Bump the cargo group with 40 updates

[dependabot]

Bumps the cargo group with 40 updates:

Package	From	To
clap_complete	4.6.2	4.6.5
tracing-forest	0.1.6	0.2.0
hashbrown	0.17.0	0.17.1
jiff	0.2.24	0.2.25
filetime	0.2.27	0.2.29
maybe-async	0.2.10	0.2.11
reqwest	0.13.2	0.13.4
dashmap	6.1.0	6.2.1
sysinfo	0.38.4	0.39.2
serde_json	1.0.149	1.0.150
open	5.3.4	5.3.5
autocfg	1.5.0	1.5.1
aws-lc-rs	1.16.3	1.17.0
aws-lc-sys	0.40.0	0.41.0
bumpalo	3.20.2	3.20.3
cc	1.2.61	1.2.62
core-foundation	0.10.1	0.9.4
crc-catalog	2.4.0	2.5.0
curl-sys	0.4.87+curl-8.19.0	0.4.88+curl-8.20.0
either	1.15.0	1.16.0
h2	0.4.13	0.4.14
hickory-proto	0.25.2	0.26.1
hickory-resolver	0.25.2	0.26.1
http	1.4.0	1.4.1
human_format	1.1.0	1.2.1
hybrid-array	0.4.11	0.4.12
idna_adapter	1.2.1	1.2.2
jiff-static	0.2.24	0.2.25
jni	0.21.1	0.22.4
jni-sys	0.3.1	0.4.1
log	0.4.29	0.4.30
num-conv	0.2.1	0.2.2
rsqlite-vfs	0.1.0	0.1.1
rustls-platform-verifier	0.6.2	0.7.0
shlex	1.3.0	2.0.1
sqlite-wasm-rs	0.5.3	0.5.5
tokio	1.52.1	1.52.3
tower-http	0.6.8	0.6.11
winnow	1.0.2	1.0.3
zerofrom	0.1.7	0.1.8

Updates clap_complete from 4.6.2 to 4.6.5

Commits

• c8c9355 chore: Release
• af74def docs: Update changelog
• c96f222 Merge pull request #6368 from truffle-dev/fix/fish-env-escaping
• 49a05cd fix(complete): Two-pass quote fish env-completer
• e791004 test(complete): Snapshot fish env quoting cases
• 87ec1ad chore: Release
• 78f2529 docs: Update changelog
• b61f270 Merge pull request #6369 from Metbcy/fix/zsh-completion-ordering
• 74c6666 fix(complete): Keep zsh candidate order
• d142d8f Merge pull request #6360 from epage/string
• Additional commits viewable in compare view

Updates tracing-forest from 0.1.6 to 0.2.0

Commits

• See full diff in compare view

Updates hashbrown from 0.17.0 to 0.17.1

Release notes

Sourced from hashbrown's releases.

v0.17.1

Added

• Added HashMap::rustc_try_insert (#722)

Changelog

Sourced from hashbrown's changelog.

0.17.1 - 2026-04-20

Added

• Added HashMap::rustc_try_insert (#722)

Commits

• c62a63a chore: release v0.17.1
• 420e83b Merge pull request #722 from cuviper/rustc_try_insert
• 51cecbd Move the RustcOccupiedError note as requested in review
• 16d0f37 Add HashMap::rustc_try_insert
• 18a04c5 Merge pull request #721 from clarfonthey/branch-rename
• ee8a0ee Rename master to main in release-plz workflow
• 147df65 Merge pull request #720 from xtqqczze/authors
• 64a0acb Remove package.authors field from Cargo metadata
• 867db72 Merge pull request #716 from atouchet/rdm
• 57b760b Update Readme
• Additional commits viewable in compare view

Updates jiff from 0.2.24 to 0.2.25

Changelog

Sourced from jiff's changelog.

0.2.25 (2026-05-24)

This release updates Jiff's bundled copy of the [IANA Time Zone Database] to 2026b. See the 2026b release announcement for more details.

Commits

• 48a9292 0.2.25
• bf930e0 jiff-tzdb: update to tzdb 2026b
• 7908951 scripts: add some bash scripts for doing a tzdb update
• 170a0d6 readme: add a note about jiff::fmt with respect to performance
• See full diff in compare view

Updates filetime from 0.2.27 to 0.2.29

Commits

• ab5ee65 Bump to 0.2.29
• 46c34ef Try to fix updating write-only files (#122)
• b10e535 Bump to 0.2.28
• 646bce9 Update README
• 190eafe Add QNX Neutrino (nto) to utimensat platform list (#120)
• 13d4570 Use the standard library for most of the crate (#121)
• 75abafa impl From<FileTime> for SystemTime (#119)
• 06a6f24 use libc::UTIME_OMIT (#117)
• See full diff in compare view

Updates maybe-async from 0.2.10 to 0.2.11

Changelog

Sourced from maybe-async's changelog.

0.2.11 (2026-05-15)

Features

• AFIT: rewrite impl Future / Pin<Box<dyn Future>> return types in sync mode (07d5a96)

Commits

• 9f7869c chore(release): 0.2.11
• 5b709ac test: fix test error for bad sync cond
• 07d5a96 feat(AFIT): rewrite impl Future / Pin\<Box<dyn Future>> return types in sy...
• b32a817 ci: update github actions
• See full diff in compare view

Updates reqwest from 0.13.2 to 0.13.4

Release notes

Sourced from reqwest's releases.

v0.13.4

tl;dr

• Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.
• Add ClientBuilder::http2_keep_alive_* options for the blocking client.
• Add TLS 1.3 support when using native-tls backend.
• Fix redirect handling to strip sensitive headers when the scheme changes.
• Fix HTTP/3 happy-eyeball connection creation.
• Upgrade hickory-resolver to 0.26.

What's Changed

• fix(tls): improve rustls-no-provider panic message and add module docs by @​smythg4 in seanmonstar/reqwest#3021
• fix: do not lose the url in error when decoding json by @​Dushistov in seanmonstar/reqwest#3026
• Add tls_sslkeylogfile builder method by @​passcod in seanmonstar/reqwest#2923
• fix(redirect): strip sensitive headers on scheme change across redirects by @​SAY-5 in seanmonstar/reqwest#3034
• chore: upgrade MSRV to 1.85 by @​seanmonstar in seanmonstar/reqwest#3038
• chore: clean up minimal-versions CI job by @​seanmonstar in seanmonstar/reqwest#3039
• fix(http3): use happy eyeballs for h3 connect by @​lyuzichong in seanmonstar/reqwest#3030
• fix: update hickory-resolver to 0.26 and adjust code accordingly by @​seanmonstar in seanmonstar/reqwest#3040
• fix: remove unwrap in hickory initialization by @​mat813 in seanmonstar/reqwest#3041
• feat(https): support TLS 1.3 as min version under native-tls 🎉 by @​AverageHelper in seanmonstar/reqwest#2975
• Expose keep alive configurations in blocking client by @​aeb-dev in seanmonstar/reqwest#3043
• Prepare v0.13.4 by @​seanmonstar in seanmonstar/reqwest#3046

New Contributors

• @​smythg4 made their first contribution in seanmonstar/reqwest#3021
• @​Dushistov made their first contribution in seanmonstar/reqwest#3026
• @​SAY-5 made their first contribution in seanmonstar/reqwest#3034
• @​mat813 made their first contribution in seanmonstar/reqwest#3041
• @​AverageHelper made their first contribution in seanmonstar/reqwest#2975
• @​aeb-dev made their first contribution in seanmonstar/reqwest#3043

Full Changelog: seanmonstar/reqwest@v0.13.3...v0.13.4

v0.13.3

tl;dr

• Fix CertificateRevocationList parsing of PEM values.
• Fix logging in resolver to only show host, not full URL.
• Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
• Fix HTTP/3 to handle STOP_SENDING as not an error.
• Fix HTTP/3 pool to remove timed out QUIC connections.
• Fix HTTP/3 connection establishment picking IPv4 and IPv6.
• Upgrade rustls-platform-verifier.
• (wasm) Only use wasm-bindgen on unknown-* targets.

What's Changed

• Update docs.rs Features by @​JamesWiresmith in seanmonstar/reqwest#2961
• fix: fallback to hickory_resolver's default config if reading /etc/resolv.conf fails by @​monosans in seanmonstar/reqwest#2797
• fix: remove timeout con by @​cuiweixie in seanmonstar/reqwest#2967
• http3: handle stop_sending without error by @​anuraaga in seanmonstar/reqwest#2978

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.13.4

• Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.
• Add ClientBuilder::http2_keep_alive_* options for the blocking client.
• Add TLS 1.3 support when using native-tls backend.
• Fix redirect handling to strip sensitive headers when the scheme changes.
• Fix HTTP/3 happy-eyeball connection creation.
• Upgrade hickory-resolver to 0.26.

v0.13.3

• Fix CertificateRevocationList parsing of PEM values.
• Fix logging in resolver to only show host, not full URL.
• Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
• Fix HTTP/3 to handle STOP_SENDING as not an error.
• Fix HTTP/3 pool to remove timed out QUIC connections.
• Fix HTTP/3 connection establishment picking IPv4 and IPv6.
• Upgrade rustls-platform-verifier.
• (wasm) Only use wasm-bindgen on unknown-* targets.

Commits

• 11489b3 v0.13.4
• d31ffbb feat: Expose HTTP2 keep alive configurations in blocking client (#3043)
• 79ed0d7 feat: support TLS 1.3 as min version under native-tls 🎉 (#2975)
• fb7bf6a fix: remove unwrap in hickory initialization (#3041)
• 3da616f fix: update hickory-resolver to 0.26 and adjust code accordingly (#3040)
• c77e7b2 fix(http3): use happy eyeballs for h3 connect (#3030)
• 9cbb65b chore: clean up minimal-versions CI job (#3039)
• 17a7dc5 chore: upgrade MSRV to 1.85 (#3038)
• 03db63a fix(redirect): strip sensitive headers on scheme change across redirects (#3034)
• 4b813a8 feat: add tls_sslkeylogfile builder method (#2923)
• Additional commits viewable in compare view

Updates dashmap from 6.1.0 to 6.2.1

Release notes

Sourced from dashmap's releases.

v6.2.1

This is an interim maintenance release for the existing v6 branch before v7 can be released. This bumps the MSRV to 1.85 and updates dependencies to their latest versions.

Commits

• 749ed1f v6.2.1
• d02b945 v6.2.0
• b983625 update dependencies
• 94a294a bump msrv to 1.85
• See full diff in compare view

Updates sysinfo from 0.38.4 to 0.39.2

Changelog

Sourced from sysinfo's changelog.

0.39.2

• Windows: Greatly improve performance of System::refresh_cpu_specifics when CPU usage is not requested.
• iOS: Fix compilation error when user feature is enabled.
• Linux: Correctly set thread information for processes.

0.39.1

• Linux: Fix wrong network numbers computation.

0.39.0

• Update minimum supported rust version to 1.95.
• Add new NetworkData::operational_state API.
• Add new Process::cgroup_limits API (only returning data on Linux).
• All supported systems other than Windows: Improve performance of Networks::refresh*.
• All supported systems other than Windows: Fix soundness issue when retrieving users.
• Linux: Take into account parent cgroup memory limits.
• Linux: Fix panic when retrieving process information on ESXi.
• FreeBSD: Use the name of dataset as name for zfs disks.

Commits

• c43234a Update crate version to 0.39.2
• b71467e Update CHANGELOG for 0.39.2 version
• 345915a Improve code readability
• 35f3c18 Fix fmt and clippy
• 4bf1fe4 Windows: skip PDH setup when cpu_usage isn't requested (#1664)
• 2be72d7 Stub get_users on iOS via app_store::users
• c725c09 linux: fix detect thread entries in ProcessesToUpdate::All mode
• 6e883a3 Update CHANGELOG and crate version to 0.39.1
• a45d38a Merge pull request #1659 from isaidsari/fix/linux-network-buffer-truncation
• ee9cd3b Merge pull request #1655 from GuillaumeGomez/update
• Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Updates open from 5.3.4 to 5.3.5

Release notes

Sourced from open's releases.

v5.3.5

Bug Fixes

• delegate to winebrowser under Wine When running a Windows-targeted binary under Wine, open requests previously fell back to Wine's bundled explorer.exe, which lacks proper host desktop integration.

  This change detects the Wine environment at runtime (via WINEPREFIX, WINELOADER, or WINEDEBUG) and prepends a winebrowser command to the launcher list. winebrowser is Wine's official utility for forwarding file/URL requests to the host OS's default handler (e.g., xdg-open on Linux, open on macOS).

  If winebrowser is unavailable or fails, the existing cmd /c start fallback is used automatically, preserving backward compatibility. No public API changes or compile-time flags are introduced.

Commit Statistics

• 3 commits contributed to the release.
• 22 days passed between releases.
• 1 commit was understood as conventional.
• 0 issues like '(#ID)' were seen in commit messages

Commit Details

• Uncategorized
  • Merge pull request #121 from gsurrel/wine-awareness (bb28d04)
  • Review (f72e644)
  • Delegate to winebrowser under Wine (db81369)

Changelog

Sourced from open's changelog.

5.3.5 (2026-05-12)

Bug Fixes

• delegate to winebrowser under Wine When running a Windows-targeted binary under Wine, open requests previously fell back to Wine's bundled explorer.exe, which lacks proper host desktop integration.

  This change detects the Wine environment at runtime (via WINEPREFIX, WINELOADER, or WINEDEBUG) and prepends a winebrowser command to the launcher list. winebrowser is Wine's official utility for forwarding file/URL requests to the host OS's default handler (e.g., xdg-open on Linux, open on macOS).

  If winebrowser is unavailable or fails, the existing cmd /c start fallback is used automatically, preserving backward compatibility. No public API changes or compile-time flags are introduced.

Commit Statistics

• 3 commits contributed to the release.
• 22 days passed between releases.
• 1 commit was understood as conventional.
• 0 issues like '(#ID)' were seen in commit messages

Commit Details

• Uncategorized
  • Merge pull request #121 from gsurrel/wine-awareness (bb28d04)
  • Review (f72e644)
  • Delegate to winebrowser under Wine (db81369)

Commits

• b98fc01 Release open v5.3.5
• bb28d04 Merge pull request #121 from gsurrel/wine-awareness
• f72e644 review
• db81369 fix(windows): delegate to winebrowser under Wine
• See full diff in compare view

Updates autocfg from 1.5.0 to 1.5.1

Commits

• 2799b09 Merge pull request #80 from cuviper/noscript
• 8e7f49a ci: extend the tested versions
• 303aa6a Release 1.5.1
• 73483fb Make tests/wrappers work without a script
• See full diff in compare view

Updates aws-lc-rs from 1.16.3 to 1.17.0

Release notes

Sourced from aws-lc-rs's releases.

aws-lc-rs v1.17.0

What's Changed

• Add opt-in legacy DES cipher support behind a legacy-des feature by @​qzh0223 in aws/aws-lc-rs#1109 and aws/aws-lc-rs#1122
  • Provides 2TDEA, 3TDEA, and single DES support. This is gated behind the legacy-des feature flag and intended only for interoperability with legacy systems.
• Add AsDer and ParsedPublicKey conversion for RSA PublicKeyComponents by @​MavenRain in aws/aws-lc-rs#1105
  • PublicKeyComponents<B> now implements AsDer<PublicKeyX509Der> and can be converted to ParsedPublicKey for use with signature verification APIs.
• Add LessSafeKey::open_in_place_separate_tag by @​wpt-oai in aws/aws-lc-rs#1116
  • Enables AEAD decryption when the authentication tag is stored separately from the ciphertext, complementing the existing seal_in_place_separate_tag.
• Add zig compiler support and CI coverage by @​justsmth in aws/aws-lc-rs#1103
  • Resolves long-standing issues with cross-compilation using cargo-zigbuild. The build script now correctly handles zig's compiler flags, and CI coverage has been added to prevent regressions.

Build Improvements

• Fix jitterentropy CFLAGS filtering for HOST_CFLAGS and TARGET_CFLAGS by @​justsmth in aws/aws-lc-rs#1106
  • Fixes build failures (e.g., FreeBSD qdrant) where optimization flags leaked into the jitterentropy compilation, which must be built without optimizations.
• Add ML-DSA x86_64 native assembly to CC builder scripts by @​jakemas in aws/aws-lc-rs#1110
• Fix support for building with MinGW on Windows 7 by @​justsmth in aws/aws-lc-rs#1120
  • Fixes the x86_64-win7-windows-gnu target by addressing MinGW-specific compatibility issues.

Issues Being Closed

• Add API to convert rsa::PublicKeyComponents into signature::ParsedPublicKey and/or DER encoded bytes -- aws/aws-lc-rs#1055
• The CPU Jitter RNG must not be compiled with optimizations (FreeBSD qdrant build failure) -- aws/aws-lc-rs#1097
• Windows 7 support for MinGW (x86_64-win7-windows-gnu target) -- aws/aws-lc-rs#1111
• -Wp,-U breaks cross-builds using zig cc -- aws/aws-lc-rs#993
• Failure to cross-compile for Windows on macOS with cargo-zigbuild -- aws/aws-lc-rs#512
• Zigbuild: Unable to build using cargo-zigbuild for arm targets -- aws/aws-lc-rs#931

Other Merged PRs

• Prepare aws-lc-sys v0.41.0 by @​justsmth in aws/aws-lc-rs#1117
• Bump actions/checkout from 4 to 6 by @​dependabot[bot] in aws/aws-lc-rs#1102
• Bump actions/dependency-review-action from 4 to 5 by @​dependabot[bot] in aws/aws-lc-rs#1118
• Fix nightly clippy warnings by @​justsmth in aws/aws-lc-rs#1112
• Prepare aws-lc-rs v1.17.0 by @​justsmth in aws/aws-lc-rs#1121
• Fix rustfmt by @​justsmth in aws/aws-lc-rs#1123

New Contributors

• @​jakemas made their first contribution in aws/aws-lc-rs#1110
• @​qzh0223 made their first contribution in aws/aws-lc-rs#1109
• @​MavenRain made their first contribution in aws/aws-lc-rs#1105
• @​wpt-oai made their first contribution in aws/aws-lc-rs#1116

Full Changelog: aws/aws-lc-rs@v1.16.3...v1.17.0

Commits

• 2201001 Fix rustfmt (#1123)
• 1ed08ba Add single DES support and rename legacy-3des feature to legacy-des (#1122)
• 889047e Prepare aws-lc-rs v1.17.0 (#1121)
• 4fdf672 fix: support building with MinGW on Windows 7 (#1120)
• 1cbe889 Adds LessSafeKey::open_in_place_separate_tag (#1116)
• ce8bccc Bump actions/dependency-review-action from 4 to 5 (#1118)
• aac6ebd Prepare aws lc sys 0.41.0 (#1117)
• 3cb6cfd Add AsDer and ParsedPublicKey conversion for RSA PublicKeyComponents (#1105)
• 54a222f Fix clippy warnings: inline format args, remove redundant borrows, use assert...
• c9c9bc6 Add opt-in 2TDEA and 3TDEA cipher support behind a legacy-3des feature (#1109)
• Additional commits viewable in compare view

Updates aws-lc-sys from 0.40.0 to 0.41.0

Commits

• 2201001 Fix rustfmt (#1123)
• 1ed08ba Add single DES support and rename legacy-3des feature to legacy-des (#1122)
• 889047e Prepare aws-lc-rs v1.17.0 (#1121)
• 4fdf672 fix: support building with MinGW on Windows 7 (#1120)
• 1cbe889 Adds LessSafeKey::open_in_place_separate_tag (#1116)
• ce8bccc Bump actions/dependency-review-action from 4 to 5 (#1118)
• aac6ebd Prepare aws lc sys 0.41.0 (#1117)
• 3cb6cfd Add AsDer and ParsedPublicKey conversion for RSA PublicKeyComponents (#1105)
• 54a222f Fix clippy warnings: inline format args, remove redundant borrows, use assert...
• c9c9bc6 Add opt-in 2TDEA and 3TDEA cipher support behind a legacy-3des feature (#1109)
• Additional commits viewable in compare view

Updates bumpalo from 3.20.2 to 3.20.3

Changelog

Sourced from bumpalo's changelog.

3.20.3

Released 2026-05-22.

Fixed

• Fixed the try_alloc_slice_fill_with, alloc_slice_try_fill_with, alloc_slice_fill_with methods to properly rewind the bump pointer on allocation, initialization, and panic failure and avoid wasting bump capacity.
• Fixed a drop bug in bumpalo::collections::vec::DrainFilter (used by retain and retain_mut) when the predicate panics.

---

Commits

• 84654ac Rewind on slice allocation failure (#324)
• 5325624 Fix a couple bugs (#323)
• fcf8370 Fix UB in Allocator::grow_zeroed (#321)
• 657caf8 test: fix test for OOM instead of overflow (#320)
• 1db9be9 fix: fix typo in comment (#318)
• a47f6d6 fix: bump pointer/bump chunk debug assertion (#313)
• 0b12966 Update Cargo.toml with keywords (#303)
• See full diff in compare view

Updates cc from 1.2.61 to 1.2.62

Release notes

Sourced from cc's releases.

cc-v1.2.62

Other

• Regenerate target info (#1721)
• Allow exceptions on wasm platforms (#1714)
• Add relibc env (#1710)
• recognize sh4 architecture in parse_arch() (#1712)

Changelog

Sourced from cc's changelog.

1.2.62 - 2026-05-08

Other

• Regenerate target info (#1721)
• Allow exceptions on wasm platforms (#1714)
• Add relibc env (#1710)
• recognize sh4 architecture in parse_arch() (#1712)

Commits

• 37a5f8f chore(cc): release v1.2.62 (#1716)
• 34a2218 Regenerate target info (#1721)
• a9d8632 Allow exceptions on wasm platforms (#1714)
• ce036b3 Add relibc env (#1710)
• 18ed3dc target: recognize sh4 architecture in parse_arch() (#1712)
• 33f84c5 Bump taiki-e/install-action from 2.75.18 to 2.75.19 (#1709)
• cbd4c09 Bump taiki-e/install-action from 2.75.17 to 2.75.18 (#1708)
• See full diff in compare view

Updates core-foundation from 0.10.1 to 0.9.4

Commits

• See full diff in compare view

Updates crc-catalog from 2.4.0 to 2.5.0

Commits

• ed4ad63 Prepare 2.5.0 release
• 4fba257 Simplify catalog generator
• e6b86a3 Update generated CRC catalog
• 2d583f9 make the rustfmt::skip on tests an outer attribute
• 9dfb986 skip rustfmt for generated tests
• a831bc1 generate-catalog: add -h/--help flag
• e522023 use lighter dependencies for generate-catalog
• b7ea8f3 Rust program to generate structs with documentation
• 619a5b9 Forbid unsafe code
• 91673ba Remove badges
• See full diff in compare view

Updates curl-sys from 0.4.87+curl-8.19.0 to 0.4.88+curl-8.20.0

Commits

• e89ad65 Try to fix build on Windows (#650)
• c3bc4b5 Update curl to 8.20.0 (#649)
• 5ca0705 Allow using windows-sys 0.61 (#648)
• f0664d7 Update MSRV to 1.82 (#646)
• See full diff in compare view

Updates either from 1.15.0 to 1.16.0

Commits

• 8f4ecd9 Merge pull request #138 from cuviper/release-1.16.0
• c35bb4e Release 1.16.0
• 652486e Fix an unused import
• c26e693 Merge pull request #137 from ronnodas/map-both
• aa7f1d4 Add a single-ident version of map_both!
• a706625 Format the map_both! example
• 85b1b56 Merge pull request #128 from A4-Tacks/for-both-ident-pattern
• 304e814 Merge pull request #127 from A4-Tacks/map-or
• ff9e326 Apply formatting suggestions from code review
• 71c9a91 Merge pull request #126 from A4-Tacks/is-and
• Additional commits viewable in compare view

Updates h2 from 0.4.13 to 0.4.14

Release notes

Sourced from h2's releases.

v0.4.14

What's Changed

• fix(stream): avoid RST before initial HEADERS on idle streams by @​DDtKey in hyperium/h2#875
• fix: filter stream initiator in recv_go_away (#885) by @​ofek-sha in hyperium/h2#886
• perf(header): optimize HeaderValue creation via zero-copy sharing by @​0x676e67 in hyperium/h2#884
• Add header_table_size to server builder by @​ArniDagur in hyperium/h2#888
• check final response in poll_informational by @​zh-jq in hyperium/h2#889
• fix: Avoid capacity leak or panic when a stream is cancelled after reserve_capacity by @​ArniDagur in hyperium/h2#893
• fix: Flow control capacity leak with padded frames by @​ArniDagur in hyperium/h2#894
• fix: Account for connection flow control on DATA after GOAWAY by @​ArniDagur in hyperium/h2#895
• fix: set_reset must notify send task (missed wakeup) by @​ArniDagur in hyperium/h2#897
• Prepare v0.4.14 by @​seanmonstar in hyperium/h2#901

New Contributors

• @​ofek-sha made their first contribution in hyperium/h2#886
• @​0x676e67 made their first contribution in hyperium/h2#884
• @​ArniDagur made their first contribution in hyperium/h2#888
• @​zh-jq made their first contribution in hyperium/h2#889

Full Changelog: hyperium/h2@v0.4.13...v0.4.14

Changelog

Sourced from h2's changelog.

0.4.14 (May 5, 2026)

• Add header_table_size() option to server builder.
• Fix leaking connection flow control of padded DATA frames when stream is reset.
• Fix leaking connection flow control when canceling a stream after reserving capacity.
• Fix leaking connection flow control when receiving a DATA frame after GOAWAY.
• Fix waking the poll_capacity when locally reseting a stream from library.
• Fix sending HEADERS on a reset stream before the RST_STREAM frame.
• Fix receiving GOAWAY to not close peer-initiated streams.
• Optimize header value decoding to copy less bytes.

Commits

• e2826c5 v0.4.14
• 30998f2 fix: set_reset must notify send task (missed wakeup) (#897)
• d9689ea fix: Account for connection flow control on DATA after GOAWAY (#895)
• 08129b2 fix: Flow control capacity leak with padded frames (

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9402adc4c8

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "Codex (@codex) review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "Codex (@codex) address that feedback".