build(deps): update h2 requirement from 0.3.17 to 0.4.0

[dependabot[bot]]

Updates the requirements on h2 to permit the latest version.

Changelog

Sourced from h2's changelog.

0.4.0 (November 15, 2023)

• Update to http 1.0.
• Remove deprecated Server::poll_close().

0.3.22 (November 15, 2023)

• Add header_table_size(usize) option to client and server builders.
• Improve throughput when vectored IO is not available.
• Update indexmap to 2.

0.3.21 (August 21, 2023)

• Fix opening of new streams over peer's max concurrent limit.
• Fix RecvStream to return data even if it has received a CANCEL stream error.
• Update MSRV to 1.63.

0.3.20 (June 26, 2023)

• Fix panic if a server received a request with a :status pseudo header in the 1xx range.
• Fix panic if a reset stream had pending push promises that were more than allowed.
• Fix potential flow control overflow by subtraction, instead returning a connection error.

0.3.19 (May 12, 2023)

• Fix counting reset streams when triggered by a GOAWAY.
• Send too_many_resets in opaque debug data of GOAWAY when too many resets received.

0.3.18 (April 17, 2023)

• Fix panic because of opposite check in is_remote_local().

0.3.17 (April 13, 2023)

• Add Error::is_library() method to check if the originated inside h2.
• Add max_pending_accept_reset_streams(usize) option to client and server builders.
• Fix theoretical memory growth when receiving too many HEADERS and then RST_STREAM frames faster than an application can accept them off the queue. (CVE-2023-26964)

0.3.16 (February 27, 2023)

• Set Protocol extension on requests when received Extended CONNECT requests.
• Remove B: Unpin + 'static bound requiremented of bufs
• Fix releasing of frames when stream is finished, reducing memory usage.
• Fix panic when trying to send data and connection window is available, but stream window is not.
• Fix spurious wakeups when stream capacity is not available.

0.3.15 (October 21, 2022)

... (truncated)

Commits

• 122091a v0.4.0
• 9defea8 remove deprecated Server::poll_close (#727)
• 1ca1dc6 update http to 1.0
• 8867e95 remove private from root crate
• dfe9eb7 start 0.4 dev
• 0f412d8 v0.3.22
• c7ca62f docs: fix typos (#724)
• ef743ec Add a setter for header_table_size (#638)
• 56651e6 fix lint about unused import
• 4aa7b16 Fix documentation for max_send_buffer_size (#718)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[Icelk]

This depends on a new release of the h3 crate: https://github.com/hyperium/h3/pull/215

[dependabot[bot]]

Superseded by #41.