chore(deps): bump yamux from 0.13.5 to 0.13.9

[dependabot]

Bumps yamux from 0.13.5 to 0.13.9.

Release notes

Sourced from yamux's releases.

yamux-v0.13.9

Improve flow-control credit verification for window updates. See libp2p/rust-yamux#221.

yamux-v0.13.8

Introduce WriteState::Poisoned to avoid further reads after the returned number of bytes from a write operation is bigger than the header size. See libp2p/rust-yamux#211.

yamux-v0.13.7

Fix compilation on rust versions < 1.87.0. See libp2p/rust-yamux#208.

yamux-v0.13.6

Fix panic on frame io when the returned number of bytes from a write operation is bigger than the header size. See libp2p/rust-yamux#202.

Changelog

Sourced from yamux's changelog.

0.13.9

• Improve flow-control credit verification for window updates. See PR 221.

0.13.8

• Introduce WriteState::Poisoned to avoid further reads after the returned number of bytes from a write operation is bigger than the header size. See PR 211.

0.13.7

• Fix compilation on rust versions < 1.87.0. See PR 208.

0.13.6

• Fix panic on frame io when the returned number of bytes from a write operation is bigger than the header size. See PR 202.

Commits

• f16949b prepare prepare version 0.13.9
• b1aae09 feat: improve flow-control credit verification for window updates (#221)
• 7adbe8b prepare version 0.13.8 (#212)
• 874455d frame/io: Introduce Poisoned state for WriteState (#211)
• ba49769 prepare 0.13.7 (#209)
• ea14a0d build(deps): Update criterion requirement from 0.6 to 0.7 (#205)
• 5485dd5 build(deps): Bump actions/checkout from 4 to 5 (#206)
• 62b35f5 fix(ci): add explicit components to rust workflow (#210)
• 68c2a4a use % 2 == 0 instead of is_multiple_of to check parity, (#208)
• d06b2c0 chore: prepare 0.13.6 release (#204)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[cursor]

PR Summary

Medium Risk
Updates a core P2P transport dependency (yamux) which could affect connection multiplexing/flow-control behavior at runtime. Scope is limited to dependency/version changes with no application logic modifications.

Overview
Updates the P2P crate to pin yamux from =0.13.5 to =0.13.9.

Refreshes Cargo.lock to pull in yamux 0.13.9 wherever used and updates related locked transitive versions (notably data-encoding-macro-internal moving to syn 2).

^{Written by Cursor Bugbot for commit 694d388. This will update automatically on new commits. Configure here.}

[dependabot]

Superseded by #3234.