Update Rust crate tower-http to 0.4

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
tower-http	dev-dependencies	minor	0.3 -> 0.4

---

Release Notes

tower-rs/tower-http

v0.4.0: v0.4.0

Compare Source

Added

• decompression: Add RequestDecompression middleware (#​282)
• compression: Implement Default for CompressionBody (#​323)
• compression, decompression: Support zstd (de)compression (#​322)

Changed

• serve_dir: ServeDir and ServeFile's error types are now Infallible and any IO errors
  will be converted into responses. Use try_call to generate error responses manually (BREAKING) (#​283)
• serve_dir: ServeDir::fallback and ServeDir::not_found_service now requires
  the fallback service to use Infallible as its error type (BREAKING) (#​283)
• compression, decompression: Tweak prefered compression encodings (#​325)

Removed

• Removed RequireAuthorization in favor of ValidateRequest (BREAKING) (#​290)

Fixed

• serve_dir: Don't include identity in Content-Encoding header (#​317)
• compression: Do compress SVGs (#​321)
• serve_dir: In ServeDir, convert io::ErrorKind::NotADirectory to 404 Not Found (#​331)

v0.3.5: v0.3.5

Compare Source

Added

• Add NormalizePath middleware (#​275)
• Add ValidateRequest middleware (#​289)
• Add RequestBodyTimeout middleware (#​303)

Changed

• Bump Minimum Supported Rust Version to 1.60 (#​299)

Fixed

• trace: Correctly identify gRPC requests in default on_response callback (#​278)
• cors: Panic if a wildcard (*) is passed to AllowOrigin::list. Use
  AllowOrigin::any() instead (#​285)
• serve_dir: Call the fallback on non-uft8 request paths (#​310)

v0.3.4: v0.3.4

Compare Source

Added

• Add Timeout middleware (#​270)
• Add RequestBodyLimit middleware (#​271)

v0.3.3: v0.3.3

Compare Source

Added

• serve_dir: Add ServeDir::call_fallback_on_method_not_allowed to allow calling the fallback
  for requests that aren't GET or HEAD (#​264)
• request_id: Add MakeRequestUuid for generating request ids using UUIDs (#​266)

Fixed

• serve_dir: Include Allow header for 405 Method Not Allowed responses (#​263)

v0.3.2: v0.3.2

Compare Source

Fixed

• serve_dir: Fix empty request parts being passed to ServeDir's fallback instead of the actual ones (#​258)

v0.3.1: v0.3.1

Compare Source

Fixed

• cors: Only send a single origin in Access-Control-Allow-Origin header when a list of
  allowed origins is configured (the previous behavior of sending a comma-separated list like for
  allowed methods and allowed headers is not allowed by any standard)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.