From 9595f7f6641015d0003eb7722b167b341d6a445c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 15 Sep 2025 02:19:59 +0000
Subject: [PATCH] build(deps): bump rustls-webpki from 0.103.4 to 0.103.5
 (#39303)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [rustls-webpki](https://github.com/rustls/webpki) from 0.103.4 to
0.103.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rustls/webpki/releases">rustls-webpki's
releases</a>.</em></p>
<blockquote>
<h2>0.103.5</h2>
<ul>
<li><strong>New feature</strong>: support verification of P256+SHA512
and P384-SHA512 ECDSA signatures with aws-lc-rs. This is not a
recommended combination, but such signatures exist in the wild.</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Leverage extended API from rcgen 0.14.2 by <a
href="https://github.com/djc"><code>@​djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/366">rustls/webpki#366</a></li>
<li>Update semver-compatible dependencies by <a
href="https://github.com/djc"><code>@​djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/369">rustls/webpki#369</a></li>
<li>ci: take updated nightly for cargo-check-external-types by <a
href="https://github.com/cpu"><code>@​cpu</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/370">rustls/webpki#370</a></li>
<li>build(deps): bump actions/checkout from 4 to 5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/rustls/webpki/pull/371">rustls/webpki#371</a></li>
<li>build(deps): bump serde_json from 1.0.142 to 1.0.143 in the
crates-io group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/rustls/webpki/pull/374">rustls/webpki#374</a></li>
<li>Clarify docs on <code>Cert</code> methods by <a
href="https://github.com/ctz"><code>@​ctz</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/375">rustls/webpki#375</a></li>
<li>Extract trait for ExtendedKeyUsage validation by <a
href="https://github.com/djc"><code>@​djc</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/376">rustls/webpki#376</a></li>
<li>build(deps): bump actions/setup-python from 5 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/rustls/webpki/pull/378">rustls/webpki#378</a></li>
<li>0.103.5: support P256+SHA512 and P384+SHA512 by <a
href="https://github.com/ctz"><code>@​ctz</code></a> in <a
href="https://redirect.github.com/rustls/webpki/pull/379">rustls/webpki#379</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/rustls/webpki/compare/v/0.103.4...v/0.103.5">https://github.com/rustls/webpki/compare/v/0.103.4...v/0.103.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/rustls/webpki/commit/064a68b479b108df3de893d7b7cbf1544143e693"><code>064a68b</code></a>
Prepare 0.103.5</li>
<li><a
href="https://github.com/rustls/webpki/commit/f6fbb2a7bfa346716dbf2e3a5f49c62fe4e796f1"><code>f6fbb2a</code></a>
Support P256+SHA512 and P384+SHA512</li>
<li><a
href="https://github.com/rustls/webpki/commit/41cc1fce6d709a166a92e00ed33282d7930ba556"><code>41cc1fc</code></a>
Take aws-lc-rs 1.14.0</li>
<li><a
href="https://github.com/rustls/webpki/commit/ac0500dc29c1043c6df691deaea72d79623b8867"><code>ac0500d</code></a>
build(deps): bump actions/setup-python from 5 to 6</li>
<li><a
href="https://github.com/rustls/webpki/commit/57fa975b95f78cf92182a6dd438dae64734724a5"><code>57fa975</code></a>
Extract trait for ExtendedKeyUsage validation</li>
<li><a
href="https://github.com/rustls/webpki/commit/67002080e882a4a31eca0d242f7f553573ea5822"><code>6700208</code></a>
Move ExtendedKeyUsage::check() to KeyUsage</li>
<li><a
href="https://github.com/rustls/webpki/commit/260cb69dacb7a97324ac6e968db2842ab7b93180"><code>260cb69</code></a>
Extract KeyPurposeId iteration from ExtendedKeyUsage::check()</li>
<li><a
href="https://github.com/rustls/webpki/commit/3ed145a2e49cf5da9c50d10704d49a15f322303d"><code>3ed145a</code></a>
Simplify KeyPurposeId comparison</li>
<li><a
href="https://github.com/rustls/webpki/commit/b20354a8136e3cf3e92fd461f32d946091e96692"><code>b20354a</code></a>
Clarify docs on <code>Cert</code> methods</li>
<li><a
href="https://github.com/rustls/webpki/commit/0616ac9d64ebafb37c6d5bdce58ef185eabb7d1a"><code>0616ac9</code></a>
build(deps): bump serde_json in the crates-io group</li>
<li>Additional commits viewable in <a
href="https://github.com/rustls/webpki/compare/v/0.103.4...v/0.103.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rustls-webpki&package-manager=cargo&previous-version=0.103.4&new-version=0.103.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 Cargo.lock | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index c090d4fb6d7..662e9c5ee33 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -807,7 +807,7 @@ dependencies = [
  "bitflags 2.9.4",
  "cexpr",
  "clang-sys",
- "itertools 0.12.1",
+ "itertools 0.10.5",
  "proc-macro2",
  "quote",
  "regex",
@@ -825,7 +825,7 @@ dependencies = [
  "bitflags 2.9.4",
  "cexpr",
  "clang-sys",
- "itertools 0.12.1",
+ "itertools 0.10.5",
  "log",
  "prettyplease",
  "proc-macro2",
@@ -6762,7 +6762,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "81bddcdb20abf9501610992b6759a4c888aef7d1a7247ef75e2404275ac24af1"
 dependencies = [
  "anyhow",
- "itertools 0.12.1",
+ "itertools 0.10.5",
  "proc-macro2",
  "quote",
  "syn",
@@ -7223,9 +7223,9 @@ dependencies = [
 
 [[package]]
 name = "rustls-webpki"
-version = "0.103.4"
+version = "0.103.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0a17884ae0c1b773f1ccd2bd4a8c72f16da897310a98b0e84bf349ad5ead92fc"
+checksum = "b5a37813727b78798e53c2bec3f5e8fe12a6d6f8389bf9ca7802add4c9905ad8"
 dependencies = [
  "aws-lc-rs",
  "ring",