chore(deps): bump yamux from 0.13.5 to 0.13.10

[dependabot]

Bumps yamux from 0.13.5 to 0.13.10.

Release notes

Sourced from yamux's releases.

yamux-v0.13.10

Fix panic when processing oversized inbound Data|SYN frames. See ac71745 and GHSA-vxx9-2994-q338.

yamux-v0.13.9

Improve flow-control credit verification for window updates. See libp2p/rust-yamux#221.

yamux-v0.13.8

Introduce WriteState::Poisoned to avoid further reads after the returned number of bytes from a write operation is bigger than the header size. See libp2p/rust-yamux#211.

yamux-v0.13.7

Fix compilation on rust versions < 1.87.0. See libp2p/rust-yamux#208.

yamux-v0.13.6

Fix panic on frame io when the returned number of bytes from a write operation is bigger than the header size. See libp2p/rust-yamux#202.

Changelog

Sourced from yamux's changelog.

0.13.10

• Fix panic when processing oversized inbound Data|SYN frames. See ac71745 and GHSA-vxx9-2994-q338.

0.13.9

• Improve flow-control credit verification for window updates. See PR 221.

0.13.8

• Introduce WriteState::Poisoned to avoid further reads after the returned number of bytes from a write operation is bigger than the header size. See PR 211.

0.13.7

• Fix compilation on rust versions < 1.87.0. See PR 208.

0.13.6

• Fix panic on frame io when the returned number of bytes from a write operation is bigger than the header size. See PR 202.

Commits

• 70db05d prepare version 0.13.10
• ac71745 Merge commit from fork
• b887c4d prepare prepare version 0.13.9 (#222)
• b1aae09 feat: improve flow-control credit verification for window updates (#221)
• 7adbe8b prepare version 0.13.8 (#212)
• 874455d frame/io: Introduce Poisoned state for WriteState (#211)
• ba49769 prepare 0.13.7 (#209)
• ea14a0d build(deps): Update criterion requirement from 0.6 to 0.7 (#205)
• 5485dd5 build(deps): Bump actions/checkout from 4 to 5 (#206)
• 62b35f5 fix(ci): add explicit components to rust workflow (#210)
• Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[cursor]

PR Summary

Medium Risk
Updates a core P2P transport dependency, which can affect connection multiplexing behavior at runtime, but the change is a patch-level bump primarily for stability/security fixes.

Overview
Updates the P2P service’s pinned yamux version from 0.13.5 to 0.13.10 (including corresponding Cargo.lock changes), aligning transitive libp2p usage on the newer release.

This is a dependency-only change intended to pick up upstream fixes (notably panic/flow-control related fixes) without modifying application code.

^{Written by Cursor Bugbot for commit da94c8a. This will update automatically on new commits. Configure here.}