chore(deps): bump libp2p-gossipsub from 0.49.2 to 0.49.3

[dependabot]

Bumps libp2p-gossipsub from 0.49.2 to 0.49.3.

Release notes

Sourced from libp2p-gossipsub's releases.

libp2p-v0.56.0

See individual changelogs for details.

Notably, we've removed support for async-std in all crates, as async-std has been discontinued. Users should switch to using tokio instead. For now, we've kept the abstractions for supporting alternative runtimes, although not all parts may be public. Please open an issue if you are planning to support a custom runtime and run into any issues with that..

Thanks to everyone who contributed to the release!

libp2p-v0.55.0

See individual changelogs for details.

Thanks everyone who contributed to it! ❤️

libp2p-v0.54.0

See individual changelogs for details.

Thanks everyone who contributed to it! ❤️

libp2p-v0.53.2

See individual changelogs for details.

libp2p-v0.53.1

See individual changelogs for details.

libp2p-v0.53.0

The most ergonomic version of rust-libp2p yet!

We've been busy again, with over 250 PRs being merged into master since v0.52.0 (excluding dependency updates).

Backwards-compatible features

Numerous improvements landed as patch releases since the v0.52.0 release, for example a new, type-safe SwarmBuilder that also encompasses the most common transport protocols:

let mut swarm = libp2p::SwarmBuilder::with_new_identity()
    .with_tokio()
    .with_tcp(
        tcp::Config::default().port_reuse(true).nodelay(true),
        noise::Config::new,
        yamux::Config::default,
    )?
    .with_quic()
    .with_dns()?
    .with_relay_client(noise::Config::new, yamux::Config::default)?
    .with_behaviour(|keypair, relay_client| Behaviour {
        relay_client,
        ping: ping::Behaviour::default(),
        dcutr: dcutr::Behaviour::new(keypair.public().to_peer_id()),
    })?
    .build();
</tr></table> 

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

---

Note

Medium Risk
Primarily a dependency/lockfile update, but it touches the P2P messaging stack (libp2p-gossipsub) and alters transitive networking/platform crates (socket2, windows-sys), which could affect runtime behavior across targets.

Overview
Bumps libp2p-gossipsub from 0.49.2 to 0.49.3 via Cargo.lock.

The lockfile resolution also shifts several transitive dependencies (notably socket2, windows-sys, and some proc-macro/build deps like syn, heck, and base64) to different versions, reflecting the updated dependency graph.

^{Written by Cursor Bugbot for commit 93fb09b. This will update automatically on new commits. Configure here.}

[meroreviewer]

🤖 AI Code Reviewer

Reviewed by 3 agents | Quality score: 95% | Review time: 116.6s

---

✅ No Issues Found

All agents reviewed the code and found no issues. LGTM! 🎉

---

_{🤖 Generated by AI Code Reviewer | Review ID: review-fc6f0234}