Update Rust crate rouille to 3.6.2 - autoclosed

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
rouille	dev-dependencies	minor	3.0 -> 3.6.2

---

Release Notes

tomaka/rouille (rouille)

v3.6.2

Compare Source

• Expose new_ssl feature for rustls support from tiny-http.
• Switch to sha1-smol for a smaller footprint, more stable hash library.
• Remove dependency on num_cpus using std::thread::available_parallelism instead.

v3.6.1

Compare Source

Reverts Added a number of default features as it breaks any downstreams
who were specifying default-features = false.

v3.6.0

Compare Source

• Added rustls support (via tiny-http), if you're currently using the ssl feature
  you can switch from OpenSSL to Rustls by instead enabling the rustls feature in your Cargo.toml.
• Added a number of default features to allow users to reduce
  their dependency graph where they don't need all the functionality Rouille provides. logging, assets,
  post and session are now optional, but enabled by default for backwards compatibility.
• Correctly support 'flag' type query parameters where the parameter has no
  associated value. Previously a query like GET /?foo would return None from get_param, instead of Some("").
• Updated tiny-http to 0.12.0, further reducing the dependency tree by breaking our hard requirement on time-rs. This
  version of tiny-http also enables Unix socket listeners, which will be exposed in a future release of Rouille.

v3.5.0

Compare Source

• Replaced our use of the brotli2 crate with the alternative pure Rust implementation
  brotli. This removes Rouille's vulnerability to
  RUSTSEC-2021-0131, which existed due to brotli-sys
  bundling a vulnerable version of the underlying C library.
• Unpinned time-rs and as a result increased our MSRV to 1.51, we don't have a formal MSRV policy and the ecosystem
  is making it more and more difficult to support compiler versions more than about 6 months old.

v3.4.0

Compare Source

• Resolved a number of cleanup & refactoring TODOs
• Correctly identify non-lowercase content types as text (e.g. text/JSON
  would be incorrectly identified as non-text).
• Pinned time-rs to 0.3.2 to avoid a semver-breaking change in their MSRV.
• Bumped chrono to 0.4.19 and disabled their default feature set to avoid
  warnings about RUSTSEC-2020-0071 (Rouille was never vulnerable, but used a
  vulnerable version of chrono).

v3.3.1

Compare Source

• Use .strip_prefix in place of .starts_with where appropriate, this stops a Clippy lint from
  leaking out of our router! macro and into downstream code.

v3.3.0

Compare Source

• Bumped minimum supported Rust version to 1.48
• Added module-level documentation for rouille::content_encoding
• Updated time dependency to 0.3 and postgres to 0.19 to fix a compile failure due to a yanked version of
  sha1.
• Fixed numerous typos in the crate documentation.

v3.2.1

Compare Source

• Removed unused dependency term and updated rand, multipart, deflate
  and time to latest supported versions.

v3.2.0

Compare Source

Changes

• Add ResponseBody::from_reader_and_size for constructing a ResponseBody
  from a Reader and an already known size such that Content-Length may be
  set on the response.

v3.1.1

Compare Source

• Replace all uses of deprecated try! with ? to suppress warnings that can
  leak out of macro contexts.

v3.1.0

• Add Server::poll_timeout() for polling more efficiently.
• Add Server::stoppable() for running a single, cancellable server thread.
• Add Server::join() for finalising all in-flight requests before shutting down.
• Prevent infinite loop on Websocket EOF
• Update tiny-http to 0.8.1 containing fixes for:
  • HTTPS deadlock where one request holds a locked resource while another is
    attempting HTTPS negotiation
  • Fix RUSTSEC-2020-0031
  • Don't set Transfer-Encoding: chunked on 1xx or 204 responses (which can lead
    to clients hanging).
• Bump minimum support Rust version to 1.41.1

---

Configuration

📅 Schedule: Branch creation - "before 5am on monday" in timezone Asia/Tokyo, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.