build(deps): bump the crates-io group with 4 updates

[dependabot]

Bumps the crates-io group with 4 updates: rustls, tempfile, webpki-roots and x509-parser.

Updates rustls from 0.23.21 to 0.23.22

Commits

• 784b873 Further defend ChunkVecBuffer::prefix_used invariant
• 200d566 Re-privatize ChunkVecBuffer::consume() and defend misuse
• a5d8a6b Detect ChunkVecBuffer::consume larger than length
• d978e2f chore(deps): update rust crate x509-parser to 0.17
• 43c2336 Detect illegal HRR if X25519 offered as secondary kx
• 2551558 Increase accuracy of when to include second keyshare
• 50d1acd Add X25519MLKEM768 to features documentation
• bf663b6 Move crypto::aws_lc_rs::pq docs into manual
• e883143 Bump rustls 0.23.22, rustls-post-quantum 0.2.2
• c7a86de Add post-quantum key exchange algorithm to defaults
• Additional commits viewable in compare view

Updates tempfile from 3.15.0 to 3.16.0

Changelog

Sourced from tempfile's changelog.

3.16.0

• Update getrandom to 0.3.0 (thanks to @​paolobarbolini).
• Allow windows-sys versions 0.59.x in addition to 0.59.0 (thanks @​ErichDonGubler).
• Improved security documentation (thanks to @​n0toose for collaborating with me on this).

Commits

• 6ecd9f1 chore: release 3.16.0
• 3693c01 build: upgrade getrandom to v0.3.0 (#320)
• a4596e5 build: allow windows-sys 0.59 (#319)
• 3ac6d4e chore: fix clippy lifetime warning (#318)
• 3a722e8 docs: improve & expand security documentation (#317)
• See full diff in compare view

Updates webpki-roots from 0.26.7 to 0.26.8

Release notes

Sourced from webpki-roots's releases.

0.26.8

Upstream changes

• Add "D-TRUST EV Root CA 2 2023" ref. https://bugzilla.mozilla.org/show_bug.cgi?id=1836258

• Add "D-TRUST BR Root CA 2 2023" ref. https://bugzilla.mozilla.org/show_bug.cgi?id=1836258

• Remove "SwissSign Silver CA – G2" ref. https://bugzilla.mozilla.org/show_bug.cgi?id=1915902

What's Changed

• ci: use persist-credentials: false throughout by @​cpu in rustls/webpki-roots#86
• build(deps): update x509-parser requirement from 0.16.0 to 0.17.0 by @​dependabot in rustls/webpki-roots#89
• webpki-(roots|root-certs): v0.26.7 -> v0.26.8, Jan CCADB updates by @​cpu in rustls/webpki-roots#90

Full Changelog: rustls/webpki-roots@v/0.26.7...v/0.26.8

Commits

• 32504ae webpki-(roots|root-certs): v0.26.7 -> v0.26.8
• 9a8498a jan 30th upstream ccadb updates
• ba9f97a build(deps): update x509-parser requirement from 0.16.0 to 0.17.0
• bd621fa ci: use persist-credentials: false throughout
• See full diff in compare view

Updates x509-parser from 0.16.0 to 0.17.0

Changelog

Sourced from x509-parser's changelog.

0.17.0

Added/Changed/Fixed

Global:

• Upgrade asn1-rs to version 0.6.2. (#161)
• Update asn1-rs to 0.7, der-parser to 10.0 and oid-registry to 0.8
• Upgrade time to 0.3.35 to make the crate compatible with rust >1.79.0 (#168, #175)
• Update MSRV to 1.67 (due to time 0.3.35, see #168)
• Add Visitor traits for X.509 Certificates and Certificate Revocation Lists (#179)

Code:

• Add support for RSA-PSS signature verification (#156)
• ASN1Time: store the kind of time (UTC or Generalized) in ASN1Time (#163)
• X509StructureValidator: add validation for dates encoding (#163)
• X509StructureValidator: enforce version > 1 for issuerUniqueID or subjectUniqueID (Closes #162)

Thanks

• Daniel McCarney, DefiCake, Victor M. Alvarez, Nikolaus Thuemmel

Commits

• eb3adc5 Add missing files to manifest
• 958f01c Prepare release 0.17.0
• 13ce91c Re-export asn1-rs
• 60c6662 Improve the visitor trait for Certificate Revocation List
• daabf02 Improve the visitor trait for X.509 Certificates
• 6294270 Add initial version of X509CertificateVisitor trait
• 9665f0c Update MSRV to 1.67.1 (due to time-macros v0.2.19)
• baa9e40 Update MSRV to 1.67 (due to time 0.3.35, see #168)
• c2825d0 Merge branch 'DefiCake-deficake/upgrade-time'
• 6d1e0d4 Merge branch 'master' into deficake/upgrade-time
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml