build(deps): bump the cargo group across 1 directory with 2 updates

[dependabot]

Bumps the cargo group with 2 updates in the / directory: bytes and rustls-webpki.

Updates bytes from 1.10.1 to 1.11.1

Release notes

Sourced from bytes's releases.

Bytes v1.11.1

1.11.1 (February 3rd, 2026)

• Fix integer overflow in BytesMut::reserve

Bytes v1.11.0

1.11.0 (November 14th, 2025)

• Bump MSRV to 1.57 (#788)

Fixed

• fix: BytesMut only reuse if src has remaining (#803)
• Specialize BytesMut::put::<Bytes> (#793)
• Reserve capacity in BytesMut::put (#794)
• Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

• Guarantee address in slice() for empty slices. (#780)
• Rename Vtable::to_* -> Vtable::into_* (#776)
• Fix latest clippy warnings (#787)
• Ignore BytesMut::freeze doctest on wasm (#790)
• Move drop_fn of from_owner into vtable (#801)

Changelog

Sourced from bytes's changelog.

1.11.1 (February 3rd, 2026)

• Fix integer overflow in BytesMut::reserve

1.11.0 (November 14th, 2025)

• Bump MSRV to 1.57 (#788)

Fixed

• fix: BytesMut only reuse if src has remaining (#803)
• Specialize BytesMut::put::<Bytes> (#793)
• Reserve capacity in BytesMut::put (#794)
• Change BytesMut::remaining_mut to use isize::MAX instead of usize::MAX (#795)

Internal changes

• Guarantee address in slice() for empty slices. (#780)
• Rename Vtable::to_* -> Vtable::into_* (#776)
• Fix latest clippy warnings (#787)
• Ignore BytesMut::freeze doctest on wasm (#790)
• Move drop_fn of from_owner into vtable (#801)

Commits

• 417dccd Release bytes v1.11.1 (#820)
• d0293b0 Merge commit from fork
• a7952fb chore: prepare bytes v1.11.0 (#804)
• 60cbb77 fix: BytesMut only reuse if src has remaining (#803)
• 7ce330f Move drop_fn of from_owner into vtable (#801)
• 4b53a29 Tweak BytesMut::remaining_mut (#795)
• 016fdbd Reserve capacity in BytesMut::put (#794)
• ef7f257 Specialize BytesMut::put::<Bytes> (#793)
• 8b4f54d Ignore BytesMut::freeze doctest on wasm (#790)
• 16132ad Fix latest clippy warnings (#787)
• Additional commits viewable in compare view

Updates rustls-webpki from 0.103.1 to 0.103.3

Release notes

Sourced from rustls-webpki's releases.

0.103.3

Add support for RSA signature algorithms that don't include parameters. Per RFC 4055 section 5, implementations of the SHA-1/SHA-2 one-way hash functions "MUST accept the parameters being absent as well as present".

What's Changed

• Support RSA PKCS#1 signatures with absent parameters by @​ctz in rustls/webpki#346

0.103.2

• Maintain context for key usage mismatch errors in order to make them easier to interpret.
• Accept certificates with an empty extension sequence.

What's Changed

• Fix CI build failures, tidy cargo-deny config by @​cpu in rustls/webpki#339
• Update semver-compatible dependencies by @​djc in rustls/webpki#341
• Remove tests from package that is published by @​SwishSwushPow in rustls/webpki#340
• Allow x509v3 empty extensions (redux) by @​ctz in rustls/webpki#342
• tests: use rcgen for client_auth tests by @​djc in rustls/webpki#343
• tests: remove test certs for client_auth tests by @​djc in rustls/webpki#344
• Maintain context for key usage mismatch errors by @​djc in rustls/webpki#337
• Refine CI workflow triggers by @​djc in rustls/webpki#345

Commits

• 34a2392 Bump version to 0.103.3
• 16abda1 Support RSA PKCS#1 signatures with absent parameters
• 0ac75b1 cargo-check-external-types: update toolchain
• 1e923bf ci: enable triggering CI workflow manually
• f4a8783 ci: skip push triggers for most branches
• 9cf30f6 Bump version to 0.103.2
• baac0b0 Maintain context for key usage mismatch errors
• 85d885d tests: remove test certs for client_auth tests
• 7badc0e tests: move check_cert() down
• 5b3dae1 tests: use rcgen for client_auth tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.