Bump http from 1.2.0 to 1.3.1

[dependabot]

Bumps http from 1.2.0 to 1.3.1.

Release notes

Sourced from http's releases.

v1.3.1

What's Changed

• fix: validate path bytes are at least utf8 by @​seanmonstar in hyperium/http#756

Full Changelog: hyperium/http@v1.3.0...v1.3.1

v1.3.0

What's Changed

• Allow most UTF-8 characters in URI path and query. (hyperium/http#715)
  • This means paring Uris with previously illegal characters according the original RFC will now be accepted. They used to be rejected in the name of spec purity, but many operators were using a fork of http because reality is that most characters are seen in the real world.
• Fix HeaderMap::reserve() to allocate sufficient capacity.

New Contributors

• @​joelwurtz made their first contribution in hyperium/http#715
• @​ADD-SP made their first contribution in hyperium/http#738
• @​kawaemon made their first contribution in hyperium/http#741
• @​DaniPopes made their first contribution in hyperium/http#748
• @​jpds made their first contribution in hyperium/http#695

Thanks!

• @​seanmonstar
• @​tottoto

Full Changelog: hyperium/http@v1.2.0...v1.3.0

Changelog

Sourced from http's changelog.

1.3.1 (March 11, 2025)

• Fix validation that all characters are UTF-8 in URI path and query.

1.3.0 (March 11, 2025)

• Allow most UTF-8 characters in URI path and query.
• Fix HeaderMap::reserve() to allocate sufficient capacity.

Commits

• 8c1fb20 v1.3.1
• 6637a72 fix: validate path bytes are at least utf8 (#756)
• d0dd91e v1.3.0
• 64bd92b docs: Fixed encryption/compression typo for 'accept-encoding: identity'. (#695)
• b03ed6a chore: use range.contains in StatusCode methods (#748)
• a463fb5 chore(ci): use yq to get rust-version in manifest (#746)
• 68845bd fix: HeaderMap::reserve allocates insufficient capacity (#741)
• 4e02046 refactor(header): remove BytesMut inline optimization when creating (#738)
• 091ee9a feat(uri): allow utf8 char, not rfc 3986 compliant, in path and query (#715)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)