build(deps): bump tungstenite from 0.21.0 to 0.28.0

[dependabot]

Bumps tungstenite from 0.21.0 to 0.28.0.

Changelog

Sourced from tungstenite's changelog.

0.28.0

• Reduce Error size 136 -> 32 by boxing internals of Error::Http, Error::WriteBufferFull, ProtocolError::InvalidHeader, TlsError::Native, TlsError::Rustls.
• Dependency update (socket to 0.6.0).
• Add into_inner() to the WebSocket, so that the user can extract the underlying stream.
• Address the edge-case for the WebSocket request generation when tungstenite is built with -Zfmt-debug=none.

0.27.0

• Fix large message read performance by enforcing max read_buffer_size read chunks.
• Make Hash implementation consistent for Utf8Bytes payloads.

0.26.2

• Add WebSocketConfig::read_buffer_size docs explaining performance/memory tradeoff.
• Implement traits and add helper methods for the UTF8 payloads making them comparable and more ergonomic.

0.26.1

• Fix/revert unsoundness that could lead to UB with dodgy Read stream implementations.

0.26.0

• Simplify Message to use Bytes payload directly with simpler Utf8Bytes for text.
• Change CloseFrame to use Utf8Bytes for reason.
• Re-export Bytes.

0.25.0

• New Payload type for Message that allows sending messages with a payload that can be cheaply cloned (Bytes). Long standing issue solved!
• Add WebSocketConfig::read_buffer_size default 128 KiB. This improves high load read performance. Note: This default increases memory usage compared to previous versions particularly for users expecting a high number of connections. Configure 4-8 KiB to get a similar memory usage to 0.24.
• Make WebSocketConfig non-exhaustive & add builder style construction fns.
• Remove deprecated WebSocketConfig::max_send_queue.
• Trim spaces on Sec-WebSocket-Protocol header.
• Eliminate data copies when reading complete messages & optimise read buffer. Improves performance.
• Update thiserror to 2.

0.24.0

• Raised MSRV to 1.63 to match tokio-tungstenite.
• Connecting to WSS URL without TLS features specified results in a better error.
• Handshake will now flush after completion to be safe (works better with buffered streams).

0.23.0

• Disable default features for rustls giving the user more flexibility.

0.22.0

• Make url optional.
• Add a builder for convenient headers and subprotocols construction.
• Update rustls dependency.

Commits

• 2d4abe8 Bump version (0.28.0)
• c0a099e refactor: simplify processing incoming data frames
• e7e060a Replace if let Some(...) with .ok_or(...)?
• a526829 Refactor top-level branch with early error return
• b0488dd Implement into_inner to get the underlying stream (#516)
• 6520d8f Avoid a Vec allocation during handshaking (#514)
• 4065971 Proper strigification of http::Version (#513)
• 7c4ad5b Update to socket2 v0.6 (#505)
• 9482a47 Reduce Error size 136 -> 32 (#511)
• 7f3d46e Fix clippy warnings: Inline format! args
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)