chore(deps): bump the patches group across 1 directory with 4 updates

[dependabot]

Bumps the patches group with 4 updates in the / directory: async-rs, h2, pin-project and env_logger.

Updates async-rs from 0.8.4 to 0.8.5

Commits

• 850dbff v0.8.5
• 3872438 hickory: reuse the same resolver
• c59efe0 fix various typos
• 13020e6 tokio: drop cfg-if dependency
• See full diff in compare view

Updates h2 from 0.4.13 to 0.4.14

Release notes

Sourced from h2's releases.

v0.4.14

What's Changed

• fix(stream): avoid RST before initial HEADERS on idle streams by @​DDtKey in hyperium/h2#875
• fix: filter stream initiator in recv_go_away (#885) by @​ofek-sha in hyperium/h2#886
• perf(header): optimize HeaderValue creation via zero-copy sharing by @​0x676e67 in hyperium/h2#884
• Add header_table_size to server builder by @​ArniDagur in hyperium/h2#888
• check final response in poll_informational by @​zh-jq in hyperium/h2#889
• fix: Avoid capacity leak or panic when a stream is cancelled after reserve_capacity by @​ArniDagur in hyperium/h2#893
• fix: Flow control capacity leak with padded frames by @​ArniDagur in hyperium/h2#894
• fix: Account for connection flow control on DATA after GOAWAY by @​ArniDagur in hyperium/h2#895
• fix: set_reset must notify send task (missed wakeup) by @​ArniDagur in hyperium/h2#897
• Prepare v0.4.14 by @​seanmonstar in hyperium/h2#901

New Contributors

• @​ofek-sha made their first contribution in hyperium/h2#886
• @​0x676e67 made their first contribution in hyperium/h2#884
• @​ArniDagur made their first contribution in hyperium/h2#888
• @​zh-jq made their first contribution in hyperium/h2#889

Full Changelog: hyperium/h2@v0.4.13...v0.4.14

Changelog

Sourced from h2's changelog.

0.4.14 (May 5, 2026)

• Add header_table_size() option to server builder.
• Fix leaking connection flow control of padded DATA frames when stream is reset.
• Fix leaking connection flow control when canceling a stream after reserving capacity.
• Fix leaking connection flow control when receiving a DATA frame after GOAWAY.
• Fix waking the poll_capacity when locally reseting a stream from library.
• Fix sending HEADERS on a reset stream before the RST_STREAM frame.
• Fix receiving GOAWAY to not close peer-initiated streams.
• Optimize header value decoding to copy less bytes.

Commits

• e2826c5 v0.4.14
• 30998f2 fix: set_reset must notify send task (missed wakeup) (#897)
• d9689ea fix: Account for connection flow control on DATA after GOAWAY (#895)
• 08129b2 fix: Flow control capacity leak with padded frames (#894)
• 1e68f99 fix: Avoid panic or capacity leak when a stream is cancelled after reserve_ca...
• dbc204e fix: check final response in poll_informational (#889)
• ac5cdd0 feat: add 'header_table_size()' to server builder (#888)
• 55a0d9d perf(header): optimize HeaderValue decoding via zero-copy sharing (#884)
• f5f1594 fix: filter stream initiator in recv_go_away (#886)
• 5634ddd fix: avoid RST before initial HEADERS on idle streams (#875)
• See full diff in compare view

Updates pin-project from 1.1.11 to 1.1.12

Release notes

Sourced from pin-project's releases.

1.1.12

• Documentation improvements.

Changelog

Sourced from pin-project's changelog.

[1.1.12] - 2026-05-05

• Documentation improvements.

Commits

• 2855546 Release 1.1.12
• 4e66d4b ci,tools: Update config and script
• f3c7f06 Update dev-dependencies
• d1bf779 Update changelog
• eb98dd1 tests: Update lint test
• 05f3825 ci,tools: Update config and script
• 96b8d5f Fix doc/comments
• 7aeab0e Update comment
• 94364db Update scripts and CI config
• a8490da Update note on unaligned_references
• Additional commits viewable in compare view

Updates env_logger from 0.11.9 to 0.11.10

Release notes

Sourced from env_logger's releases.

v0.11.10

[0.11.10] - 2026-03-23

Internal

• Update dependencies

Changelog

Sourced from env_logger's changelog.

[0.11.10] - 2026-03-23

Internal

• Update dependencies

Commits

• 41320bf chore: Release
• de8c74f docs: Update changelog
• d550741 docs(gh): Add sponsor link
• 458b075 chore(deps): Update Rust Stable to v1.94 (#401)
• 8bc3fc3 Merge pull request #400 from epage/update
• 143fa64 chore: Upgrade incompatible
• b687a24 chore: Upgrade compatible
• 8cf1ba9 Merge pull request #397 from rust-cli/renovate/crate-ci-typos-1.x
• 094ecf7 Merge pull request #396 from rust-cli/renovate/crate-ci-committed-1.x
• 34ad626 chore(deps): Update pre-commit hook crate-ci/typos to v1.44.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 27de016a94

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Regenerate the third-party license inventory

This lockfile update pulls in new crates through env_logger/anstream (is_terminal_polyfill here and once_cell_polyfill later in the lockfile), but LICENSE-3rdparty.csv was not updated. Vector's documented make check-licenses path runs cargo vdev check licenses, which delegates to dd-rust-license-tool check; with these new crates absent from the checked-in license inventory (rg is_terminal_polyfill LICENSE-3rdparty.csv returns nothing), dependency CI and packaged license metadata become stale until cargo vdev build licenses is run and committed.

Useful? React with 👍 / 👎.