory:

Package	From	To
hyper	0.14.32	1.6.0
tower-http	0.5.2	0.6.6
tower	0.3.1	0.5.2
tokio-tungstenite	0.26.2	0.27.0
rustls-cng	0.5.3	0.6.0
rustls	0.23.28	0.23.29

Updates hyper from 0.14.32 to 1.6.0

Release notes

Sourced from hyper's releases.

v1.6.0

Features

• ext: add ext::on_informational() callback extension (#3818) (8ce1fcfa, closes #2565)
• server: add http1::Builder::ignore_invalid_headers(bool) option (#3824) (3817a79b)

Bug Fixes

• server:
  • start http1 header read timeout when conn is idle (#3828) (10b09ffc, closes #3780, #3781)
  • change max_local_error_reset_streams function to &mut self (#3820) (e981a91e)

Breaking Changes

• http2::Builder::max_local_error_reset_streams() now takes &mut self and returns &mut Self. In practice, this shouldn't break almost anyone. It was the wrong receiver and return types. (e981a91e)

New Contributors

• @​finnbear made their first contribution in hyperium/hyper#3820

Thanks

• @​GlenDC
• @​tottoto
• @​seanmonstar

Full Changelog: hyperium/hyper@v1.5.2...v1.6.0

v1.5.2

Bug Fixes

• http1:
  • fix intermitent panic parsing partial headers (#3812) (a131111f, closes #3811)
  • skip debug assertion of content length for HEAD responses (#3795) (eaf2267c, closes #3794)

Features

• ffi: (unstable) add cargo-c support (#3787) (7f4a6826, closes #3786)

New Contributors

• @​23doors made their first contribution in hyperium/hyper#3795
• @​ionionascu made their first contribution in hyperium/hyper#3799
• @​linyihai made their first contribution in hyperium/hyper#3800
• @​suzp1984 made their first contribution in hyperium/hyper#3807

Thanks

• @​seanmonstar

Full Changelog: hyperium/hyper@v1.5.1...v1.5.2

... (truncated)

Changelog

Sourced from hyper's changelog.

v1.6.0 (2025-01-28)

Bug Fixes

• server:
  • start http1 header read timeout when conn is idle (#3828) (10b09ffc, closes #3780, #3781)
  • change max_local_error_reset_streams function to &mut self (#3820) (e981a91e)

Features

• ext: add ext::on_informational() callback extension (#3818) (8ce1fcfa, closes #2565)
• server: add http1::Builder::ignore_invalid_headers(bool) option (#3824) (3817a79b)

Breaking Changes

• http2::Builder::max_local_error_reset_streams() now takes &mut self and returns &mut Self. In practice, this shouldn't break almost anyone. It was the wrong receiver and return types. (e981a91e)

v1.5.2 (2024-12-16)

Bug Fixes

• http1:
  • fix intermitent panic parsing partial headers (#3812) (a131111f, closes #3811)
  • skip debug assertion of content length for HEAD responses (#3795) (eaf2267c, closes #3794)

Features

• ffi: add cargo-c support (#3787) (7f4a6826, closes #3786)

v1.5.1 (2024-11-19)

Bug Fixes

• http2:
  • pass proper value to h2 max_local_error_reset_streams (4a20147a)
  • improve graceful shutdown during handshake (#3729) (13b05943)

v1.5.0 (2024-10-15)

... (truncated)

Commits

• 621d8e4 v1.6.0
• 83f4588 chore(LICENSE): update copyright year
• 10b09ff fix(server): start http1 header read timeout when conn is idle (#3828)
• 8ce1fcf feat(ext): add ext::on_informational() callback extension (#3818)
• de28b0e chore(ci): use msrv aware dependency resolver (#3831)
• 5baf537 chore(ci): use yq to get rust-version in manifest (#3829)
• 3817a79 feat(server): add http1::Builder::ignore_invalid_headers(bool) option (#3824)
• e981a91 fix(server): change max_local_error_reset_streams function to &mut self (...
• 30f2961 v1.5.2
• a131111 fix(http1): fix intermitent panic parsing partial headers (#3812)
• Additional commits viewable in compare view

Updates tower-http from 0.5.2 to 0.6.6

Release notes

Sourced from tower-http's releases.

tower-http-0.6.6

Fixed

• compression: fix panic when looking in vary header (#578)

#578: tower-rs/tower-http#578

New Contributors

• @​sulami made their first contribution in tower-rs/tower-http#578

Full Changelog: tower-rs/tower-http@tower-http-0.6.5...tower-http-0.6.6

tower-http-0.6.5

Added

• normalize_path: add append_trailing_slash() mode (#547)

Fixed

• redirect: remove payload headers if redirect changes method to GET (#575)
• compression: avoid setting vary: accept-encoding if already set (#572)

#547: tower-rs/tower-http#547 #572: tower-rs/tower-http#572 #575: tower-rs/tower-http#575

New Contributors

• @​daalfox made their first contribution in tower-rs/tower-http#547
• @​mherrerarendon made their first contribution in tower-rs/tower-http#574
• @​linyihai made their first contribution in tower-rs/tower-http#575

Full Changelog: tower-rs/tower-http@tower-http-0.6.4...tower-http-0.6.5

tower-http 0.6.4

Added

• decompression: Support HTTP responses containing multiple ZSTD frames (#548)
• The ServiceExt trait for chaining layers onto an arbitrary http service just like ServiceBuilderExt allows for ServiceBuilder (#563)

Fixed

• Remove unnecessary trait bounds on S::Error for Service impls of RequestBodyTimeout<S> and ResponseBodyTimeout<S> (#533)
• compression: Respect is_end_stream (#535)
• Fix a rare panic in fs::ServeDir (#553)
• Fix invalid content-lenght of 1 in response to range requests to empty files (#556)
• In AsyncRequireAuthorization, use the original inner service after it is

... (truncated)

Commits

• 635692d v0.6.6
• 359d997 Fix an indexing panic in compression (#578)
• 24c0f0b refactor: slightly reduce use of futures-util (#577)
• 51723d4 v0.6.5
• 0187232 feat(compression): avoid setting Vary: Accept-Encoding when already set (#572)
• f64fbe6 fix(redirect): Removed headers after empty payload set. (#575)
• 7388e76 docs: Clarify TimeoutBody is a timeout per frame, not total (#574)
• 86615aa normalize_path: Add Append mode (#547)
• fa8848e Release v0.6.4 (#568)
• 2608a51 Make type inference work for ServiceExt (#566)
• Additional commits viewable in compare view

Updates tower from 0.3.1 to 0.5.2

Release notes

Sourced from tower's releases.

tower 0.5.2

Added

• util: Add BoxCloneSyncService which is a Clone + Send + Sync boxed Service (#777)
• util: Add BoxCloneSyncServiceLayer which is a Clone + Send + Sync boxed Layer (#802)

tower 0.5.1

• Fix minimum version of tower-layer dependency (#787)

#787: tower-rs/tower#787

tower 0.5.0

Fixed

• util: BoxService is now Sync (#702)

Changed

• util: Removed deprecated ServiceExt::ready_and method and ReadyAnd future (#652)
• retry: Breaking Change retry::Policy::retry now accepts &mut Req and &mut Res instead of the previous mutable versions. This increases the flexibility of the retry policy. To update, update your method signature to include mut for both parameters. (#584)
• retry: Breaking Change Change Policy to accept &mut self (#681)
• retry: Add generic backoff utilities (#685)
• retry: Add Budget trait. This allows end-users to implement their own budget and bucket implementations. (#703)
• reconnect: Breaking Change Remove unused generic parameter from Reconnect::new (#755)
• ready-cache: Allow iteration over ready services (#700)
• discover: Implement Clone for Change (#701)
• util: Add a BoxCloneServiceLayer (#708)
• rng: use a simpler random 2-sampler (#716)
• filter: Derive Clone for AsyncFilterLayer (#731)
• general: Update IndexMap (#741)
• MSRV: Increase MSRV to 1.63.0 (#741)

#702: tower-rs/tower#702 #652: tower-rs/tower#652 #584: tower-rs/tower#584 #681: tower-rs/tower#681 #685: tower-rs/tower#685 #703: tower-rs/tower#703 #755: tower-rs/tower#755 #700: tower-rs/tower#700 #701: tower-rs/tower#701 #708: tower-rs/tower#708 #716: tower-rs/tower#716 #731: tower-rs/tower#731 #741: tower-rs/tower#741

tower 0.4.13

Added

... (truncated)

Commits

• 7dc533e tower v0.5.2
• a09fd97 chore: fix dead code warning for 'Sealed' trait and 'sample_floyd2' func (#799)
• f57e31b Add util::BoxCloneSyncServiceLayer (#802)
• da24532 Add util::BoxCloneSyncService (#777)
• 6283f3a Upgrade http and sync_wrapper dependencies (#788)
• 7155101 Prepare release of v0.5.1 (#791)
• b2c48b4 Bump dependency on tower-layer (#787)
• fec9e55 tower-layer: drop versions from dev dependencies (#782)
• 646804d chore: prepare to release tower-0.5.0, tower-layer-0.3.3, tower-service-0.3.3...
• 7202cfe chore: fix a few typos (#780)
• Additional commits viewable in compare view

Updates tokio-tungstenite from 0.26.2 to 0.27.0

Changelog

Sourced from tokio-tungstenite's changelog.

0.27.0

• See performance updates in tungstenite-rs.

Commits

• e855f9e Fix errors in the examples caused by Utf8Error
• 21c5d19 Bump version
• fbd1471 Update performance notes in README
• See full diff in compare view

Updates rustls-cng from 0.5.3 to 0.6.0

Commits

• c96b7fa Removed unused early-data feature
• 0ae70b2 Added support for silent flag
• c377b43 address comments
• 5c3a9fb cargo fmt change
• 24a8398 modify as_chain_der()
• 0a6098b revert back as_chain_der() parameter change
• c54087a added local machine and no-root supprot for as_chain_der()
• 130765e cargo fmt change
• a5a3544 use BCryptHash in hash()
• 6dd8cd7 added sha256 support
• See full diff in compare view

Updates rustls from 0.23.28 to 0.23.29

Commits

• 4e0b5fe Bump version to 0.23.29
• b854079 Propagate context for webpki signature algorithm errors
• c84675e key_schedule: minimise lifetime of resumption secret
• 788b0df key_schedule: erase master secret in traffic state
• d2c64f0 key_schedule: separate ops not using current secret
• e5998cd key_schedule: add state for derivations before finish
• 9620bec tls13::key_schedule: move KeySchedule struct down
• 373ad88 tls13::key_schedule: move SecretKind down
• efa2066 Improve compactness of Debug impl for extensions
• a5433a1 Correct calculation of ServerHello ECH confirmation
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.