chore(deps): bump dcap-qvl from 0.3.3 to 0.3.9

[dependabot]

Bumps dcap-qvl from 0.3.3 to 0.3.9.

Release notes

Sourced from dcap-qvl's releases.

Release v0.3.9

Changes in v0.3.9

• Bump version to v0.3.9
• Void a potential panic
• Fix the clippy error
• Fix cli compilation error
• Better code style in verify_isv_report_signature
• update deps
• replace webpki with rustcrypto
• Fix clippy
• Correct tcbcomponents matching logic
• Add sgx_attr validation and test cases
• Update quote.rs
• Update utils.rs
• Update LICENSE
• docs: fix license link
• Add qe_status and platform_status in the verified report
• Add comment on fn is_valid
• Remove tests/js/test_data

Python Package

This release includes Python wheels for multiple platforms:

• Linux: x86_64, x86, aarch64, armv7, s390x, ppc64le
• Windows: x64, x86
• macOS: x86_64, aarch64 (Apple Silicon)

Install with: pip install dcap-qvl==0.3.9

Rust Crate

Add to your Cargo.toml:

dcap-qvl = "0.3.9"

Release v0.3.8

Changes in v0.3.8

• Bump version to 0.3.8
• Revert the breaking change to public API

Python Package

This release includes Python wheels for multiple platforms:

• Linux: x86_64, x86, aarch64, armv7, s390x, ppc64le
• Windows: x64, x86
• macOS: x86_64, aarch64 (Apple Silicon)

... (truncated)

Commits

• 5c8166f Bump version to v0.3.9
• dc51565 Void a potential panic
• 760d11f Merge pull request #89 from sashaodessa/master
• 3476e0b Merge pull request #93 from Phala-Network/pr-92
• c11df89 Fix the clippy error
• fcccc51 Merge remote-tracking branch 'origin/master' into pr-92
• a98a64e Merge pull request #92 from jonas089/jonas/rustcrypto
• 7c27776 Merge remote-tracking branch 'origin/master' into pr-92
• 6c1dddf Merge pull request #91 from Phala-Network/components-wise-tcb-matching
• 5691916 Fix cli compilation error
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

---

Note

Dependency updates (lockfile-only)

• Bumps dcap-qvl to 0.3.10, pulling in API/internal changes and a shift toward RustCrypto components
• Refreshes transitive deps: borsh 1.6.0, dcap-qvl-webpki 0.103.4+dcap.1, rustls(-webpki) 0.103.7, crypto crates (p256, p384, ecdsa, ed25519-dalek, rsa, sha2), and others (serde_json 1.0.149, log 0.4.29, wasm-bindgen/js-sys/web-sys)
• Adds new lockfile entries like pem-rfc7468, convert_case, unicode-segmentation, zmij; normalizes some platform deps (e.g., windows-sys 0.59.0)

No source changes; only Cargo.lock updates.

^{Written by Cursor Bugbot for commit b17397e. This will update automatically on new commits. Configure here.}