build(deps): bump libp2p-gossipsub from 0.49.2 to 0.49.3

[dependabot]

Bumps libp2p-gossipsub from 0.49.2 to 0.49.3.

Release notes

Sourced from libp2p-gossipsub's releases.

libp2p-v0.56.0

See individual changelogs for details.

Notably, we've removed support for async-std in all crates, as async-std has been discontinued. Users should switch to using tokio instead. For now, we've kept the abstractions for supporting alternative runtimes, although not all parts may be public. Please open an issue if you are planning to support a custom runtime and run into any issues with that..

Thanks to everyone who contributed to the release!

libp2p-v0.55.0

See individual changelogs for details.

Thanks everyone who contributed to it! ❤️

libp2p-v0.54.0

See individual changelogs for details.

Thanks everyone who contributed to it! ❤️

libp2p-v0.53.2

See individual changelogs for details.

libp2p-v0.53.1

See individual changelogs for details.

libp2p-v0.53.0

The most ergonomic version of rust-libp2p yet!

We've been busy again, with over 250 PRs being merged into master since v0.52.0 (excluding dependency updates).

Backwards-compatible features

Numerous improvements landed as patch releases since the v0.52.0 release, for example a new, type-safe SwarmBuilder that also encompasses the most common transport protocols:

let mut swarm = libp2p::SwarmBuilder::with_new_identity()
    .with_tokio()
    .with_tcp(
        tcp::Config::default().port_reuse(true).nodelay(true),
        noise::Config::new,
        yamux::Config::default,
    )?
    .with_quic()
    .with_dns()?
    .with_relay_client(noise::Config::new, yamux::Config::default)?
    .with_behaviour(|keypair, relay_client| Behaviour {
        relay_client,
        ping: ping::Behaviour::default(),
        dcutr: dcutr::Behaviour::new(keypair.public().to_peer_id()),
    })?
    .build();
</tr></table> 

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

---

Note

Low Risk
Low risk lockfile-only dependency update; behavior changes would be limited to the libp2p gossipsub/networking stack if this crate is exercised at runtime.

Overview
Updates the resolved dependency set in Cargo.lock, most notably bumping libp2p-gossipsub from 0.49.2 to 0.49.3.

The lockfile resolution also shifts a few transitive networking crates (e.g., socket2 and windows-sys versions via quinn-udp), without changing any application code.

^{Written by Cursor Bugbot for commit 0e98ebe. This will update automatically on new commits. Configure here.}