Bump the cargo group with 4 updates

[dependabot]

Bumps the cargo group with 4 updates: itertools, winit, tempfile and reqwest.

Updates itertools from 0.13.0 to 0.14.0

Changelog

Sourced from itertools's changelog.

0.14.0

Breaking

• Increased MSRV to 1.63.0 (#960)
• Removed generic parameter from cons_tuples (#988)

Added

• Added array_combinations (#991)
• Added k_smallest_relaxed and variants (#925)
• Added next_array and collect_array (#560)
• Implemented DoubleEndedIterator for FilterOk (#948)
• Implemented DoubleEndedIterator for FilterMapOk (#950)

Changed

• Allow Q: ?Sized in Itertools::contains (#971)
• Improved hygiene of chain! (#943)
• Improved into_group_map_by documentation (#1000)
• Improved tree_reduce documentation (#955)
• Improved discoverability of merge_join_by (#966)
• Improved discoverability of take_while_inclusive (#972)
• Improved documentation of find_or_last and find_or_first (#984)
• Prevented exponentially large type sizes in tuple_combinations (#945)
• Added track_caller attr for asser_equal (#976)

Notable Internal Changes

• Fixed clippy lints (#956, #987, #1008)
• Addressed warnings within doctests (#964)
• CI: Run most tests with miri (#961)
• CI: Speed up "cargo-semver-checks" action (#938)
• Changed an instance of default_features in Cargo.toml to default-features (#985)

Commits

• a015a68 Add next_array and collect_array
• a1213e1 Prepare v0.14.0 release
• ff0c942 fix clippy lints
• f80883b Fix into_group_map_by documentation errors
• b793238 Add track_caller for asser_equal
• 5d4056b default_features is deprecated - switch it to default-features
• a447b68 doc for added trait
• d0479b0 "nitpicks"
• 35c78ce IndexMut -> BorrowMut<slice>
• deb53ba refactored to share code
• Additional commits viewable in compare view

Updates winit from 0.30.7 to 0.30.8

Release notes

Sourced from winit's releases.

Winit version 0.30.8

Added

• ActivationToken::from_raw and ActivationToken::into_raw.
• On X11, add a workaround for disabling IME on GNOME.

Fixed

• On Windows, fixed the event loop not waking on accessibility requests.
• On X11, fixed cursor grab mode state tracking on error.

Commits

• 58402b5 Winit version 0.30.8
• d7710f7 api: add ActivationToken::{from,into}_raw
• 61314cd x11: fix cursor grab mode tracking on error
• 6b5cc16 x11: add workaround for disabling IME on gnome
• 43c323c windows: fix the event loop not waking on accessibility requests
• See full diff in compare view

Updates tempfile from 3.14.0 to 3.15.0

Changelog

Sourced from tempfile's changelog.

3.15.0

Re-seed the per-thread RNG from system randomness when we repeatedly fail to create temporary files (#314). This resolves a potential DoS vector (#178) while avoiding getrandom in the common case where it's necessary. The feature is optional but enabled by default via the getrandom feature.

For libc-free builds, you'll either need to disable this feature or opt-in to a different getrandom backend.

Commits

• e7a40e3 Release v3.15.0
• ea45f47 feat: re-seed from system randomness on collision (#314)
• 16209da Fix link to ticket in changelog (#310)
• ae22b27 docs: add owasp link on insecure temporary files (#309)
• See full diff in compare view

Updates reqwest from 0.12.11 to 0.12.12

Changelog

Sourced from reqwest's changelog.

v0.12.12

• (wasm) Fix compilation by not compiler tokio/time on WASM.

Commits

• 8b8fdd2 v0.12.12
• 1ef8703 (wasm) fix: remove tower as dependency for wasm32-unknown-unknown (#2510)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions