deps(deps): bump axum from 0.7.9 to 0.8.8

[dependabot]

Bumps axum from 0.7.9 to 0.8.8.

Release notes

Sourced from axum's releases.

axum v0.8.8

• Clarify documentation for Router::route_layer (#3567)

#3567: tokio-rs/axum#3567

axum v0.8.7

• Relax implicit Send / Sync bounds on RouterAsService, RouterIntoService (#3555)
• Make it easier to visually scan for default features (#3550)
• Fix some documentation typos

#3550: tokio-rs/axum#3550 #3555: tokio-rs/axum#3555

axum v0.8.5

• fixed: Reject JSON request bodies with trailing characters after the JSON document (#3453)
• added: Implement OptionalFromRequest for Multipart (#3220)
• added: Getter methods Location::{status_code, location}
• added: Support for writing arbitrary binary data into server-sent events (#3425)]
• added: middleware::ResponseAxumBodyLayer for mapping response body to axum::body::Body (#3469)
• added: impl FusedStream for WebSocket (#3443)
• changed: The sse module and Sse type no longer depend on the tokio feature (#3154)
• changed: If the location given to one of Redirects constructors is not a valid header value, instead of panicking on construction, the IntoResponse impl now returns an HTTP 500, just like Json does when serialization fails (#3377)
• changed: Update minimum rust version to 1.78 (#3412)

#3154: tokio-rs/axum#3154 #3220: tokio-rs/axum#3220 #3377: tokio-rs/axum#3377 #3412: tokio-rs/axum#3412 #3425: tokio-rs/axum#3425 #3443: tokio-rs/axum#3443 #3453: tokio-rs/axum#3453 #3469: tokio-rs/axum#3469

axum v0.8.4

• added: Router::reset_fallback (#3320)
• added: WebSocketUpgrade::selected_protocol (#3248)
• fixed: Panic location for overlapping method routes (#3319)
• fixed: Don't leak a tokio task when using serve without graceful shutdown (#3129)

#3319: tokio-rs/axum#3319 #3320: tokio-rs/axum#3320 #3248: tokio-rs/axum#3248 #3129: tokio-rs/axum#3129

axum v0.8.3

• added: Implement From<Bytes> for Message (#3273)
• added: Implement OptionalFromRequest for Json (#3142)
• added: Implement OptionalFromRequest for Extension (#3157)
• added: Allow setting the read buffer capacity of WebSocketUpgrade (#3178)

... (truncated)

Commits

• d07863f Release axum v0.8.8 and axum-extra v0.12.3
• 287c674 axum-extra: Make typed-routing feature enable routing feature (#3514)
• f5804aa SecondElementIs: Correct a small inconsistency (#3559)
• f51f3ba axum-extra: Add trailing newline to pretty JSON response (#3526)
• 816407a Fix integer underflow in try_range_response for empty files (#3566)
• 78656eb docs: Clarify route_layer does not apply middleware to the fallback handler...
• 4404f27 Release axum v0.8.7 and axum-extra v0.12.2
• 8f1545a Fix typo in extractors guide (#3554)
• 4fc3faa Relax implicit Send / Sync bounds (#3555)
• a05920c Make it easier to visually scan for default features (#3550)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
cargo/axum	>= 0.8.0, < 0.9.0	🟢 5.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 7 3 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• Cargo.lock
• examples/Cargo.toml

[evansims]

@dependabot rebase

[dependabot]

Looks like axum is up-to-date now, so this is no longer needed.