Bump http from 0.2.12 to 1.4.2

[dependabot]

Bumps http from 0.2.12 to 1.4.2.

Release notes

Sourced from http's releases.

v1.4.1

tl;dr

• Fix PathAndQuery::from_static() and from_shared() to reject inputs that do not start with /.
• Fix Extend for HeaderMap to clamp max size hint and not overflow.
• Fix header::IntoIter that could use-after-free if the generic value type could panic on drop.
• Fix header::{IterMut, ValuesIterMut} to not violate stacked borrows.

What's Changed

• chore(header): fix clippy::assign_op_pattern by @​rxc-amzn in hyperium/http#806
• ci: pin itoa in msrv job by @​seanmonstar in hyperium/http#813
• Remove unnecessary explicit lifetimes by @​jplatte in hyperium/http#815
• chore(ci): update to actions/checkout@v6 by @​tottoto in hyperium/http#819
• tests: update to rand 0.10 by @​tottoto in hyperium/http#818
• refactor: Remove usage of float instruction by @​AurelienFT in hyperium/http#823
• refactor(uri): consolidate PathAndQuery::from_shared and from_static by @​seanmonstar in hyperium/http#825
• fix(uri): reject Path::from_shared/from_static if doesn't start with slash by @​seanmonstar in hyperium/http#826
• Rephrase comment by @​daalfox in hyperium/http#827
• Fix typo in request builder docs by @​vleksis in hyperium/http#831
• fix: clamp Extend size hint so HeaderMap reserve cannot overflow by @​SAY-5 in hyperium/http#833
• fix(headers): fix stacked borrows for IterMut/ValuesIterMut by @​seanmonstar in hyperium/http#837
• fix(header): use a set_len guard in IntoIter drop by @​seanmonstar in hyperium/http#838

New Contributors

• @​rxc-amzn made their first contribution in hyperium/http#806
• @​AurelienFT made their first contribution in hyperium/http#823
• @​daalfox made their first contribution in hyperium/http#827
• @​vleksis made their first contribution in hyperium/http#831
• @​SAY-5 made their first contribution in hyperium/http#833

Full Changelog: hyperium/http@v1.4.0...v1.4.1

v1.4.0

Highlights

• Add StatusCode::EARLY_HINTS constant for 103 Early Hints.
• Make StatusCode::from_u16 now a const fn.
• Make Authority::from_static now a const fn.
• Make PathAndQuery::from_static now a const fn.
• MSRV increased to 1.57 (allows legible const fn panic messages).

What's Changed

• Updated Rand dependency to v0.9.1 by @​FarzadMohtasham in hyperium/http#763
• Fix compilation on latest nightly by @​akonradi-signal in hyperium/http#769
• Avoid unnecessary .expect()s for empty HeaderMap by @​akonradi-signal in hyperium/http#768
• feat: show types in Extensions debug output by @​crepererum in hyperium/http#773
• Docs: Clarify the HeaderMap documentaion by @​Sol-Ell in hyperium/http#774
• style: update format for tests by @​seanmonstar in hyperium/http#782
• Make StatusCode::from_u16 const by @​coolreader18 in hyperium/http#761

... (truncated)

Changelog

Sourced from http's changelog.

1.4.2 (June 8, 2026)

• Fix uri::Builder to allow "*" as the path when scheme and authority are also set, used in HTTP/2 requests.
• Fix Uri to properly reject DEL characters.

1.4.1 (May 25, 2026)

• Fix PathAndQuery::from_static() and from_shared() to reject inputs that do not start with /.
• Fix Extend for HeaderMap to clamp max size hint and not overflow.
• Fix header::IntoIter that could use-after-free if the generic value type could panic on drop.
• Fix header::{IterMut, ValuesIterMut} to not violate stacked borrows.

1.4.0 (November 24, 2025)

• Add StatusCode::EARLY_HINTS constant for 103 Early Hints.
• Make StatusCode::from_u16 now a const fn.
• Make Authority::from_static now a const fn.
• Make PathAndQuery::from_static now a const fn.
• MSRV increased to 1.57 (allows legible const fn panic messages).

1.3.1 (March 11, 2025)

• Fix validation that all characters are UTF-8 in URI path and query.

1.3.0 (March 11, 2025)

• Allow most UTF-8 characters in URI path and query.
• Fix HeaderMap::reserve() to allocate sufficient capacity.

1.2.0 (December 3, 2024)

• Add StatusCode::TOO_EARLY constant for 425 status.
• Loosen TryFrom<HashMap> for HeaderMap to work with any state generic.
• Change Builder methods to use TryInto instead of TryFrom arguments.
• Make StatusCode::as_u16 a const function.
• Fix Method parsing to allow #$%&' characters.
• Fix HeaderName parsing to reject " characters.
• Fix off by 1 error in Method::from_bytes that could cause extra allocations.

1.1.0 (March 4, 2024)

• Add methods to allow trying to allocate in the HeaderMap, returning an error if oversize instead of panicking.
• Add Extensions::get_or_insert() method.
• Implement From<Uri> for uri::Builder.
• Fix HeaderName::from_lowercase that could allow NUL bytes in some cases.

1.0.0 (November 15, 2023)

• Implement Clone for Request, Response, and Extensions. This breaking change requires that all extensions now implement Clone.

... (truncated)

Commits

• 82db5b8 v1.4.2
• a9cdbf8 fix(uri): reject DEL character (#842)
• df75ca3 fix(uri): allow STAR paths with scheme/auth (#843)
• ec3f8ce feat(method): impl PartialOrd + Ord (#840)
• a24c968 v1.4.1
• bc3b044 fix(header): use a set_len guard in IntoIter drop (#838)
• 1b968dc fix(header): fix stacked borrows for IterMut/ValuesIterMut (#837)
• 6e2dd42 fix: clamp Extend size hint so HeaderMap reserve cannot overflow (#833)
• 68e0abb docs: fix typo in request builder docs (#831)
• 29dd307 docs(extensions): rephrase internal comment (#827)
• Additional commits viewable in compare view